Third Party Security Risk Assessor | Junior

Mission 

• The Third-Party Security Assessment team is responsible for performing Information Security due diligence assessments on the 3rd party vendors used by Bukalapak and managing the information security risks associated with each vendor.

Assist in 

• Performing security assessments of vendors - using questionnaires and interviewing vendors.
• Defining appropriate risk levels and corrective actions for security issues identified.
• Reporting security assessment outcomes, risk level, and associated recommendations.
• Presenting issues to vendors and obtaining corrective action plans.
• Maintaining corrective action plans, following up with vendors on corrective plans, and reviewing evidence for closure.
• Continuous monitoring of vendors.
• Periodically reaching out to high-risk vendors regarding current vulnerabilities /threats, if any identified, to ensure they are taking necessary steps to reduce exposure.
• Updating procedure documentation to incorporate process changes.

Provide metrics on a regular basis (KPI / KRI).

Education

• Bachelor of Computer Science degree from an accredited college or university.
• Minimum 1 year of professional work experience, preferably in Information Security, IT Risk, or IT Audit.

Other Skills

• Strong written/verbal communication skills, and organizational and work documentation proficiency.
• Good communicator with demonstrated ability to pass messages in a clear and concise manner.
• Fast learner.