WorkScore™ คืออะไร?
WorkScore™ คืออะไรเหรอ? แถบสีน้ำเงินด้านข้างตำแหน่งงานแต่ละตำแหน่งจะแสดงค่าความเหมาะสมของโพรไฟล์คุณกับตำแหน่งงาน คุณจำเป็นต้องใส่รายละเอียดในโพรไฟล์อย่างน้อย 80% ขึ้นไป จึงจะสามารถดูค่าความเหมาะสมของ WorkScore ได้ ใครอยากรู้ กรอกโปรไฟล์เลย
ทักษะ:
Data Analysis, Risk Management, SQL, English
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Plan and support internal audit strategies in both Cyber Security and Data Analysis aspects.
- Lead a Cyber Security Audit team, ensuring adherence to work standards and reporting to top management.
- Identify potential cyber security risks and develop compelling proposals and recommendations to gain organizational buy-in.
- Conduct internal audits of IT and engineering processes, adhering to professional standards and collaborating effectively with stakeholders.
- Utilize various techniques to gather and analyze data related to the audit plan.
- Assess data, risks, and the effectiveness of the organization's internal control systems.
- Investigate and monitor data for potential issues.
- Present and document audit findings, including data visualizations, in clear and concise reports.
- Master's degree in Computer Engineering, Computer Science, Information Technology, or a related field (preferred).
- Bachelor's degree in Computer Engineering, Computer Science, IT, or a related field (minimum).
- At least 7 years of experience in Information Security Management, Information Risk Management, IT Audit Management, ICT Security, Cloud Security, Data Analytics, or a related field.
- Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or CISM (Certified Information Security Manager) are a strong advantage.
- Strong technical knowledge of Cyber Security Audit methodologies.
- Excellent command of the English language.
- Proficiency in data management concepts like data governance, data analytics, and data security.
- Solid understanding of SQL scripting, Python, Visual C+, and other programming techniques.
- Experience with data visualization tools such as Power BI, SAS Viya, or Tableau.
- Project management and/or team leadership experience is a plus.
ประสบการณ์:
2 ปีขึ้นไป
ทักษะ:
Network Infrastructure, Security Design, Big Data, English, Thai
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
- Work on IT security design, analysis and implementation of security protection solution.
- Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
- Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
- Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
- Skills and attributes for success.
- To qualify for the role you must have.
- Bachelor's degree or Master's degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
- Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
- Familiar with leading IT security processes and tools.
- Highly proficient in both English and Thai with good written and oral communication and analytical skills.
- Ideally, you'll also have.
- Having experience in project planning and management will be a plus.
- Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
- Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
- Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
- We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
- What we offer.
- We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
- Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We'll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.
- If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
- The exceptional EY experience. It's yours to build.
- EY | Building a better working world.
- EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
- Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
- Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
ทักษะ:
Cooperate, System Security, Project Management, Thai, English
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Manage security systems and security controls implemented in systems, networks and applications to ensure that they effectively defend against cyber threats.
- Develop security configuration standards and enforce system hardening to IT infrastructure.
- Monitor the publicly disclosed security vulnerabilities and cyber threats. Alert the related teams and take actions to mitigate risks.
- Assess security vulnerabilities in IT infrastructure. Set action plans and cooperate with the related parties to ensure that the identified security flaws are properly remediated.
- Manage staff user accounts, privileged user accounts and system authorization control.
- Collect and analyze security events to identify anomalies. Investigate and respond to security incidents.
- Keep tracks of changes in IT security technology and practices. Improve security operational processes and tools as needed.
- Identify, define and document system security requirements and recommend solutions to management.
- Educate and train staff on information system security best practices.
- Having 3-5 years of relevant experience.
- Excellent communication both speaking and writing in Thai and English.
- Excellent report-writing skills in both English and Thai.
- Ability to form complex communications/messages in a simple, clear, and concise manner to the various communities within the organization.
- Capable of supporting various types of security assessments and familiar with various types of security standards.
- Experience in Project management.
- Ability to plan, manage and maintain a complex organization-wide program over the longer term.
- Understanding of the different concepts of information security and risks.
- Being a person who has a compromised vibe and is good at interpersonal skills.
- Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date.
ทักษะ:
Automation, English
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Security Analyst and Incident Responder Supervisor.
- Investigate and respond to external and internal cybersecurity threats, vulnerabilities, and exploits.
- Ensure all cases are acted upon conscientiously and in the framework expected according to the SLA.
- Document security investigations and produce high-quality and accurate reports for various stakeholders.
- Support security incident root cause analysis, identify control gaps, and recommend mitigation strategies.
- Collaborate with cross-functional teams to drive improvements to security tools, policies, and processes.
- Improve the Security Operations and Incident Response team's effectiveness and efficiency, including developing and refining processes and technical capabilities.
- Understand and support requirements of internal and external stakeholders, regulators, and auditors.
- Bachelor's degree or higher in Computer Engineering, Computer Science, IT, or related fields.
- 4-5 years of working experience in a Security Operations Center, Incident response, and threat analysis or a relevant investigative role.
- Hold the certificate of CompTIA Security +, CompTIA CySA+, and others would be an added advantage.
- Experience with knowledge in Security solutions, Security Incident Response, Monitoring, and Intrusion detection.
- Familiarity with digital forensics, SOAR automation, and cloud technology is advantageous.
- Good command of English reading, writing, and communication skills, including conducting presentations and creating security incident reports, is required.
- Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date.
ทักษะ:
Network Infrastructure, Security Design, Assurance, English, Thai
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Perform IT security assessments for clients (e.g. security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
- Work on IT security design and analysis, and business continuity management, ISMS assessment and implementation, and/or SOX implementation and assessment.
- Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
- Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.
- Skills and attributes for success.
- To qualify for the role you must have.
- Bachelor's degree or a master's degree in Computer Engineering, IT security, Computer Science, Information Systems or other related fields.
- Minimum of 7 years' experience in such areas as IT security management design and implementation, IT security assessment, BCM, and/or business process and control review.
- Familiar with leading IT security and assurance frameworks such as ISO27001/2, ITIL, COBIT, ITGI guidelines and frameworks.
- Highly proficient in both English and Thai with good written and oral communication and analytical skills.
- Ideally, you'll also have.
- Having experience in project planning and management will be a plus.
- Professional certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA) and / or Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
- We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
- What we offer.
- We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
- Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We'll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.
- If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
- The exceptional EY experience. It's yours to build.
- EY | Building a better working world.
- EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
- Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
- Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
ประสบการณ์:
5 ปีขึ้นไป
ทักษะ:
Finance, Compliance, Legal, English, Thai
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Responsibilities relating to identifying, assessing, monitoring, controlling and mitigating Technology risks to the Country and Group, as well as an awareness and understanding of the main risks facing the Group and the role the individual plays in managing them. Need to ensure Country Technology Teams do comply all required processes as defined in Technology Process Universe. Identify all the gaps in the real practices, assess the risks and provide the risk mitigation. Monitor and control all required compliances in Technology team and also perform the risk assessment according to ...
- Responsibilities relating to the direction, planning, structure, frameworks (e.g. processes and policies) and oversight. Need to understand the ERMF (Enterprise Risk Management Framework), Risk Types, Sub-Risk Types and related processes and policies. Able to share the knowledge and educate the teams about all Group compliances and local regulations.
- Manage and update the information in the risk tracking systems. To ensure all monitoring and making the status records up-to-date. Need to ensure all the data of all related systems are synchronized and accurated.
- Processes.
- To recommend and implement actions and solutions to mitigate operational risks and enhance compliance at business unit level.
- To challenge assessment and treatment of Technology activities where operational risk exposure is managed with control requirements or within risk appetite.
- Implement control within the business unit to meet all regulatory and internal requirement.
- Risk Management.
- Be the source of reference within the Business Unit in facilitating and promoting the understanding of Operation Risk(OR) and Compliance requirement.
- Support the implementation of OR initiatives for the Business Unit.
- Proactively communicate with the Business Unit Head on Operation risk issues, Escalate significant events to the Business Unit Head as appropriate.
- Coordinate and report the operational risk and loss reporting of the unit to the Business Unit Head. Ensure data accuracy and completeness.
- Ensure effectiveness of controls for compliance monitoring and risk management.
- Undertake and/or coordinate periodic business monitoring (self-assessment) activities within the Business unit and escalate findings and or breaches to Business Unit Head when they occur.
- Ensure risks and issues identified are resolved in an appropriate and timely manner.
- Assist Business Unit Head in the implementation of OR framework or other relevant OR initiatives.
- Identify gaps and arrange training on compliance and OR for staffs (if any).
- Conduct Technology Risk Key Control Self-Assessment.
- Monitor Key Risk indicator and report status of Risk Treatment plan.
- Governance.
- Assist Business Unit head in coordination, driving and directing effective compliance and operational risk management at the business unit level through process of risk identification, assessment and measurement, acceptance and monitoring to reduce gross operational risk exposure to acceptable levels within the risk appetite.
- Periodic monitoring activities and timely resolution of risk issues.
- Implement effective assessment and acceptance governance processes, tools and techniques including reporting and monitoring of MI to ensure effective governance over risk management activities.
- Influence the development of an operation risk culture which is forward looking, risk based and customer focus.
- Regulatory & Business Conduct.
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
- Key stakeholders.
- Internal.
- CORO, UORMs and responsible persons undertaking business monitoring in various units.
- Managers in Group Business Operational Risk.
- Legal and Compliance.
- Internal Auditors.
- Training Managers.
- System Delivery & Technology personal (Local & Group).
- External.
- Regulators (per assigned).
- External Auditors (per assigned).
- Other Responsibilities.
- Embed Here for good and Group's brand and values in Thailand Technology & Operation; Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures; Multiple functions (double hats).
- Our Ideal Candidate.
- Education: Bachelor's degree in Computer Science, or related field.
- Training: IT Security Professional or IT Risk Management certification.
- Certifications: IT Security Professional or IT Risk Management certification.
- Languages: Thai, English.
- Role Specific Technical Competencies.
- Technology Risk Management.
- Technology Infrastructure and Network Management.
- Software Development Life Cycle Management.
- Cyber Security.
- About Standard Chartered.
- We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.
- Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:
- Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do.
- Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well.
- Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term.
- In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.
- Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
- Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
- Flexible working options based around home and office locations, with flexible working patterns.
- Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits.
- A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
- Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.
- Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.
- Visit our careers website www.sc.com/careers.
ทักษะ:
English
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Use feedback and reflection to develop self awareness, personal strengths and address development areas.
- Delegate to others to provide stretch opportunities, coaching them to deliver results.
- Demonstrate critical thinking and the ability to bring order to unstructured problems.
- Use a broad range of tools and techniques to extract insights from current industry or sector trends.
- Review your work and that of others for quality, accuracy and relevance.
- Know how and when to use tools available for a given situation and can explain the reasons for this choice.
- Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
- Use straightforward communication, in a structured way, when influencing and connecting with others.
- Able to read situations and modify behavior to build quality relationships.
- Uphold the firm's code of ethics and business conduct.
- Preferred skills.
- Penetration Tester.
- Minimum years experience required.
- 3 Years and Above.
- Additional application instructions.
- Good communication in English.
- Education (if blank, degree and/or field of study not specified).
- Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
- Required Skills.
- Optional Skills.
- Desired Languages (If blank, desired languages not specified).
- Travel Requirements.
- Not Specified
- Available for Work Visa Sponsorship?.
- Yes
- Government Clearance Required?.
- No
- Job Posting End Date.
- July 31, 2024
ทักษะ:
Legal, Thai, English
ประเภทงาน:
งานประจำ
เงินเดือน:
สามารถต่อรองได้
- Ensure a safe and secure environment for co-workers, customers and visitors through training, audits, and standards and national/local legal demands.
- Assist the store to meet IKEAs intended level of safety and security by achieving positive results during internal/external audits and insurance inspections.
- Co-ordinate with the store Emergency Response Team and manage the handling of any emergency cases and provide appropriate action according.
- Accountable for investigation of internal and external incidents and recommending resolution and revision of routines as necessary. Secure incidents are properly reported.
- Implement crowd management plan for peak days and proactively identify emerging risks, and ensure early involvement in new initiatives in the store.
- Be the initial point of contact when fraudulent activities or unethical behaviours (including but not limited to harassment, co-worker misconduct) are suspected or identified.
- Work together with the global Ikano Retail Risk Manager to ensure all IKEA Standards, Risk Management frameworks as well as legal demands are followed.
- Candidates shortlisted for this role must have a Safety Officer (Professional) Certificate/License or equivalent to จป. เจ้าหน้าที่ความปลอดภัย ระดับวิชาชีพ.
- Deep knowledge of occupational health and safety, technical security systems, fire codes, building codes, local criminal and civil laws, insurance claims, auditing and emergency response handling.
- Experience in similar role in retail or related industries (minimum of 8 years).
- Experience in managing fire control centre and security guards.
- Ability to influence and develop people and act as a role model and coach.
- Ability to react confidently to critical situations and act appropriately to minimise risks to the business and people.
- Ability to communicate confidently and clearly in Thai and in English (written and verbally) and influence when divergent interests.
- High level of personal integrity and fast perception and ability to implement requests at short notice.
- More InformationPlease apply by 30 April 2024.
- 1