Filter Jobs

Skills:

Budgeting, Statistics

Job type:

Full-time

• Assist CIO in setting up and leading Hattha Bank s IT Governance Framework and Operating Model to ensure good governance and perform continuous monitoring.
• Assist CIO in IT Governance and compliance activities at Hattha Bank.
• The governance areas should include, but not limited to Hattha Bank s IT Budgeting and Expense Monitoring, IT Sourcing and Procurement, Key IT project governance and resource monitoring, IT audit and compliance activities.
• Set up process for ongoing IT risk assessment and ensure corrective actions are performed in a timely manner.
• Identify opportunities to leverage on Krungsri on IT and Digital related activities.
• Enforce Krungsri s IT & Digital s Group Governance Framework in Hattha Bank.
• Regularly monitor and report to Krungsri on Key IT & Digital activities, resource utilization, and compliances.
• Assist CIO to drive Hattha Bank s IT and Digital related activities to accelerate and strengthen KS s international presence.
• Support Hattha Bank in achieving IT and Digital KPI.
• Act as centralized contact point for reporting and attending Krungsri Group IT Governance Committee.
• Able to take on other roles as assigned.
• Provide guidance, support, direction and motivation to team members to help them develop their skills and achieve potential.Collaborating with business leaders and other functions to transform the organization.
• Apply now if you have these advantages.
• Bachelor s degree or higher in Management Information System, Computer Science, Computer Engineering, IT, Mathematics & Statistics Science, or related fields.
• 10 or more years in IT and Digital, Banking and/or financial institution. Worked in governance or managerial IT and Digital Position of a multicultural environment.
• 7 or more years in a management position.
• Have strong knowledge and background in Information Technology and Digital landscape related to financial and banking industry in Thailand and regionally..
• Strong knowledge in regulatory compliance, IT standards, risks, and corporate finance literacy.
• Strong understanding of license compliance and management is a plus.
• Experience in leading and motivating team.
• Strong verbal and written communications to both technical and non-technical audience.
• Willing to relocate.
• Why join Krungsri?.
• As a part of MUFG (Mitsubishi UFJ Financial Group), we a truly a global bank with networks all over the world.
• Unbelievable benefits such as attractive bonuses and many more..
• Apply now before this role is close. **.
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120.
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย (https://krungsri.com/b/privacynoticeth)..

Skills:

Industry trends, Cloud Computing, English

Job type:

Full-time

• Provide consultancy advice to business and project teams to ensure security standards and requirements are considered and implemented.
• Perform deep dive reviews focused on Cybersecurity Risk, Technology Risk, and Emerging Risk.
• Effective management of all technology risk and cybersecurity framework including technology policies and standards based on the Group's risk appetite.
• Closely monitor technology and cyber related KPIs, KRIs, KCIs and drive remediation actions as Group perspective.
• Timely update on all material technology risk and cybersecurity topics including a set of risk indicators to the relevant Group Risk Committees and forums.
• Oversight the result of control testing from subsidiaries to ensure Cybersecurity and technology controls meet internal and external compliance requirements.
• Conduct technology risk assessments: Identify and evaluate potential risks Management with the organization's technology systems, infrastructure, and processes. Assess the adequacy of controls, identify vulnerabilities, and recommend risk mitigation strategies.
• Develop and implement risk management strategies: Collaborate with stakeholders to develop comprehensive risk management strategies that align with business objectives and regulatory requirements. Implement controls and procedures to mitigate identified risks effectively.
• Monitor technology risk exposure: Continuously monitor technology systems, networks, and processes to identify emerging risks, vulnerabilities, and trends. Stay up-to-date with industry developments, emerging technologies, and regulatory changes to proactively address potential risks.
• Perform risk analysis and reporting: Analyze risk assessment findings, internal control evaluations, and audit reports to identify trends, root causes, and areas of improvement. Prepare detailed reports on risk exposure, mitigation strategies, and recommendations for management and relevant stakeholders.
• Collaborate with cross-functional teams: Work closely with IT teams, compliance officers, cybersecurity professionals, and other stakeholders to develop and implement risk management frameworks, policies, and procedures. Provide guidance and recommendations on technology-related risk management activities.
• Conduct technology risk training and awareness programs: Develop and deliver training programs to educate employees on technology risk management best practices, policies, and procedures. Raise awareness about emerging threats and provide guidance on incident response protocols.
• Assist in incident response and recovery: Support the organization in managing technology-related incidents, including data breaches, system failures, and cybersecurity threats. Coordinate response efforts, assist in recovery measures, and contribute to post-incident reviews and lessons learned.
• Stay updated on industry standards and regulations: Keep abreast of industry trends, emerging technologies, and regulatory requirements related to technology risk management. Provide recommendations on incorporating best practices into the organization's risk management framework.
• Minimum of 5 years experience in Technology and Cyber Risk.
• Bachelor s degree or above in related discipline.
• Working experience or familiar in a group public company.
• Understanding of regulatory requirements such as BOT, OIC, and SEC; industry standards such as COBIT, NIST, ISO27001, ITIL, and PCIDSS.
• Experience in one or more emerging technologies such as Artificial Intelligence, Machine Learning, Distributed Ledger Technology, Robotic Process Automation, Cloud computing.
• Excellent communication and relationship building skills; proven ability to influence senior management.
• Good command of written and spoken in English is preferable.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

ISO 27001, Legal, Finance

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.