Filter Jobs

Experience:

3 years required

Skills:

Risk Management, Big Data, Teamwork, English

Job type:

Full-time

• Providing effective 2nd line of defense on oversight of Technology related risk involving in assessing, in depth, the risks in IT Infrastructure, Cloud strategy, Data Management, IT Outsourcing, IT Operations, and Big Data.
• Assisting to update Ascend Money/True Money s risk appetite for approval by the board.
• Facilitating Risk and Control Self-Assessment (R&CSA) and monitoring the design and testing the operational effectiveness under Key Control Testing (KCT) and incident m ...
• Coordinating and supporting the Country Risk Management team for facilitating Risk and Control Self-Assessment (R&CSA), performing Key Control Testing (KCT), setting and reviewing Key Risk Indicators (KRIs) and Incident Management.
• Challenge business units in implementing a secured architecture aligned with the business goals and future plans, including company policy and regulatory requirements.
• Analysing IT incidents reported by staff and report lessons learned to the Head of International Risk and Fraud Management and the Committee.
• Delivering the oversight, advisory and guidance on new technology risk and emerging risk.
• Investigation, root-cause analysis, and coordination with relevant parties for data loss prevention monitoring and management.
• Assisting the Head of International Risk and Fraud Management to bring together a holistic picture of the technology risk across the company.
• Tracking progress status with the Country Risk Management team around remediation activities to close gaps from policy compliance assessments and various other risk assessments.
• Providing IT & Cyber Risk dashboard for Committee and Senior Management.
• Ad-hoc assignment.
• Bachelor s or Master s Degree in Economic, Finance, IT or related fields.
• Minimum 3 years of professional experience in the IT Risk Management, IT Security or IT Audit with relevant experience in the Financial Services Industry.
• Strong organization, good presentation, communication, writing, interpersonal and teamwork skills.
• Demonstrated ability to complete assigned projects in a timely manner and in a fast-paced, high pressure environment.
• Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT, ISO27001 is a plus.
• Strong analytical and quantitative skills.
• Thorough knowledge of IT governance and control frameworks.
• Understanding of complex IT environments including legacy, hybrid cloud, virtualization, software defined networking is a plus.
• Good command in both oral and written in English communication.
• Able to travel in regional countries (i.e. Myanmar, Vietnam, Cambodia, Indonesia, Malaysia, the Philippines).

Experience:

3 years required

Skills:

Express, Compliance, Risk Management

Job type:

Full-time

• Define and oversee fraud management framework, policies, and controls across parcel pickup, transit, and delivery processes.
• Monitor fraudulent activities (e.g., fake COD orders, lost/stolen parcels, account takeovers, seller fraud, identity misuse).
• Partner with Risk, Compliance, and Operations to design early-warning mechanisms and detection models.
• Establish PMO governance for fraud-related initiatives, ensuring standardized project planning, reporting, and prioritization.
• Track progress of fraud prevention projects.
• Manage cross-functional project timelines, budgets, and resource allocations.
• Work with hub/line-haul/last-mile operations to close fraud loopholes and enforce compliance.
• Analyze fraud trends, root causes, and operational gaps to recommend process improvements.
• Implement KPIs to measure fraud detection efficiency, financial loss recovery, and process adherence.
• Requirements: Bachelor s degree in Business, Supply Chain, Risk Management, Banking or related field.
• 3-5 years in project management, fraud/risk operations, or logistics/express delivery.
• Proven ability to manage cross-functional projects with governance and reporting.
• Analytical skills with proficiency in Excel/SQL; experience with BI tools (Power BI/Tableau).
• Excellent stakeholder management, communication, and change management skills.
• High integrity, problem-solving mindset, and ability to work in a fast-paced environment.

Experience:

1 year required

Skills:

Compliance, Legal, Safety Management, English

Job type:

Full-time

• Health, Safety and Environment.
• Implement safety compliance with Regional safety Shopee standard/program in all aspects.
• Implement safety leading KPI such as safety walk, deep compliance audit and Toolbox talk programs.
• Conduct Daily safety, weekly and monthly safety walk.
• Analyst accident and summarise the accident statistic with proposed a solution to eliminate risk/hazard in the business by using regional tools and lesson learned sharing.
• To build and train HSE awareness and occupational disease to all employees including Third Party Labor (TPL) and Contractor/Visitor and implement train to be the trainer.
• Update new health safety and environment laws, make HSE legal registration and compliance evaluation.
• Material handling equipment (MHE) management and traffic management.
• Lead to drive and follow up Safety behaviour observation program (Hazard reporting & Safety suggestion).
• Personal protective equipment (PPE) management.
• Machine safety improvement program.
• Government report mangement.
• Implement risk assessment and safe work procedure.
• Implement and control the management of Change Awareness (MOC).
• 5S project improvement.
• Construction safety management system.
• Emergency response plan and emergency drills.
• Document control system and CAR/PAR system (ISO 45001).
• Nursing room management.
• Requirements: Bachelor s degree or higher in Public Health, Occupational Health and Safety and/or related fields.
• 1-5 years of experience in HSE.
• Prefer to have experience working in logistics and supply chain/E-commerce and security.
• Excellent Communication, Interpersonal and Coordinating skills.
• Creative, fast response and proactive work.
• Can write english and design canva program or other.
• Have a driving licence.

Experience:

3 years required

Skills:

Compliance

Job type:

Full-time

• Develop and implement comprehensive security policies and procedures in compliance with laws and regulations and Shopee regional's security standards.
• Monitor and assess potential security risks, establish preventive measures, and minimize the occurrence of security incidents.
• Coordinate and lead the security team, conducting regular training to build skills and competence of security manpower.
• Maintain a good relationship with local law enforcement agencies to handle potential security incidents and ensure compliance.
• Managing facility and infrastructure support in build up cctv coverage in place ensuring it has managed function as intended including CCTV monitoring.
• Execute security protocol to manage and enforce the compliance of parties involved.
• Summarize monthly KPI and set a monthly meeting with security management team.
• A dequate security manpower is managed during campaign and BAU days.
• To develop body searching standard, frisking process and thief management.
• Guard tour management system.
• Monitor and evaluate the daily, weekly and monthly performance of Security Leaders and Guards to ensure: Perform additional duties as assigned by the reporting manager.
• Requirements:Bachelor's degree or above in Security Management, Occupational health and Safety, or related fields.
• More than 3 years of experience in security management, with a preference for experience in logistics and supply chain/E-commerce business.
• Familiarity with Thai security regulations and International's security management system with strong risk assessment capabilities.
• Qualified TAPA FSR (if applicable) would be advantageous.

Experience:

5 years required

Skills:

ISO 27001, Legal, Finance

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Experience:

2 years required

Skills:

Risk Management, Microsoft Office

Job type:

Full-time

• Serve as the main point of contact for gathering evidence, CCTV footage, and relevant information for assigned fraud cases.
• Coordinate with other relevant teams to prepare for interrogation sessions.
• Participate in the interrogation sessions of offenders,witnesses, and/or other relevant parties.
• Draft investigation reports.
• Act as a CCTV real-time monitor as requested or assigned by the supervisor.
• Participate in security-related projects and tasks as assigned.
• Requirements: Bachelor's degree in Laws, Political Science or related field. (Fresh Graduate is welcome.).
• Availability to work in the office 5 days a week and 1 day from home.
• Minimum of 0-2 years of experience in Fraud Investigation, Fraud Prevention, Loss Prevention, Government Affairs, Government Relations, or Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government official is advantageous.
• Familiarity with reviewing CCTV footage.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in GSuite or Microsoft Office.
• Must have a private vehicle and a valid driver's license.
• Availability to be on-call for emergency issues.

Experience:

2 years required

Skills:

Risk Management, Compliance, English

Job type:

Full-time

• Invite and give in the moment feedback in a constructive manner.
• Share and collaborate effectively with others.
• Identify and make suggestions for improvements when problems and/or opportunities arise.
• Handle, manipulate and analyse data and information responsibly.
• Follow risk management and compliance procedures.
• Keep up-to-date with developments in area of specialism.
• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.
• Build and maintain an internal and external network.
• Seek opportunities to learn about how PwC works as a global network of firms.
• Uphold the firm's code of ethics and business conduct.
• Bachelor s degree in Computer Engineering, Computer Science, Information Systems or a related field.
• 0-2 years of experience.
• Be able to utilize your well-rounded skills and experience related to industries to steer your projects to a successful outcome.
• Team player with strong interpersonal, communication skills.
• Be able to work both independently and as part of a team with professionals at all levels.
• Proficiency in spoken and written English & Thai.
• We thank all applicants. Please note that only short-listed candidates will be contacted for interviews.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Available for Work Visa Sponsorship?.
• Government Clearance Required?.
• Job Posting End Date.

Experience:

5 years required

Skills:

Assurance

Job type:

Full-time

• Lead and execute technology risk assessments, identifying potential vulnerabilities and threats across various IT systems and processes.
• Conduct in-depth information technology audits to evaluate the effectiveness of internal controls and compliance with relevant policies and regulations.
• Develop and implement IT risk management strategies, frameworks, and policies in line with industry best practices and regulatory requirements.
• Perform detailed vulnerability assessments and penetration testing to identify and prioritize security weaknesses.
• Provide expert guidance on cybersecurity and information security best practices, including IT security architecture and security controls.
• Utilize investigative skills to analyze security incidents, identify root causes, and recommend corrective actions.
• Collaborate with various business units and IT teams to embed risk management principles into project lifecycles and operational processes, leveraging Agile Methodology.
• Contribute to the design and implementation of robust internal controls to mitigate identified technology risks.
• Prepare comprehensive reports on technology risk posture, audit findings, and recommendations for senior management and stakeholders.
• Stay abreast of emerging technology risks, cybersecurity threats, and regulatory changes to proactively adapt risk assurance strategies.
• Job Qualifications Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree or relevant certifications (e.g., CISA, CISSP, CRISC) preferred.
• Minimum of 5-7 years of experience in IT risk management, information security, or IT audit, preferably within the financial services industry.
• Proven experience with Agile Methodology in a technology or risk assurance context.
• Strong expertise in Cybersecurity and Information Security principles, frameworks, and best practices.
• Extensive experience with Information Technology Auditing and assessing Internal Controls.
• Demonstrated proficiency in IT Risk and Security Assurance, including IT Risk Assessments and Risk Analysis.
• In-depth knowledge of IT Security Architecture and Security Controls.
• Practical experience in conducting Vulnerability Assessments.
• Excellent Investigative Skills for incident analysis and root cause identification.
• Familiarity with Risk Management Information Systems.
• Strong analytical, problem-solving, and communication skills, with the ability to articulate complex technical issues to non-technical audiences.
• Ability to work independently and as part of a team in a fast-paced and evolving environment.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Experience:

3 years required

Skills:

Legal, Financial Analysis, Project Management, English

Job type:

Full-time

• Direct and manage contract guard force to run daily data center operations.
• Handle site security incidents, escalations or any other security related issues.
• Provide after-hours on-call management support and participate in emergent, large scale event response when needed.
• Participate in re-occurring data center security audits and reviews.
• Executes established compliance processes with AWS policies, standards, guidelines and relevant legal and regulatory requirements.
• Provides input on, and may develop security methodologies, policies and procedures.
• Write reports and communicate with management on the status of physical security operations.
• Oversee new security construction or retrofit projects.
• Manage the security P&L for assigned site(s), assist management with financial analysis and contribute to financial decisions for security requirements.
• Collaborate with other teams to protect AWS Data Center personnel, information and assets.
• A day in the life
• Mission: Deliver pioneering physical security by working vigorously to earn and keep customer trust; providing a safe and secure environment for our people, assets, and customer data.
• Vision: Develop exceptional security professionals, consistently apply security processes, and pioneer new technologies that effectively balance security requirements with operational needs.
• Diverse Experiences
• AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn t followed a traditional path, or includes alternative experiences, don t let it stop you from applying.
• Why AWS?
• Amazon Web Services (AWS) is the world s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating that s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
• Inclusive Team Culture
• AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
• Mentorship & Career Growth
• We re continuously raising our performance bar as we strive to become Earth s Best Employer. That s why you ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
• Work/Life Balance
• We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there s nothing we can t achieve.
• BASIC QUALIFICATIONS.
• 3+ year s experience managing contract security and physical security operation programs such as Access Control/Intrusion Detection and CCTV Surveillance systems.
• 3+ years in Project Management experience and creating process improvement procedure.
• Experience in managing vendors/vendor teams.
• PREFERRED QUALIFICATIONS.
• Bachelor s degree and or equivalent professional experience in corporate or government security environment.
• 3+ years experience creating and implementing emergency planning programs, physical security countermeasures.
• Excellent oral and written communication skills.
• Proficiency in both Thai and English language.
• Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you re applying in isn t listed, please contact your Recruiting Partner.

Experience:

3 years required

Skills:

Express, Legal, Risk Management

Job type:

Full-time

• Conduct investigations and fact-finding related to incidents, security breaches, and fraudulent activities within the given SLA.
• Collect and analyze evidence from multiple sources, including CCTV footage, internal data, inputs from relevant teams, and OSINT (Open-Source Intelligence).
• Interview and interrogate employees involved, and prepare detailed investigation reports.
• Identify weaknesses and vulnerabilities, and recommend preventive measures to avoid recurrence of similar incidents.
• Compile and document all relevant facts and evidence to coordinate with law enforcement authorities in cases requiring legal action.
• Participate in security-related projects and tasks as assigned.
• Requirements: Bachelor's Degree in Law, Political Science, Criminology, Criminal Justice, or other related fields.
• Minimum of 3 years of experience in Fraud Investigation, Incident Investigation, CCTV command center, Fraud or Loss Prevention, or Fraud - Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government officials related to the job position is advantageous.
• Familiarity with reviewing CCTV footage.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in G-Suite or Microsoft Office.
• Own a private vehicle and a valid driver's license.
• Availability to be on-call for emergency issues.

Experience:

5 years required

Skills:

Web Services

Job type:

Full-time

• Conduct security assessments on systems, networks, and applications.
• Simulate cyber attacks to identify system vulnerabilities.
• Software/Web Application/Web Services penetration testing.
• Network Penetration Testing.
• Mobile Application Penetration Testing.
• Thick Client Penetration Testing.
• Develop and execute penetration testing methodologies.
• Prepare detailed reports on the findings of penetration tests.
• Recommend and implement improvements to security policies.
• Stay updated with the latest penetration testing tools and techniques.
• Train staff on security awareness and procedures.
• Collaborate with IT staff to improve system security.
• Your role as a leader: At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves every day to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. Additionally, Senior Consultants across our Firm are expected to:Actively seek out developmental opportunities for growth, act as strong brand ambassadors for the firm as well as share their knowledge and experience with others.
• Understand the goals of our internal and external stakeholder to set personal priorities as well as align their teams work to achieve the objectives.
• Constantly challenge themselves, collaborate with others to deliver on tasks and take accountability for the results.
• Build productive relationships and communicate effectively in order to positively influence teams and other stakeholders.
• Project integrity and confidence while motivating others through team collaboration as well as recognising individual strengths, differences, and contributions.
• Requirements: If you are someone with:Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
• 5 - 8 years of experience in information technology, IT audits, or cyber security.
• Proven experience as a Penetration Tester or similar role in cybersecurity.
• Proficiency in using automated tools and manual testing techniques.
• Strong understanding of common vulnerabilities and exploits.
• Relevant certifications (e.g., OSCP, OSWP, CREST, CEH) are a plus.
• Excellent problem-solving and analytical skills.
• Must be able to work under pressure and produce content to tight timelines.
• Ability to self-manage, prioritizing a variety of tasks.
• Due to volume of applications, we regret only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request money or your personal information. Kindly apply for roles that you are interested via this official Deloitte website. Requisition ID: 112119In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Experience:

1 year required

Skills:

Express

Job type:

Full-time

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
• Minimum years experience required.
• 1-2 years of experiences in Cyber - Penetration tester.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.

Experience:

4 years required

Skills:

Web Services

Job type:

Full-time

• Conduct security assessments on systems, networks, and applications.
• Simulate cyber attacks to identify system vulnerabilities.
• Software/Web Application/Web Services penetration testing.
• Network Penetration Testing.
• Mobile Application Penetration Testing.
• Thick Client Penetration Testing.
• Develop and execute penetration testing methodologies.
• Prepare detailed reports on the findings of penetration tests.
• Recommend and implement improvements to security policies.
• Stay updated with the latest penetration testing tools and techniques.
• Train staff on security awareness and procedures.
• Collaborate with IT staff to improve system security.
• Your role as a leader: At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves every day to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. Additionally, Senior Consultants across our Firm are expected to:Actively seek out developmental opportunities for growth, act as strong brand ambassadors for the firm as well as share their knowledge and experience with others.
• Understand the goals of our internal and external stakeholder to set personal priorities as well as align their teams work to achieve the objectives.
• Constantly challenge themselves, collaborate with others to deliver on tasks and take accountability for the results.
• Build productive relationships and communicate effectively in order to positively influence teams and other stakeholders.
• Project integrity and confidence while motivating others through team collaboration as well as recognising individual strengths, differences, and contributions.
• Requirements: If you are someone with:Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
• 4-6 years of experience in information technology, IT audits, or cyber security.
• Proven experience as a Penetration Tester or similar role in cybersecurity.
• Proficiency in using automated tools and manual testing techniques.
• Strong understanding of common vulnerabilities and exploits.
• Relevant certifications (e.g., OSCP, OSWP, CREST, CEH) are a plus.
• Excellent problem-solving and analytical skills.
• Must be able to work under pressure and produce content to tight timelines.
• Ability to self-manage, prioritizing a variety of tasks.
• Due to volume of applications, we regret only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request money or your personal information. Kindly apply for roles that you are interested via this official Deloitte website.
• Requisition ID: 112120In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Experience:

1 year required

Skills:

Express, Risk Management, Microsoft Office

Job type:

Full-time

• Act as the central coordinator for planning, implementing, and managing security measures across all hubs, including communication and data consolidation related to security incidents and cases.
• Prepare and present reports to management, highlighting hubs that require special attention regarding Security & Fraud issues.
• Conduct on-site assessments to identify problems and vulnerabilities arising from work processes or security equipment.
• Design and propose solutions to resolve or reduce identified security risks.
• Serve as the Main Point of Contact (POC) when government officials visit the hub area.
• Serve as the Main Point of Contact (POC) during security-related emergencies.
• Oversee and manage special projects related to hub security and internal investigations.
• Supervise, monitor, and evaluate the performance of security guards stationed at each hub.
• Design and plan the deployment of security personnel in alignment with changing hub conditions and operational needs.
• Other security-related assigned tasks.
• Requirements: Bachelor's degree in a related field.
• Minimum of 1-2 years of experience in Fraud Investigation, Fraud Prevention, Loss Prevention, Government Affairs, Government Relations, or Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government official is advantageous.
• Familiarity with the Physical Security setting and investigations field.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in GSuite or Microsoft Office.
• Must have a private vehicle and a valid driver's license.
• Able to travel and work at various hubs both in Bangkok and upcountry.
• Availability to be on-call for emergency issues.

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Essential Skills & PrerequisitesBachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

3 years required

Skills:

System Security

Job type:

Full-time

• Participate in gathering and analyzing business and technical requirements to develop enterprise-wide Identity and Access Management (IAM) processes and procedures.
• Demonstrate a solid understanding of risk and change management, security policies and controls, user account lifecycle management, onboarding/offboarding, role-based access control (RBAC), access governance, and directory services.
• Translate business requirements into specific system, application, or process designs.
• Collaborate with cross-functional teams, including business units and technical stakeholders, to identify and define functional requirements, and contribute to or lead the design of IAM solutions.
• Engage in a broad range of IAM design activities from requirements analysis to implementation.
• Apply your knowledge of various IAM products and domains, with the ability to quickly adapt to new tools and technologies through self-learning or formal training.
• Provide support for identity provisioning, governance platforms, and privileged access management (PAM) tools.
• Lead and contribute to IAM-related projects to ensure successful delivery of objectives.
• Identify and communicate high-level functional gaps, risks, and potential issues, and propose effective solutions.
• Monitor service delivery against SLAs and escalate exceptions as needed.
• Perform IAM-related risk assessments and consult on project implementations to ensure alignment with RBAC frameworks and internal security policies.
• Drive improvements in RBAC processes, governance policies, and IAM lifecycle workflows.
• Lead or contribute to incident and problem management efforts, ensuring root cause analysis and future incident mitigation.
• Participate in on-call production support rotations and work with vendors to resolve technical issues.
• Influence the IAM strategy by making informed decisions on complex technical challenges.
• Support internal and external audit readiness by preparing and organizing required audit documentation.
• Design and implement key management controls to ensure encryption key security throughout the lifecycle.
• Conduct physical access control reviews and physical security assessments for restricted areas.
• Promote and extend secure access control practices across the organization and its affiliates.
• Essential Skills & PrerequisitesA positive, proactive mindset with strong empathy and team collaboration skills.
• Bachelor s or Master s degree in Computer Engineering, Information Security, MIS, or a related field.
• Minimum of 3 years of experience in cybersecurity or IAM domains.
• Solid foundation in information security principles and best practices.
• Knowledge of international security frameworks and standards, such as COBIT, NIST 800 series, ISO/IEC 27001, PCI-DSS, and OWASP.
• Familiarity with end-to-end security architecture including network, platform, and application layers.
• Experience with application/system security controls, IAM risk assessments, and access governance.
• Strong skills in technical writing, documentation, process mapping, and visual communication.
• Ability to develop and execute a clear vision for IAM and security solutions.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Security Risk Management: Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Establishment of Policies, Standards, and Procedures:Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Communication and Collaboration with Technology Team:Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Essential Skills & PrerequisitesA positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up-to-date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Essential Skills & PrerequisitesBachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK