เงื่อนไขการค้นหา

ทักษะ:

Linux, Good Communication Skills, English

ประเภทงาน:

งานประจำ

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

ประเภทงาน:

งานประจำ

• Designing, implementing, and maintaining identity and access management (IAM) infrastructure, ensuring the security and integrity of systems and data. Work closely with other IT teams, security teams, and business stakeholders to ensure IAM solutions meet organizational needs. Ensure that IAM solutions comply with company s policy, relevant regulations and industry standards..
• Role & Responsibility.
• Design, implement, and maintain IAM solutions, including directory services, single ...
• Develop and enforce IAM policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
• Automate IAM processes using scripting and programming languages (e.g., PowerShell, Python).
• Integrate IAM systems with various applications and platforms, both on-premises and in the cloud.
• Troubleshoot IAM-related issues, providing support to end-users and other IT teams.
• Monitor IAM systems for performance, availability, and security issues, proactively identifying and resolving problems.
• Participate in security audits and compliance assessments, providing information and evidence related to IAM controls.
• Research and evaluate new IAM technologies and trends, recommending and implementing improvements to our IAM infrastructure.
• Collaborate with other IT teams, security teams, and business stakeholders to ensure IAM solutions meet organizational needs..
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3 to 5+ years of experience in IAM related, with a proven track record of designing, implementing, and managing complex IAM solutions.
• Deep understanding of IAM concepts, including authentication, authorization, access control, identity lifecycle management, and privileged access management.
• Strong experience with directory services (e.g., Active Directory, Azure EntraID, LDAP), SSO, MFA, PAM, and identity governance tools.
• Experience with cloud platforms (AWS, Azure, or GCP) and cloud IAM solutions.
• Knowledge of security protocols (e.g., SAML, OAuth, OpenID Connect).
• Proficiency in scripting and programming languages (e.g., PowerShell, Python).
• Excellent troubleshooting and problem-solving skills.
• Strong communication and collaboration skills.
• An ability to work under pressure.
• Good command of English.
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) and such certifications related will be advantage.

ทักษะ:

Compliance, Risk Management, ISO 27001, English

ประเภทงาน:

งานประจำ

• To be a leader in designing and managing an organization s IT internal control environments to ensure the company complies with applicable law and regulations.
• To monitor the state of IT compliance with regulatory requirements and internal policies that affect the Information Technology Risk management and compliance, and develop a compliance program to address potential gaps.
• To serve as liaison to internal auditors, external auditors, Bank of Thailand auditors and other regulators' mandates (i.e., PCI, SEC, ISO27001, etc.) regarding documen ...
• To partner with IT Management to develop and implement appropriate controls to ensure that IT compliance is being effectively maintained.
• To oversee generally in issue summary review, the process of issue tracking and closure, and closing meetings in order to maintain a full understanding of emerging IT issues.
• To facilitate reporting of IT compliance status for IT Management.
• To provide advisory and consultation to IT users on IT regulation and compliance requirements.
• To oversee and steer the IT General Control (ITGC) program regarding SOX Compliance.
• To establish and enforce standardized and repeatable enterprise Data Leakage Prevention (DLP) governance and framework including DLP incident response processes.
• To maintain Data Leakage Prevention (DLP) system.
• To provide the direction and advisory on Information system control monitoring (i.e., monitoring the log over critical operating systems, applications, and databases, reviewing the access control log over restricted IT physical areas, etc.).
• To ensure security controls over critical high privilege management are adequate and functioning as intended within the operating systems, applications, and databases.
• Be responsible for Liaise with IT Risk owners to develop risk-based assessments, and establish risk response programs and reporting processes according to Bank s Risk Management Policy and Framework.
• Bachelors or Master of Information Technology, Computer Engineering or related fields.
• At least 10 years of experience in Information Technology in Banking /Financial industries.
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, and SOX Compliance.
• Experience in IT Governance, Risk management, and Compliance (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar is preferred.
• Strong knowledge of Local Regulatory (TH).
• Relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ISO 27001/2, ITIL, SOX Compliance, etc.
• Professional Information Security certifications such as CISSP, CISA, CISM, CRISC, ISO 27001.
• CMMI/SDLC.
• Good written and verbal communication, presentation of both Thai and English skills.
• Strong Leadership, influencing, motivating, and negotiating skills.
• Good judgment within broadly defined practices in obtaining desired results, analytical and problem-solving skills.
• Demonstrated ability to prioritize and manage multiple tasks simultaneously.
• Familiar with Microsoft Office products.
• Good English Skill.
• Only shortlisted candidates will be contacted.
• FB: Krungsri Career(http://bit.ly/FacebookKrungsriCareer).
• LINE: Krungsri Career (http://bit.ly/LineKrungsriCareer).
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
• Contact: Talent Acquisition Center:.
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN: (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย: (https://krungsri.com/b/privacynoticeth).
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..

ทักษะ:

ISO 27001, Compliance, Assurance, English

ประเภทงาน:

งานประจำ

• Develop and support internal audit strategies within the cybersecurity domain, which involves protecting computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
• Implement work standards to achieve desired outcomes and report findings to top management as a Cyber Security Auditor.
• Identify potential cybersecurity risks and persuade organizational stakeholders to adopt comprehensive, actionable recommendations.
• Act as a liaison with internal auditors, external auditors, Bank of Thailand auditors, Electronic Transactions Development Agency auditors, and other regulatory bodies (e.g., ISO 27001, PCI DSS, etc.) to ensure documentation and information compliance.
• Provide assurance and advisory services to ensure that IT Management plans, organizes, and directs appropriate IT governance, risk management, and control processes.
• Liaise with IT risk owners to develop risk-based assessments and establish risk response programs and reporting processes according to the Risk Management Policy and Framework.
• Bachelor's or master s degree in Computer Engineering, Computer Science, Information Technology, or related fields..
• Experience in relevant local and international security standards and best practices such as ISO 27001, NIST, COBIT, COSO, PCI DSS, and ITIL.
• Experience in IT Governance, Risk Management, and Control Processes (IT GRC), Project Management, Lead Auditor/Lead Implementer, or similar roles is preferred.
• Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), and CRISC (Certified in Risk and Information Systems Control) are advantageous.
• Technical expertise in cybersecurity auditing.
• Proficiency in English.
• At least 3 years of experience in information security management, information risk management, IT audit management, ICT security, cloud security, or related fields.

ทักษะ:

ISO 27001

ประเภทงาน:

งานประจำ

• Protect the organization's computer networks and systems against a range of cyber threats, such as hacking attempts, data breaches, and different types of cyber attacks. The
• responsibilities of this role include creating, deploying, and overseeing security strategies and technologies to defend the organization IT security.
• Lead the strategic direction, development, and implementation of cybersecurity solutions and practices to protect the organization from sophisticated cyber threats and ...
• Serve as the foremost cybersecurity expert within the organization, providing deep technical expertise and leadership in the design, evaluation, and optimization of complex security architectures.
• Develop comprehensive cybersecurity frameworks that align with industry best practices and regulatory standards, ensuring the organization's resilience against cyber attacks.
• Conduct sophisticated risk assessments and threat modeling exercises to identify potential security gaps and develop advanced strategies for mitigation and prevention.
• Lead the incident response and crisis management efforts for high-impact security breaches, coordinating with cross-functional teams to ensure rapid containment and recovery.
• Drive the adoption of cutting-edge security technologies and methodologies, including artificial intelligence and machine learning, to enhance detection and response capabilities.
• Establish and maintain strong relationships with external cybersecurity agencies, industry groups, and technology partners to stay abreast of emerging threats and trends.
• Develop and manage the cybersecurity budget, ensuring strategic allocation of resources to high-priority projects and initiatives.
• Advanced degree in Computer Science, Information Security, or a related field, with specialized knowledge in cybersecurity.
• A minimum of 5 years of experience in Infrastructure, 3 years of cybersecurity, with at least 2 years in a strategic leadership or management role overseeing cybersecurity functions.
• Professional cybersecurity certifications, such as CISSP, CISM, CCSP, or similar, are required.
• Proven expertise in developing and implementing cybersecurity strategies and architectures to protect complex enterprise environments.
• Other: Deep knowledge of the cybersecurity landscape, including emerging threats, advanced persistent threats (APT), regulatory requirements, and industry best practices.
• Other: ISO 27001.

ทักษะ:

System Security

ประเภทงาน:

งานประจำ

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

ประเภทงาน:

งานประจำ

• Provide recommendations and participate in planning to ensure the security of customers, employees, buildings, and assets of the Siam Piwat Group and its affiliates, in accordance with overall policies.
• Participate in planning and provide guidance in supervising and overseeing the work of subcontractors to ensure they perform according to the work plan.
• Security Management: Develop and implement comprehensive security plans to protect the mall, its patrons, and employees.
• Safety Protocols: Participate in setting standards for security, traffic management, and the management of parking facilities within the shopping center.
• Crisis Response: Provide recommendations and participate in developing security standards to be prepared for various potential emergencies.
• Team Leadership: Supervise and mentor the security team, providing training and development opportunities to enhance their skills and performance.
• Surveillance and Monitoring: Oversee the operation of surveillance systems and ensure continuous monitoring of the premises.
• Incident Reporting: Manage the documentation and investigation of security incidents, accidents, and breaches, and implement corrective actions.
• Collaboration: Work closely with local law enforcement, emergency services, and other relevant agencies to coordinate security efforts and response plans.
• Budget Management: Prepare and manage the security department s budget, ensuring cost-effective use of resources.
• Customer Service: Maintain a visible presence within the mall, addressing security concerns of customers and staff promptly and professionally.
• Bachelor s degree in Security Management, Criminal Justice, or a related field.
• Minimum of 15 years of experience in security management, with at least 10 years in a leadership role.
• Strong knowledge of safety regulations, crisis management, and emergency response protocols.
• Excellent leadership, communication, and interpersonal skills.
• Ability to remain calm and make quick decisions in high-pressure situations.
• Proficiency in security technology and surveillance systems.
• Candidates with experience in the luxury shopping mall or luxury hotel industry will be given special consideration.
• This position may require working evenings, weekends, and holidays.
• Must be able to respond to emergencies at any time.

ทักษะ:

Assurance, Compliance, Risk Management

ประเภทงาน:

งานประจำ

• Develop and implement security governance frameworks, policies, and standards.
• Conduct audits and risk assessments to ensure compliance with governance requirements.
• Monitor and report on security governance metrics and KPIs.
• Provide guidance on security governance best practices to internal stakeholders.
• Coordinate with external auditors and regulatory bodies as needed.
• Develop and deliver security governance training programs.
• Investigate and resolve governance-related issues and incidents.
• Assess and recommend security governance tools and technologies.
• Bachelor s degree in Information Technology, Cybersecurity, or a related field.
• Experience: 2-4 years in security governance, risk management, or compliance roles.
• Experience in developing and maintaining security policies and procedures.
• Ability to identify, report, and mitigate security risks.
• Familiarity with ISO 27001, ISO 27701, and SOC 2 frameworks.
• Experience in conducting governance awareness sessions.
• Strong communication, prioritization, and interpersonal abilities.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*..
• Don't forget to 'Like' and 'Follow' our social media channels so you won't miss any news from us. Click.

ทักษะ:

Finance, Risk Management, DevOps

ประเภทงาน:

งานประจำ

• Manage day-to-day activities of a team of Security Architect Engineers.
• Design and implementation of advanced security architectures for applications, networks, and systems.
• Conducted comprehensive risk assessments and developed mitigation strategies.
• Design and implement security monitoring and incident response solutions.
• Stay abreast of emerging threats and vulnerabilities in the finance and crypto industry.
• Collaborate with cross-functional teams to ensure secure development practices.
• Mentor and guide junior security engineers.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
• At least 2 years of experience in a security engineering role.
• Solid knowledge of security principles, cryptography, secure coding, threat modeling, and risk management.
• Familiarity with cloud security practices and secure DevOps methodologies.
• Demonstrates strong problem-solving, analytical, and critical thinking skills.
• Effective communication prioritization and collaboration abilities; work well in cross-functional teams.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*..
• Don't forget to 'Like' and 'Follow' our social media channels so you won't miss any news from us. Click.

ทักษะ:

ISO 27001, Python, PowerShell

ประเภทงาน:

งานประจำ

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

ประสบการณ์:

10 ปีขึ้นไป

ทักษะ:

EHS Management, English

ประเภทงาน:

งานประจำ

• Investigate for root cause analysis and analytical skills (predictive for preventive would be adventage). ทักษะด้านการสอบสวนเพื่อหาต้นตอของปัญหา เพื่อแก้ไขปัญหา และมีทักษะในการคิดวิเคราะห์ หากสามารถคาดการณ์โดยใช้หลักการทางสถิติได้ จะพิจารณาเป็นพิเศษ.
• Risk assessment and environment aspect ทักษะ ด้านการประเมินความเสี่ยงในงาน Safety และ Envoronment.
• Knowledge in Safety and environmental law. มีความรู้ความเข้าในกฎหมายที่เกี่ยวกับงาน Safety และ สิ่งแวดล้อม.
• Knowledge in ISO 45001, ISO 14001 มีความรู้/ ประสบการณ์ในระบบ ISO 45001, ISO 14001.
• Negotiate, Mediate skill มีทักษะในการเจรจาต่อรองไกล่เกลี่ย.
• working with pressure condition สามารถทางานภายใต้ความกดดันได้ดี.
• Provide solution for solve the problem,preventive would be adventage. สามารถนาเสนอแนวทางในการแก้ไขปัญาได้ ถ้าสามารถเสนอแนวทางป้องกันได้ด้วย จะได้รับการพิจารณาเป็นพิเศษ.
• Planing skill มีทักษะในการวางแผน.
• Coordinate skill มีทักษะในการประสานงาน.
• Follow up skill มีทักษะในการติดตามงานให้เป็นไปตามแผน.
• Male / Female.
• Age 38 - 45.
• At lease bachelor degree in safety health,environment or relate Experience.
• At lease 5 years in safety health and evironment in manufacturing (heavy industry is adventage ==> Cement,Steel,Sugar,Mining).

ทักษะ:

Negotiation

ประเภทงาน:

งานประจำ

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

ประสบการณ์:

2 ปีขึ้นไป

ทักษะ:

Compliance, Excel

ประเภทงาน:

งานประจำ

• Assist in the planning, execution, and monitoring of projects.
• Utilise strong critical thinking and problem solving skills day to day.
• Collaborate with team members to ensure project deliverables are met on time and within scope.
• Prepare and maintain project documentation, including reports, presentations, and meeting minutes.
• Quickly adapt to changing priorities and project requirements.
• Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.
• Proactively identify and address potential issues or roadblocks to ensure smooth project execution.
• Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.
• Support work in vulnerability management and compliance activities.
• Handles BAU activities such as managing security exceptions.
• Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.
• Collaborate with PwC IT and global team to align security process and tools.
• Guide and support the business team to complete all required security reviews.
• Build knowledge on application security to effectively support security assessments.
• Align with different global and local teams to identify and fix gaps or risk found.
• Other.
• Help with daily security incident handling.
• Help to manage junior staff, eg. interns.
• An effective CISO pillar candidate will also possess the following skills/ Requirements.
• Able to work in a fast-paced environment, can upskill quickly and learn proactively.
• Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
• Technical: Broad understanding of security technology.
• Business: High level understanding of PwC s business model, service offerings, and business operating environment as it pertains to the firm s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.
• Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.
• Understanding of technical and non-technical information security risks.
• Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.).
• Good written and effective communicator to deal with various stakeholders.
• Meticulous and possesses an eye for details.
• Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box.
• Diligent and open to feedback.
• Experience in a role balanced between business stakeholders and a central service organization.
• Possess knowledge about application security to effectively support security assessments.
• Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time.
• Interest in Information Security.
• Bachelor s or master s degree (technical degree) or equivalent Industry certification.
• Desired Certifications: (Certifications aren t a prerequisite however are well regarded).
• Education Level: Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 1-2 years of progressive professional roles involving information security, computer science and/or other technical background.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Communication, Computer Engineering, Computer Program Installation, Computer Programming, Computer Technical Support, Emotional Regulation, Empathy, Enterprise Architecture, Incident Management and Resolution (IMR), Inclusion, Information and Communications Technology (ICT), Intellectual Curiosity, IT Infrastructure Upgrades, IT Operations, IT Operations Management, IT Project Lifecycle, IT Support, IT Troubleshooting, Object-Oriented Programming (OOP), Optimism, Scripting Languages, Security Protocol Analysis {+ 6 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• 0%
• Available for Work Visa Sponsorship?.
• No
• Government Clearance Required?.
• No

ทักษะ:

Compliance, Legal, English

ประเภทงาน:

งานประจำ

• Driving PSMS (physical security management system) at local level within the framework of C/AUP governance (incl. Site Security Concept process & consulting of local management).
• Monitoring of adequate implementation of local risk mitigation measures (incl. security services delivered by GR/SES).
• Conducting security investigations at local level & support internal investigations (Compliance) on request.
• Implementing security awareness promotion activities along with other security stakeholders at site (e.g. DSO, GR).
• At Regional Level.
• Implementation/monitoring of the C/AUP regulatory framework in the region based on legal conditions.
• Serve as the primary contact point for physical security governance requirements for responsible region.
• Driving the regional int./ext. security network. Raise PSMS awareness among regional managers and employees.
• Support the continuous improvement process and share best practices within the worldwide security organization.
• Qualifications Bachelor s degree in related fields.
• 5-8 years' experience in an industrial/manufacturing company security or facilities experience are preferred.
• Excellent communication and presentation skills; demonstrated ability to interact with all levels of management with excellent analytical skills.
• Work independently and control own work priorities.
• Highly knowledgeable in all aspects of risk analysis.
• General knowledge of systems capability for security systems.
• Basic knowledge of investigation techniques and methods.
• A good understanding of risk and security issues facing office organization in Thailand.
• Good spoken and written English and Thai.
• Able to travel to Rayong province for work assignments as required.
• Additional InformationBy choice, we are committed to a diverse workforce and are an equal opportunity employer. Robert Bosch welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in the selection process.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Compliance, Legal, Risk Management

ประเภทงาน:

งานประจำ

• Develop data security policy review, data security policy exceptions, and control risk mitigation processes.
• Define the security controls for access management lifecycle (i.e., requirement for creation, deletion, transfer and review).
• Operate:Advice on technology relating to Data Privacy and Protection (i.e., PDPA) related security controls implementation.
• Drive and support data security controls such as Data Loss Prevention (DLP), Data Masking, Data Encryption capabilities to protect sensitive data.
• Drive compliance (or collaborate with compliance team) to organization security policies, standards, metrics, and legal requirements.
• Communicate and enforce security policies, rules, and standards.
• Conduct impact assessment of data initiatives from a security point of view.
• Ensure the cryptographic keys and related components are safety and protection of confidential information.
• Resolve data security audit and risk findings.
• Review and develop security controls to current access controls policies and procedures.
• Provide requirements for create and manage roles, access rights (includes privileged access), authentication and identity within the environment.
• Conduct periodic review of user access.
• Review, approve and monitor the usage of privileged access.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Work experience in privacy, compliance, information security, auditing or a related field may also be an accepted alternative, according to Cybersecurity.
• Minimum 3 years of experience in and strong knowledge of privacy, data, operational risk management, information security, or related areas in IT.
• OTHER REQUIREMENTS.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Research, ISO 27001, Enthusiastic, English

ประเภทงาน:

งานประจำ

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ทักษะ:

Research, System Administration, Android

ประเภทงาน:

งานประจำ

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

ทักษะ:

Sharepoint, English

ประเภทงาน:

งานประจำ

• Could have experience to develop information in Microsoft SharePoint 3-5 Years.
• Could have experience quality-control would be more assist.
• Have experience in Thai Oil Service would be more assist.
• EDUCATION.
• Bachelor Degree in Computer Science, Computer Engineering, Information Technology or any equivalent fields of study.
• OTHER REQUIREMENTS.
• Good command of English and computer literacy.
• Work @ Sriracha, Chonburi.
• ROLE & RESPONSIBILITY.
• Be able to communicate and manage Safety and Security information by Standard Program of Thai Oil as well. Thus could be reference and apply to all staff implement.
• สามารถสื่อสารสื่อความและควบคุมจัดการงานข้อมูลเรื่องความมั่นคงปลอดภัยผ่านมาตรฐานโปรแกรมที่มีใช้ในองค์กรได้เป็นอย่างดีเพื่อให้ทุกคนในองค์กรสามารถอ้างอิงและนำไปใช้ได้อย่างถูกต้อง.
• Be able to collect, store, create and update documents of the organization's internal and external security management system standards correctly and able to evaluate according to the standards set
• สามารถรวบรวมจัดเก็บ สร้างและอัพเดทเอกสารของมาตรฐานระบบการจัดการความมั่นคงและปลอดภัยขององค์กรทั้งภายในและภายนอกได้อย่างถูกต้อง และสามารถประเมินผลได้ตามมาตรฐานที่ได้กำหนดไว้.
• Be able to practice Security skill to supervise the team contractor working correctly and effectiveness
• สามารถฝึกฝนเพื่อให้สามารถปฏิบัติการบังคับบัญชาหรือแนะนำงานในด้านความมั่นคงให้กับทีมงานผู้รับเหมาที่ปฏิบัติงานภายใต้บังคับบัญชาปฏิบัติงานได้อย่างถูกต้องและมีประสิทธิภาพได้ในอนาคต.

ทักษะ:

Express

ประเภทงาน:

งานประจำ

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Available for Work Visa Sponsorship?.
• Government Clearance Required?.