IT GRC Manager

Get AI-powered advice on this job and more exclusive features.

Own end-to-end engagement lifecycle: scope, plan, deliver, report, close.

Design/refresh governance, risk, and control frameworks aligned to COBIT, ISO/IEC 27001, ITIL, etc.

Lead risk assessments, control design/effectiveness testing, and remediation governance.

Translate PBI/POJK into actionable control objectives, test steps, and evidence models.

Review/sign-off deliverables (risk registers, control matrices, test scripts, workpapers, executive reports).

Build accelerators (templates, control catalogs/mappings) and light automation for evidence.

Provide on-the-job coaching and formal feedback.

Job Qualifications

7–10+ years in IT audit/tech risk/security/compliance.

Strong command of COBIT 2019, ISO/IEC 27001:2022, ITIL and control testing/risk methods.

Hands‑on with PBI/POJK programs in financial services or similarly regulated sectors.

Comfortable with sampling, evidence strategies, dashboards/KRIs for remediation tracking.

Exposure to cloud, IAM, data protection, and third‑party risk.

Preferred: CISA, CRISC, CISSP, ISO 27001 LI/LA, ITIL.

Familiarity with GRC tools.

Seniority Level Mid‑Senior level

Employment Type Full‑time

Job Function Information Technology

Industries Professional Services

Referrals increase your chances of interviewing at Crowe Indonesia by 2x

#J-18808-Ljbffr