Cyber Risk Services (CRS) is one of the practice Risk Advisory (RA). CRS is comprised of professionals with a broad range of information technology and risk management consulting skills. CRS professionals focus on information systems and technology that manage risk and/or drive operational, financial and regulatory compliance processes; as well as solutions that manage the risk associated with information technology itself. These professionals perform implementation, assessments, remediation and integration of end-to-end solutions in these areas. They also deliver advisory services focused on risk and compliance to IT management and senior executives.

Responsibilities:

• Assist in planning, organizing and carrying out information security management, IT security design&implementation and IT security assessment assignments as assigned.
• Apply problem solving skills and deliver Deloitte methodology on engagements
• Develop excellent professional oral and written communication skills in order to establish working relationships with client personnel
• Develop professional skills in various technology risk / security and privacy domains
• Build industry knowledge to understand risk management issues relevant to that particular business
• Exercise professional judgment on engagements by providing proactive solutions and recommendations
• Provide recommendations for improved and enhanced business efficiency to clients

Qualifications:

• Bachelor degree in Computer Science/Engineering, Information Technology, Information Systems, Accounting Information Systems or other related fields.  Master degree in a plus.
• Hold professional certifications e.g. CISSP, CISM, CSSLP, ISO/IEC 27001, CISA, OPST, CEH or other security certifications is preferred.
• 1- 6years experienced in IT Implementation, IT Security, IT audit, IT Security Assessment (Penetration Test), IT Implementation, Network, Application development and/or IT operations preferably in a professional firm.
• Familiar with ISO/IEC 27000, ISO/IEC 20000standards and frameworks such as COBIT, OSSTMM, ITIL and OWASP.
• Experienced in Penetration testing, Data Loss Protection is advantage
• Good analytical skill, decision-making, communication and presentation skills with MS Office proficiency
• Ability to adopt in learning new things
• Demonstrated leadership, problem solving, and strong verbal and written communication skills in both Thai and English
• Ability to prioritize tasks, work on multiple assignments, and manage ambiguity
• Ability to work both independently and as part