Job Description
Join Gojek as a Lead IT Auditor and become a key driver in safeguarding our digital ecosystem. As part of GoTo Financial, you will lead comprehensive IT audit engagements that ensure the security, integrity, and efficiency of our financial technology platforms. This role offers a unique opportunity to influence risk management strategies, enhance internal controls, and support the company's mission of accelerating financial inclusion across Indonesia. You will collaborate with cross-functional teams, leverage cutting-edge audit tools, and contribute to a culture of continuous improvement. If you are a seasoned IT audit professional with a passion for fintech innovation and a keen eye for detail, we want you to lead our audit initiatives and shape the future of digital finance at Gojek.
Responsibilities
- Plan, execute, and lead IT audit engagements to evaluate the effectiveness of internal controls, risk management, and governance processes.
- Assess the security, availability, and integrity of information systems, including cloud infrastructure, payment platforms, and data analytics tools.
- Identify emerging risks in financial technology, cybersecurity, and regulatory compliance, and recommend actionable improvements.
- Develop and maintain audit programs, work papers, and reports in alignment with industry standards (e.g., ISO 27001, COBIT, NIST).
- Collaborate with engineering, product, and compliance teams to drive remediation of audit findings and enhance control frameworks.
- Mentor and guide junior auditors, fostering a high-performance team culture and professional development.
- Monitor regulatory changes and industry best practices to ensure Gojek's IT audit methodology remains cutting-edge.
- Present audit results and strategic recommendations to senior management and audit committees.
Qualifications
- Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field.
- Minimum 7 years of experience in IT audit, with at least 2 years in a lead or supervisory role.
- Professional certifications such as CISA, CISSP, or CIA are required.
- Deep understanding of IT general controls (ITGC), application controls, and data privacy frameworks (GDPR, UU PDP).
- Proven experience in fintech, banking, or fast-paced technology environments.
- Strong analytical, problem-solving, and project management skills.
- Excellent communication and stakeholder management abilities, with fluency in English and Bahasa Indonesia.
- Familiarity with cloud platforms (AWS, GCP), API architectures, and agile audit methodologies is a plus.