Third Party Security Risk Assessor (Mid)

Third Party Security Risk Assessor (Mid)
PT Bukalapak.com, Indonesia

Experience
1 Year
Salary
0 - 0
Job Type
Job Shift
Job Category
Traveling
No
Career Level
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Sep 20, 2021
Last Date
Oct 20, 2021
Location(s)

Job Description

BUKALAPAK

  • Bukalapak is an Indonesian based technology company who has recently completed their IPO to become the country’s most successful unicorn.
  • Bukalapak’s mission is to create a fair economy for all. We do this by building a platform that helps connect local stores to a world-class distribution, logistics and payment network.
  • At present, we have over 90 million users, across web and mobile platforms and we're growing exponentially.
  • If you are looking to be part of a mission-driven organisation that is looking to make a difference by creating a fair economy for all through empowering small shop owners, then this is a role for you.

MISSION AND OBJECTIVES

  • The Third-Party Security Assessment team is responsible for performing Information Security due diligence assessments on the 3rd party vendors used by Bukalapak and managing the information security risks associated with each vendor.

MAIN RESPONSIBILITIES

  • Coordinate with Procurement to gather the information on existing / new vendors.
  • Coordinate with Business to i) understand amp; clarify the services provided by vendors and ii) risks posed by vendors to Bukalapak.
  • Define scope and perform security assessments based on inherent risk of services provided using questionnaire and interviewing vendors.
  • Define appropriate risk levels and corrective actions for security issues identified.
  • Report on security assessment outcomes, risk level and associated recommendations.
  • Present issues to vendors and obtain corrective action plans.
  • Maintain corrective action plans, follow up with vendors on corrective plans and review evidence for closure.
  • Provide metrics on a regular basis (KPI / KRI).
  • Continuous monitoring of vendors.
  • Periodically reach out to high-risk vendors regarding current vulnerabilities /threats, if any identified, to ensure they are taking necessary steps to reduce exposure.
  • Update procedure documentation to incorporate process changes.

Requirements

EDUCATION amp; WORK EXPERIENCE

  • Bachelor of Computer Science degree from an accredited college or university.
  • Minimum 5 years of professional work experience, including a minimum of 2 years in an Information Security, IT Risk or IT Audit.
  • Experience with Upguard / Risk Recon Third-party Security Risk Management is desirable.

OTHER SKILLS AND BEHAVIOURS

  • Strong written/verbal communication skills, and organizational and work documentation proficiency.
  • Good communicator with demonstrated ability to pass messages in a clear and concise manner.
  • Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines.

Job Specification

Job Rewards and Benefits

PT Bukalapak.com

Information Technology and Services - Jakarta, Indonesia
© Copyright 2004-2024 Mustakbil.com All Right Reserved.