Filter Jobs

Experience:

5 years required

Skills:

Research, ISO 27001, Enthusiastic, English

Job type:

Full-time

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

Experience:

3 years required

Skills:

Business Development, Risk Management, ISO 27001

Job type:

Full-time

• Assess existing cybersecurity frameworks, identify gaps, and provide actionable recommendations for improvement.
• Develop tailored cybersecurity strategies that align with the client s business goals, regulatory requirements, and risk profile.
• Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats.
• Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Manage cybersecurity projects from inception through completion, ensuring timely delivery and client satisfaction.
• Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Lead and mentor a team of cybersecurity consultants, fostering a culture of collaboration and continuous improvement.
• Support business development activities by identifying new opportunities and contributing to proposal development.
• Your role as a leader.
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Assistant Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about you.Degree in cyber security, computer science, business IT or equivalent.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• 3+ years of experience in cybersecurity, with a focus on strategy development, security governance, and risk management.
• Strong understanding of cybersecurity frameworks, regulatory requirements, and industry standards (e.g., NIST, ISO 27001, MITRE).
• Preferred CISA, CISM, CISSP certification or related security certification.
• Due to volume of applications, we regret that only shortlisted candidates will be notified. Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information.
• LI-AA1 Requisition ID: 106366In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Experience:

5 years required

Skills:

Compliance, Risk Management, ISO 27001

Job type:

Full-time

• Develop and implement IT governance frameworks, policies, and procedures that align with industry best practices, regulatory requirements, the company and technology team objectives.
• Design and implement controls and mitigation strategies to address identified risks and ensure compliance with relevant regulations and industry standards.
• Collaborate with key stakeholders to identify and document IT governance goals, objectives, and key performance indicators (KPIs) that align with the company and techno ...
• Collaborate with IT and business stakeholders to balance business agility and IT risk.
• Coordinate and participate in audits and assessments to evaluate the effectiveness of IT governance controls and ensure compliance with internal policies and external regulations.
• Monitor and report on the effectiveness of IT governance controls, identify areas for improvement, and recommend appropriate remediation actions.
• Regularly review existing policies and procedures to identify gaps and areas of improvement.
• Maintain a thorough understanding of emerging trends, technologies, and regulatory changes that could impact the company s IT operations and governance.
• Bachelor s degree in Computer Science/Engineering, Information Systems, or IT related field.
• At least 5 years of work experience and 2 years in IT governance, risk management, or IT audit.
• Strong knowledge of IT governance standards and frameworks such as COBIT, ITIL, ISO 27001, etc.
• Solid understanding of cyber security principles and data privacy regulations.
• Exceptional communication skills with the ability to present complex IT concepts to non-technical stakeholders.
• Analytical mindset with strong problem-solving skills and attention to detail.
• Proven project management and leadership skills.
• Familiarity with cloud technologies and their governance requirements.
• Experience in a startup or tech-oriented environment.
• If you are passionate about IT governance and want to make a significant impact in a dynamic startup environment, we would love to hear from you!.

Experience:

5 years required

Skills:

Business Development, Risk Management, ISO 27001

Job type:

Full-time

• Assess existing cybersecurity frameworks, identify gaps, and provide actionable recommendations for improvement.
• Develop tailored cybersecurity strategies that align with the client s business goals, regulatory requirements, and risk profile.
• Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats.
• Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Manage cybersecurity projects from inception through completion, ensuring timely delivery and client satisfaction.
• Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Lead and mentor a team of cybersecurity consultants, fostering a culture of collaboration and continuous improvement.
• Support business development activities by identifying new opportunities and contributing to proposal development.
• Your role as a leader.
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about you.Degree in cyber security, computer science, business IT or equivalent.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• 5+ years of experience in cybersecurity, with a focus on strategy development, security governance, and risk management.
• Strong understanding of cybersecurity frameworks, regulatory requirements, and industry standards (e.g., NIST, ISO 27001, MITRE).
• Preferred CISA, CISM, CISSP certification or related security certification.
• Due to volume of applications, we regret that only shortlisted candidates will be notified. Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information.
• LI-AA1 Requisition ID: 106371In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Skills:

ISO 27001, English

Job type:

Full-time

• รับผิดชอบการ Monitoring ควบคุมและจัดการระบบพื้นฐานเกี่ยวกับ ไฟฟ้า และระบบปรับอากาศ ระบบเครือข่าย เพื่อสนับสนุนการจัดการ.
• ตอบสนองความต้องการของลูกค้า และประสานงาน การติดตั้งและการแก้ไขปัญหาระบบของผู้บริการ (vendor) เพื่อให้ถูกต้องและสมบูรณ์ตามหลักปฎิบัติ.
• ควบคุมและประสานงานการบำรุงรักษาและการซ่อมแซม (Preventive Maintenance) ระบบพื้นฐานต่างๆ เครื่องกำเนิดไฟฟ้า Generator, เครื่องสำรองไฟฟ้า UPS, ระบบตู้ไฟฟ้า, ระบบปรับอากาศ และการติดตั้งอุปกรณ์ระบบเครือข่าย (Network) เป็นต้น.
• เป็น 1st level support & troubleshooting ของระบบ Facility ใน Data Center เช่น ระบบ Network, ระบบไฟฟ้า, ระบบปรับอากาศ เป็นต้น.
• จัดทำกระบวนการปฎิบัติงาน และคู่มือการทำงานในการดูแลระบบพื้นฐาน โดยอิงตามมาตราฐาน ISO หรือมาตรฐานอื่นที่เกี่ยวข้องกับการปฏิบัติงาน (เช่น ISO 20000 ด้านบริการ, ISO 27001 ด้านความปลอดภัย,ISO 50001 ด้านบริหารพลังงาน และอื่นๆ เช่น ISO22301, PCIDSS, TCOS) รวมทั้งรูปแบบใบบันทึก, รายงานต่าง ๆ.
• สรุปและรายงานผลสำหรับปัญหาวิกฤติใด ๆ ต่อหัวหน้าทีม รวมทั้ง การจัดทำรายงานสถิติ,รายงานวิเคราะห์แบบรายวัน, รายเดือน รายไตรมาส ด้วย.
• Bachelor s degree in electrical power, mechanic or related fields.
• Thai nationality, Male, Age 20 - 25 years old.
• Have basic technical knowledge in Data Center facilities (Electrical/Mechanical).
• Able to work under pressure.
• Able to work with a team.
• Fair communication in English.

Skills:

Risk Management, Contracts, Compliance, English

Job type:

Full-time

• Develop and implement a comprehensive cybersecurity strategy.
• Conduct integrated risk management and assessments to identify and mitigate potential threats.
• Develop and maintain security policies, standards, and guidelines.
• Perform vulnerability assessments (VA) and penetration testing (PEN test) to identify and address security weaknesses.
• Lead Red Team exercises and manage attack surface management to proactively identify potential threats.
• Conduct threat hunting to detect and mitigate advanced threats.
• Oversee patch governance to ensure timely updates and security patches are applied.
• Manage and implement cybersecurity projects, ensuring they are completed on time and within budget.
• Oversee the Security Operations Center (SOC) to monitor and respond to security incidents.
• Manage incident and crisis response, including the development and execution of incident response plans.
• Handle security contract management, ensuring all security-related contracts are properly managed and executed.
• Ensure the secure management of data across the organization.
• Develop and enforce data protection policies and procedures.
• Oversee data classification, encryption, and secure storage practices.
• Monitor data access and usage to prevent unauthorized access and data breaches.
• Support internal and external audits by providing necessary documentation and evidence of compliance.
• Maintain an information security risk register and assist with audit preparations and follow-ups.
• Professional Knowledge & Experiences.
• Bachelor s degree in Computer Science, Information Technology, or a related field.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent.
• Proven experience in cybersecurity strategy development, risk management, and security operations.
• Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001).
• Experience in managing Security Operations Centers (SOC).
• Experience in managing complex security projects.
• Excellent problem-solving and analytical skills.
• Strong communication and stakeholder management abilities.
• Excellent command of Thai/English and ability to effectively communicate at all levels (written and verbal).
• Additional Desirable Qualification.
• CORE Competencies.

Skills:

Risk Management, Software Development, Kubernetes

Job type:

Full-time

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

Experience:

7 years required

Skills:

Compliance, Risk Management, Project Management, English

Job type:

Full-time

• Project Delivery/Management: Support the delivery of data security projects focused on implementing tools such as Opentext, Securiti.AI, Fortanix, Guardium, OneTrust, Thales, Protegrity, and others across Southeast Asia.
• Client Collaboration: Work with clients to assess comprehensive data security risks and provide tailored recommendations for implementing capabilities including for data discovery, classification, encryption, anonymization, tokenization, certificate management, key management, safe data deletion, data loss prevention, Information Prot ...
• Subject Matter Expertise: Offer deep knowledge on security capabilities such as identity management, encryption, endpoint management, data loss prevention, email security, web and browser security, zero trust and key and certificate mgt. (e.g., Information and Data Protection, DLP, Insider Risk Management).
• Configuration and Deployment: Support the setup and deployment of data security solutions, ensuring seamless integration with client environments.
• Project Delivery: Ensure successful delivery of data security solutions across on-premise and cloud environment through strong project management and leadership.
• Client Relationships: Build and nurture positive working relationships with clients, aiming to exceed their expectations.
• Profitability Improvement: Identify opportunities to enhance engagement profitability through automation, creation of accelerators, and reuse of best practices.
• Your role as a leader.
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about you.Degree in cyber security, computer science, business IT or equivalent.
• 7+ years of experience in cybersecurity, with a focus in data security, particularly in developing, implementing, or architecting security solutions from one or more of the listed vendor solutions above.
• 1+ years of hands-on experience with tools across and such as: Identity(Active Directory), Data Security including encryption solutions for storage, databases, networks (Guardium, Opentext, Protegrity, Fortanix, Securiti.AI etc), tokenization (for structured data), digital rights management for unstructured data (MS IRM / Purview), data loss prevention (Symantec, MS, Trellix, Zscaler), data posture mgt. (BigID, Sentra, Wiz, Securiti.AI, IBM Guardium etc.) and should have hands on experience including configuration, deployment, and management.
• Familiarity with standards, frameworks and privacy laws such as ISO/IEC 27701, ISO/IEC 27001, GDPR, PDPA and DAMA International Data Management Body of Knowledge (DAMA-DMBOK) would be a plus.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• Preferred CIPP, CIPM, CIPT, CISSP certification or related security certification.
• Able to speak Thai and English fluently.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website. #LI-AA1Requisition ID: 106368In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.