Filter Jobs

Experience:

5 years required

Skills:

ISO 27001, Legal, Finance

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Skills:

ISO 27001, Python, PowerShell

Job type:

Full-time

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

Job type:

Full-time

• Implement, configure, and maintain cybersecurity tools including SIEM, EDR/XDR, and network security solutions.
• Monitor, analyze, and respond to security alerts and incidents.
• Perform log monitoring and security event analysis to detect suspicious or malicious activities.
• Collaborate with IT Infrastructure and Application teams to implement security controls and best practices.
• Perform tuning and optimization of security tools to improve detection accuracy and reduce false positives.
• Conduct vulnerability assessments and support remediation activities.
• Develop and maintain technical documentation, standard operating procedures, playbook, and security guidelines.
• Support incident investigation, forensic analysis, and root cause analysis activities..
• Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or related field.
• 2-5 years of experience in cybersecurity or IT security roles.
• o SIEM platforms
• o Endpoint Detection & Response solutions (e.g., SentinelOne, CrowdStrike)
• o Firewall and Network Security solutions (e.g., Palo Alto)
• Strong understanding of networking, operating systems, and security architecture.
• Strong analytical and problem-solving skills.
• Good teamwork and communication skills.

Job type:

Full-time

• Lead and oversee Security Operations Center (SOC) activities.
• Manage and coordinate incident response processes across the organization.
• Develop and maintain incident response playbooks and procedures.
• Perform threat intelligence analysis and monitor evolving cyber threat landscapes.
• Conduct security risk analysis and recommend mitigation strategies.
• Collaborate with IT, Risk, Compliance, and Business Units to enhance cybersecurity posture.
• Provide strategic cybersecurity guidance and recommendations to management.
• Mentor and coach SOC and Incident Response team members.
• Support internal and external security audits and compliance activities..
• Bachelor s degree or higher in Cybersecurity, Information Technology, or related field.
• Minimum 7 years of experience in cybersecurity roles.
• Proven experience managing SOC or Incident Response teams.
• Strong knowledge of threat detection, incident handling, and digital forensics.
• Strong understanding of security frameworks and standards such as ISO 27001, NIST, and MITRE ATT&CK.
• Strong analytical, investigative, and problem-solving skills.
• Leadership and team management capabilities.

Job type:

Full-time

• ลดความเสี่ยง ป้องกัน บรรเทา และสกัดกั้นการทุจริต รวมถึงการขยายผลตรวจสอบที่มีแนวโน้มทุจริต เพื่อมิให้เกิดความเสียหายแก่ธนาคารและลูกค้าในประเด็นอาชญากรรมทางการเงิน.
• วุฒิการศึกษา ระดับปริญญาตรีขึ้นไป ด้านบริหารธุรกิจ การบัญชี การเงิน เศรษฐศาสตร์ นิติศาสตร์ หรือสาขาที่เกี่ยวข้อง.
• ประสบการณ์ ด้าน Fraud Application ทั้งในด้าน Retail และ Non-Retail.
• มีความละเอียดรอบคอบ และสามารถตรวจสอบข้อมูลเชิงลึกได้อย่างมีประสิทธิภาพ.
• ทักษะการใช้คอมพิวเตอร์ อยู่ในเกณฑ์ดี.
• ทักษะภาษาอังกฤษ อยู่ในเกณฑ์ดี.
• อนึ่ง ธนาคารขอสงวนสิทธิ์ในการพิจารณาคัดเลือกผู้ที่มีคุณสมบัติเหมาะสมตรงตามที่ธนาคารต้องการ ทั้งนี้เพื่อประโยชน์โดยรวมของธนาคาร และเพื่อใช้ทรัพยากรบุคคลให้เกิดประโยชน์สูงสุดต่อไป.
• ท่านได้อ่านและศึกษานโยบายความเป็นส่วนตัวของธนาคารกรุงไทย จำกัด (มหาชน) ที่ https://krungthai.com/th/content/privacy-policy ทั้งนี้ ธนาคารไม่มีเจตนาหรือความจำเป็นใดๆ ที่จะประมวลผลข้อมูลส่วนบุคคลที่มีความอ่อนไหว รวมถึงข้อมูลที่เกี่ยวข้องศาสนาและ/หรือหมู่โลหิต ซึ่งอาจปรากฏอยู่ในสำเนาบัตรประจำตัวประชาชนของท่านแต่อย่างใด ดังนั้น กรุณาอย่าอัปโหลดเอกสารใดๆ รวมถึงสำเนาบัตรประจำตัวประชาชน หรือกรอกข้อมูลส่วนบุคคลที่มีความอ่อนไหวหรือข้อมูลอื่นใด ซึ่งไม่เกี่ยวข้องหรือไม่จำเป็นสำหรับวัตถุประสงค์ในการสมัครงานไว้บนเว็บไซต์ นอกจากนี้ กรุณาดำเนินการให้แน่ใจว่าได้ดำเนินการลบข้อมูลส่วนบุคคลที่มีความอ่อนไหว (ถ้ามี) ออกจากเรซูเม่และเอกสารอื่นใดก่อนที่จะอัปโหลดเอกสารดังกล่าวไว้บนเว็บไซต์แล้วด้วย ทั้งนี้ ธนาคารมีความจำเป็นต้องเก็บรวบรวมข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของท่านเพื่อบรรลุวัตถุประสงค์ในการพิจารณารับบุคคลเข้าทำงาน หรือการตรวจสอบคุณสมบัติ ลักษณะต้องห้าม หรือพิจารณาความเหมาะสมของบุคคลที่จะให้ดำรงตำแหน่ง ซึ่งการให้ความยินยอมเพื่อเก็บรวบรวม ใช้ หรือเปิดเผยข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของท่านมีความจำเป็นสำหรับการเข้าทำสัญญาและการได้รับการพิจารณาตามวัตถุประสงค์ดังกล่าวข้างต้น ในกรณีที่ท่านไม่ให้ความยินยอมในการเก็บรวบรวม ใช้ หรือเปิดเผยข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรม หรือมีการถอนความยินยอมในภายหลัง ธนาคารอาจไม่สามารถดำเนินการเพื่อบรรลุวัตถุประสงค์ดังกล่าวข้างต้นได้ และอาจ ทำให้ท่านสูญเสียโอกาสในการได้รับการพิจารณารับเข้าทำงานกับธนาคาร.

Skills:

Automation, Power BI, Tableau

Job type:

Full-time

• Review major claims for fraud indicators, conduct investigations, and gather evidence for resolution including engaging key stakeholders to manage red flag and termination dialogue.
• Use analytics tools to identify patterns, anomalies, and emerging fraud risks.
• Design and maintain dashboards, generate accurate and insightful reports on fraud, trends, case outcomes, and KPIs for leadership.
• Identify inefficiencies in fraud and claims processes; propose and implement solutions leveraging Lean Six Sigma and automation.
• Ensure all investigations adhere to regulatory and internal standards.
• Partner with cross-functional teams to implement fraud prevention measures and share insights.
• Recommend process enhancements and leverage technology for efficiency.
• Explore technology, AI and automation opportunities to enhance fraud detection and reporting capabilities.
• Monitor emerging fraud trends within the insurance industry and update internal controls accordingly.
• Degree in data science, engineering, business administration or equivalent combination of education and experience.
• Data Analyst Professional certificates preferred. Power BI, Tableau Desktop Specialist, Lean Six Sigma or equivalent certification.
• Minimum 5 years data analytics experiences..

Job type:

Full-time

• เราให้ความสำคัญกับพนักงานทุกคนอย่างเท่าเทียม ปลูกฝังให้ทุกคนยึดมั่นในการประกอบสัมมาชีพ อย่างมีบรรษัทภิบาลที่ดี.
• เราให้ความสำคัญต่อการพัฒนาศักยภาพพนักงานในทุกๆ ด้าน ด้วยโปรแกรมการฝึกอบรมคุณภาพให้เหมาะสมกับแต่ละคน เพื่อยกระดับการทำงานของพนักงานอย่างมืออาชีพ.
• สำนักงานใหญ่ของบางจาก ถูกออกแบบให้เป็น Smart Office and Smart Display Solution ที่มีความหรูหรา ทันสมัย และประหยัดพลังงาน.
• ความอบอุ่นแบบพี่น้อง คือหัวใจในการดูแลพนักงานใหม่ที่ก้าวเข้ามาในครอบครัวของเรา.
• ความปลอดภัยในการทำงานยังเป็นอีกหนึ่งสิ่งที่สำคัญสูงสุดของธุรกิจปิโตรเลียม ดังนั้นพนักงานบางจากทุกคนจึงต้องผ่านการอบรมตามมาตรฐานความปลอดภัยและอาชีวอนามัยอย่างเข้มข้น.
• พนักงานสบายใจได้กับโปรแกรมประกันสุขภาพ OPD/IPD และเรายังให้เงินช่วยเหลือค่ารักษาพยาบาลสำหรับบุพการี.
• Work life balance คือสิ่งสำคัญ เวลาการทำงานที่ยืนหยุ่นทำให้คุณจัดสรรเวลาได้อย่างลงตัว.

Job type:

Full-time

• Design, implement and maintain enterprise network support business solutions
• Installing, configuring, designing and support LANs, WANs, WLAN, Firewall, Telephone, Internet and datacenter systems (Cisco, HPE, Palo Auto, Fortinet, ETC.)
• Participation in the documentation processes including network diagrams, staff contacts, vendor contacts, utilization of monitoring/resource/inventory management tools.
• Responsible for External Audit, ISO 27001 and ISO27032.
• Contribute and lead related projects to achieve goals within timeframes.
• Collaborate with cross functional team, vendors and product professionals to effectively troubleshooting and resolve issue with root cause analysis to ensure networks, application and customer service can operate smoothly with efficiency
• Monitor networks performance and connectivity to ensure all services are readiness..
• Bachelor Degree in Computer Sciences, Computer Engineering or related fields
• 3-5 years experience in related field
• Demonstrated in depth knowledge of LAN, WLAN, WAN, OT/IT Network, Firewall, Telephone, Routing protocols with OSPF & BGP and SD-WAN technologies
• Familiar to Cisco, HPE, Palo Auto, Fortinet product with strong knowledge switching, routing, WLAN, 802.1X, network security and datacenter system.
• Good command of English and good communication skill
• Good analytical skill and problem solving skill
• Excellent service mind with positive action
• The desire to work as part of a team in supporting an enterprise level infrastructure..

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Skills:

Network Infrastructure, SAP, Assurance

Job type:

Full-time

• Participate in the development of IT Audit Programs within assigned areas, covering IT security, applications, and IT processes (e.g., network infrastructure, operating systems, data centers, SAP, and retail systems). Assess whether security risks and vulnerabilities are properly identified and mitigated. Coordinate audit scope and effectiveness with business units and external IT/security specialists..
• Contribute to the design of detailed audit testing procedures in alignment with the approved Audit Program, including the definition of audit scope, sample sizes, audit ...
• Execute audit assignments as assigned by supervisors, performing detailed testing in accordance with established audit methodologies and procedures..
• Review and consolidate audit results, working papers, and supporting evidence prepared by team members in order to analyze audit findings and determine whether further audit procedures or expanded testing are required..
• Evaluate and analyze audit findings, including root causes and risks, and provide recommendations for improvement. Prepare and consolidate audit reports for submission to management for review and consideration..
• Bachelor s degree or higher in Management Information Systems, Information Technology, Computer Science, or other related fields..
• At least 5 years of experience in internal auditing, with a focus on IT audit, IT security controls, or IT-related assurance functions, or other relevant experience (e.g., information security, IT risk and control, IT governance, or IT quality assurance)..
• Strong leadership skills, with the ability to work effectively as part of a team and adapt to changing work environments..
• Strong analytical and systematic thinking skills..
• Proactive and innovative mindset, with the ability to initiate improvements..
• Effective communication and coordination skills..
• Proficiency in computer applications, including MS Office and SAP ERP..
• Professional certifications such as CISA, CISSP, CISM, or other relevant technical certifications will be considered an advantage..
• Working location: The Mall Ramkhamhaeng (Headquarter).

Experience:

3 years required

Skills:

System Security

Job type:

Full-time

• Participate in gathering and analyzing business and technical requirements to develop enterprise-wide Identity and Access Management (IAM) processes and procedures.
• Demonstrate a solid understanding of risk and change management, security policies and controls, user account lifecycle management, onboarding/offboarding, role-based access control (RBAC), access governance, and directory services.
• Translate business requirements into specific system, application, or process designs.
• Collaborate with cross-functional teams, including business units and technical stakeholders, to identify and define functional requirements, and contribute to or lead the design of IAM solutions.
• Engage in a broad range of IAM design activities from requirements analysis to implementation.
• Apply your knowledge of various IAM products and domains, with the ability to quickly adapt to new tools and technologies through self-learning or formal training.
• Provide support for identity provisioning, governance platforms, and privileged access management (PAM) tools.
• Lead and contribute to IAM-related projects to ensure successful delivery of objectives.
• Identify and communicate high-level functional gaps, risks, and potential issues, and propose effective solutions.
• Monitor service delivery against SLAs and escalate exceptions as needed.
• Perform IAM-related risk assessments and consult on project implementations to ensure alignment with RBAC frameworks and internal security policies.
• Drive improvements in RBAC processes, governance policies, and IAM lifecycle workflows.
• Lead or contribute to incident and problem management efforts, ensuring root cause analysis and future incident mitigation.
• Participate in on-call production support rotations and work with vendors to resolve technical issues.
• Influence the IAM strategy by making informed decisions on complex technical challenges.
• Support internal and external audit readiness by preparing and organizing required audit documentation.
• Design and implement key management controls to ensure encryption key security throughout the lifecycle.
• Conduct physical access control reviews and physical security assessments for restricted areas.
• Promote and extend secure access control practices across the organization and its affiliates.
• Essential Skills & PrerequisitesA positive, proactive mindset with strong empathy and team collaboration skills.
• Bachelor s or Master s degree in Computer Engineering, Information Security, MIS, or a related field.
• Minimum of 3 years of experience in cybersecurity or IAM domains.
• Solid foundation in information security principles and best practices.
• Knowledge of international security frameworks and standards, such as COBIT, NIST 800 series, ISO/IEC 27001, PCI-DSS, and OWASP.
• Familiarity with end-to-end security architecture including network, platform, and application layers.
• Experience with application/system security controls, IAM risk assessments, and access governance.
• Strong skills in technical writing, documentation, process mapping, and visual communication.
• Ability to develop and execute a clear vision for IAM and security solutions.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Security Risk Management: Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Establishment of Policies, Standards, and Procedures:Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Communication and Collaboration with Technology Team:Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Essential Skills & PrerequisitesA positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up-to-date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Essential Skills & PrerequisitesBachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Essential Skills & PrerequisitesBachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Experience:

2 years required

Skills:

Risk Management, Microsoft Office

Job type:

Full-time

• Serve as the main point of contact for gathering evidence, CCTV footage, and relevant information for assigned fraud cases.
• Coordinate with other relevant teams to prepare for interrogation sessions.
• Participate in the interrogation sessions of offenders,witnesses, and/or other relevant parties.
• Draft investigation reports.
• Act as a CCTV real-time monitor as requested or assigned by the supervisor.
• Participate in security-related projects and tasks as assigned.
• Requirements: Bachelor's degree in Laws, Political Science or related field. (Fresh Graduate is welcome.).
• Availability to work in the office 5 days a week and 1 day from home.
• Minimum of 0-2 years of experience in Fraud Investigation, Fraud Prevention, Loss Prevention, Government Affairs, Government Relations, or Risk Management-related positions.
• Experience in the logistics industry is a plus.
• Previous experience as a Police/Military Official or other government official is advantageous.
• Familiarity with reviewing CCTV footage.
• Skills in offender interrogation or interviewing.
• Strong analytical and problem-solving abilities.
• Excellent interpersonal skills.
• Proficient in GSuite or Microsoft Office.
• Must have a private vehicle and a valid driver's license.
• Availability to be on-call for emergency issues.

Job type:

Full-time

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
• Minimum years experience required.
• n/a.
• Additional application instructions.
• n/a.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Available for Work Visa Sponsorship?.
• Government Clearance Required?.
• Job Posting End Date.

Skills:

Compliance

Job type:

Full-time

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance.
• Who are we looking for?.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Able to work in shift.
• Location: Head Office: Chatuchak, SJ Infinite One Business Complex

Skills:

Teamwork, Compliance, Problem Solving

Job type:

Full-time

• IT Solutions & Services.
• Work with Passion, Professional and Teamwork.
• Grow up in Career path.
• We are looking for talented Cyber Security Engineer to find the most efficient way to create and to manage every cyber security solution for multiple clients.
• What we want?.
• To propose improvement to infrastructure and security systems and may present them to customer s upper management.
• Plan and carry out a customer s information security strategy to be the healthy security architectures for any IT project.
• To implement security system and ensure compliance with corporate cyber security policies and procedures.
• To provide professional supervision and guidance to security teams.
• Works with other business units, partners, and customers to maintain secure methods of security management.
• Who are we looking for?.
• Experience in IT infrastructure or Cyber Security field.
• Great awareness of Cyber Security trends and new technology update.
• Knowledge in Security Management is advantage. Excellent knowledge in Security Product (Antivirus/Firewall/VPN, IPS/IDS), Security Platform, Endpoint Solution, and Network Security solution is a plus.
• Excellent problem solving and analytical skill, planning and organizing skill and customer oriented.
• Security Profession Certification is a plus.
• Knowledge in AI and the ability to use AI-related tools and technologies.
• MFEC OKR:- As MFEC People, you will be a part of our talent team. Besides your main responsibilities, you do have special projects as part of OKR. However, the percentages will be different according to the positions and teams.
• Location: Branch: Chatuchak