IT GRC Analyst at Xendit - ScoutJobs - The AI-curated global job board
Skip to content
X
Posted 8 hours ago

IT GRC Analyst

Xendit

Requirements

3–5 years IT GRC experience, Knowledge of PCI-DSS and ISO 27001, Familiarity with BI and OJK regulations, Experience in IT risk assessments, Strong analytical skills

Skills

CompliancePCI DSSISO 27001

About the role

Responsibilities

  • Own and support compliance programs for certification and regulatory audits
  • Serve as the primary GRC point of contact for regional regulatory needs
  • Manage the full certification lifecycle for frameworks like ISO 27001 and PCI-DSS
  • Conduct periodic IT risk assessments and maintain a consolidated IT risk register
  • Perform internal control testing and assessments to evaluate IT control effectiveness
  • Identify compliance gaps and work with teams to execute remediation plans
  • Develop, review, and enforce IT policies, standards, and procedures
  • Coordinate regulatory and third-party audits end-to-end
  • Monitor the evolving regulatory landscape across all operating markets
  • Produce compliance dashboards and management briefings
  • Collaborate with engineering, product, security, and legal teams to embed compliance-by-design
  • Support continuous improvement of GRC processes and automation

Requirements

  • 3–5 years of experience in IT GRC, IT Risk Management, or IT Compliance
  • Solid knowledge of PCI-DSS and ISO 27001 frameworks
  • Familiarity with Bank Indonesia (BI) and OJK IT governance regulations
  • Experience conducting IT risk assessments, control testing, and gap analyses
  • Ability to develop and maintain IT policies and standards
  • Strong analytical and communication skills for technical and non-technical stakeholders

Preferred Qualifications

  • Experience with Bank Indonesia's PJP Category 1 or Category 2 licensing
  • Hands-on experience managing end-to-end certification for ISO 27001, PCI-DSS, or SOC 2
  • Experience coordinating audits with regional bodies like BSP, BOT, MAS, or BNM
  • Professional certifications such as CISA, CRISC, or ISO 27001 Lead Implementer/Auditor
  • Background in fintech, digital payments, or financial services
  • Exposure to cloud security control frameworks

About the Company

Xendit provides payment infrastructure across Southeast Asia and is expanding to Greater China and LATAM. We process payments, power marketplaces, disburse payroll and loans, provide KYC solutions, prevent fraud, and help businesses grow exponentially.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

IT GRC Analyst

Xendit · Jakarta

Sign up to apply