IT and Cyber Security Auditor

Main Focus

• Prepare assessment reports and deliver findings to clients to ensure client understanding of the assessment decision and clear direction to particular items of corrective action where appropriate
• Recommend the issue, re-issue, or withdrawal of certificates, and report recommendations in accordance with BSI policy, procedures and prescribed time frame.
• Maintain overall account responsibility and accountability for nominated accounts to ensure an effective partnership, whilst ensuring excellent service delivery and account growth.
• Lead assessment teams as required ensuring that team members are adequately briefed so that quality of service is maintained and that effective working relationships are sustained both with Clients and within the team.
• Provide accurate and prompt information to support services, working closely with them to ensure that client records are up to date and complete and that all other internal information requirements are met.
• Coach colleagues as appropriate especially where those members are inexperienced assessors or unfamiliar with clients' business/technology and assist in the induction and coaching of new colleagues as requested
• Plan/schedule workloads to make the best use of own time and maximize revenue-earning activity.

Responsibilities

• Performing online/in-house/public training related to cyber security and compliance, especially for PCI-DSS.
• Conduct various cybersecurity assessments such as: Compliance Gap Analyses to comply with local and global standards, privacy rules and regulations such as PCI-DSS, SOC2, NIST 800-53, and other cybersecurity-related regulations/standards.
• Supporting the sales driving program and activities related to sector’s marketing campaign as well as assisting the commercial team as needed and any other technical issues for sales proposal preparation and joining sales meeting for technical discussion with the client.
• Supporting any other activities as assigned by the sector manager which relevant with sector team needs and BSI Group Indonesia management direction.
• Safeguarding company’s and client’s confidential data/information.
• Acting as a BSI Brand Ambassador for BSI.

Requirements

• Degree holder in related discipline
• Experience with the cybersecurity technologies such as Data Loss Protection, Identity Management, Cryptography & Certificate Authority, File Integrity Monitoring, NextGen Firewalls, IPS/IDS, and GRC technologies.
• Have good knowledge of IT infrastructure such as servers, networks, clouds, etc.
• At least four (4) years of full-time practical work experience in information technology, of which at least two (2) years are in a role or function relating to information security.
• Two (2) years or more of cybersecurity strategic or GRC (governance, risk, and compliance), preferable in the payment industry.
• Experience in risk & regulatory frameworks and standards such as ISO/IEC27001:2013, NIST Cybersecurity Framework, COBIT, or PCI-DSS would be an advantage.
• Excellent communication, presentation, and interpersonal skills with the ability to deal with people at all professional levels.
• Strong logical thinking, analytical and problem-solving skills.
• Ability to work effectively with minimum supervision and under pressure.
• With a keen interest to learn and explore new knowledge and skills.
• A good command of English both verbal and written including the ability to write clear and concise reports in English.