เงื่อนไขการค้นหา

ประสบการณ์:

ไม่จำเป็นต้องมีประสบการณ์ทำงาน

ประเภทงาน:

งานประจำ

• Accountable for ensuring all applications within their market are delivered and maintained secure and compliant with internal standards and external regulations, including privacy requirements, Business Continuity Plans etc.
• Supports the prompt deployment of global Security & Compliance solutions and processes in the market.
• Responsible for tracking the market security & compliance posture through relevant metrics and driving continuous improvement through the management system.
• Plan/execute the market's Information Security Management System (ISMS).
• Provide process, standard routines and control procedures to enable secure and compliant by design applications.
• Drive the continuous improvement of Security & Compliance posture by leading the Risk, Control & Applications owners through the ISMS Framework.
• Ensure the implementation of IT Standards and Global Controls.
• Track & report on Risk, Control & Remediation maturity.
• Support the adoption of the appropriate metrics for tracking risks & controls.
• Ensure Information Security risk & control posture is aligned with market management.
• Coordinates all the IT related audits requests in the market.
• Represents the market teams with the auditors, supports market in providing documentation required to meet regulatory requirements (e.g. PCI, GxP).
• Tracks and follows-up the market audit, internal review or regulatory findings as corrective & preventative actions through the management system.
• Validates root causes have been addressed prior to closure of corrective & preventative actions.
• Works with Risk, Compliance & Security function to identify required levels of documentation and evidence to support audit and regulatory requirements.
• Ensures market is trained in reporting Risk, Compliance & Security incidents and events to meet internal & external requirements.
• Supports market in the execution and follow-up of Partner Compliance Audits (including cloud).
• ARE YOU A FIT?.
• Bachelor's Degree in Computer Science, Computer Engineering or related field.
• 8+ years of experience in information technology or related function.
• 7+ years of experience in information security and compliance or data privacy is required.
• Good English and Thai communication skills.
• Stakeholder management experience with proven record of successfully managing complex stakeholder network.
• Experience working for or with a global matrixed organization including with virtual teams.
• Experience with and strong knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT and NIST.
• Industry-related/Professional compliance, risk or security management certification is preferred. (e.g., Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), ISO27001 Lead Auditor/Implementer etc.).
• We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.

ประสบการณ์:

ไม่จำเป็นต้องมีประสบการณ์ทำงาน

ประเภทงาน:

งานประจำ

• Experienced professional with full understanding on specialized areas; resolves a wide range of issues in creative ways.
• Works on problems of diverse scope where analyzing data requires evaluating identifiable factors. Demonstrates good judgement in selecting methods and techniques for obtaining solutions.
• Normally receives little instruction on day-to-day work and receives general instructions on new assignments.
• Typically requires minimum 5 years' of related experience and a Bachelor's degree, or 3 years and a Master's degree; or a PhD without experience.

ประสบการณ์:

ไม่จำเป็นต้องมีประสบการณ์ทำงาน

ประเภทงาน:

งานประจำ

• Experienced professional with full understanding on specialized areas; resolves a wide range of issues in creative ways.
• Works on problems of diverse scope where analyzing data requires evaluating identifiable factors. Demonstrates good judgement in selecting methods and techniques for obtaining solutions.
• Normally receives little instruction on day-to-day work and receives general instructions on new assignments.
• Typically requires minimum 5 years' of related experience and a Bachelor's degree, or 3 years and a Master's degree; or a PhD without experience.

ประสบการณ์:

ไม่จำเป็นต้องมีประสบการณ์ทำงาน

ประเภทงาน:

งานประจำ

• Establish and maintain DATAx's cyber and data security vision, strategy, and information security program to ensure assets are adequately protected and in line with the overall data security requirements of SCBX.
• Define and maintain cyber security standards and policies for DATAx.
• Act as an ambassador for cyber and data security, on behalf of DATAx, in relevant forums with external stakeholders and SCBX's subsidiaries.
• Understand and influence security legislation that affects DATAx's data business through regular interactions with the relevant regulators e.g. BOT.
• Engage in regular dialog with business stakeholders in DATAx to understand their needs, issues, and pipeline of planned new product/service development and provide guidance to comply with DATAx's security strategy.
• Balance information security needs with strategic business plans, identify risk factors, and determine solutions.
• Understand emerging information security threats, assess the potential degree of impacts and prioritize strategic focus areas to address these threats.
• Support the building of customer trust through transparent data practices and digital ethics.
• Devise measures/controls for DATAx to ensure compliance with security legislation.
• Serve the Board and garner confidence that DataX is making appropriate security decisions.
• Responsible for driving the strategic direction & rollout for security awareness/training programs to ensure secure behaviors.
• Define and approve KPIs for enterprise security governance.
• Ensure Security Operations function is appropriately servicing the enterprise.
• Collaborate with Internal Audit, Corporate Compliance, Information Technology, and Enterprise Risk to develop procedures for handling security breaches identified as enterprise-wide.
• Identify required skills for the organization, assess resource or skill gaps, and train or acquire talent to remediate knowledge gaps.
• Oversee the execution of initiatives to resolve cyber security incidents, providing regular updates to board, C-suite and others as required.
• Provide oversight of progress and effectiveness of Continuous Improvement plans.
• Qualifications Bachelor's or Master degree in information technology, computer science, management information systems, or related field.
• Relevant Professional certification essential: CISSP, CISA, CISM or CRISC.
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
• Experience in setting up and managing information security team.
• Experience working in a fast-paced, technology-centric, and/or FinTech industry is an advantage.
• Proven experience in planning, organizing, and developing cyber and information security programs in large organizations.
• Experience serving as cyber and information security leadership in complex organizations.
• Core Competencies Business Acumen - demonstrate executive level business acumen.
• Security Acumen - have an in-depth knowledge of applicable laws and regulations as they relate to cyber and information security.
• Executive Communications - develop and clearly articulate a compelling cyber and information security vision that inspires and influences stakeholders and exhibit a strong executive presence with excellent written and oral communication and presentation skills.
• Analysis - demonstrate strong analytical and critical thinking skills,.
• Leadership - develop talent and assemble a highly effective team.
• Relationship Management - build strong internal and external networks.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.