job description
Join Itmax System Berhad as an ISO Compliance & Documentation Officer and take the lead in driving our Information Security Management System (ISMS) certification. In this pivotal role, you will spearhead the development, implementation, and maintenance of ISO 27001 standards, ensuring our organization meets global security and compliance benchmarks.
Based in the vibrant and dynamic environment of Bali, you will collaborate with cross-functional teams to align security policies with business objectives, mitigate risks, and foster a culture of continuous improvement. This is a unique opportunity for a detail-oriented professional to make a tangible impact while advancing their career in information security governance.
If you are passionate about compliance, documentation, and cybersecurity, and thrive in a role that combines strategic leadership with hands-on execution, we invite you to apply and be part of our mission to achieve ISMS certification excellence.
Responsibility
- Lead the end-to-end ISO 27001 ISMS certification process, including gap analysis, risk assessments, and compliance audits.
- Develop, review, and maintain information security policies, procedures, and documentation in alignment with ISO standards.
- Coordinate with internal stakeholders to ensure adherence to security controls and regulatory requirements.
- Conduct security awareness training and workshops to educate employees on ISMS best practices.
- Monitor and report on compliance status, identifying areas for improvement and implementing corrective actions.
- Oversee internal and external audits, ensuring readiness and addressing findings promptly.
- Collaborate with IT and legal teams to integrate security measures into business processes and systems.
- Stay updated on emerging threats, regulations, and industry trends to proactively enhance security frameworks.
Qualifications
- Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field.
- Minimum 3-5 years of experience in ISO 27001, ISMS, compliance, or information security management.
- Proven track record in leading ISO certification projects (preferably ISO 27001).
- Strong knowledge of risk management frameworks (e.g., NIST, COBIT) and data protection laws (e.g., GDPR, PDPA).
- Excellent documentation, analytical, and problem-solving skills.
- Certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, or CISM are highly advantageous.
- Exceptional communication and stakeholder management abilities.
- Fluency in English; proficiency in Indonesian (Bahasa) is a plus.