About Atome Financial
- Headquartered in Singapore, Atome Financial is a consumer business unit under Advance Intelligence Group. The products under Atome Financial include:
- Atome: A leading buy now pay later brand in Asia Pacific which is currently present in 10 markets and partners over 15,000+ top retailers. Key merchant partners include ZALORA, Sephora, Agoda, SHEIN and Zara.
- Kredit Pintar: One of Indonesia's top digital lending apps, regulated and supervised by Indonesia's Financial Services Authority (OJK). Over 10 million downloads, 2 million customer reviews and with a 4.4-star rating on Google Play Store.
- As part of the Advance Intelligence Group, a Series-D company and ranked No. 1 on LinkedIn's 2021 Top Startups List in Singapore with over 2,000+ staff worldwide, we are united by a shared vision and purpose: to Advance with Intelligence for a Better Life-for our customers, colleagues and communities.
- Our culture is built on values that are core to who we are and what we stand for:We foster an
**INNOVATION** mindset
-We achieve results with
**EFFICIENCY** and excellence
-We take pride in the
**QUALITY** of our work
-We uphold
**INTEGRITY** in all we do
-We embrace
**COLLABORATION** to work across business lines and borders
Job Summary:
As the IT Security Specialist, you will play a critical role in safeguarding our organization's information assets and protecting against potential cyber threats. Your primary responsibility will be to implement and maintain robust security measures while ensuring compliance with OJK's regulations and industry standards. You will collaborate with various teams to identify vulnerabilities, respond to security incidents, and devise effective security strategies to maintain the integrity and confidentiality of our sensitive data.
Roles and Responsibilities:
- OJK Compliance: Demonstrate expertise in OJK's regulations and guidelines related to information security. Implement and maintain security controls to ensure adherence to OJK's requirements and relevant financial industry standards.
- Information Security Management: Develop, implement, and manage the information security program for the financial institution. This includes risk assessments, security policies, procedures, and guidelines.
- Security Incident Response: Assist and participate in security incident response activities. Investigate and analyse security incidents to identify the root cause and implement corrective actions to prevent future occurrences.
- Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses in the IT infrastructure. Coordinate with IT teams to remediate vulnerabilities effectively.
- Security Awareness Training: Design and conduct security awareness and training programs for employees, ensuring that security best practices are understood and followed across the organization.
- Security Architecture: Collaborate with IT architects to design and implement secure infrastructure and network solutions that align with industry best practices and regulatory requirements.
- Security Audits and Assessments: Facilitate internal and external security audits and assessments, providing necessary documentation and evidence of security controls' effectiveness.
- Third-Party Risk Management: Evaluate the security posture of third-party vendors and service providers, ensuring they meet security and compliance standards.
- Incident Documentation: Maintain comprehensive documentation of security incidents, reports, policies, and procedures.
- Emerging Threat Analysis: Stay up-to-date with the latest cybersecurity trends, vulnerabilities, and emerging threats, and proactively recommend security enhancements.
**Requirements**:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Proven 5-6 years' experience in IT security roles, with a focus on financial institutions and OJK compliance.
- Strong knowledge of OJK regulations and relevant financial industry standards.
- Professional certifications such as CISSP, CISM, or CISA are preferred.
- In-depth understanding of security technologies, such as firewalls, intrusion detection/prevention systems, SIEM, etc.
- Experience with vulnerability assessment tools, penetration testing, and risk assessment methodologies.
- Strong analytical and problem-solving skills, with the ability to identify security risks and propose effective solutions.
- Excellent communication and interpersonal skills to collaborate with cross-functional teams and management.
- Ability to work under pressure and manage multiple tasks simultaneously.
LI-CT2