Position : Security Architecture and Security Advisory
Krungthai Bank PCL.

Defines and enhances information security architecture, provide security advisory, ensuring consistent and effective security administration procedures and processes.

Responsibilities

1. Design a secure IT security architecture, including network segmentation and security solutions.
2. Integrate security architecture into the organization's infrastructure.
3. Serving as an internal information security consultant on the security architecture to the organization.
4. Monitoring industry security updates, technologies and best practices to improve security management.
5. Ensure a security architecture and design for creating secure networks, applications and infrastructure.
6. Recommend security solutions that will resolve security issues on a timely basis to enhance security.
7. Advise business units and the technology group (Delivery team) on how to comply with IT security policies, standards, guidelines, and best practices.
8. Provide guidance on new or modified application solutions and infrastructure design (Cybersecurity area).
9. Act as a key technical resource for the architecture team regarding security matters related to DevSecOps and secure development practices.
10. Be a cybersecurity expert by staying updated on trends, technologies for vulnerabilities, exploits, and threats related to information security.
11. Collaborate with other information security teams to assist IT teams in delivering secure infrastructure solutions with security recommendations, ensuring key security controls are working as intended.
12. Review source code and Static Application Security Testing (SAST) reports to comply with security standards.

Qualifications

• Bachelor's/Master's degree in Computer Science, Computer Engineering, or a related IT field.
• Strong skills in security advisory, analysis, and problem-solving.
• Solid understanding of application security, security protocols, cryptography, authentication, authorization, multi-factor authentication, single sign-on, identity management, or related technologies.
• Knowledge of cloud security technology and the ability to set frameworks to guide the design of cloud security.
• Good working knowledge of current IT risks and experience implementing security solutions.
• Development experience (2+ years) is a plus.
• Experience in penetration testing (1+ years) is a plus.
• Experience in IT auditing or global standards (e.g., PCI-DSS, NIST, ISO) is a plus.
• Knowledge of new banking technologies and associated security controls is a plus.
• Relevant security certifications are a plus, e.g., Sec+, CEH, OSCP, CISSP, CISM, Cloud Certified.
• Rapid learning capability and the ability to work under pressure.

• Good command of English.
  

You have read and reviewed Krung Thai Bank Public Company Limited's Privacy Policy at https://krungthai.com/th/content/privacy-policy. The Bank does not intend or require the processing of any sensitive personal data, including information related to religion and/or blood type, which may appear on copy of your identification card. Therefore, please refrain from uploading any documents, including copy(ies) of your identification card, or providing sensitive personal data or any other information that is unrelated or unnecessary for the purpose of applying for a position on the website. Additionally, please ensure that you have removed any sensitive personal data (if any) from your resume and other documents before uploading them to the website.

The Bank is required to collect your criminal record information to assess employment eligibility, verify qualifications, or evaluate suitability for certain positions. Your consent to the collection, use, or disclosure of your criminal record information is necessary for entering into an agreement and being considered for the aforementioned purposes. If you do not consent to the collection, use, or disclosure of your criminal record information, or if you later withdraw such consent, the Bank may be unable to proceed with the stated purposes, potentially resulting in the loss of your employment opportunity with