2,771 Security Compliance jobs in Indonesia

1. Memastikan Kepatuhan terhadap Regulasi dan Standar

• Pemantauan Regulasi: Compliance Assurance bertugas untuk terus mengikuti perkembangan regulasi dan standar keamanan informasi, seperti GDPR, HIPAA, PCI DSS, SOX, dan standar internasional seperti ISO 27001 atau NIST Cybersecurity Framework.
• Penerapan Standar: Mereka memastikan bahwa organisasi mengadopsi standar keamanan yang relevan dengan industrinya. Ini melibatkan penyelarasan kebijakan internal dengan ketentuan dari regulator, auditor, atau badan akreditasi.
• Audit Kesesuaian: Secara rutin, tim melakukan audit internal untuk memverifikasi apakah kebijakan, prosedur, dan kontrol yang diterapkan sesuai dengan standar dan regulasi yang relevan.

2. Evaluasi Efektivitas Pengendalian Keamanan (Security Controls)

• Uji Efektivitas: Tim IT Security Compliance Assurance melakukan pengujian terhadap pengendalian keamanan yang diterapkan (seperti firewall, sistem deteksi intrusi, enkripsi data, atau manajemen akses). Pengujian ini bertujuan untuk memverifikasi apakah kontrol tersebut berjalan secara efektif dalam melindungi aset informasi organisasi.
• Pengawasan Implementasi Kontrol: Mereka bertugas memantau proses penerapan kontrol keamanan untuk memastikan bahwa semua tindakan pencegahan yang dirancang sudah diterapkan dengan benar di seluruh infrastruktur IT organisasi.

3. Pemantauan dan Pengawasan Berkelanjutan

• Pemantauan Real-Time: Compliance Assurance menggunakan alat pemantauan seperti SIEM (Security Information and Event Management) untuk memonitor log aktivitas secara real-time, mengidentifikasi anomali, dan mengawasi insiden keamanan. Hal ini memastikan bahwa sistem keamanan selalu sesuai dengan standar dan kebijakan yang ada.
• Review Berkala: Mereka melakukan peninjauan berkala terhadap sistem, aplikasi, dan kebijakan keamanan organisasi untuk mendeteksi potensi pelanggaran atau ketidaksesuaian dengan standar yang berlaku.

4. Penilaian Risiko Keamanan (Risk Assessment)

• Identifikasi Risiko: IT Security Compliance Assurance bertanggung jawab untuk mengidentifikasi risiko yang dapat timbul dari ketidakpatuhan atau kelemahan dalam sistem keamanan informasi. Ini mencakup risiko terhadap privasi data, kerentanan terhadap serangan siber, atau potensi kehilangan data sensitif.
• Penilaian Dampak: Mereka juga mengevaluasi dampak dari risiko tersebut terhadap bisnis, baik dari segi kerugian finansial, reputasi, maupun kerusakan operasional.
• Rekomendasi Mitigasi: Setelah mengidentifikasi risiko, mereka memberikan rekomendasi mitigasi yang tepat untuk mengurangi atau menghilangkan risiko, termasuk tindakan korektif untuk area-area yang tidak patuh.

5. Pelaksanaan Audit Internal dan Eksternal

• Audit Internal: Tim melakukan audit internal yang terfokus pada kepatuhan terhadap kebijakan dan prosedur keamanan yang diterapkan di dalam organisasi. Audit ini membantu mengidentifikasi kelemahan sebelum audit eksternal dilakukan.
• Audit Eksternal: Mereka juga berkolaborasi dengan auditor eksternal untuk menyediakan bukti kepatuhan yang diperlukan, seperti laporan audit, dokumentasi keamanan, dan hasil uji kontrol keamanan.
• Penyiapan Dokumentasi: Compliance Assurance bertugas untuk memastikan bahwa semua dokumentasi terkait kontrol keamanan, kebijakan, dan prosedur telah lengkap dan siap untuk audit eksternal.

• Pengalaman kerja di area serupa min 3 tahun.
• CISSP (Certified Information Systems Security Professional): Sertifikasi yang mengakui kemampuan dalam desain dan manajemen keamanan informasi.
• CISM (Certified Information Security Manager): Sertifikasi yang berfokus pada manajemen keamanan informasi dan audit kepatuhan.
• ISO 27001 Lead Auditor/Implementer: Sertifikasi yang menunjukkan keahlian dalam menerapkan dan mengaudit sistem manajemen keamanan informasi berdasarkan standar ISO 27001.
• CRISC (Certified in Risk and Information Systems Control): Sertifikasi untuk mengelola risiko dan mengembangkan kontrol sistem informasi.
• CEH (Certified Ethical Hacker): Untuk memahami cara kerja serangan dan menerapkan pertahanan yang sesuai.
• CompTIA Security+: Sertifikasi dasar yang menunjukkan pemahaman mendasar tentang keamanan informasi.

Penempatan : Kantor BTN ( 1 minggu jam kerja 40 jam)

• Develop, implement, and manage aviation security programs in compliance with national and international regulations.
• Conduct regular audits and inspections of security procedures and facilities to identify vulnerabilities and ensure compliance.
• Perform risk assessments and develop effective mitigation strategies to address identified threats.
• Oversee the training, qualification, and certification of aviation security personnel.
• Investigate security incidents, prepare detailed reports, and recommend corrective actions.
• Liaise with regulatory bodies, law enforcement, airport operators, and airlines on security matters.
• Stay updated on the latest aviation security threats, technologies, and best practices.
• Develop and deliver security awareness training programs for relevant personnel.
• Manage and maintain security documentation, records, and databases.
• Contribute to the continuous improvement of the organization's overall security posture.

• Bachelor's degree in Aviation Management, Security Studies, Criminal Justice, or a related field.
• Minimum of 7 years of experience in aviation security, with at least 3 years in a compliance or supervisory role.
• In-depth knowledge of aviation security regulations (ICAO, IATA, DGCA) and standards.
• Proven experience in developing and implementing security programs and policies.
• Strong analytical, risk assessment, and problem-solving skills.
• Excellent communication, interpersonal, and presentation skills.
• Ability to work independently and collaboratively in a hybrid work environment.
• Experience in conducting security audits and investigations.
• Relevant security certifications (e.g., Certified Aviation Security Professional - CASP) are highly desirable.
• Proficiency in relevant security management software.

• Develop, implement, and manage aviation security programs in accordance with national and international regulations (e.g., ICAO, DGCA).
• Conduct regular security audits and inspections of airport facilities, aircraft, and operational procedures to identify vulnerabilities and ensure compliance.
• Investigate security incidents, breaches, and suspicious activities, and recommend corrective actions.
• Oversee the training and certification of security personnel, ensuring they are equipped with the latest knowledge and skills.
• Liaise with government agencies, law enforcement, and other stakeholders on security matters.
• Develop and update security policies, procedures, and contingency plans as necessary.
• Monitor industry trends and emerging threats to proactively enhance security measures.
• Manage the security clearance process for personnel and contractors.
• Prepare and present comprehensive reports on security performance, compliance status, and recommendations to senior management.
• Ensure the effective implementation of security technologies and systems.
• Respond to security emergencies and coordinate response efforts as required.
• Maintain accurate records and documentation related to all security activities.

• Bachelor's degree in Aviation Management, Security Management, Law, or a related field.
• Minimum of 5 years of experience in aviation security, regulatory compliance, or a related field.
• In-depth knowledge of aviation security laws, regulations, and standards.
• Proven experience in conducting security audits and risk assessments.
• Strong understanding of airport operations and air cargo security.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication, presentation, and interpersonal skills.
• Ability to work effectively both independently and as part of a team.
• Proficiency in relevant security software and technologies.
• Must be able to obtain necessary security clearances.

• Developing, implementing, and enforcing robust aviation security policies, procedures, and operational guidelines.
• Ensuring compliance with all relevant regulatory bodies (e.g., DGCA, ICAO, TSA) and industry best practices.
• Conducting regular security risk assessments and vulnerability analyses to identify and mitigate potential threats.
• Developing and overseeing comprehensive security training programs for all security personnel.
• Managing and directing security operations, including access control, screening processes, and surveillance.
• Investigating security incidents, breaches, and suspicious activities, and implementing corrective actions.
• Collaborating with law enforcement agencies, government authorities, and other stakeholders on security matters.
• Managing the security budget and ensuring cost-effective security solutions.
• Staying abreast of evolving security threats, technologies, and regulatory changes.
• Leading and mentoring the aviation security team to foster a culture of vigilance and operational excellence.

• Developing and implementing aviation security policies and procedures.
• Conducting regular compliance audits and risk assessments.
• Monitoring and interpreting aviation security regulations worldwide.
• Managing relationships with regulatory bodies and government agencies.
• Designing and delivering security awareness and training programs.
• Investigating security incidents and recommending corrective actions.
• Staying abreast of new technologies and methodologies in aviation security.
• Contributing to the overall strategic direction of aviation security within the organization.
• Collaborating with international teams to ensure harmonized security standards.

• Bachelor's degree in Aviation Management, Security Studies, Criminal Justice, or a related field.
• Minimum of 8 years of progressive experience in aviation security, with a strong focus on compliance and regulatory affairs.
• In-depth knowledge of international aviation security standards and best practices (e.g., ICAO Annex 17, IATA Security Audit Program).
• Demonstrated experience in conducting security audits and developing corrective action plans.
• Excellent analytical and problem-solving skills, with a keen eye for detail.
• Strong communication and interpersonal skills, with the ability to engage effectively with diverse stakeholders.
• Proficiency in using security management software and data analysis tools.
• Ability to work independently and manage projects effectively in a remote setting.
• Relevant security certifications (e.g., Certified Aviation Security Professional - CASP) are highly desirable.

• Develop, implement, and maintain information security policies, standards, and procedures.
• Conduct regular security risk assessments and vulnerability analyses across IT systems and applications.
• Oversee and manage compliance with relevant industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS).
• Perform internal and external security audits, identifying gaps and recommending remediation actions.
• Design and implement security controls to protect against cyber threats and data breaches.
• Monitor security systems and respond to security incidents, including investigation and post-incident analysis.
• Develop and deliver security awareness training programs for employees.
• Manage third-party vendor security assessments and ensure compliance.
• Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
• Collaborate with IT teams to ensure secure system configurations and deployment.
• Contribute to the development of business continuity and disaster recovery plans.
• Advise management on information security risks and compliance requirements.
• Maintain documentation related to security controls, policies, and procedures.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5-7 years of experience in information security, with a significant focus on compliance and risk management.
• In-depth knowledge of information security frameworks such as ISO 27001, NIST Cybersecurity Framework, SOC 2, and PCI DSS.
• Experience with security auditing, penetration testing, and vulnerability management tools.
• Strong understanding of network security, endpoint security, cloud security, and data protection principles.
• Relevant certifications such as CISSP, CISM, CISA, or CRISC are highly preferred.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
• Proven ability to work independently and manage multiple priorities effectively.
• Experience in incident response and forensics is a plus.
• Familiarity with Indonesian data privacy regulations.