เงื่อนไขการค้นหา

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Internal Audit, Automation, Data Analysis

ประเภทงาน:

งานประจำ

• Implement Third party - Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance.
• Design policies and procedures that support the successful implementation.
• Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
• Establish questionnaire, checklist, and risk score for vendors evaluation process.
• Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan.
• Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues.
• Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings.
• Review completed risk assessments and confirmed completion of due diligence prior to agreement signature.
• Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities.
• Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations.
• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Drive continued operational and automation improvements to improve operational efficiency.
• Support ad-hoc data analysis.
• 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
• Bachelor s degree in Management Information Systems, Computer Science, or related field.
• Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Experience developing and refining technical and business operational processes.
• Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
• Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
• Works effectively as an individual and part of a team.
• Strategic thinking with the ability to see/understand the big picture.
• Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
• Ability to solve problems and bring clarity to ambiguous situations.
• Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.

ทักษะ:

Compliance

ประเภทงาน:

งานประจำ

• Minimum Cum. GPA 3.00.
• การศึกษา: ปริญญาตรี/โท สาขาบริหารธุรกิจ ระบบสารสนเทศทางการบัญชี (AIS), วิศวกรรม คอมพิวเตอร์, เทคโนโลยีสารสนเทศ (MIS).
• คะแนน TOEIC ไม่ต่ำกว่า 550 คะแนน.
• ประสบการณ์ทำงาน: มีประสบการณ์ผ่านงานตรวจสอบ IT อย่างน้อย 2 ปีขึ้นไป หรือมีประสบการณ์การทำงานอย่างน้อย 3 ปีขึ้นไป.
• อื่น ๆ: ใบประกอบวิชาชีพที่เกี่ยวข้อง เช่น CISA, CIA, CPIATจะเป็นประโยชน์ต่อการพิจารณา.
• Skill: Having knowledge and experience with IT risk, IT control, IT security and compliance, IT governance or IT audit Good analytical skills and problem-solving skills Good communication and presentation both Thai and English Ability to work independently.

ทักษะ:

ISO 27001, Compliance, Assurance, English

ประเภทงาน:

งานประจำ

• Develop and support internal audit strategies within the cybersecurity domain, which involves protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
• Implement work standards to achieve desired outcomes and report findings to top management as a Cyber Security Auditor.
• Identify potential cybersecurity risks and persuade organizational stakeholders to adopt comprehensive, actionable recommendations.
• Act as a liaison with internal auditors, external auditors, Bank of Thailand auditors, Electronic Transactions Development Agency auditors, and other regulatory bodies (e.g., ISO 27001, PCI DSS, etc.) to ensure documentation and information compliance.
• Provide assurance and advisory services to ensure that IT Management plans, organizes, and directs appropriate IT governance, risk management, and control processes.
• Liaise with IT risk owners to develop risk-based assessments and establish risk response programs and reporting processes according to the Risk Management Policy and Framework.
• Bachelor's or master s degree in Computer Engineering, Computer Science, Information Technology, or related fields..
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, and ITIL.
• Experience in IT Governance, Risk Management, and Control Processes (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar roles is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), and CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Technical expertise in cybersecurity auditing.
• Proficiency in English.
• At least 3 years of experience in information security management, information risk management, IT audit management, ICT security, cloud security, or related fields.

ทักษะ:

System Security

ประเภทงาน:

งานประจำ

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

ทักษะ:

ISO 27001, Python, PowerShell

ประเภทงาน:

งานประจำ

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

ประเภทงาน:

งานประจำ

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Compliance, ISO 27001, Legal

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.