Cyberark Information Security Risk & Compliance Specialist 

Indonesia, Central Sulawesi 

609783422

About the Role:

Please note that this is a hybrid role located in our office in London. We ask to come to the office twice per week.

• Support the sales and legal teams during RFx processes by responding to customer security questionnaires, assessments, and due diligence requests.
• Coordinate and manage responses to customer security audits and assurance inquiries.
• Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR).
• Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation.
• Collaborate with cross-functional teams (Security, Legal, IT, Product, etc.) to gather information and ensure compliance obligations are met.
• Participate in risk assessments, control testing, and continuous monitoring activities to support the overall risk and compliance program.
• Support customer contract negotiations by providing expert input on security and compliance clauses.
• Help prepare evidence and documentation for internal and external audits.
• Track and report on compliance project status and risks to leadership.

• 3+ years of experience in Governance, Risk, and Compliance, Information Security, or a related field.
• Experience supporting sales processes, including responding to RFx security assessments.
• Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.).
• Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences.
• Strong organizational skills with the ability to manage multiple priorities in a dynamic environment.
• Self-motivated with a proactive approach to problem-solving and attention to detail.
• Experience working in a SaaS, cloud, or technology-driven company is preferred.
• Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or similar) are a plus