เงื่อนไขการค้นหา

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

ISO 27001, Legal, Finance

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

ทักษะ:

ISO 27001

ประเภทงาน:

งานประจำ

• วางแผนและพัฒนานโยบาย มาตรฐาน และแนวทางด้าน Cyber Security ให้สอดคล้องกับกฎหมายและมาตรฐานสากล.
• บริหารและประเมินความเสี่ยงด้านความปลอดภัยทางไซเบอร์ (Cyber Risk Assessment) รวมถึงดูแลการปฏิบัติตามมาตรฐาน เช่น ISO 27001, PDPA, NIST.
• บริหารจัดการเหตุการณ์ด้าน Cyber Security (Incident Response) เช่น การโจมตีจากแฮกเกอร์, Ransomware, Data Breach.
• ตรวจจับ ป้องกัน และบริหารจัดการภัยคุกคามทางไซเบอร์ ผ่านระบบ เช่น Firewall, IDS/IPS, SIEM, Endpoint Security.
• วิเคราะห์ภัยคุกคามเชิงรุก ติดตามเทคโนโลยีใหม่ และประเมินความเสี่ยงของ Third-Party Vendors.
• ดูแลและสนับสนุนการดำเนินงานด้าน Cyber Security รวมถึงการจัดทำเอกสาร รายงาน และทะเบียนความเสี่ยง.
• วางแผนและบริหารโครงการติดตั้งระบบ Cyber Security รวมถึงแผนการลงทุนเพื่อรองรับภัยคุกคาม.
• พัฒนาทักษะทีมงาน มอบหมาย ติดตาม และประเมินผลการทำงาน.
• จัดทำรายงานผลการดำเนินงานและความคืบหน้าโครงการด้าน Cyber Security.
• ปริญญาตรีด้านวิศวกรรมหรือวิทยาศาสตร์ สาขาคอมพิวเตอร์ หรือเทียบเท่า.
• ประสบการณ์ทำงานอย่างน้อย 10 ปี และมีประสบการณ์ด้าน Cyber Security อย่างน้อย 6 ปี.
• มีประสบการณ์บริหารและดูแลทีมงาน.
• ความรู้ด้าน Cyber Security เช่น Network Security, Endpoint Security, Cloud & Application Security, Incident Response.
• ความรู้ด้านกฎหมายและมาตรฐานด้านความปลอดภัย เช่น PDPA, GDPR, ISO/IEC 27001, NIST.
• ทักษะด้าน Risk Management, Policy Development, Communication และ Training.
• Contact Information:-.
• K. Sawarin.
• Office of Human Capital.
• DIGITAL AND TECHNOLOGY SERVICES CO., LTD.
• F.Y.I Center 2525 Rama IV Rd, Khlong Tan, Khlong Toei, Bangkok 10110.
• MRT QSNCC Station Exit 1.

ทักษะ:

ISO 27001, DevOps, Swift

ประเภทงาน:

งานประจำ

• Manage end-to-end cryptographic key lifecycle (generation, distribution, rotation, backup, archival, destruction).
• Administer and operate Hardware Security Modules (HSMs), preferably Thales Luna HSM.
• Define and enforce key management policies and procedures aligned with banking regulations and industry standards (e.g., PCI DSS, ISO 27001).
• Support encryption key integration across banking applications, core systems, payment systems, and digital channels.
• Conduct key ceremonies and maintain audit logs.
• Vault & Secrets Management.
• Administer enterprise vault platforms (e.g., HashiCorp Vault or similar).
• Manage secrets lifecycle (API keys, certificates, tokens, database credentials).
• Configure access control policies, role-based access, and segregation of duties.
• Integrate vault solutions with applications, DevOps pipelines, and cloud/on-prem infrastructure.
• Monitor vault security posture and perform regular health checks.
• Security & Compliance.
• Ensure compliance with regulatory requirements (BOT, PCI DSS, SWIFT CSP, etc.).
• Perform risk assessments related to cryptographic controls.
• Support audit activities and provide evidence for internal/external auditors.
• Participate in incident response related to key compromise or vault breaches.
• Architecture & Improvement.
• Contribute to cryptographic architecture design and secure key management framework.
• Support post-quantum cryptography transition planning (if applicable).
• Recommend best practices and continuous improvements for key and secrets management.
• Apply now if you have these advantages.
• Bachelor s degree or higher in computer science/ data science or any related field.
• Minimum of 3-7 years of experience in Information Security or Cryptography (Banking Financial industries are advantage).
• 3-7+ years of experience in Information Security or Cryptography.
• Hands-on experience with HSM (Thales Luna preferred).
• Experience in Vault or Secrets Management platforms (e.g., HashiCorp Vault).
• Experience in banking or financial services environment is highly preferred..
• Strong understanding of cryptographic principles (PKI, symmetric/asymmetric encryption, TLS, key wrapping, key derivation).
• Experience with key lifecycle management processes.
• Knowledge of PKI, certificate management, and CA integration.
• Familiarity with PCI DSS encryption requirements.
• Scripting skills (e.g., Bash, Python, PowerShell) are a plus.
• Why join Krungsri?.
• As a part of MUFG (Mitsubishi UFJ Financial Group), we a truly a global bank with networks all over the world.
• We offer a striking work-life balance culture with hybrid work policies (3 days in office per week).
• Unbelievable benefits such as attractive bonuses, employee loan with special rates and many more..
• Apply now before this role is close. **.
• FB: Krungsri Career(http://bit.ly/FacebookKrungsriCareer [link removed]).
• LINE: Krungsri Career (http://bit.ly/LineKrungsriCareer [link removed]).
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120.
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย (https://krungsri.com/b/privacynoticeth).

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Compliance, ISO 27001

ประเภทงาน:

งานประจำ

• At least 5 years of experience in IT security.
• Bachelor s degree in Computer Engineer, Information Technology, Computer Science, or related field.
• Previous experience in a security operations or IT security role, with a focus on incident response and security monitoring.
• Knowledge of common security frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Security certifications (e.g., CompTIA Security+, CEH, CISSP) are a plus but not mandatory.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Legal, Financial Analysis, Project Management, English

ประเภทงาน:

งานประจำ

• Direct and manage contract guard force to run daily data center operations.
• Handle site security incidents, escalations or any other security related issues.
• Provide after-hours on-call management support and participate in emergent, large scale event response when needed.
• Participate in re-occurring data center security audits and reviews.
• Executes established compliance processes with AWS policies, standards, guidelines and relevant legal and regulatory requirements.
• Provides input on, and may develop security methodologies, policies and procedures.
• Write reports and communicate with management on the status of physical security operations.
• Oversee new security construction or retrofit projects.
• Manage the security P&L for assigned site(s), assist management with financial analysis and contribute to financial decisions for security requirements.
• Collaborate with other teams to protect AWS Data Center personnel, information and assets.
• A day in the life
• Mission: Deliver pioneering physical security by working vigorously to earn and keep customer trust; providing a safe and secure environment for our people, assets, and customer data.
• Vision: Develop exceptional security professionals, consistently apply security processes, and pioneer new technologies that effectively balance security requirements with operational needs.
• Diverse Experiences
• AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn t followed a traditional path, or includes alternative experiences, don t let it stop you from applying.
• Why AWS?
• Amazon Web Services (AWS) is the world s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating that s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
• Inclusive Team Culture
• AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
• Mentorship & Career Growth
• We re continuously raising our performance bar as we strive to become Earth s Best Employer. That s why you ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
• Work/Life Balance
• We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there s nothing we can t achieve.
• BASIC QUALIFICATIONS.
• Extensive experience in corporate security and workplace safety, and experience designing and implementing investigative tactics including interviewing and documentation.
• Considerable knowledge of laws and practices of investigations and workplace safety, and considerable knowledge of current security technology including access control, CCTV, identification and special applications, with high ethical standards with proven ability to handle highly confidential and sensitive information; excellent judgment, discretion and diplomacy, with exhibiting excellent problem solving skills and attention to detail.
• Strong written and verbal English and Thai language.
• PREFERRED QUALIFICATIONS.
• Experience of working independently in a high security environment, able to perform security risk assessments and devise mitigation strategies.
• PSP or relevant certifications, Lenel Certifications, and familiarity with compliance standards such as ISO 27001.
• Experience in managing projects, small teams or contract guard force.
• Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you re applying in isn t listed, please contact your Recruiting Partner.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Negotiation, Project Management, Sales, English

ประเภทงาน:

งานประจำ

• Act as a technical partner in consultative selling, translating client requirements into scalable and practical solutions.
• Gather and analyze requirements from enterprise and government clients.
• Collaborate with Solution and Architecture teams to design end-to-end solutions.
• Prepare Terms of Reference (TOR), technical proposals, and supporting documentation for project bidding and presentations.
• Present and explain solutions to clients, both technical and non-technical stakeholders.
• Support end-to-end bidding processes, especially for government (B2G) projects.
• Coordinate with vendors, partners, and internal teams to ensure solution alignment and project readiness.
• Work closely with Sales and Business Development teams to drive deal success.
• Bachelor s degree in Engineering, Computer Science, IT, or related fields.
• 1-2 years of experience in Presales, Solution Design, or Technical Consulting.
• Solid understanding of Application, Cloud, Security, and System Integration.
• Exposure to government bidding processes (B2G) is a plus.
• Strong communication and presentation skills, with the ability to simplify complex technical concepts.
• Analytical mindset with the ability to interpret requirements and translate them into solutions.
• Proactive, adaptable, and comfortable working in a fast-paced environment.
• Preferred Qualifications.
• Basic understanding of B2G sales cycles, government procurement, and TOR analysis.
• Experience working with cross-functional teams in project-based environments.
• Why Join Us .
• Be part of high-impact projects in Deep Tech.
• Gain hands-on experience in end-to-end solutioning and bidding processes.
• Work in a fast-growing, innovation-driven environment.
• Opportunity to grow into Solution Consultant / Presales Specialist.
• Warehouse 26
• BTS Phrom Phong.
• MRT Queen Sirikit National Convention Centre..

ทักษะ:

Legal, Procurement

ประเภทงาน:

งานประจำ

• กำหนดและกำกับดูแลนโยบายด้าน IT Governance, Cybersecurity, AI Governance.
• Ensure การปฏิบัติงานสอดคล้องกับมาตรฐาน เช่น ISO 27001, NIST, DJSI.
• ทำงานร่วมกับ Legal, HR และ Procurement เพื่อให้สอดคล้องกับข้อกำหนดกฎหมายและนโยบายองค์กร.
• Information Security & Quality Systemบริหารจัดการ Information Security Management System (ISMS).
• กำหนด Framework ด้าน People, Process และ Technology.
• ติดตาม Performance, Compliance และ Continuous Improvement.
• วางแผน Quality System ระยะ 3 ปี (Surveillance & Recertification Audit).
• Policy & Risk ManagementReview / Revamp Policy ให้สอดคล้องกับกฎหมาย (เช่น PDPA).
• ทำ Risk & Operational Review ครอบคลุมทุกหน่วยงาน.
• ดูแล Contract และ Internal Policies ให้ทันต่อ Regulatory Changes.
• Audit & Certification Managementบริหารจัดการ Internal & External Audit (เช่น BSI).
• เตรียมองค์กรสำหรับ ISO Certification และ Surveillance Audit.
• ทำงานร่วมกับ Committee และ Stakeholders ทุกฝ่าย.
• Strategic Planning & Executionจัดทำแผนประจำปีเพื่อรองรับมาตรฐาน (ISO, NIST, DJSI).
• Ensure การดำเนินงานเป็นไปตาม Timeline (เช่น ต้องเสร็จภายในเดือนกรกฎาคมของทุกปี).
• เชื่อมโยงแผนงานกับ Business Impact และ Digital Strategy.
• Stakeholder & Committee Managementทำงานร่วมกับผู้บริหารระดับสูงและคณะกรรมการบริษัท.
• เป็นตัวกลางระหว่าง D&T, Techno และหน่วยงานต่าง ๆ.
• สร้าง Alignment ทั่วทั้งองค์กรด้าน Security & Compliance.
• QualificationsRequiredประสบการณ์ระดับ Senior / Executive ด้าน IT Governance / Cybersecurity / Risk / Compliance.
• มีประสบการณ์ตรงด้าน ISO 27001 / NIST / IT Governance Framework.
• มีความเข้าใจด้าน PDPA / Regulatory / Legal Compliance.
• มีประสบการณ์บริหารทีม และขับเคลื่อนองค์กรขนาดใหญ่.
• Preferredมีประสบการณ์ดูแล Audit (Internal / External / Certification).
• เคยทำงานร่วมกับ Committee หรือ Board Level.
• เข้าใจด้าน Digital Transformation และ Enterprise IT.
• Contact Information:-.
• K. Sawarin.
• Office of Human Capital.
• DIGITAL AND TECHNOLOGY SERVICES CO., LTD.
• F.Y.I Center 2525 Rama IV Rd, Khlong Tan, Khlong Toei, Bangkok 10110.
• MRT QSNCC Station Exit 1.

ทักษะ:

System Testing, DevOps, Software Development, English

ประเภทงาน:

งานประจำ

• Ensure system reliability, scalability, and performance across development, testing, and production environments..
• Automate deployment, monitoring, and incident response to enhance operational efficiency..
• Support and optimize CI/CD pipelines to enable smooth and reliable application releases..
• Manage and maintain Dev, SIT, and UAT environments to ensure stability for development and QA activities..
• Assist with test data preparation and data provisioning to support QA and system testing..
• Implement monitoring, alerting, and observability tools for proactive issue detection and resolution..
• Collaborate with Development, Infrastructure, and QA teams to ensure systems meet Non-Functional Requirements (NFRs) such as performance, reliability, and availability..
• Support environment readiness and test data provisioning throughout testing cycles..
• Qualifications:Bachelor s degree or higher in Computer Science or related fields.
• 7-10+ years of experience in Site Reliability Engineering, DevOps, or Environment Management..
• Experience with CI/CD, DevSecOps, data provisioning..
• Familiar with DevOps / Software Development tools (Dynatrace, GitLab, Jenkins, SonarQube, Nexus).
• Strong expertise in system reliability, performance, and multi environment management (Dev/SIT/UAT)..
• Hands on experience with CI/CD pipelines and deployment automation..
• Knowledge of cybersecurity fundamentals and compliance frameworks (ISO 27001, ITIL, SOC, GDPR/PDPA)..
• Ability to support test data preparation and environment readiness..
• Strong problem solving and cross team collaboration skills..
• Good English Communication.
• Only shortlisted candidates will be contacted**.
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
• Contact: Talent Acquisition Center:.
• FB: Krungsri Career.
• LINE: Krungsri Career.
• LINKEDIN: Krungsri.
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย (https://krungsri.com/b/privacynoticeth).
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..