Technology Governance, Risk, and Compliance Consultant (Manager)

Job description

We invite highly motivated and dynamic individuals to join our Digital Trust & Cyber team at KPMG. As Manager of Technology Governance, Risk, and Compliance, your responsibilities will include overseeing the development and implementation of governance frameworks, managing risk assessments and mitigation strategies, ensuring compliance with regulatory requirements, and collaborating with cross-functional teams to enhance the organization's technology processes. You will also provide guidance and support in internal audits and develop policies to safeguard information assets. What you will do: Governance Framework Development: Assist in the creation and maintenance of policies, procedures, and standards that ensure effective technology governance across the organizationMaturity Assessment: Utilize COBIT's defined maturity models to evaluate the maturity level of IT processes, thereby determining the degree to which these processes are established and consistently executed within the organizationRisk Assessment Framework: Align the risk assessment framework with relevant regulatory requirements and governance standards to ensure comprehensive risk managementRisk Assessment and Management: Determine potential risks related to technology, including hardware, software, networks, data, physical environment, and personnelThird-party Risk Management: Conduct an evaluation of the third party's risk profile, including their security measures, and adherence to regulatory requirementsCompliance Management: Ensure that the organization adheres to relevant regulatory and compliance standards, such as data protection laws and industry-specific regulationsAudit Support: assessing the security of the systems, the reliability and accuracy of the data, and the overall efficiency of IT operationsEducation and Training: Conduct training sessions and workshops to raise awareness and understanding of governance, risk, and compliance frameworkReporting: Prepare detailed reports and presentations for senior management and stakeholders, detailing risk assessments, compliance status, and governance initiatives. Desired skills & experienceA bachelor's degree in information technology, Computer Science, Information System or a related field from a reputable university, with a minimum GPA of 3.0 (on a 4.0 scale)Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM): or equivalent credentials highly desirable.A minimum 6 years of relevant experience, preferably within consulting firms.Expertise in ICFoR/SOX compliance, risk management, regulatory framework, and governance modelsHaving IT audit experience based on PBI No. 23/6/PBI/2021 (PJP), PBI No. 2 of 2024 and PADG No. 24 of 2024 (KKS), POJK No. 21 (LDBU), POJK No.11/POJK.03/2022 (PTI).Strong verbal and written communication skills in both English and Indonesian, with the ability to convey complex information clearly and effectivelyProficiency in developing high quality materials and deliverables, such as PowerPoint presentations, Excel models, and written reports with attention to detailsDemonstrated ability to manage multiple projects, tasks, and deadlines in a fast-paced, dynamic environment, with strong interpersonal skills to collaborate effectively. Only shortlisted candidates will be contacted by KPMG Siddharta Advisory Recruitment team. All applicants' information and personal data will be treated as strictly confidential and used for recruitment purposes only.