Beranda Job Details
O
Information & Communication Technology 🏢 Full Time ⭐️ Terverifikasi

Senior Information Security Consultant - GRC & Vendor Risk Management

Optum
Bali, Indonesia (Remote - Canggu, Ubud, Denpasar, Jimbaran, Nusa Dua, Kuta, Badung)
Salary Estimate
Rp 50.000.000 – Rp 80.000.000
Newest
Live Update
17 Juli 2026
Deadline
17 Jul 2027

job description

Join Optum as a Senior Information Security Consultant specializing in Governance, Risk & Compliance (GRC) and Vendor Risk Management (VRM). In this critical role, you will drive the development and implementation of robust security frameworks, ensuring compliance with global standards while mitigating third-party risks. Based in the vibrant and dynamic environment of Bali, Indonesia, you’ll collaborate with cross-functional teams to safeguard enterprise assets and enhance security posture.

With a minimum of 5 years of experience in GRC, TPRM, and Information Security Risk Management, you will play a pivotal role in shaping security strategies, conducting risk assessments, and fostering a culture of compliance. This is a unique opportunity to work remotely from Bali’s most sought-after locations—Canggu, Ubud, Denpasar, Jimbaran, Nusa Dua, or Kuta—while contributing to high-impact security initiatives for a global leader in healthcare technology.

Optum offers a competitive compensation package, professional growth opportunities, and the flexibility to thrive in a tropical paradise. If you are passionate about cybersecurity and excel in risk management, we want to hear from you!

Responsibility

  • Develop, implement, and maintain Governance, Risk & Compliance (GRC) frameworks aligned with industry standards (e.g., ISO 27001, NIST, SOC 2).
  • Lead Third-Party Risk Management (TPRM) programs, including vendor assessments, due diligence, and ongoing monitoring.
  • Conduct comprehensive risk assessments and gap analyses to identify vulnerabilities and recommend mitigation strategies.
  • Collaborate with legal, procurement, and IT teams to ensure vendor contracts meet security and compliance requirements.
  • Design and deliver security awareness training for employees and third-party stakeholders.
  • Monitor regulatory changes (e.g., GDPR, HIPAA) and update policies to maintain compliance.
  • Prepare and present risk reports, metrics, and dashboards to senior leadership and stakeholders.
  • Drive continuous improvement in security controls and risk management processes.

Qualifications

  • Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field. Advanced degrees or certifications (e.g., CISSP, CISM, CISA, CRISC) are a plus.
  • Minimum of 5 years of experience in GRC, TPRM, or Information Security Risk Management.
  • Proven expertise in risk assessment methodologies and compliance frameworks (ISO 27001, NIST, SOC 2, etc.).
  • Strong understanding of vendor risk management tools and best practices.
  • Excellent analytical, communication, and stakeholder management skills.
  • Experience with security audits, policy development, and incident response.
  • Familiarity with cloud security (AWS, Azure, GCP) and data protection regulations.
  • Ability to work independently in a remote setting with a results-driven mindset.

Required Skills

GRC Third-Party Risk Management Vendor Risk Assessment ISO 27001 NIST SOC 2 CISSP CISM CISA CRISC Risk Mitigation Compliance Auditing Security Frameworks Cloud Security Data Protection Stakeholder Management

Ready to Take This Challenge?

Make sure your resume is ready. Submit your application now before the deadline..

Apply Now

Lowongan Terkait

Rekomendasi pekerjaan serupa untuk Anda

Lihat Semua