Filter Jobs

Skills:

System Security

Job type:

Full-time

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

Job type:

Full-time

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.

Skills:

Compliance, Automation, Risk Management

Job type:

Full-time

• Lead and enhance security operations, mentoring team members and implementing advanced security strategies.
• Architect and enforce security frameworks for IT systems, networks, and cloud environments.
• Monitor, detect, and respond to cyber threats, conducting forensic investigations and post-incident analysis.
• Oversee vulnerability management, system hardening, and security compliance.
• Manage identity and access controls, privileged accounts, and authentication mechanisms.
• Drive security automation, process improvements, and adoption of emerging technologies.
• Conduct security awareness training and ensure best practices across the organization.
• Minimum 5+ years of experience in security operations, with a strong focus on incident response, vulnerability management, and risk assessment.
• Proven experience leading incident response efforts and conducting root cause investigations.
• Experience with vulnerability management, and overseeing the security pipeline.
• Experience with security standardization and IT compliance certification and audit.
• Experience with risk management frameworks and methodologies.
• Expert knowledge of security tools, including SIEM, EDR, vulnerability scanners, and penetration testing tools.
• Strong understanding of network protocols, cloud operating systems, and security concepts.
• Strong understanding of security frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Exceptional analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong attention to detail and a commitment to accuracy.
• Strong documentation and reporting skills.
• Ability to effectively communicate technical risks to non-technical stakeholders.
• Understanding of the 3 lines of defense model is a significant advantage.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.

Skills:

Project Management

Job type:

Full-time

• At least 10-15 years of experience in IT project management, particularly in the Enterprise System domain.
• Extensive experience working with large-scale, complex IT systems and cross-functional teams.
• Proven track record of successfully leading IT projects from inception through to completion.

Experience:

5 years required

Skills:

Compliance, ISO 27001, Legal

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Experience:

3 years required

Skills:

Risk Management, Big Data, Compliance, English

Job type:

Full-time

• Providing effective 2nd line of defense on oversight of Technology related risk involving in assessing, in depth, the risks in IT Infrastructure, Cloud strategy, Data Management, IT Outsourcing, IT Operations, and Big Data.
• Assisting to update Ascend Money/True Money s risk appetite for approval by the board.
• Facilitating Risk and Control Self-Assessment (R&CSA) and monitoring the design and testing the operational effectiveness under Key Control Testing (KCT) and incident m ...
• Coordinating and supporting the Country Risk Management team for facilitating Risk and Control Self-Assessment (R&CSA), performing Key Control Testing (KCT), setting and reviewing Key Risk Indicators (KRIs) and Incident Management.
• Challenge business units in implementing a secured architecture aligned with the business goals and future plans, including company policy and regulatory requirements.
• Analysing IT incidents reported by staff and report lessons learned to the Head of International Risk and Fraud Management and the Committee.
• Delivering the oversight, advisory and guidance on new technology risk and emerging risk.
• Investigation, root-cause analysis, and coordination with relevant parties for data loss prevention monitoring and management.
• Assisting the Head of International Risk and Fraud Management to bring together a holistic picture of the technology risk across the company.
• Tracking progress status with the Country Risk Management team around remediation activities to close gaps from policy compliance assessments and various other risk assessments.
• Providing IT & Cyber Risk dashboard for Committee and Senior Management.
• Ad-hoc assignment.
• Bachelor s or Master s Degree in Economic, Finance, IT or related fields.
• Minimum 3 years of professional experience in the IT Risk Management, IT Security or IT Audit with relevant experience in the Financial Services Industry.
• Strong organization, good presentation, communication, writing, interpersonal and teamwork skills.
• Demonstrated ability to complete assigned projects in a timely manner and in a fast-paced, high pressure environment.
• Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT, ISO27001 is a plus.
• Strong analytical and quantitative skills.
• Thorough knowledge of IT governance and control frameworks.
• Understanding of complex IT environments including legacy, hybrid cloud, virtualization, software defined networking is a plus.
• Good command in both oral and written in English communication.
• Able to travel in regional countries (i.e. Myanmar, Vietnam, Cambodia, Indonesia, Malaysia, the Philippines).

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.