365 Technology Risk jobs in Indonesia

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

The opportunity: your next adventure awaits
What's in it for You?
As an Associate at Technology Risk, you will have the opportunity to contribute to impactful projects within a dynamic team. You will engage in meaningful work by performing IT-related procedures that support financial statement audits and integrated audits. This role allows you to evaluate IT general control design and effectiveness, test application controls, and examine management controls within IT infrastructures.

You will build valuable internal and external relationships, identifying and escalating potential business opportunities for Ernst & Young within existing engagements. Your focus on anticipating and identifying risks will empower you to escalate issues appropriately, ensuring that the work delivered is of the highest quality.

Joining our Technology Risk Team means becoming part of a creative, analytical, and self-driven group of effective collaborators and leaders. You will have access to world-class methods and knowledge, as well as innovative EY learning programs, such as the EY Tech MBA. This is your chance to develop your skills and contribute to building a better working world.

What We Look For:

• You have a strong academic foundation. A bachelor's or master's degree in Accounting, Finance, Management, Business, Risk Management, Information Systems, Information Technology, Computer Science, Mathematics, Statistics, or Engineering from a reputable university is essential. A master's degree is an advantage.
• You are a fresh graduate or a master's degree holder, or you have limited working experience. A minimum GPA of 3.20 out of 4.00 (from reputable universities) is required.
• You understand business management principles. We're looking for individuals who can effectively communicate, present, and collaborate with others.
• You are fluent in Indonesian and proficient in English (both verbal and written) — this is mandatory.
• You are proficient in key Microsoft Office applications, especially Microsoft Excel. You have the ability to work independently and collaboratively under pressure while meeting established goals and deadlines.
• You are highly motivated with a strong drive to learn, including through independent learning. You can work across different disciplines, take on new challenges, and develop a solid understanding of various industries.

Additional Qualifications (good to have):

• Previous work experience in Internal Audit, Risk Management, Business Process, Compliance, or in a Professional Services firm is a plus.
• Holds relevant certifications (e.g., CISA, CRISC, CISM, etc) is a plus.
• Familiarity with business process modeling notations and tools (e.g., Microsoft Visio, ARIS, etc) is a plus.
• Basic knowledge of accounting, ERP systems, and IT security is a plus.
• Digitally aware and understands emerging technologies (e.g., RPA, AI, etc) is a plus.
• Familiarity with data visualization tools (e.g., Power BI, Tableau, etc) is a plus.
• Familiarity with programming languages (e.g., Python, SQL, etc) is a plus.
• Active participation in organizational or extracurricular activities is a plus.

What You Can Expect
Shortlisted candidates can expect to be invited to an online Preliminary Assessment. Those who pass this assessment will be invited to proceed to the next steps in the recruitment process.
Are you ready to shape your future with confidence? Apply today.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We invite highly motivated and dynamic individuals to join our Digital Trust & Cyber team at KPMG. As Assistant Manager of Technology Governance, Risk, and Compliance, your responsibilities will include overseeing the development and implementation of governance frameworks, managing risk assessments and mitigation strategies, ensuring compliance with regulatory requirements, and collaborating with cross-functional teams to enhance the organization's technology processes. You will also provide guidance and support in internal audits and develop policies to safeguard information assets.

What you will do:

• Governance Framework Development: Assist in the creation and maintenance of policies, procedures, and standards that ensure effective technology governance across the organization
• Maturity Assessment: Utilize COBIT's defined maturity models to evaluate the maturity level of IT processes, thereby determining the degree to which these processes are established and consistently executed within the organization
• Risk Assessment Framework: Align the risk assessment framework with relevant regulatory requirements and governance standards to ensure comprehensive risk management
• Risk Assessment and Management: Determine potential risks related to technology, including hardware, software, networks, data, physical environment, and personnel
• Third-party Risk Management: Conduct an evaluation of the third party's risk profile, including their security measures, and adherence to regulatory requirements
• Compliance Management: Ensure that the organization adheres to relevant regulatory and compliance standards, such as data protection laws and industry-specific regulations
• Audit Support: assessing the security of the systems, the reliability and accuracy of the data, and the overall efficiency of IT operations
• Education and Training: Conduct training sessions and workshops to raise awareness and understanding of governance, risk, and compliance framework
• Reporting: Prepare detailed reports and presentations for senior management and stakeholders, detailing risk assessments, compliance status, and governance initiatives.

Desired skills & experience

• A bachelor's degree in information technology, Computer Science, Information System or a related field from a reputable university, with a minimum GPA of 3.0 (on a 4.0 scale)
• Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM): or equivalent credentials highly desirable.
• A minimum 5 to 8 years of relevant experience, preferably within consulting firms.
• Expertise in ICFoR/SOX compliance, risk management, regulatory framework, and governance models
• Having IT audit experience based on PBI No. 23/6/PBI/2021 (PJP), PBI No. 2 of 2024 and PADG No. 24 of 2024 (KKS), POJK No. 21 (LDBU), POJK No.11/POJK.03/2022 (PTI).
• Strong verbal and written communication skills in both English and Indonesian, with the ability to convey complex information clearly and effectively
• Proficiency in developing high quality materials and deliverables, such as PowerPoint presentations, Excel models, and written reports with attention to details
• Demonstrated ability to manage multiple projects, tasks, and deadlines in a fast-paced, dynamic environment, with strong interpersonal skills to collaborate effectively.

Only shortlisted candidates will be contacted by KPMG Siddharta Advisory Recruitment team. All applicants' information and personal data will be treated as strictly confidential and used for recruitment purposes only.

• Provide legal advice and support on complex corporate transactions, including M&A, joint ventures, and strategic partnerships.
• Draft, review, and negotiate commercial agreements, including software licenses, service agreements, and vendor contracts.
• Manage and protect the company's intellectual property portfolio, including patents, trademarks, and copyrights.
• Advise on data privacy and security matters, ensuring compliance with global regulations such as GDPR, CCPA, and local Indonesian laws.
• Assist with corporate governance matters, including board meetings, resolutions, and compliance with securities laws.
• Conduct legal research and provide analysis on emerging legal issues relevant to the technology sector.
• Manage and oversee litigation and dispute resolution matters.
• Develop and implement internal policies and procedures to mitigate legal risks.
• Collaborate effectively with internal business units, senior management, and external counsel.
• Stay current on evolving legal and regulatory landscapes affecting the company's operations.

• Juris Doctor (J.D.) or equivalent law degree from a reputable institution.
• Admission to practice law in a relevant jurisdiction (e.g., Indonesia, or a recognized common law jurisdiction).
• Minimum of 7 years of legal experience, with a significant portion focused on corporate law, technology transactions, and/or data privacy, preferably gained at a law firm or in-house at a technology company.
• Strong understanding of intellectual property law, commercial contracts, and corporate governance.
• In-depth knowledge of data privacy laws and regulations globally and in Indonesia.
• Excellent drafting, negotiation, and analytical skills.
• Exceptional communication and interpersonal skills, with the ability to advise clients at all levels.
• Proven ability to manage multiple complex projects independently in a remote work setting.
• High degree of professionalism, integrity, and ethical judgment.
• Fluency in English is required; proficiency in Bahasa Indonesia is a strong advantage.

• Conduct Cyber Security Assessments to identify vulnerabilities and recommend improvements.
• Implement security enhancements by assessing current security measures and staying updated on emerging cyber threats and trends.
• Develop and conduct Security Awareness Programs to educate employees on cybersecurity best practices.
• Create, review, and maintain Information Security Management System (ISMS) documentation.
• Develop, consolidate, and review Cyber Security Policies & Procedures to ensure compliance with industry standards and regulations.
• Assist in audit-related documentation and compliance efforts for regulators and external auditors.
• Support the development and documentation of Cyber Security Maturity Assessments & Frameworks.

• Assist in Cyber Security Risk Assessments & Advisory activities to mitigate security risks effectively.

• Minimum Qualifications: 1-2 years of experience in Cyber Security, IT Governance, Risk Management, or Compliance.

• Strong understanding of cybersecurity frameworks, regulations, and best practices.
• Experience in conducting security assessments and developing cybersecurity policies.
• Ability to analyze risks and provide recommendations for improving security measures.
• Experience with audit-related documentation and regulatory compliance is a plus.
• Experience with container and SDLC agile is a plus.

Bumi Amartha Teknologi Mandiri or "AMARTEK" was established to provide information technology solutions. Our mission from the very first day has been to cultivate professional relationships with our clients to provide effective and reliable information technology solutions for their needs. The team at "AMARTEK" is equipped with a highly developed skillset developed over decades of experience not only in information technology but also in business processes across a range of industry sectors. This business experience makes us uniquely positioned to offer solutions promising greater operational efficiency, productivity gains and cost savings for each of our clients, regardless of their industry. As an established technology-intensive company, we pride ourselves on providing a comprehensive suite of solutions comprising of Infrastructure Consultancy, on/offsite services, Custom software and web development, Talent Augmentation, and enterprise architecture consulting. Our team consistently delivers state-of-the-art solutions in various areas including, but not limited to: integrated business solutions, system applications, product development and professional services. At "AMARTEK", we guarantee rapid, reliable and robust information technology solutions that work.

• Conduct Cyber Security Assessments to identify vulnerabilities and recommend improvements.
• Implement security enhancements by assessing current security measures and staying updated on emerging cyber threats and trends.
• Develop and conduct Security Awareness Programs to educate employees on cybersecurity best practices.
• Create, review, and maintain Information Security Management System (ISMS) documentation.
• Develop, consolidate, and review Cyber Security Policies & Procedures to ensure compliance with industry standards and regulations.
• Assist in audit-related documentation and compliance efforts for regulators and external auditors.
• Support the development and documentation of Cyber Security Maturity Assessments & Frameworks.
• Assist in Cyber Security Risk Assessments & Advisory activities to mitigate security risks effectively.

Minimum Qualifications

• 1-2 years of experience in Cyber Security, IT Governance, Risk Management, or Compliance.
• Strong understanding of cybersecurity frameworks, regulations, and best practices.
• Experience in conducting security assessments and developing cybersecurity policies.
• Ability to analyze risks and provide recommendations for improving security measures.
• Experience with audit-related documentation and regulatory compliance is a plus.
• Experience with container and SDLC agile is a plus.

This role is responsible for ensuring that information security implementations within the organization comply with standards, policies, and applicable regulations. Success in this position is reflected in well-measured, properly documented security processes that contribute to reducing operational risk and maintaining compliance. The role also serves as a bridge between technical teams, management, and external auditors to safeguard the effectiveness of security controls.

Responsibilities

• Review the implementation of security controls, including hardening, patching, and system configurations, to ensure alignment with internal and external standards.
• Monitor, evaluate, and provide recommendations for improvements regarding the effectiveness of information security risk controls.
• Document review results and prepare clear, concise, and actionable risk reports for relevant stakeholders.
• Collaborate with IT Security, Infrastructure, and third parties to ensure mitigation actions are carried out according to standards.
• Perform regular verification of changes in production environments to ensure compliance with security policies.
• Develop and update risk assurance procedures and guidelines in line with evolving industry standards and regulations.
• Support internal and external audit activities related to information security.

Qualifications

• <1 (fresh graduates are also welcome)–3 years of experience in information security, risk assurance, or IT audit.
• Strong understanding of security standards (e.g., ISO 27001, NIST, COBIT).
• Proficiency in risk analysis and structured report writing.
• Strong verbal and written communication skills, with the ability to convey findings to both technical teams and management.
• Detail-oriented, accurate, and capable of working independently as well as collaboratively.
• Relevant certifications in information security, cyber security or audit (e.g., PNPT, CEH, CISA, CISM, ISO 27001 LA) are a plus.

About the role

As the Security Risk Assurance Officer at PT. Bank Nationalnobu, tbk., you will play a vital role in ensuring the bank's security and risk management practices are robust and effective. This is a full-time position based in Karawaci, Banten. You will be responsible for monitoring, evaluating, and reporting on the bank's security and risk management measures, contributing to the overall resilience and stability of the organisation.

What you'll be doing

1. Conducting regular risk assessments to identify potential security threats and vulnerabilities
2. Developing and implementing security policies, procedures, and controls to mitigate identified risks
3. Monitoring the bank's security systems and infrastructure, and recommending improvements where necessary
4. Investigating and reporting on security incidents, and coordinating the bank's response
5. Ensuring the bank's compliance with relevant security and risk management regulations
6. Providing training and guidance to employees on security best practices
7. Collaborating with cross-functional teams to enhance the bank's overall security posture

What we're looking for

1. <1 (fresh graduates are welcome) until 3 years of experience in a similar security risk assurance or compliance role, preferably in the banking or financial services industry
2. Strong understanding of security and risk management principles, frameworks, and best practices
3. Proficiency in risk assessment methodologies, security monitoring, and incident response
4. Excellent analytical and problem-solving skills, with the ability to identify and mitigate risks
5. Effective communication skills, both written and verbal, to work with stakeholders at all levels
6. Familiarity with relevant security and regulatory standards, such as ISO 27001, NIST, and local banking regulations
7. Ability to work independently and as part of a team, with a proactive and detail-oriented approach

What we offer

At PT. Bank Nationalnobu, tbk., we are committed to providing our employees with a supportive and rewarding work environment. In addition to a competitive salary, we offer a range of benefits, including comprehensive health insurance, retirement plan contributions, and opportunities for professional development and career advancement. We also prioritise work-life balance, with flexible work arrangements and wellness initiatives to support the overall wellbeing of our team.

About us

PT. Bank Nationalnobu, tbk. is a leading financial institution in Indonesia, providing a wide range of banking and financial services to individual and corporate clients. With a strong focus on innovation, we are constantly exploring new ways to enhance the customer experience and drive sustainable growth. Our core values of integrity, excellence, and community engagement are the foundation of our success, and we are proud to have a talented and diverse team of professionals who share our commitment to making a positive impact.

If you're excited about this opportunity and believe you have the skills and experience to excel in this role, we encourage you to apply now.

The Security, Risk, and Compliance Officer (APAC) will support the implementation of security and compliance strategies to protect operations, assets, and personnel in the payment industry. This role requires an analytical thinker with knowledge of regulatory requirements, risk management, security protocols, and internal controls in the APAC region. The ideal candidate will work closely with senior team members to ensure compliance and mitigate risks.

Key Responsibilities

1. Support Security and Compliance Initiatives:

• Assist in implementing security, risk, and compliance strategies for the APAC region.
• Ensure alignment with company policies and industry regulations.
• Provide support in preparing reports on security and compliance effectiveness.

2. Risk Management Support:

• Help review and update the company's risk profile.
• Assist in maintaining the enterprise risk management framework and third-party risk processes.
• Monitor key risks, incidents, and controls to ensure compliance with regulations and policies.
• Support risk assessments and audits to maintain security and compliance standards.

3. Compliance Assistance:

• Ensure adherence to relevant regulatory requirements and industry standards (e.g., PCI DSS, ISO27001, GDPR, AML, SOC2 Type 2).
• Work with internal teams to promote a culture of compliance.
• Help analyze regulatory requirements and assist in implementing necessary policies and procedures.
• Support compliance program initiatives and internal control processes.

4. Security Operations Support:

• Assist in maintaining security policies, standards, and procedures.
• Help monitor and protect company assets, including payment data security.
• Work with external agencies and partners on security matters as needed.

5. Incident Management:

• Support response efforts for security incidents and compliance violations.
• Help investigate incidents and prepare reports.
• Assist in implementing corrective actions to improve security measures.

6. Stakeholder Collaboration:

• Work closely with internal teams to support security and compliance efforts.
• Provide assistance during external audits and regulatory reviews.

Qualifications

• Bachelor's degree in risk management, Security, Compliance, or a related field.
• 5-8 years of experience in security, risk management, or compliance within the financial or payment industry.
• Knowledge of regulatory requirements and security standards in APAC.
• Professional certifications such as CISA, CRISC, or similar are a plus.
• Strong analytical and problem-solving skills.
• Good communication and teamwork abilities.
• Ability to travel within the APAC region as required.

Personal Attributes

• Detail-oriented and process-driven approach.
• Strong organizational and multitasking skills.
• Willingness to learn and grow within the security and compliance field.
• Ability to work independently and collaboratively.
• Proficiency in Microsoft Office tools (Word, Excel, SharePoint, Teams, Outlook).
• Interest in emerging risks, technology, and compliance trends.

Kualifikasi:

• Minimal pendidikan S1.
• Memiliki sertifikat CRMP atau IRM menjadi nilai tambah.
• Minimal 5 tahun pengalaman di bidang Risk Management/Audit/Compliance.
• Memiliki pengalaman di industri terkait (oil and gas, energy, jasa, keuangan, dll).
• Memahami ISO 31000, COSO, ERM, atau standar Risk Management lainnya.
• Memiliki kemampuan analisa data, memetakan risiko, penyusunan risk register yang baik.

Deskripsi Pekerjaan:

• Melakukan identifikasi risiko (risk identification), penilaian risiko(risk assessment), merumuskan mitigasi risiko (risk mitigation) hingga pelaporan pemantauan risiko (risk monitoring) kepada manajemen puncak.
• Memberikan wawasan terkait pengelolaan risiko kepada risk owner dan risk officer dari seluruh divisi, unit usaha dan proyek.
• Menyusun serta mensosialisasikan Policy, Procedure and Work Instruction (PPWI) terkait pengelolaan risiko.