Filter Jobs

Job type:

Full-time

• Responsible for security management in Suksawas Sortation Center, ensuring the safety of company assets and personnel.
• Develop and implement comprehensive security policies and procedures in compliance with laws and regulations and Alibaba International's security standards.
• Monitor and assess potential security risks, establish preventive measures, and minimize the occurrence of security incidents.
• Coordinate and lead the security team, conducting regular training to build skills and competence of security manpower.
• Maintain a good relationship with local law enforcement agencies to handle potential security incidents and ensure compliance.
• Execute security protocol to manage and enforce the compliance of parties involved including staff, IC, subcon or etc.
• Managing facility and infra structure support in build up cctv coverage in place insuring it been manage function as intended.
• Bachelor's degree or above in Security Management, Law, or related fields.
• More than ten years of experience in security management, with a preference for experience in Thailand or similar regions.
• Familiarity with Thai security regulations and International's security management system with strong risk assessment capabilities.
• Qualified TAPA FSR (if applicable) would be advantage.
• Excellent leadership and team collaboration skills, capable of guiding and motivating team members effectively.
• Fluent in Thai and English, with strong communication and coordination abilities to work effectively with multiple departments.

Skills:

Network Infrastructure, Project Management, VMware, English

Job type:

Full-time

• Design/Implement Cyber Security project for Private Cloud and Global Cloud (CloudX, AWS and MS Azure).
• Solution integration and migration.
• Control suppliers in the assigned project.
• Do project quality control.
• Do project risk assessment and management.
• Do project UAT with customer.
• Create final project document.
• Do customer project training (OJT).
• At least 4 years of Cyber Security experience.
• Bachelor s degree in Computer Engineering, Information Technology, Computer Science or related fields.
• Experience in installation and operation Security product e.g. Firewall, IPS, SIEM, NAC, Anti-Virus, Endpoint.
• Knowledge on network security and cloud technology.
• Knowledge of monitoring tools (What s up gold, Zabbix, Nagios).
• Has valid Security product Certification e.g. Foritnet NSE3-7, PaloAlto PCNSA, PCNSE, Cisco CCNA, CCNP Security.
• Experienced in ITIL framework.
• Senior Engineer/Engineering Specialist (Network and Security).
• Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS).
• Managing and troubleshooting SD-WAN solutions, Wireless Lan and Cybersec solution.
• Perform network maintenance and system upgrades including service packs, patches, hot fixes, and security configurations.
• Monitor performance and ensure system availability and reliability.
• Monitor system resource utilization, trending, and capacity planning.
• Provide Level-2/3 support and troubleshooting to resolve issues.
• Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
• Select and implement security tools, policies, and procedures in conjunction with the company s security team.
• Work with vendors and other IT personnel for problem resolution.
• Bachelor s degree in computer engineering, computer science, IT, or related fields.
• At least 3-5 years of experience in network & security areas.
• Knowledge and Experience with network design, implementation, service support, and troubleshooting.
• Knowledge and Experience with SD-WAN, Network Security and CyberSec solutions.
• Knowledge and Experience in LAN/Datacenter networking, TCP/IP, DNS, DHCP, SSL, HTTP, Proxy, Web Application Firewall.
• CCNA, CCNP, CompTIA Network+, Fortigate, PaloAlto product certificate is advantage.
• Good communication, analytical thinking, and effective communication skills with interpersonal and problem-solving skill.
• Able to work outside working hours.
• Good command of read, listen, written and speaking English.
• On-call support during non-office hours.
• Engineering Specialist (Project Engineer).
• Manage CCII (Cloud, Cyber Security, IOT, ICT) project for single and multi-tower solution for Property, Retail, Conglomerate, and international customer segments.
• Be a committee of AIS bid management for validating large projects at TCV > 10MB.
• Manage project stakeholders to meet expectation and requirement.
• Communicate project progress to stakeholders.
• Plan and manage project issue and risk with proper actions.
• Plan and manage project to meet project objective, within timeline, project budget, scope and give customer satisfied.
• Manage project resource both internal delivery and external suppliers.
• Bachelor's degree or higher in computer science, business, or a related field.
• 8-15 years of project management and related experience.
• Strong in communication and stakeholder management.
• Project Management Professional certification preferred.
• Proven ability to solve problems creatively.
• Strong familiarity with project management software tools, methodologies, and best practices.
• Experience seeing projects through the full life cycle.
• Excellent analytical skills.
• Strong interpersonal skills and extremely resourceful.
• Proven ability to complete projects according to outlined scope, budget, and timeline.
• Senior Engineer (System Infrastructure)
• Implement Server, Storage, Virtualization, Backup system for Enterprise customer.
• Hypervisor and Operating system configuration and customization.
• Network and firewall integration for Cloud infrastructure.
• Hand-over completed solution to related team.
• At least 3 years experience on Server, Storage, VMware and Veeam delivery.
• Strong knowledge of Cloud environment and Operating system. (Windows and Linux).
• Basic skill of Database and Middleware installation.
• Strong organizational skills and ability to take on multiple assignments.
• Experienced firewall and cloud network implementation.
• Ability to occasionally work or assign work during nights/weekends during critical incidents per on-call rotation or major project implementations.
• Good command of English.
• VMware VCP or Linux certificate knowledge is an advantage.

Skills:

Research, Automation

Job type:

Full-time

• Lead the Cyber Security Incident Response (CSIR) team in day-to-day operations, managing complex incidents, and communicating progress to senior management.
• Ensure clear incident documentation and oversee the implementation and follow-up of realistic remediation plans.
• Detect and independently respond to security incidents across the organization.
• Assume the role of an Incident Manager during major security events.
• Collaborate with management to execute and iterate on the incident response process.
• Develop the threat-response matrix, incident-response playbook, and processes. Design and implement metrics for incident response, continually improving efficiency and effectiveness.
• Stay informed of emerging threats, security technologies, and relevant research for continuous improvement.
• Identify and mitigate complex security threats before exploitation.
• Implement and monitor security measures for infrastructure protection.
• Utilize log analysis platforms for security analytics and threat detection.
• Perform root cause analysis (RCA) and incident reviews.
• Mentor other members of the Security Incident Response Team.
• Help the team grow their skills and experience.
• Provide security recommendations to security architecture, issues, and features.
• Create a supportive environment for team members.
• Build strong partnerships with the other departments as a supporter of the cyber security incident response team. (CSIRT).
• Train team members to prioritize efforts and ensure alignment with company direction.
• Be a role model for positive thinking, and conflict resolution.
• Draft and successfully deliver on quarterly OKRs (Objectives and Key Results).
• Bachelor's degree or higher in Computer Engineering, Computer Science, IT, or related fields.
• A minimum of 5 years of working experience in Security Operations (SecOps), incident response, threat analysis, incident management, or relevant investigations during medium and large-scale security events.
• Robust understanding of security issues, mitigations, and a solid grasp of the current global threat landscape.
• Experience in security solutions, secure network design, firewalls, authentication, authorization systems, log analysis platforms, security incident response, monitoring, and intrusion detection.
• Profound knowledge of attacks, mitigation methods, and threat modeling.
• Experience in digital forensics, SOAR automation, and cloud providers like GCP, AWS, and Azure is advantageous.
• Strong written and verbal communication skills are required, including conducting presentations and creating security reports. Experience with executive-level communications is a plus.
• Substantial engineering mindset.
• Capability to build working relationships with key stakeholders.
• Capability to make concrete progress in the face of ambiguity and imperfect knowledge.
• Hold the certificate of CompTIA Security +, CompTIA CySA+, and others would be an added advantage.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

3 years required

Skills:

Compliance, Security Design, English

Job type:

Full-time

• ร่วมกำหนดนโยบายด้านการรักษาความมั่นคงปลอดภัยระบบเทคโนโลยีสารสนเทศ เพื่อยกระดับองค์กรให้มีระบบบริหารจัดการที่มีประสิทธิภาพและมีความมั่นคงปลอดภัยในระดับสากล.
• ศึกษาและหาข้อมูลความเสี่ยงหรือภัยคุกคามใหม่ๆ ที่เกิดขึ้น ที่ส่งผลต่อการดำเนินงานทางธุรกิจของบริษัท พร้อมทั้ง ดำเนินและเสนอแนะวิธีการป้องกัน.
• ตรวจสอบ ติดตามความเสี่ยงหรือภัยคุกคามที่เกิดขึ้นและสามารถแก้ไขปัญหาได้.
• วิเคราะห์ และประเมินระบบความปลอดภัยด้านเทคโนโลยีสารสนเทศของบริษัท.
• นำเสนอเทคโนโลยีการรักษาความความมั่นคงปลอดภัย เพื่อให้ระบบด้านเทคโนโลยีสามารถทำงานได้อย่างมีประสิทธิภาพสูงสุดและมีมาตรฐานตามหลักสากล.
• ปริญญาตรี ขึ้นไป สาขาเทคโนโลยีสารสนเทศ วิศวกรรมคอมพิวเตอร์ วิทยาการคอมพิวเตอร์ หรือที่เกี่ยวข้อง.
• มีประสบการณ์ทางด้าน IT Security & Compliance 3-5 ปี.
• มีความรู้ด้าน Security Design, Security Analysis, Cyber Attack.
• Computer viruses and security (Firewall, etc.).

Experience:

5 years required

Skills:

Legal, Compliance

Job type:

Full-time

• Design and work on cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
• Data pattern and trend identification via metric analysis, driving operational excellence and improvement.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Provide certification advisory across Information Security Management System (ISMS).
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonised approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• Bachelor s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
• Minimum 4 - 5 years of prior relevant working experience.
• Experience with vulnerability scanning solutions and cybersecurity systems.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)² ) or relevant certifications.
• Strong interpersonal and stakeholder management skills with ability to coordinate between technical and business teams.
• Excellent verbal, written communication and interpersonal skills with stakeholders at all levels.
• Knowledge and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR, and Privacy Shield) and industry standards and frameworks, such as GAPP and BCR.
• Ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements.
• An analytical mindset, strive for quality and are able to work in a result-oriented environment.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

Experience:

3 years required

Skills:

Research, System Administration, Android

Job type:

Full-time

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• 3+ years of prior relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

Experience:

3 years required

Skills:

Compliance, Legal, Risk Management

Job type:

Full-time

• Develop data security policy review, data security policy exceptions, and control risk mitigation processes.
• Define the security controls for access management lifecycle (i.e., requirement for creation, deletion, transfer and review).
• Operate:Advice on technology relating to Data Privacy and Protection (i.e., PDPA) related security controls implementation.
• Drive and support data security controls such as Data Loss Prevention (DLP), Data Masking, Data Encryption capabilities to protect sensitive data.
• Drive compliance (or collaborate with compliance team) to organization security policies, standards, metrics, and legal requirements.
• Communicate and enforce security policies, rules, and standards.
• Conduct impact assessment of data initiatives from a security point of view.
• Ensure the cryptographic keys and related components are safety and protection of confidential information.
• Resolve data security audit and risk findings.
• Review and develop security controls to current access controls policies and procedures.
• Provide requirements for create and manage roles, access rights (includes privileged access), authentication and identity within the environment.
• Conduct periodic review of user access.
• Review, approve and monitor the usage of privileged access.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Work experience in privacy, compliance, information security, auditing or a related field may also be an accepted alternative, according to Cybersecurity.
• Minimum 3 years of experience in and strong knowledge of privacy, data, operational risk management, information security, or related areas in IT.
• OTHER REQUIREMENTS.

Experience:

7 years required

Skills:

English

Job type:

Full-time

• Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
• Deal effectively with ambiguous and unstructured problems and situations.
• Initiate open and candid coaching conversations at all levels.
• Move easily between big picture thinking and managing relevant detail.
• Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
• Contribute technical knowledge in area of specialism.
• Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
• Navigate the complexities of cross-border and/or diverse teams and engagements.
• Initiate and lead open conversations with teams, clients and stakeholders to build trust.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Security Operation Center (SOC).
• Minimum years experience required.
• 7 years of experiences and above.
• Additional application instructions.
• Good communication in english.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

Experience:

1 year required

Skills:

Risk Management, Compliance, English

Job type:

Full-time

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Penetration Tester (Manual & Automate).
• Minimum years experience required.
• Over 1 years of Experience in related fields.
• Additional application instructions.
• Good Communication in English.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

Experience:

2 years required

Skills:

Network Infrastructure, Security Design, Big Data, English

Job type:

Full-time

• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
• Skills and attributes for success.
• To qualify for the role you must have.
• Bachelor's degree or Master s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
• Ideally, you ll also have.
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
• We re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
• What we offer.
• We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
• Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Skills:

Sales, Business Development, English

Job type:

Full-time

• Bachelor's degree or equivalent practical experience.
• 10 years of experience in a sales role in software sales.
• Experience with security solutions or security software product.
• Experience selling to enterprise sector.
• Preferred qualifications:Experience in promoting cyber security solution and cloud-based security solutions.
• Understanding of broad range of security and networking technologies.
• Ability to work with sales engineers and customer technical leads to inventory existing software, define migration plans, and build business cases for migrations.
• Ability to provide accurate forecasting to the reporting manager regularly.
• Excellent leadership, influencing, and relationship development skills.
• Ability to communicate in Thai and English fluently in order to engage and support customers.
• As a Security Sales Specialist, you will help grow cybersecurity business by building and expanding relationships with customers. You will work with customers to deliver business value, demonstrate product functionality, and provide a comprehensive overview of key business use cases. You'll lead day-to-day relationships with external customer stakeholders, leading with empathy, while identifying innovative ways to multiply impact. In this role, you will have shared responsibility to uphold and grow a team culture. You will partner with internal Google Cloud Platform Sales teams to grow their security businesses and drive overall value for Google Cloud Platform.
• Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
• ResponsibilitiesBe responsible for new business development via prospecting, qualifying, promoting, and closing software and hardware solutions, services, and products.
• Create and manage the channel partner network for products under the distribution product portfolio together with the Regional Channel Sales Manager.
• Provide account management to an existing territory and be responsible for quarterly and annual business goals.
• Manage client relationships through all phases of the business cycle providing a consultative solutions based sales process.
• Develop expertise in the entire Google Cloud's security portfolio (including Mandiant solutions and services) and be able to articulate product features, use cases, and differentiate them from the competition.
• Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See alsoGoogle's EEO Policy andEEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing ourAccommodations for Applicants form.

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Risk Management, Project Management, English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Experience:

1 year required

Skills:

Risk Management, Compliance

Job type:

Full-time

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.

Experience:

5 years required

Skills:

Legal, Compliance

Job type:

Full-time

• Design and work on cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
• Data pattern and trend identification via metric analysis, driving operational excellence and improvement.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Provide certification advisory across Information Security Management System (ISMS).
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonised approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• Bachelor s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
• Minimum 4 - 5 years of prior relevant working experience.
• Experience with vulnerability scanning solutions and cybersecurity systems.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)² ) or relevant certifications.
• Strong interpersonal and stakeholder management skills with ability to coordinate between technical and business teams.
• Excellent verbal, written communication and interpersonal skills with stakeholders at all levels.
• Knowledge and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR, and Privacy Shield) and industry standards and frameworks, such as GAPP and BCR.
• Ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements.
• An analytical mindset, strive for quality and are able to work in a result-oriented environment.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

Skills:

SQL, Javascript, Ruby, English

Job type:

Full-time

• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Preferred skills.
• Bachelor s degree in Computer Engineering, Computer Science, Information Systems or a related field. A Master s degree is a plus.
• Have knowledge of industry standard classification schemes, such as NIST, ISO27000, and PCI DSS.
• Be able to conduct and simulate manual penetration tests.
• Be able to code at least in one scripting language such as SQL, C ++, JavaScript, Ruby, or Python.
• Have demonstrated leadership, problem solving, and verbal and written communication skills. You need to be able to communicate clearly in both Thai and English.
• Have proven analytical, decision-making, and presentation skills.
• Have a high level of MS Office proficiency.
• Be able to adapt and learn new things.
• Be able to prioritize tasks, work on multiple assignments, and manage ambiguity.
• Be able to work both independently and as part of a team with professionals at all levels.
• Offensive Security Certified Professional OSCP certifications are beneficial but not required.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred: Bachelor DegreeCertifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• No
• Government Clearance Required?.
• No
• Job Posting End Date.

Skills:

DevOps, Automation, Kubernetes

Job type:

Full-time

• Managing 7-8 Professional Service Engineers in responsible for AWS cloud solution architecting and implementation/migration according to the project requirements.
• Team resources management.
• Acting as the key of Cloud technical aspect for the consulting team to provide the technical of AWS cloud consulting to customers.
• Design AWS Cloud solution architecture in response to the client s requirement.
• Define the scope of work & estimate mandays for cloud implementation.
• Managing cloud project delivery to meet the customer requirements timeline.
• Support AWS, GCP cloud partner competency building e.g. AWS Certification and delivery professional service process and documentation.
• Speaker of AWS technical side for True IDC webinar, online event for CloudTalk.
• Key Driving for building team competency expansion to meet the competency roadmap yearly strategy e.g. DevOps, IaC, Automation, Kubernetes, App modernization on AWS cloud.
• Experience in leading cloud AWS implementation and delivery team.
• Experience of designing and implementing comprehensive Cloud computing solutions on various Cloud technologies for AWS, GCP is plus.
• Experience in infra as a code in cloud native (Cloud Formation) or other e.g. Terraform, Ansible implementation.
• Experience in building multi-tier Service Oriented Architecture (SOA) applications.
• Knowledge of Linux, Windows, Apache, IIS, NoSQL operations as its architecture to the Cloud.
• Knowledge of OS administrative for both Windows and UNIX technologies.
• Knowledge of key concerns and how they are addressed in Cloud Computing such as security, performance and scalability.
• Knowledge of Kubernetes, Containers and CI/CD, DevOps.
• Experience with RDBMS designing and implementing over the Cloud.
• Prior experience with application development on the various development solutions as Java,.Net, Python etc.
• Experience in,.Net and/or Spring Framework and RESTful web services.
• UNIX shell scripting.
• AWS Certified Solution Architect - Associate, Prefer Professional level.

Experience:

5 years required

Skills:

Java, RESTful, Web Services, English

Job type:

Full-time

• Designing, developing, and maintaining integration & Architecture solutions.
• Ensuring seamless data flow across the organization.
• Working closely with other developers, and business stakeholders to understand requirements and deliver high-quality integration solutions.
• Understanding of RESTful and SOAP web services, data transformation, and error handling.
• having excellent problem-solving skills, be detail-oriented, and have the ability to work in a fast-paced environment.
• Ensuring our integration & Architecture solutions are efficient, scalable, and secure.
• Applying integration technologies and have a proven track record of delivering successful projects.
• Design and develop large integration solutions.
• Create and manage APIs.
• Integrate various systems and ensure seamless data flow.
• Collaborate with developers and business stakeholders.
• Understand and translate business requirements into technical solutions.
• Perform data transformation and error handling.
• Ensure integration solutions are efficient, scalable, and secure.
• Conduct code reviews and provide feedback to team members.
• Troubleshoot and resolve integration issues.
• Document integration processes and solutions.
• Participate in Agile development processes.
• Develop and maintain unit and integration tests.
• Optimize performance of integration solutions.
• Ensure compliance with security and data protection standards.
• Monitor and maintain integration environments.
• Participate in continuous improvement initiatives. Requirements.
• Bachelor s degree in Computer Science, Information Technology, or related field.
• 5+ years of experience in JAVA developer and Java-script framework.
• Proficiency in Any JAVA Platform and JVM.
• Experience with Micro-service management and /distributed messaging queue.
• Strong understanding of RESTful and SOAP web services.
• Experience with data transformation and error handling.
• Excellent problem-solving skills.
• Ability to work in a fast-paced environment.
• Strong communication and collaboration skills.
• Experience with Agile development processes.
• Knowledge of security and data protection standards.
• Ability to troubleshoot and resolve integration issues.
• Strong attention to detail.
• Experience cloud platforms (e.g., AWS, GCP) is a plus.
• Knowledge of Java, XML, JSON, and SQL.
• Experience with CI/CD tools and processes.
• ability to document technical solutions and processes.
• Experience with performance optimization.
• Good in English, both written and spoken.

Experience:

2 years required

Skills:

SQL, User Interface (UI), Web development, English

Job type:

Full-time

• Get requirement from user.
• Responsible to analysis and design according to requirement.
• Able to transform business requirement to technical solution.
• Control application development to SDLC and project responsibility.
• Provide guidance and consultation to user.
• Create document to support project (Functional specification, High level Design specification, Detail Design specification, Operation work flow and User Manual).
• Bachelor s degree in Computer Science, Engineering or a related field.
• Proven working experience in System Analysis (2+ years is a plus).
• Programming knowledge.
• Database knowledge.
• Strong in user requirements gather, analysis and application design by creating specification documents.
• Experience in Mobile Application and Mobile Web developmentis a plus.
• Able to handle multiple tasks at once and works well under pressure.
• CODEDIVA Benefits:
• Social security.
• Annual Leave (depends on number of working years).
• Free Lunch, Snack and Drink.
• Budget for training.
• Birthday Leave.
• Group Insurance / Annual dental medical insurance.
• Bonus depends on company and personal performance.
• Annual company trip.
• สถานที่ทำงาน (Location): ใกล้ MRT เพชรบุรี และ BTS อโศก
• เวลาทำงาน (Work Hours): 9:00-18:00 น.