Filter Jobs

Experience:

5 years required

Skills:

DevOps, Automation, Compliance

Job type:

Full-time

• Fulfill tasks of cybersecurity vulnerability management program, i.e. cyberthreat intelligence analysis, cybersecurity assessment, vulnerability profiling, vulnerability compensation and vulnerability remediation tracking.
• A dedicated DevSecOps or security engineering team is responsible for embedding security practices into the DevOps pipeline. They build and maintain the security tools and automation required for integrating security checks into the development process.
• Implement security tools in CI/CD pipelines (e.g., code scanning, vulnerability assessments).
• Automate security testing, monitoring, and compliance checks.
• Collaborate with development and operations teams to ensure security is applied at every stage.
• Designing, supervising, and validating holistic Banking application/infrastructure security architecture, to ensure that they are aligned with cybersecurity strategy, security requirement principle and generally cybersecurity best practices (through threat modelling or similar methods).
• Designing and Implementing CI/CD (DevSecOps) Technology integration through own teams and virtual team (with the members of Digital Technology Security team) to always tighten security architecture fabrics, and to support cybersecurity transformation, lean and automation process.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in security advisory, security architecture, CI/CD security, Vulnerability Assessment, Penetration test or a related field.
• Good communication skills, with the ability to communicate complex security issues.
• Strong Knowledge in new Banking Technology and associated security controls.
• Knowledge of security best practices in software development.
• Knowledge of SDLC framework.
• Familiarity with CI/CD tools & DevOps tools.
• Experience with Code/Library/Image scanning tools (Dynamic/Static Code Scan).
• Expertise in cloud security (AWS, Azure, GCP, HWC).
• Experience with cloud security and compliance tools (CSPM).
• Knowledge of Securing Cloud Environments to ensure that security practices are tailored for cloud-native and hybrid environments, including container security, infrastructure as code, and microservices security.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Skills:

Finance, Risk Management, DevOps

Job type:

Full-time

• Manage day-to-day activities of a team of Security Architect Engineers.
• Design and implementation of advanced security architectures for applications, networks, and systems.
• Conducted comprehensive risk assessments and developed mitigation strategies.
• Design and implement security monitoring and incident response solutions.
• Stay abreast of emerging threats and vulnerabilities in the finance and crypto industry.
• Collaborate with cross-functional teams to ensure secure development practices.
• Mentor and guide junior security engineers.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
• At least 2 years of experience in a security engineering role.
• Solid knowledge of security principles, cryptography, secure coding, threat modeling, and risk management.
• Familiarity with cloud security practices and secure DevOps methodologies.
• Demonstrates strong problem-solving, analytical, and critical thinking skills.
• Effective communication prioritization and collaboration abilities; work well in cross-functional teams.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*..
• Don't forget to 'Like' and 'Follow' our social media channels so you won't miss any news from us. Click.

Skills:

ISO 27001, Python, PowerShell

Job type:

Full-time

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

Skills:

Negotiation

Job type:

Full-time

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

Skills:

ISO 27001

Job type:

Full-time

• Protect the organization's computer networks and systems against a range of cyber threats, such as hacking attempts, data breaches, and different types of cyber attacks. The
• responsibilities of this role include creating, deploying, and overseeing security strategies and technologies to defend the organization IT security.
• Lead the strategic direction, development, and implementation of cybersecurity solutions and practices to protect the organization from sophisticated cyber threats and ...
• Serve as the foremost cybersecurity expert within the organization, providing deep technical expertise and leadership in the design, evaluation, and optimization of complex security architectures.
• Develop comprehensive cybersecurity frameworks that align with industry best practices and regulatory standards, ensuring the organization's resilience against cyber attacks.
• Conduct sophisticated risk assessments and threat modeling exercises to identify potential security gaps and develop advanced strategies for mitigation and prevention.
• Lead the incident response and crisis management efforts for high-impact security breaches, coordinating with cross-functional teams to ensure rapid containment and recovery.
• Drive the adoption of cutting-edge security technologies and methodologies, including artificial intelligence and machine learning, to enhance detection and response capabilities.
• Establish and maintain strong relationships with external cybersecurity agencies, industry groups, and technology partners to stay abreast of emerging threats and trends.
• Develop and manage the cybersecurity budget, ensuring strategic allocation of resources to high-priority projects and initiatives.
• Advanced degree in Computer Science, Information Security, or a related field, with specialized knowledge in cybersecurity.
• A minimum of 5 years of experience in Infrastructure, 3 years of cybersecurity, with at least 2 years in a strategic leadership or management role overseeing cybersecurity functions.
• Professional cybersecurity certifications, such as CISSP, CISM, CCSP, or similar, are required.
• Proven expertise in developing and implementing cybersecurity strategies and architectures to protect complex enterprise environments.
• Other: Deep knowledge of the cybersecurity landscape, including emerging threats, advanced persistent threats (APT), regulatory requirements, and industry best practices.
• Other: ISO 27001.

Skills:

Sharepoint, English

Job type:

Full-time

• Could have experience to develop information in Microsoft SharePoint 3-5 Years.
• Could have experience quality-control would be more assist.
• Have experience in Thai Oil Service would be more assist.
• EDUCATION.
• Bachelor Degree in Computer Science, Computer Engineering, Information Technology or any equivalent fields of study.
• OTHER REQUIREMENTS.
• Good command of English and computer literacy.
• Work @ Sriracha, Chonburi.
• ROLE & RESPONSIBILITY.
• Be able to communicate and manage Safety and Security information by Standard Program of Thai Oil as well. Thus could be reference and apply to all staff implement.
• สามารถสื่อสารสื่อความและควบคุมจัดการงานข้อมูลเรื่องความมั่นคงปลอดภัยผ่านมาตรฐานโปรแกรมที่มีใช้ในองค์กรได้เป็นอย่างดีเพื่อให้ทุกคนในองค์กรสามารถอ้างอิงและนำไปใช้ได้อย่างถูกต้อง.
• Be able to collect, store, create and update documents of the organization's internal and external security management system standards correctly and able to evaluate according to the standards set
• สามารถรวบรวมจัดเก็บ สร้างและอัพเดทเอกสารของมาตรฐานระบบการจัดการความมั่นคงและปลอดภัยขององค์กรทั้งภายในและภายนอกได้อย่างถูกต้อง และสามารถประเมินผลได้ตามมาตรฐานที่ได้กำหนดไว้.
• Be able to practice Security skill to supervise the team contractor working correctly and effectiveness
• สามารถฝึกฝนเพื่อให้สามารถปฏิบัติการบังคับบัญชาหรือแนะนำงานในด้านความมั่นคงให้กับทีมงานผู้รับเหมาที่ปฏิบัติงานภายใต้บังคับบัญชาปฏิบัติงานได้อย่างถูกต้องและมีประสิทธิภาพได้ในอนาคต.

Skills:

System Security

Job type:

Full-time

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

Job type:

Full-time

• Provide recommendations and participate in planning to ensure the security of customers, employees, buildings, and assets of the Siam Piwat Group and its affiliates, in accordance with overall policies.
• Participate in planning and provide guidance in supervising and overseeing the work of subcontractors to ensure they perform according to the work plan.
• Security Management: Develop and implement comprehensive security plans to protect the mall, its patrons, and employees.
• Safety Protocols: Participate in setting standards for security, traffic management, and the management of parking facilities within the shopping center.
• Crisis Response: Provide recommendations and participate in developing security standards to be prepared for various potential emergencies.
• Team Leadership: Supervise and mentor the security team, providing training and development opportunities to enhance their skills and performance.
• Surveillance and Monitoring: Oversee the operation of surveillance systems and ensure continuous monitoring of the premises.
• Incident Reporting: Manage the documentation and investigation of security incidents, accidents, and breaches, and implement corrective actions.
• Collaboration: Work closely with local law enforcement, emergency services, and other relevant agencies to coordinate security efforts and response plans.
• Budget Management: Prepare and manage the security department s budget, ensuring cost-effective use of resources.
• Customer Service: Maintain a visible presence within the mall, addressing security concerns of customers and staff promptly and professionally.
• Bachelor s degree in Security Management, Criminal Justice, or a related field.
• Minimum of 15 years of experience in security management, with at least 10 years in a leadership role.
• Strong knowledge of safety regulations, crisis management, and emergency response protocols.
• Excellent leadership, communication, and interpersonal skills.
• Ability to remain calm and make quick decisions in high-pressure situations.
• Proficiency in security technology and surveillance systems.
• Candidates with experience in the luxury shopping mall or luxury hotel industry will be given special consideration.
• This position may require working evenings, weekends, and holidays.
• Must be able to respond to emergencies at any time.

Skills:

ISO 27001, Compliance, Assurance, English

Job type:

Full-time

• Develop and support internal audit strategies within the cyber security domain, which involves protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
• Implement work standards to achieve desired outcomes and report findings to top management as a Cyber Security Auditor.
• Identify potential cyber security risks and convince organizational stakeholders to adopt comprehensive actionable recommendations.
• Act as a liaison with internal auditors, external auditors, Bank of Thailand auditors, Electronic Transactions Development Agency auditors, and other regulatory bodies (e.g., ISO 27001, PCI DSS, etc.) to ensure documentation and information compliance.
• Provide assurance and advisory services to ensure that IT Management plans, organizes, and directs appropriate IT governance, risk management, and control processes.
• Liaise with IT risk owners to develop risk-based assessments and establish risk response programs and reporting processes according to the Risk Management Policy and Framework.
• Bachelor's or master s degree in Computer Engineering, Computer Science, Information Technology, or related fields.
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, and ITIL.
• Experience in IT Governance, Risk Management, and Control Processes (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar roles is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), and CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Technical expertise in cyber security auditing.
• Proficiency in English.
• At least 3 years of experience in information security management, information risk management, IT audit management, ICT security, cloud security, or related fields.

Job type:

Full-time

• ดูแลและบริหารพื้นที่สำนักงานในอาคารให้มีสภาพพร้อมใช้งาน และส่งเสริมภาพลักษณ์ขององค์กร.
• กำกับดูแล การบำรุงรักษา, การซ่อมแซม ทรัพย์สิน พื้นที่สำนักงานและภูมิทัศน์โดยรอบให้พร้อมใช้งาน.
• ตรวจสอบและควบคุมการบำรุงรักษาระบบอาคาร ได้แก่ ระบบไฟฟ้า, ระบบปรับอากาศ, ระบบน้ำ และระบบสาธารณูปโภคอื่น ๆ ที่เกี่ยวข้อง.
• ดูแลการให้บริการห้องประชุมการติดตั้งและดูแลระบบโสตทัศนูปกรณ์ให้พร้อมใช้งาน รวมถึงระบบ Smart Office และกำกับการดำเนินงานตามนโยบายการอนุรักษ์พลังงานขององค์กร.
• การประสานงานและการบริการ (Coordination & Service).
• ประสานงานกับฝ่ายบริหารอาคาร, ผู้เช่าอาคาร และบุคคลภายนอก เช่น ผู้รับเหมา, ที่ปรึกษาด้านเทคนิค ฯลฯ เพื่อให้บริการและแก้ไขปัญหาได้อย่างมีประสิทธิภาพ.
• กำกับดูแลการอนุมัติงานบริการที่เกี่ยวข้องกับสำนักงาน เพื่อให้เป็นไปตามนโยบายและมาตรฐานที่กำหนด.
• การบริหารงานด้านความปลอดภัย (Safety & Security Management).
• วางแผนและกำกับดูแลระบบ Fire Life & Safety ให้เป็นไปตามกฎหมายและมาตรฐานความปลอดภัย เช่น การฝึกซ้อมดับเพลิง การตรวจสอบระบบเตือนภัย และเส้นทางหนีไฟ.
• กำกับดูแลงานรักษาความปลอดภัย (Security) ให้พื้นที่สำนักงานมีความปลอดภัยสูงสุด.
• ประสานงานกับเจ้าหน้าที่รักษาความปลอดภัย และกำกับการปฏิบัติงานตามมาตรฐานองค์กรและข้อกำหนดอื่นๆที่เกี่ยวข้อง.
• วิเคราะห์ปัญหาและ กำหนดแนวทางในการแก้ไข ปรับปรุง พัฒนาประสิทธิภาพของกระบวนการทำงาน และผู้ใต้บังคับบัญชา.
• อายุระหว่าง 35-45 ปี.
• ปริญญาตรีสาขาวิศวกรรมอุตสาหการหรือสาขาที่เกี่ยวข้อง.
• มีประสบการณ์การทำงานด้านการบริหารสำนักงาน อย่างน้อย 2 ปี.
• มีทักษะด้านมนุษยสัมพันธ์และความเป็นผู้นำที่ดี.
• มีใจรักบริการ.
• มีความอดทนสูงและทำงานภายใต้แรงกดดันได้.
• มีความเชี่ยวชาญในการบริหารจัดการทีมงานและมีความรู้ความเข้าใจเกี่ยวกับระบบโสตทัศนูปกรณ์ / Smart Office / ระบบวิศวกรรมอาคารสูงและสาธารณูปโภคภายในอาคาร.
• ทำงานเชิงรุก และมีทักษะในการวิเคราะห์ปัญหา สามารถตัดสินใจและแก้ปัญหาเฉพาะหน้าได้อย่างมีประสิทธิภาพ.

Experience:

5 years required

Skills:

Compliance, ISO 27001, Legal

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Skills:

Compliance, Risk Management, English

Job type:

Full-time

• Oversees and controls the implementation of the standards, policies and guidelines related to the topics within the scope of HSR and ensure compliance with local regulations. Identify areas of improvements and initiate projects to strengthen these topics in the countries assigned.
• Develops and maintains strategic, sustainable and effective working relationships with the stakeholders in each country, including external and internal stakeholders up to Country Leadership level and Regional functions.
• Oversee the execution of global and regional strategic projects related to Health, Safety (Offices) and Security in each country.
• Coordinates the response to potentially high impact events in each country, i.e. Emergency Management, Crisis Management, Threat Management, Duty of Care.
• Designated SHE Manager for the Bangkok office.
• Professionally represents the HSR department, engaging with each country/site leadership regarding policies, projects, risks and high impact situations.
• What makes you a good fit.
• Bachelor's degree in a related field is required.
• With a minimum of 6 years' work experience in the field of Safety, Security, Health, and Risk Management.
• Knowledgeable in conducting site security assessments and liaising with different businesses.
• Good stakeholder management skills and able to interact with corporate teams, country executive committees, and site managers.
• Regional exposure is preferred.
• Strong proficiency in English and the local language is required.
• Some perks of joining Henkel.
• Flexible work scheme with flexible hours, hybrid work model, and work from anywhere policy for up to 30 days per year.
• Diverse national and international growth opportunities.
• Globally wellbeing standards with health and preventive care programs.
• Gender-neutral parental leave for a minimum of 8 weeks.
• Employee Share Plan with voluntary investment and Henkel matching shares.
• Medical Coverage for employees and eligible dependents.
• Provident Fund.
• Annual Physical Examination for employees.
• Discounts on company products.
• At Henkel, we come from a broad range of backgrounds, perspectives, and life experiences. We believe the uniqueness of all our employees is the power in us. Become part of the team and bring your uniqueness to us! We welcome all applications across different genders, origins, cultures, religions, sexual orientations, disabilities, and generations.

Experience:

5 years required

Skills:

Research, ISO 27001, Enthusiastic, English

Job type:

Full-time

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Skills:

Research, System Administration, Android

Job type:

Full-time

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

Skills:

Compliance, Linux, UNIX, English

Job type:

Full-time

• The right person will be highly technical and analytical, possess 10+ years of current solutions architecture (implementation/consulting) experience.
• Deep knowledge of Infrastructure Security, Security Compliance and Operations is a must.
• Experience architecting infrastructure solutions using both Linux/Unix and Windows with specific recommendations on server, load balancing, HA/DR, & storage architectures.
• Experience architecting or deploying Cloud/Virtualization solutions in enterprise customers. AWS specific experience a bonus.
• Strong verbal and written communications skills in both Thai and English are a must.
• PREFERRED QUALIFICATIONS.
• Experience working within the Enterprise software market or Internet industries is highly desired.
• Enterprise application and database architecture a bonus.
• Technical degree required; Computer Science or Math background highly desired.
• Working knowledge of software development practices and Internet-related technologies highly desired.
• Industry Security certifications highly desired.
• Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you re applying in isn t listed, please contact your Recruiting Partner.

Experience:

5 years required

Skills:

Risk Management, Project Management, English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Skills:

Risk Management, Software Development, Kubernetes

Job type:

Full-time

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

Skills:

Express

Job type:

Full-time

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Available for Work Visa Sponsorship?.
• Government Clearance Required?.

Experience:

1 year required

Skills:

Risk Management, Compliance

Job type:

Full-time

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No