Filter Jobs

Experience:

1 year required

Skills:

Express, Risk Management, Microsoft Office

Job type:

Full-time

• Act as the central coordinator for planning, implementing, and managing security measures across all hubs, including communication and data consolidation related to security incidents and cases.
• Prepare and present reports to management, highlighting hubs that require special attention regarding Security & Fraud issues.
• Conduct on-site assessments to identify problems and vulnerabilities arising from work processes or security equipment.
• Design and propose solutions to resolve or reduce identified security risks.
• Serve as the Main Point of Contact (POC) when government officials visit the hub area.
• Serve as the Main Point of Contact (POC) during security-related emergencies.
• Oversee and manage special projects related to hub security and internal investigations.
• Supervise, monitor, and evaluate the performance of security guards stationed at each hub.
• Design and plan the deployment of security personnel in alignment with changing hub conditions and operational needs.
• Other security-related assigned tasks.
• Requirements: Bachelor's degree in a related field.
• Minimum of 1-2 years of experience in Fraud Investigation, Fraud Prevention, Loss Prevention, Government Affairs, Government Relations, or Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government official is advantageous.
• Familiarity with the Physical Security setting and investigations field.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in GSuite or Microsoft Office.
• Must have a private vehicle and a valid driver's license.
• Able to travel and work at various hubs both in Bangkok and upcountry.
• Availability to be on-call for emergency issues.

Experience:

2 years required

Skills:

Risk Management, Compliance, English

Job type:

Full-time

• Invite and give in the moment feedback in a constructive manner.
• Share and collaborate effectively with others.
• Identify and make suggestions for improvements when problems and/or opportunities arise.
• Handle, manipulate and analyse data and information responsibly.
• Follow risk management and compliance procedures.
• Keep up-to-date with developments in area of specialism.
• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.
• Build and maintain an internal and external network.
• Seek opportunities to learn about how PwC works as a global network of firms.
• Uphold the firm's code of ethics and business conduct.
• Bachelor s degree in Computer Engineering, Computer Science, Information Systems or a related field.
• 0-2 years of experience.
• Be able to utilize your well-rounded skills and experience related to industries to steer your projects to a successful outcome.
• Team player with strong interpersonal, communication skills.
• Be able to work both independently and as part of a team with professionals at all levels.
• Proficiency in spoken and written English & Thai.
• We thank all applicants. Please note that only short-listed candidates will be contacted for interviews.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Available for Work Visa Sponsorship?.
• Government Clearance Required?.
• Job Posting End Date.

Skills:

ISO 14001

Job type:

Full-time

• Develop and maintain Health & Safety programs in compliance with regulations and ISO 14001.
• Conduct HAZID, Risk Assessments, and Safety Audits to identify and mitigate risks.
• Ensure compliance with company policies, regulatory requirements, and access control procedures.
• Deliver H&S training and promote a strong safety culture.
• Lead emergency preparedness, response planning, and incident investigations.
• Analyze incidents, identify root causes, and implement corrective actions.
• Prepare clear safety reports, audit findings, and performance summaries.
• Manage safety programs and initiatives to ensure effectiveness and accountability.
• Job Qualifications Bachelor s degree in Occupational Health & Safety, Environmental Science, Engineering, or related field.
• Experience in a safety role, preferably in corporate or financial institutions.
• Strong knowledge of Health & Safety regulations, ISO 14001, and industry best practices.
• Proven skills in risk assessment, safety audits, incident investigation, and report writing.
• Experience in emergency management, H&S training, and program management.
• Knowledge of access control systems and security principles.
• High accountability, ethical standards, and strong stakeholder management skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Experience:

5 years required

Skills:

Compliance

Job type:

Full-time

• Identify and assess potential hazards and risks in the workplace.
• Develop and implement strategies to eliminate or control those risks.
• Conduct regular inspections and audits to ensure compliance with safety standards.
• Ensure that all policies and procedures are up-to-date and compliant with relevant regulations.
• Provide training to employees on health and safety procedures and regulations.
• Investigate workplace incidents and accidents to determine root causes.
• Assist with emergency response during actual incidents.
• Requirements: Bachelor's degree in Occupational Health & Safety or a related field, graduate with adequate *HSE qualifications/accreditation.
• 3-5 years of work experience in as HSE professional.
• Experience in delivering HSE training, performing HSE audits and incident investigation.
• Excellent communication, leadership, and problem-solving skills.
• Strong knowledge of local and international HSE regulations and best practices.
• Able to work with limited supervision and deliver results within challenging deadlines and under pressure.

Job type:

Full-time

• Job Number26011834
• Job CategoryLoss Prevention & Security
• LocationRenaissance Bangkok Ratchaprasong Hotel, 518/8 Ploenchit Road, Bangkok, Bangkok, Thailand, 10330
• ScheduleFull Time
• Located Remotely?N
• Position Type Non-Management
• شركة ماريوت الدولية هي شركة توفر فرص توظيف متكافئة. نؤمن بتوظيف قوى عاملة متنوعة الخلفيات والحفاظ على ثقافة شاملة تهتم بالأشخاص في المقام الأول. نلتزم بعدم التمييز على أي أساس محمي مثل الإعاقة وحالة المحاربين القدماء أو أي أساس آخر يغطيه القانون المعمولفي فنادق رينيسانس نؤمن بمساعدة ضيوفنا على تجربة الحمض النووي للأحياء التي يزورونها. يأتي ضيوفنا لاكتشاف وكشف ما هو غير متوقع أو للتعمق في ثقافة جديدة أو ببساطة لتحقيق أقصى استفادة من أمسية مجانية. إنهم يرون السفر التجاري كمغامرة لأنهم يرون كل السفر كمغامرة. عندما يقبل الآخرون على ما هو معتاد يرى ضيوفنا فرصة لتقديم قصة رائعة إلى المنزل. وكذلك نحن. نحن نبحث عن زملاء مستكشفين عفويين للانضمام إلى فريقنا لجلب روح الحي لضيوفنا. إذا كان هذا يلائم شخصيتك فنحن ندعوك لاكتشاف فرص العمل مع فنادق رينيسانس. عند الانضمام إلى فنادق رينيسانس فإنك تنضم إلى مجموعة من العلامات التجارية مع ماريوت الدولية. كنفي المكان الذي يمكنك فيه القيام بأفضل أعمالك وابدأ هدفك وانتمي إلى فريق عالمي مذهل لتصبح أفضل نسخة منك.

Skills:

ISO 27001

Job type:

Full-time

• Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems.
• Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies.
• Prepares and maintains documentation, including security assessment reports, findings, and recommendations.
• Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies.
• Learns and uses various security tools and technologies for assessments and monitoring.
• Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements.
• Communicates effectively with clients to understand their security needs and concerns.
• Participates in training programs and certifications to develop expertise in cybersecurity.
• To thrive in this role, you need to have: Strong interest in cybersecurity and a desire to learn and grow in the field.
• Knowledge of basic cybersecurity concepts, principles, and best practices.
• Familiarity with common security tools and technologies is a plus.
• Excellent analytical and problem-solving skills.
• Effective communication skills, both written and verbal.
• Ability to work collaboratively in a team environment.
• Eagerness to stay up to date with the evolving cybersecurity landscape.
• Academic qualifications and certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field.
• Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential.
• Required experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment.
• Moderate level of experience with security architecture design principles.
• Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others.
• Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
• Third parties fraudulently posing as NTT DATA recruiters.
• NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters whether in writing or by phone in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.

Experience:

3 years required

Skills:

Risk Management, Big Data, Teamwork, English

Job type:

Full-time

• Providing effective 2nd line of defense on oversight of Technology related risk involving in assessing, in depth, the risks in IT Infrastructure, Cloud strategy, Data Management, IT Outsourcing, IT Operations, and Big Data.
• Assisting to update Ascend Money/True Money s risk appetite for approval by the board.
• Facilitating Risk and Control Self-Assessment (R&CSA) and monitoring the design and testing the operational effectiveness under Key Control Testing (KCT) and incident m ...
• Coordinating and supporting the Country Risk Management team for facilitating Risk and Control Self-Assessment (R&CSA), performing Key Control Testing (KCT), setting and reviewing Key Risk Indicators (KRIs) and Incident Management.
• Challenge business units in implementing a secured architecture aligned with the business goals and future plans, including company policy and regulatory requirements.
• Analysing IT incidents reported by staff and report lessons learned to the Head of International Risk and Fraud Management and the Committee.
• Delivering the oversight, advisory and guidance on new technology risk and emerging risk.
• Investigation, root-cause analysis, and coordination with relevant parties for data loss prevention monitoring and management.
• Assisting the Head of International Risk and Fraud Management to bring together a holistic picture of the technology risk across the company.
• Tracking progress status with the Country Risk Management team around remediation activities to close gaps from policy compliance assessments and various other risk assessments.
• Providing IT & Cyber Risk dashboard for Committee and Senior Management.
• Ad-hoc assignment.
• Bachelor s or Master s Degree in Economic, Finance, IT or related fields.
• Minimum 3 years of professional experience in the IT Risk Management, IT Security or IT Audit with relevant experience in the Financial Services Industry.
• Strong organization, good presentation, communication, writing, interpersonal and teamwork skills.
• Demonstrated ability to complete assigned projects in a timely manner and in a fast-paced, high pressure environment.
• Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT, ISO27001 is a plus.
• Strong analytical and quantitative skills.
• Thorough knowledge of IT governance and control frameworks.
• Understanding of complex IT environments including legacy, hybrid cloud, virtualization, software defined networking is a plus.
• Good command in both oral and written in English communication.
• Able to travel in regional countries (i.e. Myanmar, Vietnam, Cambodia, Indonesia, Malaysia, the Philippines).

Skills:

Risk Management, Kubernetes, Docker

Job type:

Full-time

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

Skills:

Industry trends, Cloud Computing, English

Job type:

Full-time

• Provide consultancy advice to business and project teams to ensure security standards and requirements are considered and implemented.
• Perform deep dive reviews focused on Cybersecurity Risk, Technology Risk, and Emerging Risk.
• Effective management of all technology risk and cybersecurity framework including technology policies and standards based on the Group's risk appetite.
• Closely monitor technology and cyber related KPIs, KRIs, KCIs and drive remediation actions as Group perspective.
• Timely update on all material technology risk and cybersecurity topics including a set of risk indicators to the relevant Group Risk Committees and forums.
• Oversight the result of control testing from subsidiaries to ensure Cybersecurity and technology controls meet internal and external compliance requirements.
• Conduct technology risk assessments: Identify and evaluate potential risks Management with the organization's technology systems, infrastructure, and processes. Assess the adequacy of controls, identify vulnerabilities, and recommend risk mitigation strategies.
• Develop and implement risk management strategies: Collaborate with stakeholders to develop comprehensive risk management strategies that align with business objectives and regulatory requirements. Implement controls and procedures to mitigate identified risks effectively.
• Monitor technology risk exposure: Continuously monitor technology systems, networks, and processes to identify emerging risks, vulnerabilities, and trends. Stay up-to-date with industry developments, emerging technologies, and regulatory changes to proactively address potential risks.
• Perform risk analysis and reporting: Analyze risk assessment findings, internal control evaluations, and audit reports to identify trends, root causes, and areas of improvement. Prepare detailed reports on risk exposure, mitigation strategies, and recommendations for management and relevant stakeholders.
• Collaborate with cross-functional teams: Work closely with IT teams, compliance officers, cybersecurity professionals, and other stakeholders to develop and implement risk management frameworks, policies, and procedures. Provide guidance and recommendations on technology-related risk management activities.
• Conduct technology risk training and awareness programs: Develop and deliver training programs to educate employees on technology risk management best practices, policies, and procedures. Raise awareness about emerging threats and provide guidance on incident response protocols.
• Assist in incident response and recovery: Support the organization in managing technology-related incidents, including data breaches, system failures, and cybersecurity threats. Coordinate response efforts, assist in recovery measures, and contribute to post-incident reviews and lessons learned.
• Stay updated on industry standards and regulations: Keep abreast of industry trends, emerging technologies, and regulatory requirements related to technology risk management. Provide recommendations on incorporating best practices into the organization's risk management framework.
• Minimum of 5 years experience in Technology and Cyber Risk.
• Bachelor s degree or above in related discipline.
• Working experience or familiar in a group public company.
• Understanding of regulatory requirements such as BOT, OIC, and SEC; industry standards such as COBIT, NIST, ISO27001, ITIL, and PCIDSS.
• Experience in one or more emerging technologies such as Artificial Intelligence, Machine Learning, Distributed Ledger Technology, Robotic Process Automation, Cloud computing.
• Excellent communication and relationship building skills; proven ability to influence senior management.
• Good command of written and spoken in English is preferable.

Experience:

3 years required

Skills:

Express, Legal, Risk Management

Job type:

Full-time

• Conduct investigations and fact-finding related to incidents, security breaches, and fraudulent activities within the given SLA.
• Collect and analyze evidence from multiple sources, including CCTV footage, internal data, inputs from relevant teams, and OSINT (Open-Source Intelligence).
• Interview and interrogate employees involved, and prepare detailed investigation reports.
• Identify weaknesses and vulnerabilities, and recommend preventive measures to avoid recurrence of similar incidents.
• Compile and document all relevant facts and evidence to coordinate with law enforcement authorities in cases requiring legal action.
• Participate in security-related projects and tasks as assigned.
• Requirements: Bachelor's Degree in Law, Political Science, Criminology, Criminal Justice, or other related fields.
• Minimum of 3 years of experience in Fraud Investigation, Incident Investigation, CCTV command center, Fraud or Loss Prevention, or Fraud - Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government officials related to the job position is advantageous.
• Familiarity with reviewing CCTV footage.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in G-Suite or Microsoft Office.
• Own a private vehicle and a valid driver's license.
• Availability to be on-call for emergency issues.

Job type:

Full-time

• Implement, configure, and maintain cybersecurity tools including SIEM, EDR/XDR, and network security solutions.
• Monitor, analyze, and respond to security alerts and incidents.
• Perform log monitoring and security event analysis to detect suspicious or malicious activities.
• Collaborate with IT Infrastructure and Application teams to implement security controls and best practices.
• Perform tuning and optimization of security tools to improve detection accuracy and reduce false positives.
• Conduct vulnerability assessments and support remediation activities.
• Develop and maintain technical documentation, standard operating procedures, playbook, and security guidelines.
• Support incident investigation, forensic analysis, and root cause analysis activities..
• Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or related field.
• 2-5 years of experience in cybersecurity or IT security roles.
• o SIEM platforms
• o Endpoint Detection & Response solutions (e.g., SentinelOne, CrowdStrike)
• o Firewall and Network Security solutions (e.g., Palo Alto)
• Strong understanding of networking, operating systems, and security architecture.
• Strong analytical and problem-solving skills.
• Good teamwork and communication skills.

Job type:

Full-time

• Lead and oversee Security Operations Center (SOC) activities.
• Manage and coordinate incident response processes across the organization.
• Develop and maintain incident response playbooks and procedures.
• Perform threat intelligence analysis and monitor evolving cyber threat landscapes.
• Conduct security risk analysis and recommend mitigation strategies.
• Collaborate with IT, Risk, Compliance, and Business Units to enhance cybersecurity posture.
• Provide strategic cybersecurity guidance and recommendations to management.
• Mentor and coach SOC and Incident Response team members.
• Support internal and external security audits and compliance activities..
• Bachelor s degree or higher in Cybersecurity, Information Technology, or related field.
• Minimum 7 years of experience in cybersecurity roles.
• Proven experience managing SOC or Incident Response teams.
• Strong knowledge of threat detection, incident handling, and digital forensics.
• Strong understanding of security frameworks and standards such as ISO 27001, NIST, and MITRE ATT&CK.
• Strong analytical, investigative, and problem-solving skills.
• Leadership and team management capabilities.

Job type:

Full-time

• เราให้ความสำคัญกับพนักงานทุกคนอย่างเท่าเทียม ปลูกฝังให้ทุกคนยึดมั่นในการประกอบสัมมาชีพ อย่างมีบรรษัทภิบาลที่ดี.
• เราให้ความสำคัญต่อการพัฒนาศักยภาพพนักงานในทุกๆ ด้าน ด้วยโปรแกรมการฝึกอบรมคุณภาพให้เหมาะสมกับแต่ละคน เพื่อยกระดับการทำงานของพนักงานอย่างมืออาชีพ.
• สำนักงานใหญ่ของบางจาก ถูกออกแบบให้เป็น Smart Office and Smart Display Solution ที่มีความหรูหรา ทันสมัย และประหยัดพลังงาน.
• ความอบอุ่นแบบพี่น้อง คือหัวใจในการดูแลพนักงานใหม่ที่ก้าวเข้ามาในครอบครัวของเรา.
• ความปลอดภัยในการทำงานยังเป็นอีกหนึ่งสิ่งที่สำคัญสูงสุดของธุรกิจปิโตรเลียม ดังนั้นพนักงานบางจากทุกคนจึงต้องผ่านการอบรมตามมาตรฐานความปลอดภัยและอาชีวอนามัยอย่างเข้มข้น.
• พนักงานสบายใจได้กับโปรแกรมประกันสุขภาพ OPD/IPD และเรายังให้เงินช่วยเหลือค่ารักษาพยาบาลสำหรับบุพการี.
• Work life balance คือสิ่งสำคัญ เวลาการทำงานที่ยืนหยุ่นทำให้คุณจัดสรรเวลาได้อย่างลงตัว.

Experience:

5 years required

Skills:

Web Services

Job type:

Full-time

• Conduct security assessments on systems, networks, and applications.
• Simulate cyber attacks to identify system vulnerabilities.
• Software/Web Application/Web Services penetration testing.
• Network Penetration Testing.
• Mobile Application Penetration Testing.
• Thick Client Penetration Testing.
• Develop and execute penetration testing methodologies.
• Prepare detailed reports on the findings of penetration tests.
• Recommend and implement improvements to security policies.
• Stay updated with the latest penetration testing tools and techniques.
• Train staff on security awareness and procedures.
• Collaborate with IT staff to improve system security.
• Your role as a leader: At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves every day to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. Additionally, Senior Consultants across our Firm are expected to:Actively seek out developmental opportunities for growth, act as strong brand ambassadors for the firm as well as share their knowledge and experience with others.
• Understand the goals of our internal and external stakeholder to set personal priorities as well as align their teams work to achieve the objectives.
• Constantly challenge themselves, collaborate with others to deliver on tasks and take accountability for the results.
• Build productive relationships and communicate effectively in order to positively influence teams and other stakeholders.
• Project integrity and confidence while motivating others through team collaboration as well as recognising individual strengths, differences, and contributions.
• Requirements: If you are someone with:Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
• 5 - 8 years of experience in information technology, IT audits, or cyber security.
• Proven experience as a Penetration Tester or similar role in cybersecurity.
• Proficiency in using automated tools and manual testing techniques.
• Strong understanding of common vulnerabilities and exploits.
• Relevant certifications (e.g., OSCP, OSWP, CREST, CEH) are a plus.
• Excellent problem-solving and analytical skills.
• Must be able to work under pressure and produce content to tight timelines.
• Ability to self-manage, prioritizing a variety of tasks.
• Due to volume of applications, we regret only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request money or your personal information. Kindly apply for roles that you are interested via this official Deloitte website. Requisition ID: 112119In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Job type:

Full-time

• Design, implement and maintain enterprise network support business solutions
• Installing, configuring, designing and support LANs, WANs, WLAN, Firewall, Telephone, Internet and datacenter systems (Cisco, HPE, Palo Auto, Fortinet, ETC.)
• Participation in the documentation processes including network diagrams, staff contacts, vendor contacts, utilization of monitoring/resource/inventory management tools.
• Responsible for External Audit, ISO 27001 and ISO27032.
• Contribute and lead related projects to achieve goals within timeframes.
• Collaborate with cross functional team, vendors and product professionals to effectively troubleshooting and resolve issue with root cause analysis to ensure networks, application and customer service can operate smoothly with efficiency
• Monitor networks performance and connectivity to ensure all services are readiness..
• Bachelor Degree in Computer Sciences, Computer Engineering or related fields
• 3-5 years experience in related field
• Demonstrated in depth knowledge of LAN, WLAN, WAN, OT/IT Network, Firewall, Telephone, Routing protocols with OSPF & BGP and SD-WAN technologies
• Familiar to Cisco, HPE, Palo Auto, Fortinet product with strong knowledge switching, routing, WLAN, 802.1X, network security and datacenter system.
• Good command of English and good communication skill
• Good analytical skill and problem solving skill
• Excellent service mind with positive action
• The desire to work as part of a team in supporting an enterprise level infrastructure..

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Essential Skills & PrerequisitesBachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

3 years required

Skills:

System Security

Job type:

Full-time

• Participate in gathering and analyzing business and technical requirements to develop enterprise-wide Identity and Access Management (IAM) processes and procedures.
• Demonstrate a solid understanding of risk and change management, security policies and controls, user account lifecycle management, onboarding/offboarding, role-based access control (RBAC), access governance, and directory services.
• Translate business requirements into specific system, application, or process designs.
• Collaborate with cross-functional teams, including business units and technical stakeholders, to identify and define functional requirements, and contribute to or lead the design of IAM solutions.
• Engage in a broad range of IAM design activities from requirements analysis to implementation.
• Apply your knowledge of various IAM products and domains, with the ability to quickly adapt to new tools and technologies through self-learning or formal training.
• Provide support for identity provisioning, governance platforms, and privileged access management (PAM) tools.
• Lead and contribute to IAM-related projects to ensure successful delivery of objectives.
• Identify and communicate high-level functional gaps, risks, and potential issues, and propose effective solutions.
• Monitor service delivery against SLAs and escalate exceptions as needed.
• Perform IAM-related risk assessments and consult on project implementations to ensure alignment with RBAC frameworks and internal security policies.
• Drive improvements in RBAC processes, governance policies, and IAM lifecycle workflows.
• Lead or contribute to incident and problem management efforts, ensuring root cause analysis and future incident mitigation.
• Participate in on-call production support rotations and work with vendors to resolve technical issues.
• Influence the IAM strategy by making informed decisions on complex technical challenges.
• Support internal and external audit readiness by preparing and organizing required audit documentation.
• Design and implement key management controls to ensure encryption key security throughout the lifecycle.
• Conduct physical access control reviews and physical security assessments for restricted areas.
• Promote and extend secure access control practices across the organization and its affiliates.
• Essential Skills & PrerequisitesA positive, proactive mindset with strong empathy and team collaboration skills.
• Bachelor s or Master s degree in Computer Engineering, Information Security, MIS, or a related field.
• Minimum of 3 years of experience in cybersecurity or IAM domains.
• Solid foundation in information security principles and best practices.
• Knowledge of international security frameworks and standards, such as COBIT, NIST 800 series, ISO/IEC 27001, PCI-DSS, and OWASP.
• Familiarity with end-to-end security architecture including network, platform, and application layers.
• Experience with application/system security controls, IAM risk assessments, and access governance.
• Strong skills in technical writing, documentation, process mapping, and visual communication.
• Ability to develop and execute a clear vision for IAM and security solutions.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Security Risk Management: Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Establishment of Policies, Standards, and Procedures:Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Communication and Collaboration with Technology Team:Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Essential Skills & PrerequisitesA positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK