
Posted 8 hours ago
Senior IT GRC & Data Privacy Analyst
Amartha
Requirements
5+ years related experience, Knowledge of ISO 27001, NIST, GDPR, UU PDP, Financial services industry experience, IAM technology experience, English fluency
Skills
GRCISO 27001IAM
About the role
About the Company
At Amartha, we empower micro-businesses across Indonesia, enabling growth and equal prosperity. We've supported over 2.7 million entrepreneurs—mostly women—by disbursing IDR 22.8 trillion in funding. As we step into 2025, Amartha is evolving into a technology-driven financial ecosystem, expanding our reach in lending, funding, and payments.
Responsibilities
- Develop, implement, and maintain a comprehensive GRC framework aligned with industry best practices
- Conduct regular risk assessments to identify potential threats and vulnerabilities
- Monitor and report on compliance with internal policies and external regulations
- Ensure compliance with applicable data privacy regulations and conduct DPIAs
- Manage data breaches, incidents, and remediation activities
- Assess the security and privacy practices of third-party vendors
- Develop and maintain IAM policies, standards, and procedures
- Implement and manage IAM systems including identity provisioning and access control
- Conduct regular IAM audits and access certifications
Requirements
- 5+ years of related job experience
- Strong understanding of ISO 27001, NIST Cybersecurity Framework, GDPR, and UU PDP
- Experience in the financial services industry (Microfinance, Payments, etc)
- Experience with IAM technologies (Active Directory, LDAP, OAuth, SAML)
- Excellent communication skills in English
- Strong analytical and interpersonal skills
Preferred Qualifications
- Relevant certifications such as CRISC or CIPP
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior IT GRC & Data Privacy Analyst
Amartha · South Jakarta
