เงื่อนไขการค้นหา

ทักษะ:

ISO 27001

ประเภทงาน:

งานประจำ

• Protect the organization's computer networks and systems against a range of cyber threats, such as hacking attempts, data breaches, and different types of cyber attacks. The
• responsibilities of this role include creating, deploying, and overseeing security strategies and technologies to defend the organization IT security.
• Lead the strategic direction, development, and implementation of cybersecurity solutions and practices to protect the organization from sophisticated cyber threats and ...
• Serve as the foremost cybersecurity expert within the organization, providing deep technical expertise and leadership in the design, evaluation, and optimization of complex security architectures.
• Develop comprehensive cybersecurity frameworks that align with industry best practices and regulatory standards, ensuring the organization's resilience against cyber attacks.
• Conduct sophisticated risk assessments and threat modeling exercises to identify potential security gaps and develop advanced strategies for mitigation and prevention.
• Lead the incident response and crisis management efforts for high-impact security breaches, coordinating with cross-functional teams to ensure rapid containment and recovery.
• Drive the adoption of cutting-edge security technologies and methodologies, including artificial intelligence and machine learning, to enhance detection and response capabilities.
• Establish and maintain strong relationships with external cybersecurity agencies, industry groups, and technology partners to stay abreast of emerging threats and trends.
• Develop and manage the cybersecurity budget, ensuring strategic allocation of resources to high-priority projects and initiatives.
• Advanced degree in Computer Science, Information Security, or a related field, with specialized knowledge in cybersecurity.
• A minimum of 5 years of experience in Infrastructure, 3 years of cybersecurity, with at least 2 years in a strategic leadership or management role overseeing cybersecurity functions.
• Professional cybersecurity certifications, such as CISSP, CISM, CCSP, or similar, are required.
• Proven expertise in developing and implementing cybersecurity strategies and architectures to protect complex enterprise environments.
• Other: Deep knowledge of the cybersecurity landscape, including emerging threats, advanced persistent threats (APT), regulatory requirements, and industry best practices.
• Other: ISO 27001.

ทักษะ:

System Security

ประเภทงาน:

งานประจำ

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

ประสบการณ์:

6 ปีขึ้นไป

ทักษะ:

SAP, Finance, Accounting, English

ประเภทงาน:

งานประจำ

• Engage clients in workshops and interviews to analyze process and reporting requirements.
• Advise clients on industry/ cross-industry leading practices. Advise clients on SAP recommended processes and functions.
• Design target state SAP solutions for clients. Influence clients thinking in adopting leading/ standard practices while developing target state.
• Analyze application landscape to design interfaces to SAP solution.
• Perform SAP configuration and tests. Develop specifications for development of forms/ reports/ interfaces.
• Lead the consultant and client teams through the implementation cycle including planning and execution of testing, migration and cutover.
• Support change management execution by developing training material, delivering training and supporting users post cutover.
• Develop relationships with internal and external stakeholders.
• Your role as a leaderAt Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Senior Consultant across our Firm are expected to:Develop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Align your team to key objectives as well as set clear priorities and direction.
• Make informed decisions that positively impact the sustainable financial performance and enhance the quality of outcomes.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Lead with integrity and make a strong positive impact by energising others, valuing individual differences, recognising contributions, and inspiring self-belief.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Requirements:Bachelor or Master s degree in Finance and Accounting, Information Technology, Business Admistrative or relevant field, supported by relevant experience.
• Minimum of 6 years of post-qualification experience working with SAPSecurity by completed at least 3 end to end full life cycle.
• Working experience in Consulting firms is most preferred.
• Experience with S4/Hana is a big plus.
• Deep and wide experience in SAP led transformation programs in diverse industries.
• Broad understanding and appreciation of emerging business and technology paradigms.
• Demonstrated ability to engage client stakeholders on a range of issues.
• A self-motivated individual with ability to chart his/ her route to success.
• Ability to provide situational leadership to engagement teams, and coaching/ mentorship to team members.
• Value driven, inclusive individual committed to client service excellence.
• Willingness to work outside of office base and most of all.
• An appreciation of the consulting lifestyle and ability to travel (both locally and abroad) is a pre-requisite to fit to our short-term and long-term project assignments.
• Good command of English communication.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website.Requisition ID: 108566In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ประสบการณ์:

2 ปีขึ้นไป

ทักษะ:

Network Infrastructure, Security Design, Big Data, English

ประเภทงาน:

งานประจำ

• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
• Skills and attributes for success.
• To qualify for the role you must have.
• Bachelor's degree or Master s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
• Ideally, you ll also have.
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
• We re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
• What we offer.
• We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Shape The Future with Confidence.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
• Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

ประเภทงาน:

งานประจำ

• Provide recommendations and participate in planning to ensure the security of customers, employees, buildings, and assets of the Siam Piwat Group and its affiliates, in accordance with overall policies.
• Participate in planning and provide guidance in supervising and overseeing the work of subcontractors to ensure they perform according to the work plan.
• Security Management: Develop and implement comprehensive security plans to protect the mall, its patrons, and employees.
• Safety Protocols: Participate in setting standards for security, traffic management, and the management of parking facilities within the shopping center.
• Crisis Response: Provide recommendations and participate in developing security standards to be prepared for various potential emergencies.
• Team Leadership: Supervise and mentor the security team, providing training and development opportunities to enhance their skills and performance.
• Surveillance and Monitoring: Oversee the operation of surveillance systems and ensure continuous monitoring of the premises.
• Incident Reporting: Manage the documentation and investigation of security incidents, accidents, and breaches, and implement corrective actions.
• Collaboration: Work closely with local law enforcement, emergency services, and other relevant agencies to coordinate security efforts and response plans.
• Budget Management: Prepare and manage the security department s budget, ensuring cost-effective use of resources.
• Customer Service: Maintain a visible presence within the mall, addressing security concerns of customers and staff promptly and professionally.
• Bachelor s degree in Security Management, Criminal Justice, or a related field.
• Minimum of 15 years of experience in security management, with at least 10 years in a leadership role.
• Strong knowledge of safety regulations, crisis management, and emergency response protocols.
• Excellent leadership, communication, and interpersonal skills.
• Ability to remain calm and make quick decisions in high-pressure situations.
• Proficiency in security technology and surveillance systems.
• Candidates with experience in the luxury shopping mall or luxury hotel industry will be given special consideration.
• This position may require working evenings, weekends, and holidays.
• Must be able to respond to emergencies at any time.

ทักษะ:

Finance, Risk Management, DevOps

ประเภทงาน:

งานประจำ

• Manage day-to-day activities of a team of Security Architect Engineers.
• Design and implementation of advanced security architectures for applications, networks, and systems.
• Conducted comprehensive risk assessments and developed mitigation strategies.
• Design and implement security monitoring and incident response solutions.
• Stay abreast of emerging threats and vulnerabilities in the finance and crypto industry.
• Collaborate with cross-functional teams to ensure secure development practices.
• Mentor and guide junior security engineers.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
• At least 2 years of experience in a security engineering role.
• Solid knowledge of security principles, cryptography, secure coding, threat modeling, and risk management.
• Familiarity with cloud security practices and secure DevOps methodologies.
• Demonstrates strong problem-solving, analytical, and critical thinking skills.
• Effective communication prioritization and collaboration abilities; work well in cross-functional teams.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*..
• Don't forget to 'Like' and 'Follow' our social media channels so you won't miss any news from us. Click.

ทักษะ:

ISO 27001, Python, PowerShell

ประเภทงาน:

งานประจำ

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

ทักษะ:

Compliance, Legal, English

ประเภทงาน:

งานประจำ

• Driving PSMS (physical security management system) at local level within the framework of C/AUP governance (incl. Site Security Concept process & consulting of local management).
• Monitoring of adequate implementation of local risk mitigation measures (incl. security services delivered by GR/SES).
• Conducting security investigations at local level & support internal investigations (Compliance) on request.
• Implementing security awareness promotion activities along with other security stakeholders at site (e.g. DSO, GR).
• At Regional Level.
• Implementation/monitoring of the C/AUP regulatory framework in the region based on legal conditions.
• Serve as the primary contact point for physical security governance requirements for responsible region.
• Driving the regional int./ext. security network. Raise PSMS awareness among regional managers and employees.
• Support the continuous improvement process and share best practices within the worldwide security organization.
• Qualifications Bachelor s degree in related fields.
• 5-8 years' experience in an industrial/manufacturing company security or facilities experience are preferred.
• Excellent communication and presentation skills; demonstrated ability to interact with all levels of management with excellent analytical skills.
• Work independently and control own work priorities.
• Highly knowledgeable in all aspects of risk analysis.
• General knowledge of systems capability for security systems.
• Basic knowledge of investigation techniques and methods.
• A good understanding of risk and security issues facing office organization in Thailand.
• Good spoken and written English and Thai.
• Able to travel to Rayong province for work assignments as required.
• Additional InformationBy choice, we are committed to a diverse workforce and are an equal opportunity employer. Robert Bosch welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in the selection process.

ทักษะ:

Negotiation

ประเภทงาน:

งานประจำ

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

ทักษะ:

ISO 27001, Compliance, Assurance, English

ประเภทงาน:

งานประจำ

• Develop and support internal audit strategies within the cyber security domain, which involves protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
• Implement work standards to achieve desired outcomes and report findings to top management as a Cyber Security Auditor.
• Identify potential cyber security risks and convince organizational stakeholders to adopt comprehensive actionable recommendations.
• Act as a liaison with internal auditors, external auditors, Bank of Thailand auditors, Electronic Transactions Development Agency auditors, and other regulatory bodies (e.g., ISO 27001, PCI DSS, etc.) to ensure documentation and information compliance.
• Provide assurance and advisory services to ensure that IT Management plans, organizes, and directs appropriate IT governance, risk management, and control processes.
• Liaise with IT risk owners to develop risk-based assessments and establish risk response programs and reporting processes according to the Risk Management Policy and Framework.
• Bachelor's or master s degree in Computer Engineering, Computer Science, Information Technology, or related fields.
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, and ITIL.
• Experience in IT Governance, Risk Management, and Control Processes (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar roles is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), and CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Technical expertise in cyber security auditing.
• Proficiency in English.
• At least 3 years of experience in information security management, information risk management, IT audit management, ICT security, cloud security, or related fields.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

DevOps, Automation, Electrical Engineering

ประเภทงาน:

งานประจำ

• Equipped with security knowledge and done related projects in technical IT domains such as operating systems, networks, databases, cloud or solution development etc.
• Possess knowledge in assessing solution architectures at the planning and design level for security issues and vulnerabilities.
• Experience in practical security vulnerability remediation.
• Information Security domains - in particular one or more of the following: Cyber Program Management, Cyber Threat Management, Identity & Access Management, Data Protection, Privacy, Organisational Resilience. This experience should include both advisory, implementation and operation experience.
• Strong technical security skills in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps).
• Implementation skill set for identity and access management platforms, security information and event management platforms, security automation and orchestration platforms, advance threat detection systems, endpoint protection systems, data leak prevention systems or network security devices.
• To qualify for the role you must have.
• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
• Experience with a leading Security technology like Microsoft Security, Crowdstrike, Splunk and others would be a strong advantage.
• Creative, independent with good problem solving skills.
• Excellent communicator with strong analytical, interpersonal and writing skills.
• Candidates with minimum 10-15 years of relevant experience, including managing a team, will be considered for a Leadership role.
• Ideally, you ll also have.
• Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL).
• Solution Level Certifications, OSCP, CREST, GIAC would be advantageous, as well as penetration testing experience.
• Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.
• What we offer.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

ประสบการณ์:

2 ปีขึ้นไป

ทักษะ:

Network Infrastructure, Network Administration, CompTIA Security+, System Security, English

ประเภทงาน:

งานประจำ

• Design & Deployment: Architect and deploy on-premises infrastructure solutions, including servers, storage, and networking equipment.
• Maintenance & Support: Perform regular maintenance and troubleshooting of all infrastructure components, ensuring timely updates and patches.
• Monitoring & Troubleshooting: Continuously monitor system performance, diagnosing and resolving hardware, software, or network-related issues.
• Virtualization: Manage visualized environments, such as VMware or Hyper-V, optimizing server workloads and system resources.
• Backup & Recovery: Implement and maintain backup solutions and disaster recovery plans to safeguard critical business data and ensure continuity.
• Security & Compliance: Apply industry-standard security measures to protect infrastructure, ensuring compliance with relevant regulations and policies.
• Documentation: Develop and maintain comprehensive documentation of infrastructure configurations, procedures, and troubleshooting guidelines.
• Collaboration: Work closely with cross-functional teams to align IT infrastructure with business requirements, providing necessary technical support.
• Bachelor s degree in Computer Science, Information Technology, or a related field (or equivalent experience).
• 4 years of hands-on experience managing on-premises IT infrastructure, including servers, storage, networking, and virtualization.
• Expertise in Windows/Linux operating systems and experience with virtualization platforms like VMware or Hyper-V.
• Strong knowledge of networking technologies, such as TCP/IP, DNS, DHCP, and VPNs.
• Experience with backup, storage, and disaster recovery solutions.
• Strong analytical and troubleshooting skills for diagnosing complex technical issues.
• Good communication skills and ability to work effectively in a team environment.
• Experience in vulnerability management is a strong advantage.
• CompTIA Server+ or A+.
• VMware Certified Professional (VCP).
• Microsoft Certified: Windows Server Administrator.
• Cisco Certified Network Associate (CCNA).

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Risk Management, Project Management, English

ประเภทงาน:

งานประจำ

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

ทักษะ:

Linux, Good Communication Skills, English

ประเภทงาน:

งานประจำ

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

ทักษะ:

Compliance, Linux, UNIX, English

ประเภทงาน:

งานประจำ

• The right person will be highly technical and analytical, possess 10+ years of current solutions architecture (implementation/consulting) experience.
• Deep knowledge of Infrastructure Security, Security Compliance and Operations is a must.
• Experience architecting infrastructure solutions using both Linux/Unix and Windows with specific recommendations on server, load balancing, HA/DR, & storage architectures.
• Experience architecting or deploying Cloud/Virtualization solutions in enterprise customers. AWS specific experience a bonus.
• Strong verbal and written communications skills in both Thai and English are a must.
• PREFERRED QUALIFICATIONS.
• Experience working within the Enterprise software market or Internet industries is highly desired.
• Enterprise application and database architecture a bonus.
• Technical degree required; Computer Science or Math background highly desired.
• Working knowledge of software development practices and Internet-related technologies highly desired.
• Industry Security certifications highly desired.
• Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you re applying in isn t listed, please contact your Recruiting Partner.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

DevOps, Automation, Compliance

ประเภทงาน:

งานประจำ

• Fulfill tasks of cybersecurity vulnerability management program, i.e. cyberthreat intelligence analysis, cybersecurity assessment, vulnerability profiling, vulnerability compensation and vulnerability remediation tracking.
• A dedicated DevSecOps or security engineering team is responsible for embedding security practices into the DevOps pipeline. They build and maintain the security tools and automation required for integrating security checks into the development process.
• Implement security tools in CI/CD pipelines (e.g., code scanning, vulnerability assessments).
• Automate security testing, monitoring, and compliance checks.
• Collaborate with development and operations teams to ensure security is applied at every stage.
• Designing, supervising, and validating holistic Banking application/infrastructure security architecture, to ensure that they are aligned with cybersecurity strategy, security requirement principle and generally cybersecurity best practices (through threat modelling or similar methods).
• Designing and Implementing CI/CD (DevSecOps) Technology integration through own teams and virtual team (with the members of Digital Technology Security team) to always tighten security architecture fabrics, and to support cybersecurity transformation, lean and automation process.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in security advisory, security architecture, CI/CD security, Vulnerability Assessment, Penetration test or a related field.
• Good communication skills, with the ability to communicate complex security issues.
• Strong Knowledge in new Banking Technology and associated security controls.
• Knowledge of security best practices in software development.
• Knowledge of SDLC framework.
• Familiarity with CI/CD tools & DevOps tools.
• Experience with Code/Library/Image scanning tools (Dynamic/Static Code Scan).
• Expertise in cloud security (AWS, Azure, GCP, HWC).
• Experience with cloud security and compliance tools (CSPM).
• Knowledge of Securing Cloud Environments to ensure that security practices are tailored for cloud-native and hybrid environments, including container security, infrastructure as code, and microservices security.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ทักษะ:

Sharepoint, English

ประเภทงาน:

งานประจำ

• Could have experience to develop information in Microsoft SharePoint 3-5 Years.
• Could have experience quality-control would be more assist.
• Have experience in Thai Oil Service would be more assist.
• EDUCATION.
• Bachelor Degree in Computer Science, Computer Engineering, Information Technology or any equivalent fields of study.
• OTHER REQUIREMENTS.
• Good command of English and computer literacy.
• Work @ Sriracha, Chonburi.
• ROLE & RESPONSIBILITY.
• Be able to communicate and manage Safety and Security information by Standard Program of Thai Oil as well. Thus could be reference and apply to all staff implement.
• สามารถสื่อสารสื่อความและควบคุมจัดการงานข้อมูลเรื่องความมั่นคงปลอดภัยผ่านมาตรฐานโปรแกรมที่มีใช้ในองค์กรได้เป็นอย่างดีเพื่อให้ทุกคนในองค์กรสามารถอ้างอิงและนำไปใช้ได้อย่างถูกต้อง.
• Be able to collect, store, create and update documents of the organization's internal and external security management system standards correctly and able to evaluate according to the standards set
• สามารถรวบรวมจัดเก็บ สร้างและอัพเดทเอกสารของมาตรฐานระบบการจัดการความมั่นคงและปลอดภัยขององค์กรทั้งภายในและภายนอกได้อย่างถูกต้อง และสามารถประเมินผลได้ตามมาตรฐานที่ได้กำหนดไว้.
• Be able to practice Security skill to supervise the team contractor working correctly and effectiveness
• สามารถฝึกฝนเพื่อให้สามารถปฏิบัติการบังคับบัญชาหรือแนะนำงานในด้านความมั่นคงให้กับทีมงานผู้รับเหมาที่ปฏิบัติงานภายใต้บังคับบัญชาปฏิบัติงานได้อย่างถูกต้องและมีประสิทธิภาพได้ในอนาคต.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Compliance, ISO 27001, Legal

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.