Job Responsibilities:

• To be a leader in designing and managing an organization’s IT internal control environments to ensure the company complies with applicable law and regulations.
• To monitor the state of IT compliance with regulatory requirements and internal policies that affect the Information Technology Risk management and compliance, and develop a compliance program to address potential gaps
• To serve as liaison to internal auditors, external auditors, Bank of Thailand auditors and other regulators' mandates (i.e., PCI, SEC, ISO27001, etc.) regarding documentation and review of information compliance
• To partner with IT Management to develop and implement appropriate controls to ensure that IT compliance is being effectively maintained
• To oversee generally in issue summary review, the process of issue tracking and closure, and closing meetings in order to maintain a full understanding of emerging IT issues
• To facilitate reporting of IT compliance status for IT Management
• To provide advisory and consultation to IT users on IT regulation and compliance requirements.
• To oversee and steer the IT General Control (ITGC) program regarding SOX Compliance
• To establish and enforce standardized and repeatable enterprise Data Leakage Prevention (DLP) governance and framework including DLP incident response processes
• To maintain Data Leakage Prevention (DLP) system
• To provide the direction and advisory on Information system control monitoring (i.e., monitoring the log over critical operating systems, applications, and databases, reviewing the access control log over restricted IT physical areas, etc.)
• To ensure security controls over critical high privilege management are adequate and functioning as intended within the operating systems, applications, and databases
• Be responsible for Liaise with IT Risk owners to develop risk-based assessments, and establish risk response programs and reporting processes according to Bank’s Risk Management Policy and Framework

Qualification:

• Bachelors or Master of Information Technology, Computer Engineering or related fields.
• At least 10 years of experience in Information Technology in Banking /Financial industries.
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, and SOX Compliance.
• Experience in IT Governance, Risk management, and Compliance (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar is preferred.
• Strong knowledge of Local Regulatory (TH)
• Relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, SOX Compliance, etc.
• Professional Information Security certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
• CMMI/SDLC
• Good written and verbal communication, presentation of both Thai and English skills.
• Strong Leadership, influencing, motivating, and negotiating skills
• Good judgment within broadly defined practices in obtaining desired results, analytical and problem-solving skills
• Demonstrated ability to prioritize and manage multiple tasks simultaneously
• Familiar with Microsoft Office products
• Good English Skill

“Only shortlisted candidates will be contacted.”

Stay connected with KRUNGRI CAREER at:

• FB: Krungsri Career(http://bit.ly/FacebookKrungsriCareer)
• LINE: Krungsri Career (http://bit.ly/LineKrungsriCareer)

Talent Acquisition Department
Bank of Ayudhya Public Company Limited
1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
Contact: Talent Acquisition Center:

Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below

EN: (https://krungsri.com/b/privacynoticeen)

ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง

ภาษาไทย: (https://krungsri.com/b/privacynoticeth)

หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ

Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank.