Filter Jobs

Experience:

1 year required

Skills:

Compliance, Python, PowerShell, Japanese

Job type:

Full-time

• Monitor, analyze and triage security alerts and events.
• Assess impact, risk of potential incidents, and take appropriate action according to defined procedures.
• Utilize various security tools and technologies to detect and investigate cyber threats.
• Collaborate with other teams, including incident responders, to ensure proper escalation and resolution of cases.
• Document and report security incidents, including detailed analysis and recommendations for improvement.
• Contribute to the development and enhancement of security monitoring and detection capabilities.
• Stay up to date with the latest security trends, vulnerabilities, and best practices.
• Bachelor s degree in Computer Science, Information Security, or a related field.
• Solid understanding of network protocols, security architectures, and common security threats.
• Knowledge of security incident response processes and methodologies.
• Excellent analytical and problem-solving skills.
• Strong communication skills, both written and verbal.
• 1-2 years of experience in a security operations center (SOC) or a similar role.
• Experience with security information and event management (SIEM) platforms and threat intelligence tools.
• Industry certifications, e.g., CompTIA Security or Certified Ethical Hacker (CEH).
• Familiarity with regulatory frameworks and compliance requirements.
• Scripting skills in languages such as Python or PowerShell.
• Knowledge of cloud security concepts and technologies.
• Experience with log analysis and correlation.
• Chinese, Japanese, or other foreign language skills.
• Current Employees apply HERE.
• Current Contingent Workers apply HERE.
• Search Firm Representatives Please Read Carefully
• Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
• Regular
• Hybrid
• 01/31/2025A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.
• Requisition ID:R328901.

Skills:

Compliance, Legal, Risk Management

Job type:

Full-time

• Set and implement user access controls and identity and access management systems.
• Perform regular audits to ensure security practices are compliant.
• Deploy endpoint detection and prevention tools to thwart malicious hacks.
• Work with IT operations to set up a shared disaster recovery/business continuity plan.
• Contribute towards the execution of policies, standards and procedures specific set by enterprise standards and account specific standards as they apply to IT security governance, IT risk, and IT compliance requirements.
• Perform IT security risk assessment activities, including third party evaluation and management, and related analysis, including ongoing compliance monitoring in coordination with governance lead and external team members.
• Contribute towards the execution of IT security compliance reviews of master service agreements and advise business team regarding gaps and corresponding mitigation requirements.
• Contribute to the design and implementation of technical IT security safeguard architecture.
• Works with infrastructure teams to execute the vulnerability management program and application owners to validate secure coding best-practices.
• Will operate in a close team of computer digital forensic, fraud, and other IT investigative experts.
• Document and track all incidents to meet audit, compliance, and legal requirements.
• Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm.
• Periodically reports progress to management, and assesses and measures results related to Information Security activities.
• Bachelor s degree in Information Systems Risk Management, Computer Science, or related field, equivalent experience.
• 7-10 Years of experience with a thorough understanding of information security principles and practices.
• 3-5 years of experience in a Cyber Security or Risk Advisory role for regulated environments.
• Proven ability to infuse innovation and creativity into tactical activity with a focus on exceptional customer service.
• Be inspirational, enthusiastic and a promoter of information security.
• Must be reliable and adaptable.
• Excellent written and verbal communication and organizational skills.
• Outstanding work ethic.
• Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
• Ability to think strategically, work with a sense of urgency and pay attention to detail.
• Ability to present complex solutions and methods to a general community.
• Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks.

Experience:

7 years required

Skills:

System Security, Windows Server, Linux

Job type:

Full-time

• Identify and evaluate areas for improvement in detection, prevention, and cyber incident response.
• Work closely with stakeholders to develop and follow up on remediation plans.
• Provide expert consultation on mitigating strategies and actionable remediation plans to asset owners.
• Collaborate with various teams to create, implement, and monitor effective remediation strategies.
• Apply knowledge of IT infrastructure, with experience as a system administrator or system engineer, to enhance cybersecurity measures.
• Utilize an understanding of offensive and defensive cybersecurity strategies (e.g., red and blue teams).
• Perform penetration testing or demonstrate a strong understanding of penetration testing methodologies to assess the security of IT systems.
• Use computer forensic tools to examine and analyze electronic media in suspected hacking cases.
• Conduct tasks related to malware analysis and reverse engineering to identify and mitigate threats.
• Define a course of action if a security problem exists and explain in detailed technical reports what occurred when an incident happens, including the reasons it occurred, and the response taken.
• Document incidents thoroughly, providing detailed technical reports that include the cause of the incident, and the response measures implemented.
• Build relationships with other entities responsible for conducting cyber threat analyses, ensuring effective collaboration and information sharing.
• Bachelor s degree / master s degree or higher in Computer Engineering, Information Technology, Computer science or related field.
• Proficiency with SIEM, UBA, and SOAR tools.
• Experience with system monitoring tools.
• Coding ability in C, C++, C#, Java, ASM, PERL, PHP, and PowerShell.
• Knowledge of backup and archiving techniques.
• Use of enterprise system monitoring tools.
• Understanding of cloud computing.
• Proficiency in UNIX.
• Knowledge of network communication (IP/TCP).
• Familiarity with computer hardware systems.
• Experience with web-based application security.
• Strong knowledge of Windows and Linux Operating Systems.
• Experience in identifying and evaluating cybersecurity risks and providing actionable insights.
• Previous experience as a penetration tester (pentester) is highly beneficial.
• Experience as a system administrator/system engineer is advantageous.
• Familiarity with computer forensic tools and techniques.
• Experience in malware analysis and reverse engineering.
• Ability to work well under pressure while handling multiple tasks.
• Remark: The Bank requires the verification of criminal records prior consideration for employment to ensure secured and maintain standards of the organization.

Skills:

Project Management

Job type:

Full-time

• Responsible for the protection of Celestica assets and to respond to alarms, emergency situations and to assist employees with security issue as part of our mission to provide a safe work environment.
• Responsible for maintaining appropriate access to all areas of the facility for both employees and customers.
• Controlling daily security operations including incident investigation, property passes, loss prevention, and all administrative duties required at the site.
• Knowledge/Skills/Competencies.
• In-depth knowledge of facilities management and operations.
• Understanding of environmental, health and safety regulations (local and government).
• Good organization and project management skills.
• Ability to evaluate, diagnose and troubleshoot problems.
• Ability to gather and analyze data and determine root cause of problems.
• Ability to effectively communicate with a variety of internal and external customers.
• Typical Experience.
• Two to Four years relevant experience.
• Typical Education.
• Bachelor's degree in a related field, or an equivalent combination of education and experience.
• Educational requirements may vary by geography.
• Notes.
• This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
• Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).
• At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
• Celestica (NYSE, TSX: CLS) enables the world s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
• Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
• Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.

Experience:

1 year required

Skills:

Risk Management, Compliance, English

Job type:

Full-time

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Penetration Tester (Manual & Automate).
• Minimum years experience required.
• Over 1 years of Experience in related fields.
• Additional application instructions.
• Good Communication in English.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

Skills:

Research, System Administration, Android

Job type:

Full-time

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

Experience:

8 years required

Skills:

Business Development, Assurance, Software Development, English

Job type:

Full-time

• Design and work on cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
• Data pattern and trend identification via metric analysis, driving operational excellence and improvement.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Provide certification advisory across Information Security Management System (ISMS).
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonised approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• Bachelor s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
• Minimum 4 - 5 years of prior relevant working experience.
• Experience with vulnerability scanning solutions and cybersecurity systems.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)² ) or relevant certifications.
• Strong interpersonal and stakeholder management skills with ability to coordinate between technical and business teams.
• Excellent verbal, written communication and interpersonal skills with stakeholders at all levels.
• Knowledge and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR, and Privacy Shield) and industry standards and frameworks, such as GAPP and BCR.
• Ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements.
• An analytical mindset, strive for quality and are able to work in a result-oriented environment.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

Experience:

7 years required

Skills:

English

Job type:

Full-time

• Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
• Deal effectively with ambiguous and unstructured problems and situations.
• Initiate open and candid coaching conversations at all levels.
• Move easily between big picture thinking and managing relevant detail.
• Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
• Contribute technical knowledge in area of specialism.
• Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
• Navigate the complexities of cross-border and/or diverse teams and engagements.
• Initiate and lead open conversations with teams, clients and stakeholders to build trust.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Security Operation Center (SOC).
• Minimum years experience required.
• 7 years of experiences and above.
• Additional application instructions.
• Good communication in english.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

Experience:

3 years required

Skills:

Industry trends

Job type:

Full-time

• Risk Assessment & Analysis: Conduct comprehensive assessments of clients OT environments to identify vulnerabilities and recommend mitigation strategies.
• Security Strategy Development: Design and implement tailored OT security frameworks and policies in alignment with industry standards (NIST, ISA/IEC 62443, etc.).
• Stakeholder Engagement: Collaborate with cross-functional teams, including IT, operations, and management, to foster a culture of security awareness and resilience.
• Training & Mentorship: Provide training and mentorship to junior consultants and client teams on OT security best practices and emerging threats.
• Thought Leadership: Stay abreast of industry trends, emerging technologies, and regulatory changes; contribute to white papers, presentations, and client workshops.
• Your role as a leader
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Consultants across our firm are expected to:Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
• Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
• Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
• Build relationships and communicates effectively in order to positively influence peers and stakeholders.
• Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.
• Enough about us, let's talk about youBachelor s degree in Cybersecurity, Information Technology, Engineering, or a related field; a Master s degree is a plus.
• At least 3 years of experience in cybersecurity, with a focus on operational technology and industrial control systems (ICS).
• Relevant certifications such as CISSP, CISM or GICSP,.
• Deep understanding of relevant standards and guidelines.
• Proficiency in network security, vulnerability assessment tools, and incident response methodologies specific to OT environments.
• Strong knowledge of industrial control systems, SCADA systems, and PLCs.
• Experience with network segmentation, access control, and secure communication protocols.
• Exceptional verbal and written communication skills, with the ability to articulate complex concepts to technical and non-technical stakeholders alike.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing potential security issues.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website. #LI-AA1 Requisition ID: 106367In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Experience:

2 years required

Skills:

Network Infrastructure, Security Design, Big Data, English

Job type:

Full-time

• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
• Skills and attributes for success.
• To qualify for the role you must have.
• Bachelor's degree or Master s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
• Ideally, you ll also have.
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
• We re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
• What we offer.
• We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
• Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Experience:

1 year required

Skills:

Risk Management, Compliance

Job type:

Full-time

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No

Skills:

Linux, Good Communication Skills, English

Job type:

Full-time

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

Experience:

2 years required

Skills:

Public Relations, Legal, Computer Security, English

Job type:

Full-time

• Executes cybersecurity engineer tasks including, but not limited to, security patch management, security vulnerability management, and security configuration management.
• Tests, implements, deploys, maintains, reviews, and administers the cybersecurity tools.
• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
• Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
• Identify potential conflicts with the implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
• Operates and maintains production information security systems.
• Ensures proper cybersecurity documentation is in place regarding standard operating procedures.
• Monitors the industry and external environment for emerging threats and advises relevant stakeholders on appropriate courses of action.
• Oversees incident response planning and the investigation of security breaches and assists with any associated disciplinary, public relations, and legal matters.
• Applies expert knowledge and skills to resolve problems, including support concepts and methods, problem isolation and troubleshooting procedures, system and file recovery processes, and operating system and network configurations.
• Prepares and presents cogent and cohesive analyses and briefings advising management on new technological developments, techniques, and enhancements that result in increased time and cost efficiencies.
• Provides advice and assistance to troubleshoot the most complex problems in a manner that minimizes interruptions in the ability to carry out critical business activities.
• Supports rapid response teams in response to customer service problems resulting from catastrophic events such as virus infections or widespread power outages.
• Supports the development of a formal cyber security risk assessment program.
• Supports and assists in maintaining a vulnerability/gap/response assessment program.
• Supports the ongoing maintenance of the cyber-Kill Chain for the company, focusing on phases of cyber-attack and remediation/mitigation for each phase.
• Supports ongoing activities to develop, communicate, and support appropriate standards and risk controls associated with digital data.
• Supports the development and maintenance of a company Data Protection program.
• Responds to cybersecurity alerts.
• Cascade and leverage cybersecurity control and practice to the entire company group.
• Bachelor s or Master s degree in Computer Engineering, MIS, IT, or a related field.
• At least 2 years experience in computer security and 5 years in IT infrastructure.
• Have a foundation in good information security practices.
• Knowledge of International Security frameworks, Standards, and Guidelines, e.g., COBIT, NIST-800, ISO 27001, PCI-DSS, OWASP, etc.
• Experience in Security tools, e.g., EDR, ATP, WAF, IPS/IDS, Deception, TI/TIP, Anti DDoS.
• Experience in Cloud Environments, e.g., Google Cloud, AWS, Microsoft Azure.
• Experience with system and application security management and control.
• Experience with system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• Experience with facilitating information security risk assessments.
• Technical writing, documentation development, process mapping, and visual communication skills.
• Hands-on experience with computer programming languages and/or scripting languages such as Python, Java, and Shell for automation.
• Professional certificates related to work (e.g., CISSP, CISM, AWS Certified Security, or similar general security certification) are desirable.
• Talent to identify and create a broad vision for a security solution and to execute it;.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• A positive, can-do attitude who naturally expresses a high degree of empathy to others.
• Ability to explain your thoughts or findings also to non-technical professionals.
• Strong problem-solving and analytical abilities Able to work under minimal supervision, detail oriented.
• Excellent English (Spoken and Written).
• Location: True Digital Park, Punnawithi.

Experience:

3 years required

Skills:

Legal, Compliance, Problem Solving, English

Job type:

Full-time

• Design and work on Cybersecurity framework based on business objectives and strategic imperatives of the client organization including goals, vision, mission, and operational plans.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cyber-security programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalization.
• Assist in designing the security organization structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cyber security policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cyber security practices against the defined controls and provide recommendations for to-be state.
• Run cyber security diagnostic assessments and develop programs for Cybersecurity skill development and enhancement.
• Implement security controls for realization of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation, PDPA and etc.).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonized approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions ).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst ).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• At least three years of experience in cyber-security.
• Bachelor s degree in Computer Engineering, Computer Science, Information Systems or a related field.
• Have knowledge of industry standard classification schemes, such as ISO 27000, NIST. GDPR, TH PDPA, PCI DSS, Data Loss Prevention etc.
• Have demonstrated self leadership, problem solving, including verbal and written communication skills. You need to be able to communicate clearly in both Thai and English.
• Have proven analytical, decision-making, and presentation skills.
• Have a high level of MS Office proficiency.
• Be able to work both independently and as part of a team with professionals at all levels.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• No
• Government Clearance Required?.
• No