เงื่อนไขการค้นหา

ทักษะ:

Budgeting, Statistics

ประเภทงาน:

งานประจำ

• Assist CIO in setting up and leading Hattha Bank s IT Governance Framework and Operating Model to ensure good governance and perform continuous monitoring.
• Assist CIO in IT Governance and compliance activities at Hattha Bank.
• The governance areas should include, but not limited to Hattha Bank s IT Budgeting and Expense Monitoring, IT Sourcing and Procurement, Key IT project governance and resource monitoring, IT audit and compliance activities.
• Set up process for ongoing IT risk assessment and ensure corrective actions are performed in a timely manner.
• Identify opportunities to leverage on Krungsri on IT and Digital related activities.
• Enforce Krungsri s IT & Digital s Group Governance Framework in Hattha Bank.
• Regularly monitor and report to Krungsri on Key IT & Digital activities, resource utilization, and compliances.
• Assist CIO to drive Hattha Bank s IT and Digital related activities to accelerate and strengthen KS s international presence.
• Support Hattha Bank in achieving IT and Digital KPI.
• Act as centralized contact point for reporting and attending Krungsri Group IT Governance Committee.
• Able to take on other roles as assigned.
• Provide guidance, support, direction and motivation to team members to help them develop their skills and achieve potential.Collaborating with business leaders and other functions to transform the organization.
• Apply now if you have these advantages.
• Bachelor s degree or higher in Management Information System, Computer Science, Computer Engineering, IT, Mathematics & Statistics Science, or related fields.
• 10 or more years in IT and Digital, Banking and/or financial institution. Worked in governance or managerial IT and Digital Position of a multicultural environment.
• 7 or more years in a management position.
• Have strong knowledge and background in Information Technology and Digital landscape related to financial and banking industry in Thailand and regionally..
• Strong knowledge in regulatory compliance, IT standards, risks, and corporate finance literacy.
• Strong understanding of license compliance and management is a plus.
• Experience in leading and motivating team.
• Strong verbal and written communications to both technical and non-technical audience.
• Willing to relocate.
• Why join Krungsri?.
• As a part of MUFG (Mitsubishi UFJ Financial Group), we a truly a global bank with networks all over the world.
• Unbelievable benefits such as attractive bonuses and many more..
• Apply now before this role is close. **.
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120.
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย (https://krungsri.com/b/privacynoticeth)..

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Internal Audit, Automation, Data Analysis

ประเภทงาน:

งานประจำ

• Implement Third party - Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance.
• Design policies and procedures that support the successful implementation.
• Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
• Establish questionnaire, checklist, and risk score for vendors evaluation process.
• Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan.
• Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues.
• Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings.
• Review completed risk assessments and confirmed completion of due diligence prior to agreement signature.
• Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities.
• Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations.
• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Drive continued operational and automation improvements to improve operational efficiency.
• Support ad-hoc data analysis.
• 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
• Bachelor s degree in Management Information Systems, Computer Science, or related field.
• Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Experience developing and refining technical and business operational processes.
• Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
• Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
• Works effectively as an individual and part of a team.
• Strategic thinking with the ability to see/understand the big picture.
• Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
• Ability to solve problems and bring clarity to ambiguous situations.
• Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.

ทักษะ:

Industry trends, Cloud Computing, English

ประเภทงาน:

งานประจำ

• Provide consultancy advice to business and project teams to ensure security standards and requirements are considered and implemented.
• Perform deep dive reviews focused on Cybersecurity Risk, Technology Risk, and Emerging Risk.
• Effective management of all technology risk and cybersecurity framework including technology policies and standards based on the Group's risk appetite.
• Closely monitor technology and cyber related KPIs, KRIs, KCIs and drive remediation actions as Group perspective.
• Timely update on all material technology risk and cybersecurity topics including a set of risk indicators to the relevant Group Risk Committees and forums.
• Oversight the result of control testing from subsidiaries to ensure Cybersecurity and technology controls meet internal and external compliance requirements.
• Conduct technology risk assessments: Identify and evaluate potential risks Management with the organization's technology systems, infrastructure, and processes. Assess the adequacy of controls, identify vulnerabilities, and recommend risk mitigation strategies.
• Develop and implement risk management strategies: Collaborate with stakeholders to develop comprehensive risk management strategies that align with business objectives and regulatory requirements. Implement controls and procedures to mitigate identified risks effectively.
• Monitor technology risk exposure: Continuously monitor technology systems, networks, and processes to identify emerging risks, vulnerabilities, and trends. Stay up-to-date with industry developments, emerging technologies, and regulatory changes to proactively address potential risks.
• Perform risk analysis and reporting: Analyze risk assessment findings, internal control evaluations, and audit reports to identify trends, root causes, and areas of improvement. Prepare detailed reports on risk exposure, mitigation strategies, and recommendations for management and relevant stakeholders.
• Collaborate with cross-functional teams: Work closely with IT teams, compliance officers, cybersecurity professionals, and other stakeholders to develop and implement risk management frameworks, policies, and procedures. Provide guidance and recommendations on technology-related risk management activities.
• Conduct technology risk training and awareness programs: Develop and deliver training programs to educate employees on technology risk management best practices, policies, and procedures. Raise awareness about emerging threats and provide guidance on incident response protocols.
• Assist in incident response and recovery: Support the organization in managing technology-related incidents, including data breaches, system failures, and cybersecurity threats. Coordinate response efforts, assist in recovery measures, and contribute to post-incident reviews and lessons learned.
• Stay updated on industry standards and regulations: Keep abreast of industry trends, emerging technologies, and regulatory requirements related to technology risk management. Provide recommendations on incorporating best practices into the organization's risk management framework.
• Minimum of 5 years experience in Technology and Cyber Risk.
• Bachelor s degree or above in related discipline.
• Working experience or familiar in a group public company.
• Understanding of regulatory requirements such as BOT, OIC, and SEC; industry standards such as COBIT, NIST, ISO27001, ITIL, and PCIDSS.
• Experience in one or more emerging technologies such as Artificial Intelligence, Machine Learning, Distributed Ledger Technology, Robotic Process Automation, Cloud computing.
• Excellent communication and relationship building skills; proven ability to influence senior management.
• Good command of written and spoken in English is preferable.

ทักษะ:

Legal, Budgeting, Procurement

ประเภทงาน:

งานประจำ

• Lead and mentor officer in the data management team by fostering a culture of accountability, collaboration, and continuous learning.
• Lead the development and implementation of subsurface data policies, standards, and procedures to uphold data quality, security, confidentiality, and regulatory compliance. Provide advice to management team to define, standardize, and optimize workflows for data acquisition, storage, and utilization, ensuring alignment with industry best practices and legal requirements.
• Provide specialized support to asset teams on challenging data requests and software issues. Serve as a subject matter expert for key E&P applications (e.g., Petrel, DGS) and databases.
• Oversee the integration of diverse subsurface data sources - both digital and physical (e.g., seismic surveys, well logs, rock samples) - into corporate systems, ensuring compatibility and accessibility.
• Supervise the establishment and maintaining robust metadata frameworks, hierarchical structures, and indexing strategies to support organized data management and efficient retrieval.
• Monitor and control data access, enforce authorization protocols, and proactively mitigate risks related to data loss, corruption, or unauthorized use.
• Design and manage scalable databases and repositories, including legacy data migration and systematic archiving of historical datasets for long-term reference.
• Drive digital transformation in data management, leveraging automation technologies such as RPA and Al/ML to streamline data ingestion, validation, and reporting processes. Deliver intuitive data tools and visualization platforms that provide actionable insights and support strategic decision-making.
• Continuously evaluate and adopt advanced data management technologies to enhance operational efficiency, scalability, and alignment with evolving business needs.
• Benchmark practices against industry standards, identify opportunities for improvement, and cultivate a culture of continuous learning and innovation within the team.
• Collaborate cross-functionally with geoscientists, IT professionals, and other stakeholders to ensure database solutions meet operational and strategic objectives.
• Support planning and execution of data-related initiatives, including budgeting, procurement, and vendor management.
• Professional Knowledge & Experiences.
• Professional Knowledge.
• Strong foundation in Geographical Information System (GIS) and data management principles including data governance frameworks, quality control methodologies, and metadata standards.
• In-depth knowledge of subsurface data types and formats including well logs, seismic, and geological models.
• Proficient in Oracle and other modern databases (e.g., PostgreSQL, SQL Server, MongoDB, and cloud-native systems).
• Skilled in data modelling, performance tuning, and handling large E&P datasets.
• Knowledge of data security, backup/recovery.
• Familiar with geoscience application integration (e.g., Petrel, and Openwork).
• Experience with ETL tools, scripting (e.g., Python, Shell, and PL/SQL), and automation.
• Understanding of cloud/hybrid data environments and database migration.
• Experience.
• Over 10 years of experience in database administration, including significant work with subsurface data in the oil and gas industry.
• Proven track record in leading data policy and process development, aligning with corporate data governance.
• Experienced in overseeing complex data integration, validation, and archival projects involving structured and unstructured subsurface data.
• Skilled in designing and maintaining geospatial and subsurface data repositories, ensuring data quality and accessibility for technical users.
• Hands-on experience with automation technologies, including RPA, Al, and ML, to optimize data workflows and enhance operational efficiency.
• Strong background in data security, compliance, and risk mitigation, particularly in environments handling sensitive technical data.
• Successfully executed database migrations, upgrades, and modernization initiatives involving both on-prem and cloud platforms.
• Actively evaluates and adopts advanced database and data management tools, ensuring systems remain scalable and fit-for-purpose.
• Collaborate effectively with multi-disciplinary teams, including geoscientists, IT, and management, to support exploration and production operations.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

ISO 27001, Legal, Finance

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory ManagementEnsure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT GovernanceEstablish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data GovernanceDevelop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and DevelopmentLead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Requirements:Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.