Filter Jobs

Skills:

Compliance, Risk Management, ISO 27001, English

Job type:

Full-time

• To be a leader in designing and managing an organization s IT internal control environments to ensure the company complies with applicable law and regulations.
• To monitor the state of IT compliance with regulatory requirements and internal policies that affect the Information Technology Risk management and compliance, and develop a compliance program to address potential gaps.
• To serve as liaison to internal auditors, external auditors, Bank of Thailand auditors and other regulators' mandates (i.e., PCI, SEC, ISO27001, etc.) regarding documen ...
• To partner with IT Management to develop and implement appropriate controls to ensure that IT compliance is being effectively maintained.
• To oversee generally in issue summary review, the process of issue tracking and closure, and closing meetings in order to maintain a full understanding of emerging IT issues.
• To facilitate reporting of IT compliance status for IT Management.
• To provide advisory and consultation to IT users on IT regulation and compliance requirements.
• To oversee and steer the IT General Control (ITGC) program regarding SOX Compliance.
• To establish and enforce standardized and repeatable enterprise Data Leakage Prevention (DLP) governance and framework including DLP incident response processes.
• To maintain Data Leakage Prevention (DLP) system.
• To provide the direction and advisory on Information system control monitoring (i.e., monitoring the log over critical operating systems, applications, and databases, reviewing the access control log over restricted IT physical areas, etc.).
• To ensure security controls over critical high privilege management are adequate and functioning as intended within the operating systems, applications, and databases.
• Be responsible for Liaise with IT Risk owners to develop risk-based assessments, and establish risk response programs and reporting processes according to Bank s Risk Management Policy and Framework.
• Bachelors or Master of Information Technology, Computer Engineering or related fields.
• At least 10 years of experience in Information Technology in Banking /Financial industries.
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, and SOX Compliance.
• Experience in IT Governance, Risk management, and Compliance (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar is preferred.
• Strong knowledge of Local Regulatory (TH).
• Relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, SOX Compliance, etc.
• Professional Information Security certifications such as CISSP, CISA, CISM, CRISC, ISO 27001.
• CMMI/SDLC.
• Good written and verbal communication, presentation of both Thai and English skills.
• Strong Leadership, influencing, motivating, and negotiating skills.
• Good judgment within broadly defined practices in obtaining desired results, analytical and problem-solving skills.
• Demonstrated ability to prioritize and manage multiple tasks simultaneously.
• Familiar with Microsoft Office products.
• Good English Skill.
• Only shortlisted candidates will be contacted.
• FB: Krungsri Career(http://bit.ly/FacebookKrungsriCareer).
• LINE: Krungsri Career (http://bit.ly/LineKrungsriCareer).
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
• Contact: Talent Acquisition Center:.
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN: (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย: (https://krungsri.com/b/privacynoticeth).
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..

Skills:

Negotiation

Job type:

Full-time

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

Skills:

ISO 27001, Compliance, Assurance, English

Job type:

Full-time

• Develop and support internal audit strategies within the cybersecurity domain, which involves protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
• Implement work standards to achieve desired outcomes and report findings to top management as a Cyber Security Auditor.
• Identify potential cybersecurity risks and persuade organizational stakeholders to adopt comprehensive, actionable recommendations.
• Act as a liaison with internal auditors, external auditors, Bank of Thailand auditors, Electronic Transactions Development Agency auditors, and other regulatory bodies (e.g., ISO 27001, PCI DSS, etc.) to ensure documentation and information compliance.
• Provide assurance and advisory services to ensure that IT Management plans, organizes, and directs appropriate IT governance, risk management, and control processes.
• Liaise with IT risk owners to develop risk-based assessments and establish risk response programs and reporting processes according to the Risk Management Policy and Framework.
• Bachelor's or master s degree in Computer Engineering, Computer Science, Information Technology, or related fields..
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, and ITIL.
• Experience in IT Governance, Risk Management, and Control Processes (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar roles is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), and CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Technical expertise in cybersecurity auditing.
• Proficiency in English.
• At least 3 years of experience in information security management, information risk management, IT audit management, ICT security, cloud security, or related fields.

Skills:

Compliance, Risk Management, ISO 27001

Job type:

Full-time

• Develop and implement security governance frameworks, policies, and standards.
• Conduct audits and risk assessments to ensure compliance with governance requirements.
• Monitor and report on security governance metrics and KPIs.
• Provide guidance on security governance best practices to internal stakeholders.
• Coordinate with external auditors and regulatory bodies as needed.
• Develop and deliver security governance training programs.
• Investigate and resolve governance-related issues and incidents.
• Assess and recommend security governance tools and technologies.
• Bachelor s degree in Information Technology, Cybersecurity, or a related field.
• Experience: 2-4 years in security governance, risk management, or compliance roles.
• Experience in developing and maintaining security policies and procedures.
• Ability to identify, report, and mitigate security risks.
• Familiarity with ISO 27001, ISO 27701, and SOC 2 frameworks.
• Experience in conducting governance awareness sessions.
• Strong communication, prioritization, and interpersonal abilities.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date.
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Skills:

Compliance, Legal, English

Job type:

Full-time

• Driving PSMS (physical security management system) at local level within the framework of C/AUP governance (incl. Site Security Concept process & consulting of local management).
• Monitoring of adequate implementation of local risk mitigation measures (incl. security services delivered by GR/SES).
• Conducting security investigations at local level & support internal investigations (Compliance) on request.
• Implementing security awareness promotion activities along with other security stakeholders at site (e.g. DSO, GR).
• At Regional Level.
• Implementation/monitoring of the C/AUP regulatory framework in the region based on legal conditions.
• Serve as the primary contact point for physical security governance requirements for responsible region.
• Driving the regional int./ext. security network. Raise PSMS awareness among regional managers and employees.
• Support the continuous improvement process and share best practices within the worldwide security organization.
• Qualifications Bachelor s degree in related fields.
• 5-8 years' experience in an industrial/manufacturing company security or facilities experience are preferred.
• Excellent communication and presentation skills; demonstrated ability to interact with all levels of management with excellent analytical skills.
• Work independently and control own work priorities.
• Highly knowledgeable in all aspects of risk analysis.
• General knowledge of systems capability for security systems.
• Basic knowledge of investigation techniques and methods.
• A good understanding of risk and security issues facing office organization in Thailand.
• Good spoken and written English and Thai.
• Able to travel to Rayong province for work assignments as required.
• Additional InformationBy choice, we are committed to a diverse workforce and are an equal opportunity employer. Robert Bosch welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in the selection process.

Skills:

Finance, Risk Management, DevOps

Job type:

Full-time

• Manage day-to-day activities of a team of Security Architect Engineers.
• Design and implementation of advanced security architectures for applications, networks, and systems.
• Conducted comprehensive risk assessments and developed mitigation strategies.
• Design and implement security monitoring and incident response solutions.
• Stay abreast of emerging threats and vulnerabilities in the finance and crypto industry.
• Collaborate with cross-functional teams to ensure secure development practices.
• Mentor and guide junior security engineers.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
• At least 2 years of experience in a security engineering role.
• Solid knowledge of security principles, cryptography, secure coding, threat modeling, and risk management.
• Familiarity with cloud security practices and secure DevOps methodologies.
• Demonstrates strong problem-solving, analytical, and critical thinking skills.
• Effective communication prioritization and collaboration abilities; work well in cross-functional teams.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date.
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.
• Don't forget to 'Like' and 'Follow' our social media channels so you won't miss any news from us. Click.

Job type:

Full-time

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.

Experience:

2 years required

Skills:

Network Infrastructure, Network Administration, CompTIA Security+, System Security, English

Job type:

Full-time

• Design & Deployment: Architect and deploy on-premises infrastructure solutions, including servers, storage, and networking equipment.
• Maintenance & Support: Perform regular maintenance and troubleshooting of all infrastructure components, ensuring timely updates and patches.
• Monitoring & Troubleshooting: Continuously monitor system performance, diagnosing and resolving hardware, software, or network-related issues.
• Virtualization: Manage visualized environments, such as VMware or Hyper-V, optimizing server workloads and system resources.
• Backup & Recovery: Implement and maintain backup solutions and disaster recovery plans to safeguard critical business data and ensure continuity.
• Security & Compliance: Apply industry-standard security measures to protect infrastructure, ensuring compliance with relevant regulations and policies.
• Documentation: Develop and maintain comprehensive documentation of infrastructure configurations, procedures, and troubleshooting guidelines.
• Collaboration: Work closely with cross-functional teams to align IT infrastructure with business requirements, providing necessary technical support.
• Bachelor s degree in Computer Science, Information Technology, or a related field (or equivalent experience).
• 4 years of hands-on experience managing on-premises IT infrastructure, including servers, storage, networking, and virtualization.
• Expertise in Windows/Linux operating systems and experience with virtualization platforms like VMware or Hyper-V.
• Strong knowledge of networking technologies, such as TCP/IP, DNS, DHCP, and VPNs.
• Experience with backup, storage, and disaster recovery solutions.
• Strong analytical and troubleshooting skills for diagnosing complex technical issues.
• Good communication skills and ability to work effectively in a team environment.
• Experience in vulnerability management is a strong advantage.
• CompTIA Server+ or A+.
• VMware Certified Professional (VCP).
• Microsoft Certified: Windows Server Administrator.
• Cisco Certified Network Associate (CCNA).

Skills:

Compliance, Risk Management

Job type:

Full-time

• Governance & Compliance - Lead audit processes, including interviews, assessments, compliance validation, and implementation support to ensure security standards are met..
• Process Improvement - Continuously enhance audit procedures, policy frameworks, and access management to improve efficiency and alignment with security principles..
• Operations & Monitoring - Validate internal security requests, oversee monitoring systems, and take necessary actions to maintain compliance..
• Security Initiatives & Risk Management - Manage security projects related to LSS accounts, multi-factor authentication (MFA), access cleanup, and sensitive permissions oversight..
• Audit Support & Compliance Reporting - Provide timely and accurate responses to external auditor queries, ensuring proper evidence and documentation..
• Ad Hoc & High-Priority Projects - Own and drive urgent security-related projects that arise unexpectedly or require fast turnaround..
• Identity & Access Management (IAM) - Design and manage Mover and Leaver processes, including recertification campaigns to maintain identity security..
• ACO Compliance Oversight - Ensure accounts for Amadeus Commercial Organization (ACO) staff adhere to security principles and PCI standards..
• Policy & Process Optimization - Identify and propose enhancements to audit frameworks, approval management processes, and compliance mechanisms..
• About the Ideal Candidate.
• Proven experience in LSS, Identity and Access Management (IAM), and Cybersecurity principles..
• Ability to assess security risks, analyze fraud cases, and recommend corrective actions.
• Experience managing multiple security projects and collaborating with teams in a dynamic environment.
• Understanding of regulatory compliance and security standards, including PCI-DSS, SOC1, GDPR, and Amadeus Corporate Standards, is essential for ensuring alignment with global security frameworks and best practices..
• Effective communication skills for facilitating discussions, composing global security updates, and explaining complex concepts clearly.
• What we can offer you ?.
• A critical mission and purpose - At Amadeus, you will be powering the future of travel and pursuing a critical mission and extraordinary purpose.
• A truly global DNA - Everything at Amadeus is global, from our people to our business, which translates into our footprint, processes, and culture.
• Great opportunities to learn - Learning happens all the time and in many ways at Amadeus, through on-the-job training, formal learning activities, and day-to-day interactions with colleagues.
• A caring environment - Amadeus fosters a caring environment, nurturing both a fulfilling career and personal and family life. We care about our employees and strive to provide a supportive work environment.
• A complete rewards offer - Amadeus provides attractive remuneration packages, covering all essential components of a competitive reward offer, including salary, bonus, equity, and benefits.
• A flexible working model - We want our employees to do their best work, wherever and however it works best for them.
• A diverse and inclusive community - We are committed to leveraging our uniquely diverse population to drive innovation, creativity, and collaboration across our organization.
• A Reliable Company - Trust and reliability are fundamental values that drive our actions and shape long-lasting relationships with our customers, partners, and employees.
• Diversity & Inclusion.
• Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.
• Amadeus is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation, age, beliefs, disability or any other characteristics protected by law.

Experience:

5 years required

Skills:

Research, ISO 27001, Enthusiastic, English

Job type:

Full-time

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Experience:

3 years required

Skills:

Compliance, Legal, Risk Management

Job type:

Full-time

• Develop data security policy review, data security policy exceptions, and control risk mitigation processes.
• Define the security controls for access management lifecycle (i.e., requirement for creation, deletion, transfer and review).
• Operate:Advice on technology relating to Data Privacy and Protection (i.e., PDPA) related security controls implementation.
• Drive and support data security controls such as Data Loss Prevention (DLP), Data Masking, Data Encryption capabilities to protect sensitive data.
• Drive compliance (or collaborate with compliance team) to organization security policies, standards, metrics, and legal requirements.
• Communicate and enforce security policies, rules, and standards.
• Conduct impact assessment of data initiatives from a security point of view.
• Ensure the cryptographic keys and related components are safety and protection of confidential information.
• Resolve data security audit and risk findings.
• Review and develop security controls to current access controls policies and procedures.
• Provide requirements for create and manage roles, access rights (includes privileged access), authentication and identity within the environment.
• Conduct periodic review of user access.
• Review, approve and monitor the usage of privileged access.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Work experience in privacy, compliance, information security, auditing or a related field may also be an accepted alternative, according to Cybersecurity.
• Minimum 3 years of experience in and strong knowledge of privacy, data, operational risk management, information security, or related areas in IT.
• OTHER REQUIREMENTS.

Job type:

Full-time

• Designing, implementing, and maintaining identity and access management (IAM) infrastructure, ensuring the security and integrity of systems and data. Work closely with other IT teams, security teams, and business stakeholders to ensure IAM solutions meet organizational needs. Ensure that IAM solutions comply with company s policy, relevant regulations and industry standards..
• Role & Responsibility.
• Design, implement, and maintain IAM solutions, including directory services, single ...
• Develop and enforce IAM policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
• Automate IAM processes using scripting and programming languages (e.g., PowerShell, Python).
• Integrate IAM systems with various applications and platforms, both on-premises and in the cloud.
• Troubleshoot IAM-related issues, providing support to end-users and other IT teams.
• Monitor IAM systems for performance, availability, and security issues, proactively identifying and resolving problems.
• Participate in security audits and compliance assessments, providing information and evidence related to IAM controls.
• Research and evaluate new IAM technologies and trends, recommending and implementing improvements to our IAM infrastructure.
• Collaborate with other IT teams, security teams, and business stakeholders to ensure IAM solutions meet organizational needs..
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3 to 5+ years of experience in IAM related, with a proven track record of designing, implementing, and managing complex IAM solutions.
• Deep understanding of IAM concepts, including authentication, authorization, access control, identity lifecycle management, and privileged access management.
• Strong experience with directory services (e.g., Active Directory, Azure EntraID, LDAP), SSO, MFA, PAM, and identity governance tools.
• Experience with cloud platforms (AWS, Azure, or GCP) and cloud IAM solutions.
• Knowledge of security protocols (e.g., SAML, OAuth, OpenID Connect).
• Proficiency in scripting and programming languages (e.g., PowerShell, Python).
• Excellent troubleshooting and problem-solving skills.
• Strong communication and collaboration skills.
• An ability to work under pressure.
• Good command of English.
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) and such certifications related will be advantage.

Experience:

1 year required

Skills:

DevOps, Automation, Electrical Engineering

Job type:

Full-time

• Equipped with security knowledge and done related projects in technical IT domains such as operating systems, networks, databases, cloud or solution development etc.
• Possess knowledge in assessing solution architectures at the planning and design level for security issues and vulnerabilities.
• Experience in practical security vulnerability remediation.
• Information Security domains - in particular one or more of the following: Cyber Program Management, Cyber Threat Management, Identity & Access Management, Data Protection, Privacy, Organisational Resilience. This experience should include both advisory, implementation and operation experience.
• Strong technical security skills in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps).
• Implementation skill set for identity and access management platforms, security information and event management platforms, security automation and orchestration platforms, advance threat detection systems, endpoint protection systems, data leak prevention systems or network security devices.
• To qualify for the role you must have.
• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
• Experience with a leading Security technology like Microsoft Security, Crowdstrike, Splunk and others would be a strong advantage.
• Creative, independent with good problem solving skills.
• Excellent communicator with strong analytical, interpersonal and writing skills.
• Candidates with minimum 10-15 years of relevant experience, including managing a team, will be considered for a Leadership role.
• Ideally, you ll also have.
• Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL).
• Solution Level Certifications, OSCP, CREST, GIAC would be advantageous, as well as penetration testing experience.
• Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.
• What we offer.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Skills:

Research, System Administration, Android

Job type:

Full-time

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Skills:

Compliance, ISO 27001

Job type:

Full-time

• Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems.
• Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies.
• Prepares and maintains documentation, including security assessment reports, findings, and recommendations.
• Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies.
• Learns and uses various security tools and technologies for assessments and monitoring.
• Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements.
• Communicates effectively with clients to understand their security needs and concerns.
• Participates in training programs and certifications to develop expertise in cybersecurity.
• Strong interest in cybersecurity and a desire to learn and grow in the field.
• Knowledge of basic cybersecurity concepts, principles, and best practices.
• Familiarity with common security tools and technologies is a plus.
• Excellent analytical and problem-solving skills.
• Effective communication skills, both written and verbal.
• Ability to work collaboratively in a team environment.
• Eagerness to stay up to date with the evolving cybersecurity landscape.
• Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field.
• Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential.
• Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment.
• Moderate level of experience with security architecture design principles.
• Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others.
• Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Skills:

Sales, ISO 27001, Negotiation

Job type:

Full-time

• Owns and drives pipeline to achieve allocated security budget numbers.
• Drives positive brand recognition on security business in-country and in-region.
• Maintains subject matter expertise in the Security technology domain or solutions set.
• Supports the closure of sales based on Security technology domain knowledge.
• Addresses the technology conceptual challenges during the sales process.
• Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients.
• Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market.
• Contributes to the knowledge base of the company's solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams.
• Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set.
• Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy.
• Prepares and conducts client workshops and presentations.
• Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets.
• Uses understanding of the client s business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the client s need.
• Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure.
• Pursues and lands qualified leads identified by the client managers and other lead generation sources.
• Develops and maintains clear account plans for appropriate clients and targets.
• Discovers, forecasts, and runs opportunities in the medium and long-term.
• Identifies, assesses and highlights client risks that could prove detrimental to the client s organization and credibility.
• Collaboratively work with sales teams, especially Client Managers, to successfully close the deal.
• Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth.
• Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process.
• Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders.
• Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure.
• Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers.
• Displays success in achieving and exceeding sales and financial goals.
• Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level.
• Displays ability to delivery engaging sales presentations and elevator pitches.
• Close attention to maintaining up to date, accurate sales forecast and close plans.
• Advanced proficiency in team selling approach.
• Advanced knowledge of competitors and ability to apply competing successful sales strategies.
• Client-centric approach, with ability to understand customer problems and find best-fit solutions.
• Flexible to adapt quickly to short, new missions or urgent deadlines.
• Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall.
• Bachelor's degree or equivalent in a Technical or Sales field or related is preferred.
• Certified in industry relevant structured sales methodologies and negotiation skills.
• Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF.
• Advanced sales experience in a technology or services environment, particularly selling Security solutions.
• Advanced experience of IT Managed Services environment.
• Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement.
• Advanced experience in selling complex security solutions and services to C-Level clients.
• Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives.
• Hybrid Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Skills:

ETL, Java, Python

Job type:

Full-time

• Owns larger portions of an installation, break/fix incidents at a low to medium level of complexity during project lifecycle.
• Takes responsibility for problem resolution and troubleshooting during project lifecycle.
• Escalates complex problems to the relevant third parties.
• Assists with the documentation of standard operating procedures relating to installations and fixes during ops handover.
• Compiles and maintains project administration (Time Capture and feedback to stakeholders).
• Conducts elementary presentations within the customer's organization.
• Expected to take leadership from senior resources on relevant technologies according to specialization and best practice.
• Performs any other related task as required.
• Developing fundamental project and administration ability.
• Developing understanding and appreciation of technical design principles and compute layers.
• Ability to develop an understanding of fundamental project and administration processes.
• Display a strong learning orientation.
• Good verbal communication skills.
• Demonstrate a client service orientation.
• Hands-on proactive in approach.
• Knowledge on security concepts and application of those concepts.
• Ability in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools.
• Developing knowledge on log collection mechanism such as Syslog, Log file, DB API.
• Developing knowledge in security architecture.
• Developing knowledge on log collection mechanism such as Syslog, Log file, DB API.
• Developing knowledge in security architecture.
• Developing knowledge in ETL concepts, data processing at scale and data stream pipelines through Terraform.
• Ability in cloud services on at least one of the following providers: AWS, Azure, GCP.
• Developing knowledge web service protocols and frameworks for high-availability, low-latency, resiliency, and auto-scaling.
• Developing understanding any of the following - Java, Python, TypeScript, JavaScript, R,.NET, PowerShell.
• Developing knowledge in serverless development.
• Analytical skills and ability to communicate effectively.
• Ability to solve problems in innovative ways while adhering to industry standards and practices.
• Developing understanding practices on securing data and systems by applying appropriate authentication and authorization controls.
• Developing understanding of Event Driven Development and asynchronous operations.
• Developing understanding project fundamentals which are demonstrated in the execution of installations and other assignments.
• Developing knowledge of security technologies and understanding of managed services concepts.
• Bachelor's degree or equivalent in Information Technology or Computing or a related field.
• Vendor certification is mandatory.
• Azure Certified Security Engineer / PCNSA / FCA / CCNA Security.
• Cloud Security certifications and certifications like AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCDP /CCNP Security, JNCIA, ACCA, PCNSE, PCNSA, FCP, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Administrator Associate, will be an advantage.
• Certifications relevant to the services provided (certifications carry additional weightage on a candidate s qualification for the role) Terraform, Azure, Sentinel, EDR Defender for Cloud, Microsoft Security, Devops Ci/CD Pipelins, Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance), Version Control (Git), Microservices (Kubernetes, Azure Containers), Azure / AWS/ GCP Infrastructure (IaaS, PaaS, SaaS), Azure Infrastructure as Code, Azure Administration, Hybrid Cloud, Networking (Firewalls, LAN, VPN), Automation, MS Office365, Power BI Administration, Scripting (PowerShell), ZTNA.
• Moderate level experience in SOC Analysis Operations.
• Moderate level experience in SIEM usage for Moderate level experience in Azure or AWS or GCP.
• Moderate level experience in Security technologies like Firewall, IPS, IDS, Proxy etc.
• Moderate level experience in technical support to clients.
• Moderate level experience in handling security incidents end to end.
• Moderate level experience in Security Analysis or Engineering.
• Moderate level experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Skills:

Sales, ISO 27001, Negotiation

Job type:

Full-time

• Owns and drives pipeline to achieve allocated security budget numbers.
• Drives positive brand recognition on security business in-country and in-region.
• Maintains subject matter expertise in the Security technology domain or solutions set.
• Supports the closure of sales based on Security technology domain knowledge.
• Addresses the technology conceptual challenges during the sales process.
• Maintains a high level of relevant product and service knowledge to have meaningful conversations with potential and existing clients.
• Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market.
• Contributes to the knowledge base of the company's solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams.
• Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set.
• Interacts and engages with clients to uncover and understand client business goals.
• Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy.
• Prepares and conducts client workshops and presentations.
• Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets.
• Uses understanding of the client s business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the client s need.
• Be able to spot new sales opportunities within an account and work with the sales teams to drive them to closure.
• Pursues and lands qualified leads identified by the client managers and other lead generation sources.
• Develops and maintains clear account plans for appropriate clients and targets.
• Discovers, forecasts, and runs opportunities in the medium and long-term.
• Identifies, assesses and highlights client risks that could prove detrimental to the client s organization and credibility.
• Collaboratively works with sales teams, especially Client Managers, to successfully close the deal.
• Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth.
• Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process.
• Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders.
• Seasoned understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure.
• Seasoned understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers.
• Displays success in achieving and exceeding sales and financial goals.
• Seasoned proficiency in developing and encouraging meaningful customer relationships up to C-level.
• Displays ability to delivery engaging sales presentations and elevator pitches.
• Close attention to maintaining up to date, accurate sales forecast and close plans.
• Seasoned proficiency in team selling approach.
• Seasoned knowledge of competitors and ability to apply competing successful sales strategies.
• Client-centric approach, with ability to understand customer problems and find best-fit solutions.
• Flexible to adapt quickly to short, new missions or urgent deadlines.
• Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall.
• Bachelor's degree or equivalent in a Technical or Sales field or related is preferred.
• Certified in industry relevant structured sales methodologies and negotiation skills.
• Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF.
• Seasoned sales experience in a technology or services environment, particularly selling Security solutions.
• Seasoned understanding of IT Managed Services environment.
• Seasoned experience of solution-based selling with a proven track record of sales over-achievement.
• Seasoned experience in selling complex securitysolutions and services to C-Level clients.
• Experience in resolving a wide range of issues in creative ways to meet targets and objectives.
• Seasoned experience in networking with senior internal and external people in the specialist area of expertise.
• Hybrid Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.