Business Process & Compliance Specialist

Company Overview:

Bukalapak's mission is to provide a fair economy for all. We envision a tech-enabled economy where everyone from all walks of life has the options and opportunities to get more out of life, powered by our innovative online and offline platform. We do this because we believe people deserve equal opportunity to create better lives for themselves and their loved ones. Bukalapak is one of the largest e-commerce companies in Southeast Asia. Founded in 2010, it now has more than 100 million users with various physical and virtual products, including small kiosks and the e-commerce platform

What does day-to-day look like? 

• IT Governance & Compliance:

  • Develop, implement, and maintain IT governance, risk, and compliance frameworks and policies.

  • Ensure alignment with industry standards (ISO 27001, NIST, SOC 2, GDPR, etc.) and regulatory requirements.

  • Conduct regular IT compliance audits and risk assessments to identify vulnerabilities.

  • Develop and manage IT internal control processes to minimize security and compliance risks.

  • Provide guidance and training to employees on IT governance, risk, and compliance policies.

• IT Risk Management:

  • Identify, assess, and mitigate risks related to IT operations, cybersecurity, and regulatory compliance.

  • Develop and maintain an IT risk register and track mitigation measures.

  • Perform periodic IT risk analysis and provide reports to senior management.

  • Support IT incident response planning and business continuity strategies.

• IT Policy & Regulatory Compliance:

  • Monitor changes in IT laws and regulations affecting the organizations technology operations.

  • Collaborate with legal, audit, and cybersecurity teams to ensure compliance with corporate policies and external mandates.

  • Liaise with regulatory bodies and auditors to ensure IT compliance and governance objectives are met.

  • Maintain documentation and evidence of IT compliance activities.

• Reporting & Communication:

  • Prepare reports on IT compliance and risk findings, with recommendations for improvement.

  • Communicate with senior management regarding key IT risk exposures and regulatory updates.

  • Assist in drafting IT policies, procedures, and documentation related to governance and compliance.

What does amazing look like?

• Bachelors degree in Information Technology, Cybersecurity, Risk Management, or a related field.

• 3+ years of experience in IT governance, risk, compliance, or audit roles.

• Familiarity with IT compliance frameworks and risk management methodologies.

• Experience in regulatory compliance, IT audits, or cybersecurity governance.

• Strong knowledge of IT risk assessment tools and techniques.

• Professional certifications such as CRISC, CISA, CISM, CISSP, or equivalent (preferred).

• Excellent analytical, problem-solving, and communication skills.

• Ability to work collaboratively across IT teams and with external regulators.

Bukalapak is an equal opportunity employer. Our hiring committee considers all applicants based on their merits and qualifications for each position. Bukalapak does not discriminate applicants on the basis of their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or any other characteristics protected by applicable law. We embrace diversity and encourage inclusion because we believe that to help create A Fair Economy For All, we need to build a workplace for all #BukalapakForAll