เงื่อนไขการค้นหา

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Internal Audit, Automation, Data Analysis

ประเภทงาน:

งานประจำ

• Implement Third party - Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance.
• Design policies and procedures that support the successful implementation.
• Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
• Establish questionnaire, checklist, and risk score for vendors evaluation process.
• Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan.
• Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues.
• Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings.
• Review completed risk assessments and confirmed completion of due diligence prior to agreement signature.
• Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities.
• Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations.
• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Drive continued operational and automation improvements to improve operational efficiency.
• Support ad-hoc data analysis.
• 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
• Bachelor s degree in Management Information Systems, Computer Science, or related field.
• Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Experience developing and refining technical and business operational processes.
• Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
• Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
• Works effectively as an individual and part of a team.
• Strategic thinking with the ability to see/understand the big picture.
• Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
• Ability to solve problems and bring clarity to ambiguous situations.
• Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.

ประสบการณ์:

1 ปีขึ้นไป

ประเภทงาน:

งานประจำ

• ดูแล บำรุงรักษา และปรับปรุงระบบ IT Infrastructure เช่น Server, Storage, Network (LAN/WAN/Wireless) และระบบ Cloud
• บริหารระบบปฏิบัติการ macOS, Windows Server และ Linux รวมถึงการรักษาความปลอดภัยภายในเครือข่าย
• ดูแลระบบ Virtualization (VMware, Hyper-V) และบริหารทรัพยากรให้เหมาะสมกับการใช้งาน
• ออกแบบและจัดการระบบสำรองข้อมูล (Backup / Disaster Recovery) ให้สามารถกู้คืนได้อย่างรวดเร็วและปลอดภัย
• ดูแลระบบบริหารจัดการอุปกรณ์ Apple (macOS / iOS) ผ่าน MDM เช่น Jamf, Mosyle, Intune หรือ JumpCloud
• จัดการ Apple Business Manager (ABM) และเชื่อมต่อกับระบบ MDM
• บริหารจัดการทรัพย์สินด้าน IT และซอฟต์แวร์ลิขสิทธิ์ รวมถึง Subscription Services เช่น Microsoft 365, Adobe, Google Workspace
• ประสานงานกับผู้จำหน่าย (Vendors / Suppliers) ในการจัดซื้อ ต่อสัญญา และดูแลงบประมาณที่เกี่ยวข้อง
• ปฏิบัติตามนโยบาย IT Security และ IT General Controls ขององค์กร พร้อมสนับสนุนงานตรวจสอบภายใน/ภายนอก
• ให้การสนับสนุนทางเทคนิคแก่ผู้ใช้งาน วิเคราะห์และแก้ไขปัญหาเชิงเทคนิคจนกว่าปัญหาจะได้รับการแก้ไข
• จัดทำเอกสารระบบและรายงานการใช้งานเพื่อใช้ในการวางแผนและตรวจสอบประจำปี.
• วุฒิการศึกษาระดับปริญญาตรีขึ้นไป สาขาเทคโนโลยีสารสนเทศ วิทยาการคอมพิวเตอร์ หรือสาขาที่เกี่ยวข้อง
• มีประสบการณ์ด้าน IT Infrastructure อย่างน้อย 2-3 ปี
• เชี่ยวชาญในการดูแลระบบ macOS และอุปกรณ์ใน Apple Ecosystem
• มีประสบการณ์ใช้งานระบบ MDM / ABM
• มีความรู้ด้าน Server, Network, Virtualization (VMware, Hyper-V) และ Cloud (AWS, Azure หรือ GCP)
• เข้าใจระบบเครือข่ายและความปลอดภัย (Fortinet, Mikrotik, Synology, Cisco, Hikvision, Ubiquiti, Next-Gen Antivirus)
• มีทักษะในการจัดการทรัพย์สิน IT การต่ออายุ Subscription Software และการประสานงานกับ Vendor
• มีทักษะการสื่อสาร การแก้ไขปัญหาเชิงเทคนิค และการทำงานอย่างเป็นระบบ.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

ISO 27001, Legal, Finance

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.