IT Auditor Lead

In GoTo, the growth of our business is continuously challenged by the fast pace of technology development and regulatory changes. As the IT Auditor Lead, you will be a valued member of the Internal Audit Function with broad discretion in developing a strong foundational technology assurance framework. You will grow both technically and professionally through interaction with one of the most dynamic and driven management teams, exposure to the latest technologies and observe first-hand on tech-enabled business strategy.

• Plan, coordinate and execute audits to evaluate the adequacy and effectiveness of technology infrastructure, application, and process controls.
• Provide clear and organized documentation of the audit processes and findings.
• Identify and evaluate complex technology and business risks, implications and related opportunities for improvements of internal controls.
• Manage audit projects effectively – resource allocation, deliver on commitment, time management and quality reviews.
• Proactively engage and communicate effectively with related stakeholders throughout the entirety of the audit process.
• Support the development of the foundational audit methodology for the technology audit, and provide training to the team.
• Continuously develop and improve your technical skillset through self-studies and Company-sponsored training/certification program.
• Serve as a leader to your team by demonstrating integrity in your work, professionalism in your conduct, commitment to quality deliverables and open/honest feedback to team and superior.

• Minimum of 6 years of IT audit experience (with at least 4 years in an audit/consulting firm) and experience in leading a project.
• Certification: CISA is a must, with additional information security/data privacy certification (ISO 27001, CISSP, etc.) preferred.
• Experienced in technology compliance audits (including risk assessment and reporting) required by Bank Indonesia and OJK.
• Prior experience in auditing cloud services and security, SDLC/Agile/DevSecOps, IAM, data privacy, BCP/DRP and/or SOX, etc. will be a plus.
• Strong knowledge of audit methodology, audit planning/communication, audit program development, control testing approach, work paper documentation, work paper review, and reporting (concise write-ups).
• Experience with using data analytics and/or CAAT tools will be a plus point.
• Excellent communication, work collaboratively, analytical, and problem-solving skills as well as comfortable communicating in English (verbally and in writing).
• Highly self-motivated, inquisitive (with a keen interest in learning new technologies and IT governance framework) and strive to continuously develop technically and professionally.

About the Team

Our team, GoTo Internal Audit, is an expanding group of like-minded auditors with a growing domain expertise in our respective domains. As Internal Audit in GoTo, our charge is to support the oversight responsibilities of the Board and advise Management on matters relating to operational efficiencies, risk management and asset safeguards across Gojek, Tokopedia and GoTo Financial.

We aim to become a trusted business partner by consistently delivering high-quality audits by evaluating and improving operational excellence through better control and governance practices, and providing valuable inputs in terms of transparency of performance against business goals.

About GoTo Group

GoTo Group is the largest digital ecosystem in Indonesia with its mission to “Empower Progress” by offering technological infrastructure and solutions for everyone to access and thrive in the digital economy.

About Gojek

Gojek is Southeast Asia’s leading on-demand platform and pioneer of the multi-service ecosystem with over 2.5 million driver partners across the regions offering a wide range of services such as transportation, food delivery, logistics and more.

About GoTo Financial

GoTo Financial accelerates financial inclusion through its leading financial services and merchants solutions.