เงื่อนไขการค้นหา

ทักษะ:

Compliance

ประเภทงาน:

งานประจำ

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance.
• Who are we looking for?.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Able to work in shift.
• Location: Head Office: Chatuchak, SJ Infinite One Business Complex

ทักษะ:

Compliance, English

ประเภทงาน:

งานประจำ

• Act as a liaison for internal, external, and regulatory auditors (e.g., Bank of Thailand, PCI, SEC, ISO27001).
• Support and monitor IT audit findings, issue tracking, and resolution progress.
• Assist in managing the IT General Controls (ITGC) framework and SOX compliance program.
• Contribute to IT Security control monitoring and risk assessment activities.
• Promote IT governance, compliance, and operational excellence across teams.
• Bachelor s or Master s degree in Information Technology, Computer Management, or related fields.
• 4 years of experience in IT within banking or financial services, including 2 years in IT audit or compliance roles..
• Knowledge of regulatory and security standards such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ITIL, and SOX compliance..
• Strong analytical, communication, and problem-solving skills.
• Ability to manage multiple tasks, influence stakeholders, and work effectively under pressure.
• Good command of English.
• CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer are advantageous..
• Only shortlisted candidates will be contacted.
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
• FB: Krungsri Career.
• LINE: Krungsri Career.
• LINKEDIN: Krungsri.
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN: (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย: (https://krungsri.com/b/privacynoticeth).
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..

ทักษะ:

Automation, English

ประเภทงาน:

งานประจำ

• Establish a consistent approach to handle security incidents under committed OLA, SLA, MTTX matrix..
• Effectively and efficiently contain and eradicate cyber threats with all subsidiaries.
• Recover impacted assets from technical and business damage done by cyber threats.
• Develop and distribute security incident reports to all key stakeholders.
• Incorporate root cause and lessons learned into an improvement plan.
• Strengthen processes and maturity of Group security operations.
• Continuous improve security incident operations.
• Security Incident Identification, Triage and Response with MS Sentinel SIEM and SOAR cover 24*7 detection & analysis, containment, eradication & post incident investigation on high, rather high, moderate, rather low and low severity..
• Access to internal or external IR specialists to support in Digital forensics investigations and IR team, Threat hunting using Microsoft Sentinel to proactively identify threats in the environment.
• Gather cyber threat insights on security incidents through governance reporting covering weekly operational reports, monthly tactical reports and quarterly management reports.
• Review use-cases onboarding and continuous optimizations to comprehensively detect threats for all subsidiaries environments.
• Works smooth with SOC operation outsources team under the SCBX Cyber Defense Operating Model..
• Support in helping subsidiaries to containment and resolve security incidents within MTTC SLA.
• Maintained and updated security incident response playbooks and runbooks with all subsidiary s acknowledgement.
• Develop, design and participate in cyber tabletop exercises.
• 5-7 years experienced in cyber security incident response or SOC environments. If you worked in Financial industry will be plus score..
• Strong knowledge of cyber security principles and practices, including vulnerability assessment, incident response, and SOC architecture. If you have Cyber/IR certificates related will be plus score..
• Strong knowledge and skills of security threats, attack countermeasures and threat detection/prevention/mitigation.
• Working experience in SOC (Security Operations Center) with hands-on experience with Automated Analytic Rules and Automation Playbook on MS Sentinel..
• Experience with a variety of cyber security tools such as SIEM, EDR, Firewall, IPS, etc and SOC technologies. Excellent analytical and problem-solving skills.
• Hands-on experience in provisioning and interpreting log and network packet data, cloud environment.
• Ability to work independently and as part of a team.
• Ability to communicate complex technical concepts to both technical and non-technical audiences in both of Thai and English..
• Experienced in multi-vendor management.
• Join our team and contribute to ensuring the best availability and efficiency of our Cyber Defense strategy and Cyber Defense Operating Model.
• Apply today to play a crucial role in safeguarding our organization's security.

ทักษะ:

English

ประเภทงาน:

งานประจำ

• Review, classify and/or remove content according to client guidelines, using specific tools and channels.
• Understand and remain updated on changing client policies and guidelines.
• Investigate, resolve, and relay complex content issues to the broader Trust and Safety team.
• Serve as an advocate for the user community.
• Participate in process improvement initiatives that improve quality and efficiency of work.
• Participate in continuous training programs and workgroup discussions for optimal development in the role.
• Engage in conversation around socially sensitive topics with the purpose of keeping our communities safe..
• Basic Qualifications/Skills Needed.
• Strong coping, emotional resilience, and stress-management skills.
• Excellent comprehension, communication in English and Thai.
• Ability to perform duties objectively, devoid of inherent biases or personal beliefs, in the best interest of client policies.
• Strong attention to detail.
• Comfort synthesizing and analyzing information from multiple streams.
• Strong critical thinking and decision-making skills.
• Deep familiarity and passion for the internet, internet platforms, and internet culture.
• High affinity and cultural awareness of political and social situations regarding the relevant market and region that will be supported .
• Ability to work well individually and as part of a team.
• Ability to work differing rotations/shifts and non-standard work hours.
• Flexibility in meeting changing business needs in a fast-paced environment.
• Commitment to quality, efficiency, and effectiveness.
• Previous business process outsourcing, customer service, or content moderation experience is a plus.
• Shift timings/requirements to work weekends and holidays.

ทักษะ:

Teamwork, Compliance, Problem Solving

ประเภทงาน:

งานประจำ

• IT Solutions & Services.
• Work with Passion, Professional and Teamwork.
• Grow up in Career path.
• We are looking for talented Cyber Security Engineer to find the most efficient way to create and to manage every cyber security solution for multiple clients.
• What we want?.
• To propose improvement to infrastructure and security systems and may present them to customer s upper management.
• Plan and carry out a customer s information security strategy to be the healthy security architectures for any IT project.
• To implement security system and ensure compliance with corporate cyber security policies and procedures.
• To provide professional supervision and guidance to security teams.
• Works with other business units, partners, and customers to maintain secure methods of security management.
• Who are we looking for?.
• Experience in IT infrastructure or Cyber Security field.
• Great awareness of Cyber Security trends and new technology update.
• Knowledge in Security Management is advantage. Excellent knowledge in Security Product (Antivirus/Firewall/VPN, IPS/IDS), Security Platform, Endpoint Solution, and Network Security solution is a plus.
• Excellent problem solving and analytical skill, planning and organizing skill and customer oriented.
• Security Profession Certification is a plus.
• Knowledge in AI and the ability to use AI-related tools and technologies.
• MFEC OKR:- As MFEC People, you will be a part of our talent team. Besides your main responsibilities, you do have special projects as part of OKR. However, the percentages will be different according to the positions and teams.
• Location: Branch: Chatuchak

ทักษะ:

ISO 27001, Python, PowerShell

ประเภทงาน:

งานประจำ

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

ทักษะ:

Compliance, Analytical Thinking, Automation

ประเภทงาน:

งานประจำ

• Design, implement, and manage security controls for cloud environments (AWS, Azure, Google Cloud).
• Perform risk assessments and vulnerability management for cloud-based assets.
• Monitor cloud resources to detect and respond to security incidents.
• Collaborate with IT and development teams to integrate security into the SDLC and DevSecOps.
• Ensure compliance with industry regulations and internal security policies.
• Provide expertise in identity and access management (IAM) within cloud platforms.
• Continuously evaluate and recommend security improvements for cloud operations.
• Strong understanding of network security, encryption, and cloud infrastructure.
• Analytical thinking and problem-solving abilities.
• Ability to work collaboratively in cross-functional teams.
• Excellent communication skills to present security risks and solutions to non-technical stakeholders.
• Bachelor s degree in Computer Science, Information Security, or related field.
• Proven experience in cloud security, with a focus on AWS, Azure, or Google Cloud.
• Experience with cloud security automation and monitoring tools.
• Certifications such as AWS Certified Security Specialty, CISSP, or CCSP are an advantage.

ทักษะ:

ISO 27001

ประเภทงาน:

งานประจำ

• Protect the organization's computer networks and systems against a range of cyber threats, such as hacking attempts, data breaches, and different types of cyber attacks. The
• responsibilities of this role include creating, deploying, and overseeing security strategies and technologies to defend the organization IT security..
• Lead the strategic direction, development, and implementation of cybersecurity solutions and practices to protect the organization from sophisticated cyber threats and ...
• Serve as the foremost cybersecurity expert within the organization, providing deep technical expertise and leadership in the design, evaluation, and optimization of complex security architectures.
• Develop comprehensive cybersecurity frameworks that align with industry best practices and regulatory standards, ensuring the organization's resilience against cyber attacks.
• Conduct sophisticated risk assessments and threat modeling exercises to identify potential security gaps and develop advanced strategies for mitigation and prevention.
• Lead the incident response and crisis management efforts for high-impact security breaches, coordinating with cross-functional teams to ensure rapid containment and recovery.
• Drive the adoption of cutting-edge security technologies and methodologies, including artificial intelligence and machine learning, to enhance detection and response capabilities.
• Establish and maintain strong relationships with external cybersecurity agencies, industry groups, and technology partners to stay abreast of emerging threats and trends.
• Develop and manage the cybersecurity budget, ensuring strategic allocation of resources to high-priority projects and initiatives.
• Advanced degree in Computer Science, Information Security, or a related field, with specialized knowledge in cybersecurity.
• A minimum of 5 years of experience in Infrastructure, 3 years of cybersecurity, with at least 2 years in a strategic leadership or management role overseeing cybersecurity functions.
• Professional cybersecurity certifications, such as CISSP, CISM, CCSP, or similar, are required.
• Proven expertise in developing and implementing cybersecurity strategies and architectures to protect complex enterprise environments.
• Other: Deep knowledge of the cybersecurity landscape, including emerging threats, advanced persistent threats (APT), regulatory requirements, and industry best practices.
• Other: ISO 27001..

ประเภทงาน:

งานประจำ

• Lead the implementation and maintenance of IAM/IGA platforms (e.g., SailPoint, Saviynt, MS Entra).
• Manage, mentor and develop IAM/IGA team including analysts and administrators.
• Collaborate with application teams to understand and onboarding new applications with IAM system.
• User Identity Management: Overseeing the creation, modification, and removal of user accounts and access rights within the CP axtra's IAM system.
• Access Reviews and Audits: Conducting regular access reviews and audits to ensure compliance with security standards and regulatory requirements.
• Worked closely with Human Resources and Business team to address and resolve employee issues.
• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Proven experience 2-3 years in designing, implementing, and managing Identity and Access Management solutions, with a focus on SSO and IGA platforms.
• Strong understanding of IAM technologies, protocols, and standards (e.g., SAML, OAuth, LDAP, RBAC).
• Familiarity with IAM solutions from leading vendors like Onelogin, Azure AD, MS Entra, Saviynt, Sailpoint, etc.
• Solid knowledge of security frameworks, compliance standards, and best practices.
• Excellent leadership and communication skills, with the ability to work collaboratively across teams.
• CP AXTRA | Lotus's
• CP AXTRA Public Company Limited.
• Nawamin Office: Buengkum, Bangkok 10230, Thailand.
• By applying for this position, you consent to the collection, use and disclosure of your personal data to us, our recruitment firms and all relevant third parties for the purpose of processing your application for this job position (or any other suitable positions within Lotus's and its subsidiaries, if any). You understand and acknowledge that your personal data will be processed in accordance with the law and our policy. .

ทักษะ:

Social media, Microsoft Office, Mandarin, English

ประเภทงาน:

งานประจำ

• Bachelor s Degree or at least Diploma or equivalent in any discipline.
• Must have B2 level English Language proficiency (reading, writing, speaking and aural comprehension) https://www.coe.int/en/web/common-european-framework-reference-languages/level-descriptions.
• Essential Requirements: Experience of working in a high transactional role, in a KPI driven environment.
• A background in either content moderation, customer service or any other role that involves working with daily targets.
• You will have a track record that demonstrates your ability to perform multiple tasks while paying close attention to detail.
• Mentally and emotionally able to handle offensive or disturbing behaviour, language, and content.
• Availability to work rotational shifts.
• Must be able to speak, read and write the required language to support.
• Preferred requirements Deep familiarity with social media, internet laws, policy regulations and market knowledge.
• Content Moderation experience is preferred, but not essential.
• Bachelor's degree is preferred, however not essential.
• Technical Skills: Minimum typing speed of 40wpm with a 90% accuracy score.
• Computer literate and fully conversant in Microsoft Windows and Microsoft Office.
• Responsibilities:Review, classify and/or eliminate content uploaded by users, according to the parameters and policies defined by the client.
• Comply with the key performance indicators defined by the specific client operation and maintain a high level of quality in each case that you review.
• Make timely escalations in accordance with established procedures.
• Comply with corporate confidentiality policies and ensure the appropriate handling of customer information, to guarantee information security.
• Participate in continuous training programs established by the company for optimal development in the role.
• Comply with all instructions and procedures related and complementary to the role.
• Be attentive to the communications that arrive through the different communication channels of the company.
• At TP we care deeply about the Health and Wellness of our employees, and we provide a dedicated Trust & Safety wellness program to promote and support whole person wellness throughout your employment journey. We have dedicated Wellness teams for each account who work to integrate wellness across the entire employee experience and our moderation teams are strongly encouraged to actively participate in training, group sessions, planned activities and initiatives, to foster a culture of Wellness.
• TP is an equal opportunity employer and value diversity in our company. Therefore, we do not discriminate based on race, religion, national origin, gender, sexual orientation, age, marital status, veteran status, disability, or any other protected status.

ทักษะ:

Automation, Compliance, ISO 27001

ประเภทงาน:

งานประจำ

• Design, implement, and maintain enterprise IAM solutions supporting identity lifecycle, authentication, and authorization.
• Manage user onboarding, access provisioning, and deprovisioning workflows integrated with ITSM and ITAM platforms.
• Develop and enforce access policies, governance standards, and automation processes for managing users and assets.
• Integrate IAM systems with core productivity, communication, and collaboration platforms.
• Implement and monitor privileged access controls to safeguard critical systems and infrastructure.
• Oversee secure remote access and connectivity across networks and cloud environments.
• Collaborate with IT, Security, and Operations teams to align IAM practices with ITSM change, incident, and request processes.
• Maintain accurate asset and account inventories through ITAM integrations to ensure compliance and visibility.
• Troubleshoot identity-related incidents and support audits, reviews, and internal controls.
• 3-5 years of experience in identity and access management engineering or IT administration.
• Strong understanding of IAM concepts: SSO, OIDC, SCIM,MFA, RBAC, lifecycle automation, and access governance.
• Experience integrating IAM with ITSM and ITAM systems for end-to-end user and asset lifecycle management.
• Hybrid Identity & Access Management, Managed AD and Google Workspace.
• Familiarity with privileged access controls, VPNs, and secure network access solutions.
• Knowledge of IT operations and service delivery processes (incident, change, and request management).
• Scripting or automation experience to streamline access and provisioning workflows.
• Strong documentation, communication, and cross-team collaboration skills.
• Nice to Have.
• Experience in fintech, blockchain, or crypto environments.
• Exposure to zero trust and identity governance models.
• Understanding of compliance and security frameworks (SOC 2, ISO 27001, NIST).
• Knowledge of basic network and infrastructure.

ทักษะ:

Compliance, Project Management, Finance

ประเภทงาน:

งานประจำ

• Understand business & IT strategy & directions together with all squad s vision and product roadmaps.
• Understand the regulatory matters and issues by coordinate and collaborate with Regulator, Compliance, IT security, Risk and Audit.
• Share and communicate the regulatory matters to all squads and related parties to ensure that they all understand, aware and comply.
• Define overall masterplan including the budgetary and activities related to regulations, compliance, IT security, risk and audit that align with business & IT strategy and directions.
• Define way of work that proper manage and align with agile way of working squads and related parties.
• Lead, manage and collaborate with related parties for all regulations initiatives, issues, and requests that initiated from regulator, compliance, risk, security and audit.
• Monitor and follow up to ensure that all related parties can deliver and solve the initiatives, issues and requests related to regulations, compliance, IT security risk and audit as per target.
• Work closely with related parties to come up and conclude the proper work around solutions that can mitigate the issues according to policies and risk acceptances.
• Summarize and report overall regulatory matters including initiatives, issues, requests to management and key stakeholders.
• Bachelor s or Master's Degree in computer science and engineering or any related fields.
• More than 10 years of working experience related to IT fields.
• 10 years of working experience in Relationship Management that understand, comply and control the regulation, compliance, security, risk and audit s expectation by collaborate and work closely with all related parties.
• Have strong knowledge on IT Compliance, Risk, Security, Audit and Governance.
• Have knowledge of Project management both traditional & agile methodology.
• Background in Auto Finance and/or Banking products & business processes is an advantage.
• Advance in MS word, excel, and power point to produce documentation.
• Excellent teamwork under pressure and time limitation.
• Effective communication and interpersonal throughout organization.
• Effective presentation.

ทักษะ:

Continuous Integration, Legal, Procurement

ประเภทงาน:

งานประจำ

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• SDLC Security & DevSecOps Integration.
• Develop and implement security frameworks and best practices within the SDLC to minimize vulnerabilities.
• Collaborate with development, operations, and security teams to embed security controls and processes within continuous integration/continuous deployment (CI/CD) pipelines.
• Advise on the integration of automated security testing tools and manual assessments throughout development, staging, and production phases.
• Monitor and evaluate the effectiveness of security controls, adjusting strategies as required.
• Pentester Governance & Annual Panel Selection.
• Oversee and manage the overall pentesting program, including planning, scoping, and executing external and internal penetration tests.
• Develop and enforce governance policies for third-party penetration testing, ensuring compliance with internal and industry standards.
• Lead the annual selection process of the pentester panel by evaluating vendor capabilities, reviewing performance metrics, and coordinating panel evaluations.
• Collaborate with legal, procurement, and compliance teams to negotiate contracts and service level agreements (SLAs) with selected vendors.
• Application Security Testing.
• Define and maintain comprehensive application security testing strategies, including static and dynamic code analysis, vulnerability assessments, and risk management.
• Coordinate regular security assessments, penetration tests, and vulnerability remediation efforts.
• Analyze findings from testing activities and provide actionable recommendations to mitigate risks.
• Work with development teams to ensure security testing is integrated into agile and DevOps methodologies.
• Identity Architecture & Strategy.
• Define and implement enterprise-wide identity governance frameworks, access models, and role designs.
• Develop future-ready IAM architectures to support Zero Trust security, cloud adoption, and business scalability.
• Design identity lifecycle processes such as automated provisioning, de-provisioning, RBAC, and approval workflows.
• Align IAM practices with global standards (NIST, ISO 27001, CIS) and regulatory mandates (PCI-DSS, GDPR, BOT).
• Establish and maintain a comprehensive security governance framework with clear roles, responsibilities, and performance metrics.
• IAM Solution Delivery & Operations.
• Lead the design, deployment, and integration of solutions including SSO, MFA, PAM, and CIAM.
• Oversee directory services and federation platforms such as Active Directory, Azure AD, and cloud identity providers.
• Collaborate with implementation teams and vendors to configure and deploy IAM technologies that ensure security, scalability, and operational excellence.
• Minimum of 12+ years in information security consultancy, with a proven track record in Application security, DevSecOps integration, Vulnerability Management, Penetration testing and Digital Identity.
• Demonstrated expertise in developing and implementing security frameworks and policies that embed secure coding practices and automated security testing within complex, enterprise-level SDLC environments.
• Demonstrates a deep understanding of global security frameworks, including NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as CISSP, CISM, CRISC, OSCP, or equivalent are highly desirable.

ประเภทงาน:

งานประจำ

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• Security Awareness & Training.
• Develop and manage security e-learning programs, newsletters, and knowledge-sharing initiatives to enhance employee awareness.
• Conduct phishing drills and security simulations to assess and improve employee resilience against cyber threats.
• Design specialized training for executives and high-risk users to enhance their understanding of emerging threats and security best practices.
• Implement interactive learning methods such as gamification, security awareness series, real-world security challenges to encourage participation, on-site engagements to reinforce security culture.
• Digital Identity.
• Assist in Identity Governance & Administration (IGA) by supporting policy enforcement, identity lifecycle management, and compliance monitoring.
• Support Access Management by integrating authentication mechanisms such as SSO, MFA, and adaptive access controls into enterprise systems.
• Contribute to Role Management, ensuring structured RBAC/ABAC models and periodic access reviews.
• Help implement Privileged Access Management (PAM) controls, monitoring privileged user sessions, and enforcing security best practices.
• Assist in Identity Integration & Directory Services, ensuring seamless identity synchronization and federation across cloud and on-prem systems.
• Security Innovation.
• Research and evaluate emerging cybersecurity technologies, AI-driven security analytics, and automation tools, conducting PoCs to assess feasibility.
• Explore AI-driven security solutions for threat detection - prevention, and automated security operation to enhance cybersecurity resilience.
• Provide strategic insights to align security innovations with digital transformation, FinTech, and cloud security initiatives across subsidiaries.
• Partner with internal teams, vendors, and industry leaders to benchmark security advancements and drive innovation initiatives..
• Minimum of 5+ years in information security consultancy, with a proven track record in security assessment, identity & access and data security.
• Experience in conduct IAM solutions, including IGA, identity assessment - planning, access management, PAM, and identity integration within enterprise environments.
• Demonstrates a deep understanding of global security frameworks, such as NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as from identity products or equivalent are highly desirable.

ทักษะ:

SQL, Automation

ประเภทงาน:

งานประจำ

• Computer: Monitor and troubleshoot Azure VMs, scale sets, auto start/stop..
• Storage: Manage blob/file storage, redundancy, backup, and storage tiers..
• Networking: Administer VNets, NSGs, VPN Gateway, ExpressRoute, CDN, etc..
• Security: Manage Azure Firewall, Key Vault, Application Gateway, Defender for Cloud..
• App Services: Maintain Azure App Services and Container Apps..
• SIEM/SOAR: Support Microsoft Sentinel for security operations..
• Azure AD: Monitor and troubleshoot RBAC, MFA, PIM, Conditional Access..
• Azure SQL: Manage SQL VMs, Managed Instances, and PaaS databases..
• Monitoring Tools: Use Azure Monitor, Log Analytics, Grafana, etc..
• Automation: Utilize ARM templates and Terraform for infrastructure automation..
• Backup & Recovery: Manage Azure Recovery Services Vault, ASR, Backup, and Replication..
• Reporting: Create monthly cost and performance reports for customers..
• Hybrid & Update Management: Manage Azure Update Manager and Azure Arc..
• Bachelor s degree or higher in Computer Engineering, Computer Science, Information Technology, or a related field.
• 3-5 years of hands-on experience with Microsoft Cloud technologies (Office 365 and Microsoft Azure).
• Microsoft Certified: Azure Administrator Associate.
• Microsoft 365 Certified: Enterprise Administrator Expert.
• Or equivalent professional certifications.
• Experience with monitoring tools such as Microsoft 365 Admin Center, Azure Monitor, or third-party solutions.
• Strong analytical skills and attention to detail in managing configurations, policies, and troubleshooting.
• Ability to stay current with Microsoft 365 updates, roadmap changes, and best practices.
• Experience in planning and executing migrations to Microsoft 365 (e.g., Exchange, SharePoint, file servers).
• Strong interpersonal skills and ability to communicate technical concepts to non-technical stakeholders..

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

English

ประเภทงาน:

งานประจำ

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

ประเภทงาน:

งานประจำ

• Installing, configuring and maintaining hardware, network and operation system of the IT system, both of cloud and on-premises infrastructures.
• Installing, configuring and maintaining software application and platforms, both of cloud and on-premises infrastructures.
• Managing users, groups and operating system policies across the entire IT network.
• Diagnosing, troubleshooting and resolving application, software, hardware and networking issues.
• Monitoring system and application performance, availability, and security.
• Automate tasks like code deployment, testing, and infrastructure provisioning through scripts, tools, and CI/CD pipelines.
• Replacing and upgrading outdated or defective components.
• Enforcing security best practices to prevent cyber attacks and security breaches..
• 7-8 years of experience in system, application or production support.
• Strong experienced in UNIX, LINUX and Windows operating systems.(System Administrator role).
• Knowledge of networking fundamentals (TCP/IP, routing, network protocols, configurations, and security practices).
• Knowledge of cloud platforms (Azure, OpenShift, Kubernetes) and DevOps/DevSecOps practices.
• Good knowledge of RESTful APIs, HTTP protocol, OAuth, and JSON.
• Experience supporting Java-based APIs is an advantage.
• Familiarity with database technologies (Oracle, MS SQL Server, PostgreSQL, MongoDB, MySQL).
• Experience with monitoring and logging tools (e.g., Dynatrace, Kibana, Elasticsearch, Grafana).
• Knowledge of scripting tool and automation (Shell Script, PowerShell, ansible playbook, CI/CD pipeline).
• Knowledge of distributed event streaming platforms is a plus.
• Proven ability to perform root cause analysis and problem diagnosis in collaboration with development teams.

ทักษะ:

Negotiation

ประเภทงาน:

งานประจำ

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

ทักษะ:

ISO 14001, Compliance, English

ประเภทงาน:

งานประจำ

• Arrange and conduct proper training on safety issues for staff.
• Work with all managers to ensure proper safety equipment and protection systems are available and used. Also review with all managers on safety & security policies/procedures to ensure they are effective and workable.
• Follow up emergency equipment inspection and conduct emergency drill.
• Establish, manage and develop an effective security and loss control program to prevent and protect plant s properties.
• Establish and develop effective audit procedures to ensure the implementation of SHE & security policies/procedures are ongoing accordingly.
• Ensure SHE programs comply with the local standards & related regulations.
• Liaise with local fire station, first aid hospital, and security contractor to ensure that personnel and plant are safe.
• Provide personal protective equipment for employees and contractors.
• Set up Safety, Health and Environment committee meetings and conduct safety training and procedures for contractors, including hazardous substance spill prevention and control.
• Establish and implement environmental management programs to ensure that all environmental aspects are properly managed, and continual improvement is achieved.
• Monitor and report the plant environmental status (EIA and other regulations) to government agencies.
• Serve as the Environmental Management Representative (EMR) for ISO 14001 & ISO 45001 for Gulf NRV1 Company Limited and Gulf NRV2 Company Limited.
• Coordinate and perform industrial hygiene measurements.
• Coordinate with government agencies or visitors regarding environmental issues during plant visits.
• Perform other duties as assigned by the Plant Manager.
• Assist with plant housekeeping.
• Become familiar with plant operations.
• Play a vital role in quality, environmental, safety, and social management systems (ISO 14001, 9001, 45001, ESMS).
• Bachelor s degree in Environmental Science or equivalent technical training and experience; a higher degree is desirable..
• Minimum 4 years experience in the power generation industry or process plant operations, preferably in a supervisory capacity..
• 1-5 years of relevant experience in safety, health, environment, and security (SHE/S) or a related field..
• Experience of advanced incident investigation and prevention and managing positive changes in HSE performance.
• Knowledge of federal, state and local health and safety, and environmental regulations, and direct experience dealing with regulatory agencies and/or compliance officers.
• Strong leadership with a good interpersonal skills and excellent communications.
• Fluent in English both written and verbal.
• Ability to travel/ work upcountry.
• Goal-Oriented, Unity, Learning, Flexible.

ประเภทงาน:

งานประจำ

• Monitor all data center systems including power, cooling, fire suppression, and physical security systems during the shift.
• Perform routine inspections and preventive maintenance of data center equipment to ensure optimal performance.
• Respond promptly to alerts, alarms, and incidents, escalating issues to higher-level technical teams or management as necessary.
• Maintain accurate logs and records of all operational activities, incidents, and maintenance tasks performed during the shift.
• Support the deployment, relocation, and removal of hardware and equipment in accordance with standard operating procedures.
• Ensure compliance with company policies, safety protocols, and regulatory requirements related to data center operations.
• Coordinate with cross-functional teams (network, facilities, security) to resolve operational issues efficiently.
• Assist in maintaining physical security and access control for the data center facility.
• Participate in shift handover meetings to ensure seamless transition and communication between shifts.
• Bachelor Degree s in Engineering.
• Prior experience in data center operations or facility management is an advantage.
• Basic understanding of data center infrastructure components (power, cooling, fire safety, security).
• Ability to work in a 24/7 shift environment including nights, weekends, and holidays.
• Strong problem-solving skills and attention to detail.
• Ability to follow procedures and work independently or as part of a team.
• Physical ability to handle equipment and perform routine inspections.
• Fluent in English both written and verbal (Minimum 600 TOEIC score).
• Goal-Oriented, Unity, Learning, Flexible.