Filter Jobs

Experience:

3 years required

Skills:

Compliance

Job type:

Full-time

• Develop and implement comprehensive security policies and procedures in compliance with laws and regulations and Shopee regional's security standards.
• Monitor and assess potential security risks, establish preventive measures, and minimize the occurrence of security incidents.
• Coordinate and lead the security team, conducting regular training to build skills and competence of security manpower.
• Maintain a good relationship with local law enforcement agencies to handle potential security incidents and ensure compliance.
• Managing facility and infrastructure support in build up cctv coverage in place ensuring it has managed function as intended including CCTV monitoring.
• Execute security protocol to manage and enforce the compliance of parties involved.
• Summarize monthly KPI and set a monthly meeting with security management team.
• A dequate security manpower is managed during campaign and BAU days.
• To develop body searching standard, frisking process and thief management.
• Guard tour management system.
• Monitor and evaluate the daily, weekly and monthly performance of Security Leaders and Guards to ensure: Perform additional duties as assigned by the reporting manager.
• Requirements:Bachelor's degree or above in Security Management, Occupational health and Safety, or related fields.
• More than 3 years of experience in security management, with a preference for experience in logistics and supply chain/E-commerce business.
• Familiarity with Thai security regulations and International's security management system with strong risk assessment capabilities.
• Qualified TAPA FSR (if applicable) would be advantageous.

Skills:

Risk Management, Kubernetes, Docker

Job type:

Full-time

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

Skills:

Statistics, Industry trends, Meet Deadlines

Job type:

Full-time

• Provides operational leadership team to a team of individuals accountable for service offer management.
• Sets the standard for client satisfaction and assists with the development of client service policies, procedures and standards that will ensure the continued satisfaction of our clients.
• Investigates and solves client problems which have been escalated by the team.
• Assists with the preparation of bids and proposals to clients and remains up to date with deals in the pipeline to ensure a smooth transition from Sales to Delivery.
• Ensures that assigned infrastructure at the client site is configured, installed, tested and operational.
• Investigates all line support calls and identifies the root cause of incidents, events and problems to ensure proactive future management.
• Takes full ownership for managing the escalated incidents, requests, events and/or problems to resolution within the service level conditions.
• Provides continuous feedback to clients and affected parties and updates all systems and/or portals as prescribed by company procedures.
• Follows the required handover procedures for shift changes to ensure service continuity and manages resource allocation to achieve service level agreements.
• Assists with the analysis of statistics and other data to determine the level of client service provided.
• Contributes to and assists with the maintenance of the information technology site plan.
• Assists with the identification of user and employee training requirements.
• To thrive in this role, you need to have: Seasoned knowledge of technical services, IT service management, and related technologies.
• Ability to stay up to date with industry trends, emerging technologies, and best practices.
• Seasoned knowledge of technical services concepts, IT service management (ITSM) practices, and industry best practices.
• Seasoned understanding of various information technology domains, including infrastructure, cloud services, cybersecurity, application management, networks, data center and collaboration.
• Good client-facing and communication skills, with the ability to build and maintain strong client relationships.
• Developing management qualities, including the ability to learn the skills to inspire and mentor a team.
• Displays the ability to facilitate presentation of technical and complex matters to a diverse audience.
• Ability to analyze data and produce reports on issues and recommend resolutions.
• Ability to multi-task, set priorities and meet deadlines.
• Seasoned knowledge of ITIL (Information Technology Infrastructure Library) practices is desirable.
• Ability to work collaboratively with cross-functional teams and stakeholders.
• Academic qualifications and certifications: Bachelor's degree or equivalent in Business or Information Technology or related field.
• Master s degree or equivalent in Information Technology or Business Administration preferred.
• ITIL certification is desirable.
• Relevant technical certifications as required.
• Required experience: Solid experience in similar role within a related global technology environment.
• Moderate level of experience operationally managing a technical team.
• Solid experience dealing with clients and managing service levels.
• Solid stakeholder engagement experience at all levels in the organization.
• Hybrid Working About NTT DATA
• NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
• Third parties fraudulently posing as NTT DATA recruiters.
• NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters whether in writing or by phone in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.

Skills:

Compliance

Job type:

Full-time

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance.
• Who are we looking for?.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Able to work in shift.
• Location: Head Office: Chatuchak, SJ Infinite One Business Complex

Experience:

5 years required

Skills:

ISO 27001, Legal, Finance

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Skills:

ISO 27001

Job type:

Full-time

• Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems.
• Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies.
• Prepares and maintains documentation, including security assessment reports, findings, and recommendations.
• Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies.
• Learns and uses various security tools and technologies for assessments and monitoring.
• Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements.
• Communicates effectively with clients to understand their security needs and concerns.
• Participates in training programs and certifications to develop expertise in cybersecurity.
• To thrive in this role, you need to have: Strong interest in cybersecurity and a desire to learn and grow in the field.
• Knowledge of basic cybersecurity concepts, principles, and best practices.
• Familiarity with common security tools and technologies is a plus.
• Excellent analytical and problem-solving skills.
• Effective communication skills, both written and verbal.
• Ability to work collaboratively in a team environment.
• Eagerness to stay up to date with the evolving cybersecurity landscape.
• Academic qualifications and certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field.
• Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential.
• Required experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment.
• Moderate level of experience with security architecture design principles.
• Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others.
• Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
• Third parties fraudulently posing as NTT DATA recruiters.
• NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters whether in writing or by phone in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.