The Role
As a Senior IT GRC Analyst, you will oversee GRC initiatives, work with various teams to ensure compliance, and manage risk assessments and audits, all in a fast-paced fintech setting.
Summary Generated by Built In
What You Will Do
- Coordinate the execution of IT Governance, Risk, and Compliance (GRC) initiatives across GoTo Financial entities.
- Collaborate with cross-functional teams (e.g., Business, Product, Ops, Compliance, Legal, DPPO, Engineering, Audit) to ensure proper control implementation and alignment.
- Drive continuous improvement of IT risk management processes, including risk assessments, control testing, and issue tracking.
- Support audit preparation and act as a liaison for both internal and external audits (ISO, OJK, EY, etc.).
- Ensure timely closure of audit findings and monitor ongoing compliance with internal policies and regulatory requirements.
- Monitor the effectiveness of security controls on critical systems and vendors, and escalate risks to relevant stakeholders.
- Facilitate and coordinate technical evidence gathering for regular regulatory submissions, ensuring IT-related requests are fulfilled accurately and on schedule.
What You Will Need
- Minimum 4 to 6 years of experience in IT Governance, Risk Management, or Compliance, preferably in the financial services or fintech sector.
- Strong understanding of regulatory frameworks such as ISO 27001, ISO 27701, OJK regulations, and data privacy standards.
- Experience handling internal and external audits, including evidence preparation and follow-up.
- Ability to assess and improve IT controls, risk management processes, and compliance documentation.
- Strong collaboration and communication skills to work cross-functionally with Business, Product, Ops, Compliance, Legal, DPPO, Engineering, Audit, and other supporting teams.
- Proactive, detail-oriented professional with a proven ability to manage multiple priorities and remain highly responsive in a fast-paced, dynamic environment.
- Strong experience managing regular regulatory deliverables and timelines, with the ability to liaise with cross-functional teams to gather compliance evidence efficiently.
About The Team
You’ll be part of the IT Governance, Risk, and Compliance (IT GRC) team — a dedicated group ensuring that GoTo Financial’s technology practices remain secure, compliant, and audit-ready. We partner closely with Business, Product, Engineering, Legal, Compliance, and Audit teams to strengthen risk controls, guide regulatory alignment, and support secure system development. We love solving complex problems, improving processes, and building trust with regulators and stakeholders. Our mission is to enable secure growth through responsible innovation — and we’re excited for you to be part of it!
About GoTo Group
GoTo is the largest digital ecosystem in Indonesia. GoTo's mission is to 'empower progress' by offering technology infrastructure and solutions that help everyone to access and thrive in the digital economy.
The GoTo ecosystem provides a wide range of services, including mobility, delivery, payments, financial services, and technology solutions for merchants. The ecosystem also provides e-commerce services through Tokopedia and banking services through its partnership with Bank Jago.
About Gojek
Gojek is Southeast Asia’s leading on-demand platform and pioneer of the multi-service ecosystem with over 2.5 million driver partners across the regions offering a wide range of services such as transportation, food delivery, logistics and more. With its mission to create impact at scale, Gojek is committed to resolving consumer problems and raising standards of living by connecting consumers to the best providers of goods and services in the market.
About GoTo Financial
GoTo Financial accelerates financial inclusion through its leading financial services and merchants solutions. Its consumer services include GoPay and GoPayLater and serve businesses of all sizes through Midtrans, Moka, GoBiz Plus, GoBiz, and Selly. With its trusted and inclusive ecosystem of products, GoTo Financial is open to new growth opportunities and aims to empower everyone to Make It Happen, Make It Together, Make It Last.
GoTo and its business units, including Gojek and GoToFinancial ("GoTo") only post job opportunities on our official channels on our respective company websites and on LinkedIn. GoTo is not liable for any job postings or job offers that did not originate from us. You should conduct your own due diligence to prevent being victims of any fake job scams, if they did not originate from GoTo's official recruitment channels.
#LI-ONSITE
Skills Required
- Minimum 4 to 6 years of experience in IT Governance, Risk Management, or Compliance
- Strong understanding of regulatory frameworks such as ISO 27001, ISO 27701, OJK regulations, and data privacy standards
- Experience handling internal and external audits
- Ability to assess and improve IT controls and compliance documentation
- Strong collaboration and communication skills
- Proactive, detail-oriented professional
- Strong experience managing regular regulatory deliverables and timelines
GoTo Group Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about GoTo Group and has not been reviewed or approved by GoTo Group.
-
Fair & Transparent Compensation — Pay is considered competitive to above market for many corporate roles across core entities such as Gojek, Tokopedia, and GoTo Financial. Base pay is often characterized as solid or above market in Indonesia tech roles.
-
Healthcare Strength — Medical coverage is characterized as strong in Indonesia and often extends to spouses and children. Company materials also highlight wellness support, parental insurance, and mental‑health counseling for employees and families.
-
Leave & Time Off Breadth — Leave programs are described as generous, including maternity, paternity, and other special leave types at Tokopedia. Broader time‑off and flexibility practices are portrayed as supportive across corporate roles.
GoTo Group Insights
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
GoTo is the largest technology group in Indonesia, combining on-demand, e-commerce and financial services through the Gojek, Tokopedia and GoTo Financial brands. It is the first platform in Southeast Asia to host these three essential use cases in one ecosystem, capturing a majority of Indonesian consumer household expenditure. GoTo’s mission is to “Empower Progress” by offering an unparalleled selection of goods and services through a comprehensive merchant and partner network and promoting financial inclusion through its leading payments and financial services business.
