Filter Jobs

Experience:

5 years required

Skills:

Compliance, Risk Management, ISO 27001

Job type:

Full-time

• Develop and implement IT governance frameworks, policies, and procedures that align with industry best practices, regulatory requirements, the company and technology team objectives.
• Design and implement controls and mitigation strategies to address identified risks and ensure compliance with relevant regulations and industry standards.
• Collaborate with key stakeholders to identify and document IT governance goals, objectives, and key performance indicators (KPIs) that align with the company and techno ...
• Collaborate with IT and business stakeholders to balance business agility and IT risk.
• Coordinate and participate in audits and assessments to evaluate the effectiveness of IT governance controls and ensure compliance with internal policies and external regulations.
• Monitor and report on the effectiveness of IT governance controls, identify areas for improvement, and recommend appropriate remediation actions.
• Regularly review existing policies and procedures to identify gaps and areas of improvement.
• Maintain a thorough understanding of emerging trends, technologies, and regulatory changes that could impact the company s IT operations and governance.
• Bachelor s degree in Computer Science/Engineering, Information Systems, or IT related field.
• At least 5 years of work experience and 2 years in IT governance, risk management, or IT audit.
• Strong knowledge of IT governance standards and frameworks such as COBIT, ITIL, ISO 27001, etc.
• Solid understanding of cyber security principles and data privacy regulations.
• Exceptional communication skills with the ability to present complex IT concepts to non-technical stakeholders.
• Analytical mindset with strong problem-solving skills and attention to detail.
• Proven project management and leadership skills.
• Familiarity with cloud technologies and their governance requirements.
• Experience in a startup or tech-oriented environment.
• If you are passionate about IT governance and want to make a significant impact in a dynamic startup environment, we would love to hear from you!.

Skills:

Compliance, Risk Management, ISO 27001

Job type:

Full-time

• Developing and implementing IT Governance Frameworks.
• Developing IT policies and procedures.
• Identifying IT-related risks and implementing strategies to mitigate them, including cyber security risks, data privacy concerns, and operational disruptions.
• Monitoring the performance of IT systems and services against predefined metrics and reporting.
• Ensuring that IT practices comply with relevant laws, regulations, and industry standards, and coordinating IT audits to assess compliance and identify areas for improvement.
• Providing guidance, training, and support to employees on IT governance policies, procedures, and best practices.
• Identifying opportunities for improvement in IT governance processes and implementing enhancements to drive continuous improvement and innovation.
• Review IT s audit response from system s owner and suggest the right way to response back to IT s audit document.
• Follow up action items update and pending items from system s owner.
• Minimum 5 years of relevant experience in IT governance, IT risk management, or a related field.
• Experience in managing IT projects, implementing IT policies and frameworks, and overseeing compliance and risk management practices is highly valued.
• Experience in implementing and maintaining on ISO 27001 management systems within organizations is highly valuable.
• Experience to manage and follow up audit response.
• Strong understanding and practical experience with IT governance frameworks such as COBIT (Control Objectives for Information and Related Technologies) or ITIL (Information Technology Infrastructure Library).
• Proficiency in IT risk management methodologies and techniques, including risk assessment, mitigation strategies, and compliance requirements.
• Ability to develop, implement, and enforce IT policies and procedures that align with organizational objectives and regulatory requirements.
• Understanding of business processes and how IT supports organizational goals and strategies.
• Excellent verbal and written communication skills are essential for effectively communicating IT governance principles and practices to stakeholders at all levels of the organization.
• Ability to lead cross-functional teams, collaborate with diversity, and influence decision-making processes related to IT governance..
• Contact Information:-.
• Office of Human Capital.
• THAI BEVERAGE PUBLIC COMPANY LIMITED.
• Lao Peng Nguan Building, Tower 1.
• 333 Vibhavadi Rangsit Road, Ladyao Subdistrict, Chatuchak District, Bangkok 10900.

Skills:

ISO 27001, English

Job type:

Full-time

• รับผิดชอบการ Monitoring ควบคุมและจัดการระบบพื้นฐานเกี่ยวกับ ไฟฟ้า และระบบปรับอากาศ ระบบเครือข่าย เพื่อสนับสนุนการจัดการ.
• ตอบสนองความต้องการของลูกค้า และประสานงาน การติดตั้งและการแก้ไขปัญหาระบบของผู้บริการ (vendor) เพื่อให้ถูกต้องและสมบูรณ์ตามหลักปฎิบัติ.
• ควบคุมและประสานงานการบำรุงรักษาและการซ่อมแซม (Preventive Maintenance) ระบบพื้นฐานต่างๆ เครื่องกำเนิดไฟฟ้า Generator, เครื่องสำรองไฟฟ้า UPS, ระบบตู้ไฟฟ้า, ระบบปรับอากาศ และการติดตั้งอุปกรณ์ระบบเครือข่าย (Network) เป็นต้น.
• เป็น 1st level support & troubleshooting ของระบบ Facility ใน Data Center เช่น ระบบ Network, ระบบไฟฟ้า, ระบบปรับอากาศ เป็นต้น.
• จัดทำกระบวนการปฎิบัติงาน และคู่มือการทำงานในการดูแลระบบพื้นฐาน โดยอิงตามมาตราฐาน ISO หรือมาตรฐานอื่นที่เกี่ยวข้องกับการปฏิบัติงาน (เช่น ISO 20000 ด้านบริการ, ISO 27001 ด้านความปลอดภัย,ISO 50001 ด้านบริหารพลังงาน และอื่นๆ เช่น ISO22301, PCIDSS, TCOS) รวมทั้งรูปแบบใบบันทึก, รายงานต่าง ๆ.
• สรุปและรายงานผลสำหรับปัญหาวิกฤติใด ๆ ต่อหัวหน้าทีม รวมทั้ง การจัดทำรายงานสถิติ,รายงานวิเคราะห์แบบรายวัน, รายเดือน รายไตรมาส ด้วย.
• Bachelor s degree in electrical power, mechanic or related fields.
• Thai nationality, Male, Age 20 - 25 years old.
• Have basic technical knowledge in Data Center facilities (Electrical/Mechanical).
• Able to work under pressure.
• Able to work with a team.
• Fair communication in English.

Experience:

2 years required

Skills:

Public Relations, Legal, Computer Security, English

Job type:

Full-time

• Executes cybersecurity engineer tasks including, but not limited to, security patch management, security vulnerability management, and security configuration management.
• Tests, implements, deploys, maintains, reviews, and administers the cybersecurity tools.
• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
• Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
• Identify potential conflicts with the implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
• Operates and maintains production information security systems.
• Ensures proper cybersecurity documentation is in place regarding standard operating procedures.
• Monitors the industry and external environment for emerging threats and advises relevant stakeholders on appropriate courses of action.
• Oversees incident response planning and the investigation of security breaches and assists with any associated disciplinary, public relations, and legal matters.
• Applies expert knowledge and skills to resolve problems, including support concepts and methods, problem isolation and troubleshooting procedures, system and file recovery processes, and operating system and network configurations.
• Prepares and presents cogent and cohesive analyses and briefings advising management on new technological developments, techniques, and enhancements that result in increased time and cost efficiencies.
• Provides advice and assistance to troubleshoot the most complex problems in a manner that minimizes interruptions in the ability to carry out critical business activities.
• Supports rapid response teams in response to customer service problems resulting from catastrophic events such as virus infections or widespread power outages.
• Supports the development of a formal cyber security risk assessment program.
• Supports and assists in maintaining a vulnerability/gap/response assessment program.
• Supports the ongoing maintenance of the cyber-Kill Chain for the company, focusing on phases of cyber-attack and remediation/mitigation for each phase.
• Supports ongoing activities to develop, communicate, and support appropriate standards and risk controls associated with digital data.
• Supports the development and maintenance of a company Data Protection program.
• Responds to cybersecurity alerts.
• Cascade and leverage cybersecurity control and practice to the entire company group.
• Bachelor s or Master s degree in Computer Engineering, MIS, IT, or a related field.
• At least 2 years experience in computer security and 5 years in IT infrastructure.
• Have a foundation in good information security practices.
• Knowledge of International Security frameworks, Standards, and Guidelines, e.g., COBIT, NIST-800, ISO 27001, PCI-DSS, OWASP, etc.
• Experience in Security tools, e.g., EDR, ATP, WAF, IPS/IDS, Deception, TI/TIP, Anti DDoS.
• Experience in Cloud Environments, e.g., Google Cloud, AWS, Microsoft Azure.
• Experience with system and application security management and control.
• Experience with system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• Experience with facilitating information security risk assessments.
• Technical writing, documentation development, process mapping, and visual communication skills.
• Hands-on experience with computer programming languages and/or scripting languages such as Python, Java, and Shell for automation.
• Professional certificates related to work (e.g., CISSP, CISM, AWS Certified Security, or similar general security certification) are desirable.
• Talent to identify and create a broad vision for a security solution and to execute it;.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• A positive, can-do attitude who naturally expresses a high degree of empathy to others.
• Ability to explain your thoughts or findings also to non-technical professionals.
• Strong problem-solving and analytical abilities Able to work under minimal supervision, detail oriented.
• Excellent English (Spoken and Written).
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Compliance, Risk Management, ISO 27001

Job type:

Full-time

• Developing and implementing IT Governance Frameworks.
• Developing IT policies and procedures.
• Identifying IT-related risks and implementing strategies to mitigate them, including cyber security risks, data privacy concerns, and operational disruptions.
• Monitoring the performance of IT systems and services against predefined metrics and reporting.
• Ensuring that IT practices comply with relevant laws, regulations, and industry standards, and coordinating IT audits to assess compliance and identify areas for improvement.
• Providing guidance, training, and support to employees on IT governance policies, procedures, and best practices.
• Identifying opportunities for improvement in IT governance processes and implementing enhancements to drive continuous improvement and innovation.
• Review IT s audit response from system s owner and suggest the right way to response back to IT s audit document.
• Follow up action items update and pending items from system s owner.
• Minimum 5 years of relevant experience in IT governance, IT risk management, or a related field.
• Experience in managing IT projects, implementing IT policies and frameworks, and overseeing compliance and risk management practices is highly valued.
• Experience in implementing and maintaining on ISO 27001 management systems within organizations is highly valuable.
• Experience to manage and follow up audit response.
• Strong understanding and practical experience with IT governance frameworks such as COBIT (Control Objectives for Information and Related Technologies) or ITIL (Information Technology Infrastructure Library).
• Proficiency in IT risk management methodologies and techniques, including risk assessment, mitigation strategies, and compliance requirements.
• Ability to develop, implement, and enforce IT policies and procedures that align with organizational objectives and regulatory requirements.
• Understanding of business processes and how IT supports organizational goals and strategies.
• Excellent verbal and written communication skills are essential for effectively communicating IT governance principles and practices to stakeholders at all levels of the organization.
• Ability to lead cross-functional teams, collaborate with diversity, and influence decision-making processes related to IT governance.
• Office of Human Capital
• THAI BEVERAGE PUBLIC COMPANY LIMITED.
• Lao Peng Nguan Building, Tower 1
• 333 Vibhavadi Rangsit Road, Ladyao Subdistrict, Chatuchak District, Bangkok 10900.

Experience:

3 years required

Skills:

ISO 27001, SAP, System Security, English

Job type:

Full-time

• Performing risk assessment for new or existing of Information Technology Systems.
• Planning and developing audit program following to the audit scope and objective of Information Technology Framework such as COBIT, ISMS, IT General Control.
• Evaluating the adequacy and effectiveness of the internal control of Information Technology throughout the company s business processes.
• Performing follow up audit over the findings identified in the audit reports.
• Utilizing relevant Information technology Standards and methodologies and demonstrate to improvement the effectiveness of GRC processes.
• Performing other duties as assigned.
• Job Qualifications.
• Bachelor s degree or higher in Information Technology, Computer Science, Computer Engineering, Management of Information Systems or related fields.
• Over 3 years experiences in IT Internal Auditor.
• External Audit or Big 4 is also welcome.
• Professional certifications such as CISA, Information Security (IRCA), NIST Cybersecurity Framework, or CIA would be an advantage.
• Testing experience on IT controls e.g., IT Governance, Cyber Security, ISO 27001, SDLC and Change Management, Network Security, etc. would be an advantage.
• Good knowledge of IT Audit, IT Security, IT Risk or IT Compliance.
• Ability to use SAP.
• Communication and interpersonal skills, strong analytics, self-motivation and willing to learn.
• Ability to travel/ work upcountry and abroad.
• Fluent in English both written and verbal (Minimum 750 TOEIC score).
• Goal-Oriented, Unity, Learning, Flexible.