Description

Security Project Management:

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Security Risk Management:

Identify, assess, and prioritize security risks across the organization.

• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.

Establishment of Policies, Standards, and Procedures:

• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.

Communication and Collaboration with Technology Team:

• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.

Qualifications

• A positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor’s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it;
• Systems Thinking – the ability to see how parts interact with the whole (big picture thinking);
• Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals;
• Good command in written and spoken Thai and English language.