Skills:

Finance, English

Job type:

Full-time

• Act as the Business Owner for unsecured lending products, owning the end-to-end lifecycle within an Agile development framework.
• Define product vision, roadmap, and KPIs in alignment with overall bank strategy and customer needs.
• Collaborate closely with cross-functional agile teams including product managers, data scientists, developers, and marketing to prioritize features and deliver value iteratively.
• Leverage AI, machine learning, and data analytics to optimize credit scoring, risk management, customer onboarding, and fraud prevention.
• Develop innovative, competitive unsecured lending products (e.g., personal loans, credit lines) tailored for the Thai market.
• Manage regulatory compliance, credit policies, and risk appetite to maintain high-quality portfolios while enabling growth.
• Drive digital transformation initiatives to improve customer experience, operational efficiency, and product performance.
• Monitor and analyze product performance, customer feedback, and market trends to continuously enhance offerings.
• Lead, motivate, and build a high-performance team of credit risk analysts, product owners, and data specialists.
• Foster a culture of agility, innovation, and customer-centricity across the organization.
• Bachelor's degree in Finance, Business Administration, Economics, or related field; an MBA or advanced qualification is a plus.
• 8+ years of experience in unsecured lending, consumer finance, or related fields, with demonstrated leadership in digital or innovative environments.
• Proven experience in Agile product ownership, ideally within a fintech or digital banking context.
• Strong knowledge of credit risk management, regulatory standards in Thailand, and digital transformation strategies.
• Expertise in AI, machine learning, and data analytics applied to lending and risk assessment.
• Excellent stakeholder management, communication, and leadership skills.
• Fluency in Thai and English.
• Be part of a trailblazing digital bank driving change with AI and Agile methodologies in Thailand s financial industry. Lead innovative products, influence strategic direction, and shape the future of banking..

Job type:

Full-time

• Lead the design, execution, and continuous improvement of the Group s compliance planning and framework in line with applicable financial regulatory requirements (e.g., central bank, securities commission, insurance regulators).
• Develop and coordinate the annual compliance strategy, roadmap and compliance monitoring plan across the financial conglomerate, ensuring alignment with group objectives and regulatory expectations and to ensure robust second-line oversight and effective control testing and monitoring.
• Develop enterprise-wide compliance dashboards and key risk indicators (KRIs) for reporting within organization and regulatory authorities.
• Lead and oversee the implementation and enhancement of the GRC compliance module for an effective outcome using technology with an aim to automate compliance workflows, monitoring, and reporting.
• Foster a proactive compliance culture by developing and delivering various initiatives/measures to create and sustain a vibrant compliance culture across the Group.
• Create, maintain, and enhance comprehensive compliance tools, dashboards, reports, and documentation on a continuous basis.

Skills:

Automation, Big Data

Job type:

Full-time

• Define & Implement Data Strategy: Formulate, communicate, and execute the overall data strategy for Bank X, ensuring its alignment with the bank's business objectives and regulatory requirements.
• Establish Data Governance: Lead the Data Governance Council (DGC) to define and enforce data governance policies, standards, and procedures [DA05-415]. This encompasses ensuring data quality, security, privacy, and compliance with regulations like the Personal Data Protection Act (PDPA) and Bank of Thailand (BOT) guidelines across the ...
• Drive Data Analytics & AI/ML Innovation: Oversee the strategic direction and execution of data architecture, data engineering, data analytics, and data science functions [DA02-385, DA02-386]. You will spearhead the development and deployment of advanced AI/ML models for critical banking functions such as credit scoring, customer segmentation, marketing automation, and fraud detection.
• Manage Data Platforms & Infrastructure: Guide the deployment and localization of scalable, cloud-native data platforms (e.g., WeBank s WeDataSphere) and the design of standardized APIs to ensure seamless data sharing and integration capabilities.
• Champion Open Banking & Data Sharing: Drive the adoption and effective utilization of open banking data frameworks, establishing consent-based data sharing mechanisms to enhance customer experience and foster healthy market competition.
• Foster Data Culture & Collaboration: Cultivate a strong data-driven mindset and promote ethical data use across all departments [DA01-373, DA02-396, DA02-401]. You will lead the Data Center of Excellence (CoE), functioning as a catalyst for cross-departmental collaboration on high-impact data projects that align with Bank X's strategic objectives.
• Talent Development & Knowledge Transfer: Collaborate with the Human Resources department to uplift and train Thai nationals in advanced data capabilities, facilitating crucial knowledge transfer from international consortium partners such as WeBank and KakaoBank.
• Data Monetization: Develop and implement sustainable strategies for data monetization while rigorously upholding ethical standards and ensuring customer trust.
• Extensive Leadership Experience: A proven track record (10+ years preferred) in senior data management, data analytics, and AI/ML leadership roles, with substantial experience in the banking, digital finance, or fintech industry, ideally within a virtual bank environment.
• Deep Technical Expertise: Profound understanding and practical experience with Big Data technologies, AI/ML methodologies, data architecture design, and comprehensive data governance frameworks.
• Regulatory & Security Acumen: Solid knowledge of data privacy regulations (e.g., PDPA) and cybersecurity best practices specifically pertaining to data handling within a financial services context.
• Strategic & Analytical Mindset: Demonstrated ability to translate complex data into actionable insights and drive strategic initiatives that significantly contribute to business growth and innovation.
• Exceptional Leadership & Collaboration Skills: Outstanding capability to lead multidisciplinary teams, influence stakeholders at all levels, and foster effective cross-functional collaboration, including working seamlessly with international consortium partners.

Skills:

Automation, TypeScript, Javascript

Job type:

Full-time

• Architectural Excellence -Engage in deep architecture reviews and technology assessments to drive continuous improvement and innovation.
• Stakeholder Collaboration - Collaborate with multiple stakeholders to understand their requirements and support them on their cloud adoption and migration journey.
• Technical Excellence- Translate developer needs into technical requirements and optimize cloud architectures for high availability, scalability, and performance.
• Development Leadership- Lead a dedicated development team in designing, developing, and delivering cutting-edge business automation capabilities for our Cloud Centre of Excellence.
• Cloud Infrastructure Mastery- Design and implement scalable, secure, and cost-effective cloud infrastructure solutions using major cloud providers such as Azure and Huawei, tailored to project requirements.
• Technical Guidance- Provide valuable technical guidance and support to foster a collaborative and innovative work environment.
• Stakeholder Engagement- Interface with stakeholders, including developers, project managers, and business owners, to gather feedback and refine our self-service platform.
• If you meet below qualifications and are ready to take on a challenging role, we encourage you to apply..
• Proven Expertise: Minimum of 5 years of experience in consulting and client-side roles, or a combination of both.
• Hands-On Leadership: Demonstrate at least 5 years of hands-on development experience before.
• transitioning to an engineering management or architecture role.
• Language Proficiency: Possess current or previous experience in one or more programming languages such as TypeScript/JavaScript, Java, Python, or Kotlin, with a deep understanding of their pros and cons.
• Tech Ecosystem Acumen: Navigate the modern technology ecosystem with ease, encompassing cloud providers, commerce vendors, experience platforms, event brokers, data processing platforms, analytics, business intelligence, big data, and AI.
• Cloud & DevOps: Exhibit hands-on experience with cloud architecture (preferably Azure), DevOps, Site Reliability Engineering, and Quality Engineering best practices. Experience around different cloud pricing and strategies.
• Lifecycle Expertise: Embrace a broad understanding of the entire project lifecycle, from project inception to MVP scoping, agile development, and operational excellence.
• Agile Knowledge: Bring working knowledge of agile delivery and scaled agile methodologies, ideally on the 'architecture runway' side.
• Continuous Architecture: Contribute your experience with 'real-life' continuous architecture practices, preferably within an architecture guild/team in a large organization.

Skills:

Legal, Compliance, Negotiation, English

Job type:

Full-time

• Represent the company in litigation, arbitration, and dispute resolution proceedings.
• Provide expert legal advice on litigation risks, strategy, and potential outcomes.
• Draft, review, and file legal documents, pleadings, motions, and appeals.
• Manage relationships with external counsel and monitor their performance and cost efficiency.
• Collaborate with business units to identify and mitigate potential legal risks.
• Support internal investigations and compliance-related inquiries.
• Track and report on ongoing litigation matters, including potential financial or reputational impacts.
• Ensure compliance with relevant laws, regulations, and corporate governance requirements.
• Bachelor s degree in Law (LL.B.); Master s degree in Law or Business Administration is an advantage.
• Licensed lawyer in Thailand (Barrister-at-Law or Lawyer Council membership preferred).
• 5-8 years of experience in litigation, arbitration, or dispute resolution, preferably with exposure to financial services, banking, or corporate sectors.
• Strong knowledge of Thai civil and criminal procedure, arbitration laws, and regulatory frameworks.
• Excellent negotiation, analytical, and problem-solving skills.
• Strong communication skills in both Thai and English (written and spoken).
• Ability to manage multiple cases simultaneously under tight deadlines.

Skills:

Assurance, Software Development, Automation

Job type:

Full-time

• Test Strategy & Leadership: Develop, implement, and oversee robust testing strategies and plans for all software products and features, aligning with Bank X's architectural standards and business objectives.
• Team & Resource Management: Lead and mentor a team of quality assurance engineers and testers, overseeing both in-house and outsourced testing activities, and ensuring efficient allocation of resources for comprehensive test coverage.
• Quality Assurance & Compliance: Ensure that software products meet high-quality stan ...
• Test Automation & CI/CD: Drive the adoption and implementation of test automation frameworks and scripts to enhance testing efficiency and integrate continuous testing into the CI/CD pipelines for rapid and reliable releases.
• Defect Management: Oversee critical defect management processes, from identification and reporting to resolution and re-testing, ensuring timely remediation and prevention of future issues.
• Cross-functional Collaboration: Work closely with development teams, product owners, and other stakeholders (e.g., Architecture, Risk, Cybersecurity) to embed quality throughout the development process and ensure delivered solutions meet user needs and technical requirements.
• Continuous Improvement: Champion continuous improvement initiatives within the QA function, leveraging feedback and performance metrics to refine testing processes and enhance overall quality outcomes.
• A proven track record (7+ years preferred) in software quality assurance, with significant experience leading and managing testing teamsand strategies, ideally within the banking, digital finance, or fintech industry.
• Deep expertise in Agile methodologies and DevOps principles, with extensive hands-on experience in test automation design and implementation.
• Strong understanding of distributed systems, microservices, and cloud-native architectures (e.g., Microsoft Azure) relevant to testing complex applications.
• Solid knowledge of cybersecurity best practices and application security testing within a financial services context.
• Excellent leadership, communication, and problem-solving skills are essential for driving quality and collaborating effectively across technical and business functions.

Skills:

ISO 27001, Automation, System Administration

Job type:

Full-time

• Lead and manage the Application Operations team, including Application Ops Engineers.
• Oversee application deployment, release management, and configuration changes in production environments.
• Monitor application performance, availability, and incident trends; implement proactive measures to prevent downtime.
• Coordinate incident response and root cause analysis for application-related issues.
• Ensure compliance with regulatory and security standards (BOT, ISO 27001).
• Develop and enforce standard operating procedures, runbooks, and operational best practices.
• Collaborate with Infrastructure, Cloud, and Service Delivery teams for cross-functional issue resolution.
• Manage application account access and authorization processes for production systems.
• Drive automation initiatives to improve deployment speed, consistency, and reliability.
• Provide mentorship and technical guidance to junior Application Ops Engineers.
• Bachelor s degree in Computer Science, Information Technology, or related field; Master s preferred.
• Minimum 7 years of experience in application operations, system administration, or DevOps, with at least 2-3 years in a leadership role.
• Strong experience with application deployment, monitoring, and incident management tools.
• Familiarity with middleware, caching, messaging systems, and application architecture.
• Knowledge of IT security standards, regulatory compliance, and operational best practices.
• Proficiency in scripting and automation tools (e.g., PowerShell, Bash,.
• Python).
• Excellent leadership, communication, and problem-solving skills.
• Experience with ITSM tools (e.g., Jira Service Management, ServiceNow) and change management processes.

Skills:

Procurement, Compliance, Negotiation, English

Job type:

Full-time

• Lead IT Corporate covering Workplace & Identity Services, Procurement & Asset Management, and Governance, Risk & Compliance.
• Oversee end-user IT support, endpoint management, and identity & access controls.
• Manage IT procurement, vendor coordination, and asset lifecycle.
• Ensure compliance with BOT regulations, ISO 27001 ISMS, and ITIL processes.
• Drive corporate IT infrastructure reliability (network, O365, VPN, security tools).
• Develop and lead the IT Corporate team, ensuring SLA-driven service delivery.
• Coordinate with Risk, Compliance, and Audit teams for regulatory readiness.
• Bachelor s/Master s in IT, Computer Science, or related field.
• 10+ years in IT, incl. 5+ years in IT Corporate/Infrastructure leadership.
• Strong knowledge of endpoint mgmt., identity & access (Azure AD, MFA), O365, MDM, VPN, LAN/Wi-Fi.
• Experience in IT procurement, vendor mgmt., asset lifecycle.
• Familiar with ITIL, ISO 27001 ISMS, BOT regulations.
• Strong leadership, vendor negotiation, and compliance mindset.
• Fluent in Thai & English.

Skills:

ISO 27001, Automation, Procurement

Job type:

Full-time

• Lead and manage the Infrastructure Operations team, including System engineers and DBAs.
• Oversee provisioning, configuration, and maintenance of VM-based servers and Database systems.
• Ensure infrastructure security compliance according to BOT and ISO 27001 standards.
• Develop and enforce infrastructure policies, standards, and procedures.
• Manage OS patching, backup, disaster recovery, and capacity planning activities.
• Coordinate with Cloud Operations and Application Operations teams to ensure hybrid environment stability.
• Monitor infrastructure performance and implement improvements for reliability and scalability.
• Lead incident response and root cause analysis for infrastructure-related issues.
• Drive continuous improvement initiatives for infrastructure processes and automation.
• Manage vendor relationships for infrastructure hardware and software procurement and support.
• Bachelor s degree in Computer Science, Information Technology, or related field; Master s degree preferred.
• Minimum 7 years of experience in IT infrastructure operations, including at least 3 years in a leadership role.
• Strong hands-on experience with server virtualization (e.g., VMware, Hyper-V) and cloud infrastructure (Azure preferred).
• Extensive knowledge of Operating systems (Windows Server, Linux and Database technologies (MySQL, PostgreSql, DocumentDB or Managed services like RDS).
• Solid understanding of IT security standards and regulatory requirements (BOT, ISO 27001).
• Experience with infrastructure automation tools (Ansible, Terraform, PowerShell scripting).
• Excellent problem-solving, communication, and leadership skills.
• Proven ability to manage cross-functional teams and coordinate with multiple stakeholders.

Skills:

Scrum

Job type:

Full-time

• Manage the full lifecycle of tech programs, from planning to execution and closure.
• Collaborate closely with Business PMO heads and stakeholders to ensure alignment and successful outcomes.
• Proactively identify and mitigate program risks and issues.
• Ensure program delivery adheres to IT governance frameworks and Agile practices.
• 7+ years in IT program management, leading large-scale initiatives in financial services or digital banking.
• Strong command of Agile/Scrum/SAFe methodologies and excellent stakeholder management skills.

Skills:

ISO 27001, Automation, Contracts

Job type:

Full-time

• Lead and manage the Cloud Operations team, including Cloud Engineers staff.
• Oversee the deployment, monitoring, and management of cloud resources such as virtual networks, application gateways, cloud application services, messaging services, and caching systems.
• Ensure cloud operations comply with security standards and regulatory requirements (BOT, ISO 27001).
• Develop and enforce cloud governance, policies, and best practices.
• Coordinate cloud architecture and integrations with Infrastructure, and Application.
• Monitor cloud performance, implement cost optimization strategies, and ensure high availability.
• Lead incident response and root cause analysis for cloud-related issues.
• Implement automation and infrastructure-as-code practices for provisioning, scaling, and configuration.
• Maintain documentation of cloud architecture, processes, and operational procedures.
• Liaise with cloud vendors, manage contracts, and monitor service-level agreements.
• Drive continuous improvement initiatives to enhance cloud security, performance, and operational efficiency..
• Bachelor s degree in Computer Science, Information Technology, or related field; Master s preferred.
• Minimum 7 years of experience in IT infrastructure or cloud operations, with at least 3 years in a leadership role.
• Strong experience with cloud platforms (Azure preferred; AWS/GCP is a plus) and cloud-native services.
• Hands-on knowledge of networking, load balancing, application gateways, caching, and cloud messaging services.
• Proficiency in automation, scripting, and infrastructure-as-code tools (e.g., Terraform, Ansible, PowerShell).
• Familiarity with IT security standards, regulatory compliance, and audit requirements.
• Excellent leadership, communication, and problem-solving skills.

Skills:

Microsoft Azure, DevOps, Scrum

Job type:

Full-time

• Team Leadership & Mentorship: Guide and develop a team of software engineers, overseeing project delivery and ensuring technical excellence and adherence to best practices, including coordinating with outsourced development and testing resources.
• Technical Design & Architecture: Drive the technical design and architectural decisions for software platforms, with a focus on distributed systems, microservices, and cloud-native solutions (e.g., Microsoft Azure).
• Secure Software Development: Implement and enforce a Secure SDLC (SSDLC) and secure ...
• Agile & DevOps Implementation: Champion and implement Agile methodologies (like Scrum) and DevOps practices, including automated CI/CD pipelines, for rapid, frequent, and reliable software releases.
• AI/ML Integration: Lead the development and integration of AI/ML solutions to enhance customer experience, automate processes (e.g., loan underwriting, fraud detection), and optimize operational efficiency.
• Quality Assurance & Security Controls: Ensure rigorous testing and implement robust security measures, such as access controls and multi-factor authentication, to protect customer data and systems.
• A proven track record (5+ years preferred) in leading software development teams and managing complex IT projects, ideally within the banking, digital finance, or fintech industry.
• Strong understanding and hands-on experience with distributed systems, microservices, and cloud-native development (e.g., Microsoft Azure).
• Proficiency in relevant programming languages and frameworks, and experience with Big Data, AI/ML technologies, and API management.
• Deep experience with Agile and DevOps principles and tools.
• Strong knowledge of cybersecurity best practices, secure coding, and application security within a financial context.
• Familiarity with core banking products and relevant regulatory requirements in Thailand is a plus [IT05-568, IT09-738]. Excellent leadership, communication, and interpersonal skills are essential for leading teams and working effectively across departments.

Skills:

Compliance, Risk Management, English

Job type:

Full-time

• Oversee and direct all aspects of cybersecurity across the virtual bank, including cybersecurity governance and day-to-day operations, as well as drives continuous improvement of cybersecurity capabilities.
• Develop and enhance enterprise-wide Information and Cybersecurity (ICS) policies, standards, and procedures, and oversee compliance and continuous enhancements of these policies, standards, and procedures.
• Establish and continuously refine a robust information security management framework ...
• Ensure security specifications and IT security architecture are defined.
• Manage IT risks and cyber threats in alignment with the virtual bank s risk profile and present these risks to the Board of Directors and designated committees on a regular basis.
• Proactively communicate and interact with stakeholders across all business units to promote adherence to applicable policies and standards.
• Optimize the efficiency of Information Security functions and empower the CRO to effectively lead the second line of defense in safeguarding information and data assets.
• Ensure IT security controls are implemented and operating effectively, and that these controls are commensurate with the IT risks and cyber threats faced by the organization.
• Ensure staff have IT security and cyber threat knowledge, awareness, preparedness, and readiness to deal with cyber threats.
• Report IT security incidents and provide opinions on IT risk management and cyber threats to IT Steering Committee and Risk Management Committee.
• Lead and continuously improve the incident escalation process. This includes defining clear escalation paths, establishing communication protocols with internal departments and external regulators, and ensuring timely and effective response during a security breach.
• Provide comprehensive oversight, support, advice, and guidance to senior management and stakeholders regarding compliance with applicable data protection laws, with a strong focus on upholding the rights and freedoms of data subjects.
• Experience in areas of information and cybersecurity including knowledge of cyber resilience, identity and access, network security, application security, and cloud security.
• Experienced in leading a team of security professionals, with the ability to clearly explain and present information security risks to senior leadership and propose effective mitigation strategies.
• Deep understanding of cyber risk management and compliance with cybersecurity frameworks such as NIST, ISO, CIS, and PCI-DSS.
• Proven expertise in leading and maturing incident response capabilities, conducting thorough forensic investigations, and establishing and overseeing effective Security Operations Centers (SOCs).
• Relevant certifications such as CISSP, CISM, CISA or CCSP are desirable.
• Strong leadership, security analytical, and problem-solving skill.
• Strong communication and collaboration skills in both English and Thai with the ability to work effectively with cross-functional teams.

Skills:

Compliance, ISO 27001

Job type:

Full-time

• Design and implement the bank-wide cybersecurity strategy, ensuring compliance with BOT regulations and industry standards.
• Develop and oversee cyber risk assessment and security frameworks.
• Establish real-time cybersecurity monitoring and incident response mechanisms.
• Oversee penetration testing, vulnerability scanning, and security audits.
• Establish and manage security operations processes, ensuring ongoing protection against cyber threats post-launch.
• Implement fraud detection and transaction monitoring systems to safeguard against financial crimes.
• Continuously enhance cybersecurity frameworks, adapting to emerging threats and regulatory changes.
• 8+ years in cybersecurity, IT security risk management, or banking security operations.
• Proven experience developing and implementing security frameworks for financial institutions, fintechs, or large-scale digital platforms in public cloud. Azure is preferred.
• Strong background in cyber risk management, penetration testing, and incident response planning.
• Experience working with regulatory bodies and compliance teams to ensure cybersecurity alignment with banking regulations.
• Familiarity with financial services security tools, including SIEM, IAM, and fraud detection system.
• Expertise in cybersecurity frameworks (ISO 27001, NIST, PCI DSS, SOC2, CIS Controls).

Skills:

Compliance

Job type:

Full-time

• Develop comprehensive solution designs for new features and integrations.
• Specialize in local system integration (e.g., PromptPay, National ID, local reporting interfaces).
• Apply deep knowledge of Thai financial technology infrastructure and data standards.
• Collaborate with development teams to ensure successful implementation and compliance by design.
• 7+ years as a Solution Architect or senior engineer, with in-depth, proven experience in system integration within the Thai financial services sector.
• Strong technical skills in API design, cloud-native principles, and data integration patterns.

Job type:

Full-time

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• Security Awareness & Training.
• Develop and manage security e-learning programs, newsletters, and knowledge-sharing initiatives to enhance employee awareness.
• Conduct phishing drills and security simulations to assess and improve employee resilience against cyber threats.
• Design specialized training for executives and high-risk users to enhance their understanding of emerging threats and security best practices.
• Implement interactive learning methods such as gamification, security awareness series, real-world security challenges to encourage participation, on-site engagements to reinforce security culture.
• Digital Identity.
• Assist in Identity Governance & Administration (IGA) by supporting policy enforcement, identity lifecycle management, and compliance monitoring.
• Support Access Management by integrating authentication mechanisms such as SSO, MFA, and adaptive access controls into enterprise systems.
• Contribute to Role Management, ensuring structured RBAC/ABAC models and periodic access reviews.
• Help implement Privileged Access Management (PAM) controls, monitoring privileged user sessions, and enforcing security best practices.
• Assist in Identity Integration & Directory Services, ensuring seamless identity synchronization and federation across cloud and on-prem systems.
• Security Innovation.
• Research and evaluate emerging cybersecurity technologies, AI-driven security analytics, and automation tools, conducting PoCs to assess feasibility.
• Explore AI-driven security solutions for threat detection - prevention, and automated security operation to enhance cybersecurity resilience.
• Provide strategic insights to align security innovations with digital transformation, FinTech, and cloud security initiatives across subsidiaries.
• Partner with internal teams, vendors, and industry leaders to benchmark security advancements and drive innovation initiatives..
• Minimum of 5+ years in information security consultancy, with a proven track record in security assessment, identity & access and data security.
• Experience in conduct IAM solutions, including IGA, identity assessment - planning, access management, PAM, and identity integration within enterprise environments.
• Demonstrates a deep understanding of global security frameworks, such as NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as from identity products or equivalent are highly desirable.

Skills:

Continuous Integration, Legal, Procurement

Job type:

Full-time

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• SDLC Security & DevSecOps Integration.
• Develop and implement security frameworks and best practices within the SDLC to minimize vulnerabilities.
• Collaborate with development, operations, and security teams to embed security controls and processes within continuous integration/continuous deployment (CI/CD) pipelines.
• Advise on the integration of automated security testing tools and manual assessments throughout development, staging, and production phases.
• Monitor and evaluate the effectiveness of security controls, adjusting strategies as required.
• Pentester Governance & Annual Panel Selection.
• Oversee and manage the overall pentesting program, including planning, scoping, and executing external and internal penetration tests.
• Develop and enforce governance policies for third-party penetration testing, ensuring compliance with internal and industry standards.
• Lead the annual selection process of the pentester panel by evaluating vendor capabilities, reviewing performance metrics, and coordinating panel evaluations.
• Collaborate with legal, procurement, and compliance teams to negotiate contracts and service level agreements (SLAs) with selected vendors.
• Application Security Testing.
• Define and maintain comprehensive application security testing strategies, including static and dynamic code analysis, vulnerability assessments, and risk management.
• Coordinate regular security assessments, penetration tests, and vulnerability remediation efforts.
• Analyze findings from testing activities and provide actionable recommendations to mitigate risks.
• Work with development teams to ensure security testing is integrated into agile and DevOps methodologies.
• Identity Architecture & Strategy.
• Define and implement enterprise-wide identity governance frameworks, access models, and role designs.
• Develop future-ready IAM architectures to support Zero Trust security, cloud adoption, and business scalability.
• Design identity lifecycle processes such as automated provisioning, de-provisioning, RBAC, and approval workflows.
• Align IAM practices with global standards (NIST, ISO 27001, CIS) and regulatory mandates (PCI-DSS, GDPR, BOT).
• Establish and maintain a comprehensive security governance framework with clear roles, responsibilities, and performance metrics.
• IAM Solution Delivery & Operations.
• Lead the design, deployment, and integration of solutions including SSO, MFA, PAM, and CIAM.
• Oversee directory services and federation platforms such as Active Directory, Azure AD, and cloud identity providers.
• Collaborate with implementation teams and vendors to configure and deploy IAM technologies that ensure security, scalability, and operational excellence.
• Minimum of 12+ years in information security consultancy, with a proven track record in Application security, DevSecOps integration, Vulnerability Management, Penetration testing and Digital Identity.
• Demonstrated expertise in developing and implementing security frameworks and policies that embed secure coding practices and automated security testing within complex, enterprise-level SDLC environments.
• Demonstrates a deep understanding of global security frameworks, including NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as CISSP, CISM, CRISC, OSCP, or equivalent are highly desirable.

Skills:

Risk Management, Compliance

Job type:

Full-time

• Develop, implement, and monitor comprehensive IT policies, standards, and procedures.
• Oversee IT risk management, compliance, and performance reporting.
• Ensure adherence to Agile methodologies and manage IT vendor relationships effectively.
• 8+ years in IT governance, risk, and compliance, preferably in financial services.
• Strong knowledge of Bank of Thailand IT regulations, PDPA, and frameworks like ITIL/COBIT.

Skills:

Automation, English

Job type:

Full-time

• Establish a consistent approach to handle security incidents under committed OLA, SLA, MTTX matrix..
• Effectively and efficiently contain and eradicate cyber threats with all subsidiaries.
• Recover impacted assets from technical and business damage done by cyber threats.
• Develop and distribute security incident reports to all key stakeholders.
• Incorporate root cause and lessons learned into an improvement plan.
• Strengthen processes and maturity of Group security operations.
• Continuous improve security incident operations.
• Security Incident Identification, Triage and Response with MS Sentinel SIEM and SOAR cover 24*7 detection & analysis, containment, eradication & post incident investigation on high, rather high, moderate, rather low and low severity..
• Access to internal or external IR specialists to support in Digital forensics investigations and IR team, Threat hunting using Microsoft Sentinel to proactively identify threats in the environment.
• Gather cyber threat insights on security incidents through governance reporting covering weekly operational reports, monthly tactical reports and quarterly management reports.
• Review use-cases onboarding and continuous optimizations to comprehensively detect threats for all subsidiaries environments.
• Works smooth with SOC operation outsources team under the SCBX Cyber Defense Operating Model..
• Support in helping subsidiaries to containment and resolve security incidents within MTTC SLA.
• Maintained and updated security incident response playbooks and runbooks with all subsidiary s acknowledgement.
• Develop, design and participate in cyber tabletop exercises.
• 5-7 years experienced in cyber security incident response or SOC environments. If you worked in Financial industry will be plus score..
• Strong knowledge of cyber security principles and practices, including vulnerability assessment, incident response, and SOC architecture. If you have Cyber/IR certificates related will be plus score..
• Strong knowledge and skills of security threats, attack countermeasures and threat detection/prevention/mitigation.
• Working experience in SOC (Security Operations Center) with hands-on experience with Automated Analytic Rules and Automation Playbook on MS Sentinel..
• Experience with a variety of cyber security tools such as SIEM, EDR, Firewall, IPS, etc and SOC technologies. Excellent analytical and problem-solving skills.
• Hands-on experience in provisioning and interpreting log and network packet data, cloud environment.
• Ability to work independently and as part of a team.
• Ability to communicate complex technical concepts to both technical and non-technical audiences in both of Thai and English..
• Experienced in multi-vendor management.
• Join our team and contribute to ensuring the best availability and efficiency of our Cyber Defense strategy and Cyber Defense Operating Model.
• Apply today to play a crucial role in safeguarding our organization's security.

Skills:

System Security

Job type:

Full-time

• Monitor and detect security incidents, and develop comprehensive security incident response plans.
• Provide expert consultancy services as a SME (Subject Matter Expert) in Group security operations to support the SOC and Cyber Defense solutions.
• Stay abreast of the latest cyber threats and trends, and define system security requirements.
• to ensure the protection of the organization with end-to-end.
• Manage the seamless integration of subsidiary systems into the overall security operations.
• Configure, maintain, and troubleshoot cyber security components to ensure optimal performance.
• Develop, document, and maintain standard operating procedures and protocols for SOC operations.
• Manage and handle customer change requests on Managed assets in a timely and efficient manner.
• Manage 3rd party vendor relationships for the building and delivery of Cyber Defense solutions.
• CTI: Analyze threat intelligence from the multiple platforms to identify the tactics, techniques, and procedures (TTPs) of threat actors relevant to our industry and organization.
• ASM: Identify and prioritize vulnerabilities, misconfigurations and Shadow IT discovered on the attack surface.
• DRP: Track brand abuse, phishing/fake domains, and fraudulent mobile applications. Manage the takedown request process for malicious contents.
• SCI: Utilize the platform to monitor and assess the security posture of third-party vendors and partners. Analyze supply chain-related data breaches and evaluate their potential impact on the organization.
• Intelligence Reporting and Dissemination: Produce and disseminate intelligence reports tailored to various stakeholders.
• 5-8 years experience in similar Group environments. If you worked in financial industry will be plus score..
• Strong knowledge of cybersecurity principles, practices, security threats, and attack countermeasures.
• Understanding of the Intelligence Cycle and key frameworks such as MITRE ATT&CK, Pyramid of Pain..
• Knowledge of advanced analytical frameworks such as the Diamond Model and the Cyber Kill Chain is highly desirable..
• Experience with a variety of cyber security tools and technologies.
• Experience applying analytical and problem-solving skills, with the ability to connect seemingly disparate pieces of information.
• Strong communication skills, capable of explaining complex technical concepts to both technical and non-technical audiences.
• A proactive, curious, and self-starting mindset.
• Ability to work effectively under pressure, both independently and as part of a team.
• Experience in vendor management is a plus.
• (Highly preferred) Prior hands-on experience with CTI/DRP, ASM, or SCI platforms..
• Join our team as Senior Cyber Defense and contribute to ensuring the availability and efficiency of our Cyber Defense strategy. Apply today to play a crucial role in safeguarding our organization's security..

Skills:

Procurement, Budgeting, Multitasking, English

Job type:

Full-time

• Follow up with internal and external teams to consolidate reports, dashboards, and templates, ensuring accuracy and timeliness..
• Assist in tracking and monitoring project progress and operational updates..
• Support in data compilation and report preparation for management review..
• Work closely with cross-functional teams to ensure alignment and consistency in reporting and follow-ups.
• Administrative & Secretarial Support.
• Provide secretarial duties, including managing correspondence and scheduling appointments. Organize meetings, including venue arrangements, scheduling and summarizing meeting minutes..
• Handle procurement processes, including invoice processing and budgeting. Coordinate with internal teams and external vendors for general service tasks..
• Manage expense tracking and ensure timely approvals and processing..
• If you meet the qualifications below and are ready to take on a dynamic role, we encourage you to apply..
• Bachelor s degree in Business Administration, Management, or a related field.
• At least 5 years experience as secretary, administrator, or coordinator.
• Strong organizational and multitasking skills with high attention to detail.
• Willing to learn new things.
• Good command of English both written.

Skills:

Internal Audit, Risk Management, Contracts, English

Job type:

Full-time

• Provide regulatory advice to business units and other stakeholders with respect to compliance with BOT s regulations.
• Implement and monitor compliance programs covering banking, payments, data protection, and consumer protection.
• Support licensing and regulatory approval processes under BOT s Designated Payment Services.
• Conduct compliance risk assessments and establish internal controls to ensure adherence to regulatory requirements.
• Coordinate with internal audit and risk management to maintain regulatory compliance and operational integrity.
• Monitor regulatory developments in banking and payments, providing proactive advice to management.
• Legal.
• Review, draft, and negotiate contracts, NDAs, service agreements, and regulatory filings related to banking, lending, and payment services.
• Prepare and review Terms and Conditions of the application and products, Privacy Notice and consents.
• Support corporate governance matters where applicable..
• Bachelor s degree in Law (LL.B.); Master s degree or professional certification (LL.M., compliance certification, Thai Bar) is a plus.
• 5-8 years experience in banking, payments, or fintech regulatory compliance and legal work. Experience in a commercial bank, payment service provider, or law firm focusing on financial services is strongly preferred.
• Bank of Thailand (BOT) payment and banking regulations.
• Anti-Money Laundering (AMLO).
• Data Protection (PDPA).
• Consumer protection frameworks.
• Experience handling licensing, regulatory inspections, or filings with regulators.
• Ability to draft and review contracts in both Thai and English.
• Excellent communication skills in Thai and English, both written and verbal.
• Strong analytical skills, with a practical, business-oriented approach to problem-solving.
• Key Competencies.
• Proactive, detail-oriented, and reliable.
• Ability to manage multiple priorities in a fast-paced startup environment.
• Team player with strong collaboration skills, while capable of working independently.
• Ethical mindset with commitment to compliance integrity..
• Why Join Us.
• Be part of the founding team of Thailand s new Virtual Bank under a leading financial group.
• Opportunity to shape compliance and legal frameworks for cutting-edge digital banking and payment solutions.
• Work alongside experienced leaders in financial services and fintech.
• Competitive compensation and career growth opportunities.

Job type:

Full-time

• Develop and implement governance frameworks to align with Central Bank regulations and industry standards on Cloud Technology.
• Provide expertise in cloud engineering, including cloud technical skills and configuration (e.g., AWS, Azure, Google Cloud) to optimize performance, security, and cost-effectiveness.
• Collaborate with internal and external stakeholders to create, apply and maintain governance documentation, such as policies, procedures, guidelines and procedures rela ...
• Serve as a member of the Change Advisory Board (CAB) to review and approve changes to our cloud infrastructure and services.
• Conduct regular assessments and audits to ensure compliance with Central Bank regulations, cybersecurity policies, and risk management practices.
• Utilize ITIL processes to streamline such as service delivery, incident management, continuous improvement initiatives and others.
• Mentor and train internal and external stakeholders on technical governance best practices and emerging technologies..
• Minimum 5-7 years of experience in a technical governance role within a regulated international industry or with exposure to Central Bank regulations.
• Expertise in cloud engineering transformation with proficiency in cloud technical skills and configuration (e.g., AWS, Azure, Google Cloud).
• Good communication, presentation, and inter-personal skills with fluent in Thai and English languages.
• Experience as a member of the Change Advisory Board (CAB) and familiarity with technical change management.
• Knowledge of compliance, cybersecurity, and risk management principles, particularly in a fintech or banking environment.
• Familiarity with ITIL framework and its application in IT service management.
• Willingness to participate in technological innovation, keep learning and improving while working in an interdisciplinary field.
• Punctuality on assignment delivery with accountability.
• Preferred Qualifications.
• Experience in a fintech or banking environmen.
• Proven track record of developing and implementing technical governance frameworks and best practices.
• Ability to implement projects in a hand-on & end-to-end manner.
• Ability to see both big pictures and be detail-oriented at the same time.
• ITIL certificate.

Job type:

Full-time

• Design and develop responsive web applications that meet the client's requirements and specifications.
• Collaborate with frontend developers and platform team to create robust backend services and integration interfaces.
• Write clean, efficient, and maintainable code using java, nodejs, python or similar programming languages.
• Write Unit Tests using JUnit or similar testing library.
• Optimize web applications for maximum speed and performance.
• Implement security best practices to protect against common web vulnerabilities.
• Collaborate with front-end developers to integrate with server-side logic.
• Perform code reviews, debugging, and troubleshooting to ensure the quality of code.
• Stay updated on the latest development trends and technologies..
• Minimum of 2 years experience as a full stack developer.
• Programming Proficiency - Ability to be hands-on coding in modern languages (e.g. Java, Typescript/Javascript) strong familiarity with modern application frameworks (e.g. Spring Boot, Node.js, ReactJS). Frontend components using the ReactJS Framework( Typescript, Redux and JavaScript ES6+).
• Design & Architecture - Practical capabilities in product requirements elicitation, logical architecture design, domain modelling and API design.
• Distributed Application Knowledge - Understanding of distributed application architectures using microservices.
• Project Lifecycle - Experience covering the entire project lifecycle from inception to operations.
• Team Dynamics - Results-driven mindset, strong collaborative interpersonal skills and a positive attitude.
• Cloud & DevOps - Experience with Cloud architecture, preferably Azure, and knowledge of how to implement DevOps and SRE.
• Agile Methodologies - Deep knowledge of agile delivery and frameworks such as SAFE.
• Technology Ecosystem - Familiarity of the cloud product technology ecosystem and integrations on multiple CSPs (e.g. Azure, Huawei, AWS and GCP).
• Professional Experience - Experience in this role in both technology consulting and product organizations.

Skills:

Risk Management, ISO 27001, English

Job type:

Full-time

• Oversee the technology risk management practices of banking and digital asset subsidiaries to ensure they align with the parent company s standards and regulatory requirements.
• Establish a robust governance framework to monitor and control technology risks across all subsidiaries.
• Ensure regular and detailed reporting of technology risk management performance, including key metrics and risk indicators, to senior management and the board of direct ...
• Oversee the reporting of any technology-related incidents or anomalies, ensuring timely communication and resolution.
• Communicate and enforce technology risk management policies and standards across all subsidiaries, ensuring that all relevant stakeholders are aware of and adhere to these guidelines.
• Provide expert advice and support to subsidiaries on technology risk management issues, helping them to implement best practices and mitigate risks effectively.
• If you meet below qualifications and are ready to take on a challenging role, we encourage you to apply..
• Bachelor s degree or higher in Information Technology, Cybersecurity, Risk Management, or a related field.
• Relevant work experience at least 5 years of experience in technology risk management..
• Proficiency in identifying, evaluating, and mitigating technology risks.
• Knowledge of regulatory requirements and best practices in IT governance.
• Familiarity with risk management frameworks and tools, such as NIST, ISO 27001, and COBIT.
• Ability to effectively communicate risk-related information to stakeholders at all levels both Thai and English.
• Commitment to staying updated with the latest trends and developments in technology risk management.