Traveloka Head of IT Compliance in Jakarta, Indonesia
The Head of IT Compliance is responsible for defining and managing the company’s compliance-related matters in relation to information technology. The successful applicant will assess the company’s IT compliance requirements and its current readiness, then develop a roadmap to build a scalable IT compliance capability around people, process, and technology based on the company's expansion plans. The role will provide positive support for the company’s expansion while balancing the need to maintain strong compliance controls. He/she will provide an independent assurance that IT compliance and regulatory risks are identified, monitored and managed within the firm’s defined risk appetite. This role will require extreme flexibility and adaptability given the company’s agile development and business expansion, and require comfort while working in an environment with high degrees of uncertainty.
1) Design and Build IT Compliance Organization
Responsible for the design & build of a world class IT compliance function incl. people, process, and technology.
Develop and implement roadmap for IT compliance function in line with company’s business needs and in coordination with other departments/teams.
Expand IT compliance program to include product and business additions in domestic and international locales.
Lead Traveloka's IT compliance program including early testing of all changes to the business.
Develop the company's IT compliance processes, covering data protection and privacy.
Hiring, as appropriate, team to deliver on IT compliance initiatives.
Ensure that process & tools are in place to adequately provide oversight and monitoring in all required areas.
2) Support a Compliance Culture within the company
Develop training programmes for all IT compliance areas as required.
Lead staff communication and training on IT compliance needs & initiatives at all levels of the company's business.
3) Audit and enforce IT compliance-related policies
Manage the company's IT compliance processes and key controls including developing and reporting on KPIs
Regularly review the company’s IT compliance policies and processes and conduct regular reviews of the company’s IT compliance activities across the business to identify any vulnerabilities and risks, developing and implementing any remedial plans
Conduct risk assessments, including privacy impact assessments related to Information Technology
4) Update knowledge of related regulatory environment
Anticipate emerging changes to relevant compliance trends and prepare company as needed.
Monitor external regulatory and business developments and help develop and implement policies and procedures to reflect new requirements.
Avoid legal challenges or other risks/delays by understanding current and proposed legislation in each country of operation
5) Interface with external stakeholders on compliance-related topics
Handle communications with regulators, government bodies, auditors, and other relevant stakeholders.
Maintain a good working knowledge of key existing & evolving regulation applicable to the company.
Work closely with external auditors and regulators to ensure adherence to any applicable regulatory requirements in line with the company’s business needs.
At least 8 years in senior IT compliance-related role
Broad IT compliance background including experience with Data Protection, Regulated Products, and various technical standards
Experience working in a global company with exposure to regulation in multiple jurisdictions
Understanding & experienced working with Sarbanes Oxley, COBIT, ISO 27001
Fluent in English
BSc/BA in law, finance, technology, business administration or related field
Familiarity with e-commerce or online services business customer support is a plus
Excellent relationship building skills, problem solving, analytical skills and business acumen required