Filter Jobs

Skills:

System Security

Job type:

Full-time

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

Skills:

Procurement, Safety Management, Compliance, English

Job type:

Full-time

• Provide strategic planning and analysis for building management and security operations in the assigned scopes. The scope of responsibilities are include but not limit to:Overall planning and implement for improve building operations and facilities management i.e. the preventive and corrective maintenance program, efficient utility usage and alternative energy etc.
• Lead and advise MEP system for building and office renovation, operation and maintenance (O&M) for 4 sites under department responsibility.
• Develop and review procurement Term Of Reference (TOR) and contract for building management and security, include monitor the services performance in accordance with procurement and contract procedures.
• Source and analyse data for building and facility management benchmarking, cost effectiveness analysis, in order to improve process and seek new initiatives.
• Develop, review, and update building management and security standards, procedures, guidelines, process and systems.
• Develop and prepare work plans & budget (WPB). Plan and control budgets under his/her own responsibility in accordance with the approved WPB.
• Drive and be accountable for ISO team leader or focal point i.e. ISO41001 Facility Management, ISO14001 Environmental Management, ISO45001 Occupational Health and Safety Management to compliance with internationally standard and act as a focal point to obtain ISO and related certification in the future.
• Provide and utilize office space and facilities management, coordinate relevant parties for staff for seating arrangement, as well as provide technical advice on issues arise.
• Supervision and monitoring building management and security operations to ensure coverage of Safety Security Health and Environmental (SSHE) policy, regulations and Department s strategy for 4 sites under FFM responsibility. (PTTEP H.O., PTTEP Technology and Innovation Center (PTIC), PTTEP Rapid Scaled-Up Center (RASC), PTTEP Subsurface Research Center (PSRC)).
• Be responsible for special projects as assigned i.e. work process improvement, operations and maintenance office utility systems of PTTEP alternative office, etc.
• Professional Knowledge & Experiences.
• Bachelor s Degree in any fields preferably in Electrical/Mechanical Engineering, Facilities Management.
• Minimum 10-year experience in building and facility management.
• Good command of spoken and written English.
• Good computer skills in standard software (Word, Excel, Power Point, etc.).
• Good supervisory, leadership skills, and service-minded.
• Good communication/ interpersonal skills with excellent project management and analytical skills.
• Knowledge in Government Procurement and Supplies Management would be an advantage.
• Able to travel upcountry occasionally.
• Work Location.
• Bangkok-Thailand.

Skills:

Compliance, Automation, Risk Management

Job type:

Full-time

• Lead and enhance security operations, mentoring team members and implementing advanced security strategies.
• Architect and enforce security frameworks for IT systems, networks, and cloud environments.
• Monitor, detect, and respond to cyber threats, conducting forensic investigations and post-incident analysis.
• Oversee vulnerability management, system hardening, and security compliance.
• Manage identity and access controls, privileged accounts, and authentication mechanisms.
• Drive security automation, process improvements, and adoption of emerging technologies.
• Conduct security awareness training and ensure best practices across the organization.
• Minimum 5+ years of experience in security operations, with a strong focus on incident response, vulnerability management, and risk assessment.
• Proven experience leading incident response efforts and conducting root cause investigations.
• Experience with vulnerability management, and overseeing the security pipeline.
• Experience with security standardization and IT compliance certification and audit.
• Experience with risk management frameworks and methodologies.
• Expert knowledge of security tools, including SIEM, EDR, vulnerability scanners, and penetration testing tools.
• Strong understanding of network protocols, cloud operating systems, and security concepts.
• Strong understanding of security frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Exceptional analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong attention to detail and a commitment to accuracy.
• Strong documentation and reporting skills.
• Ability to effectively communicate technical risks to non-technical stakeholders.
• Understanding of the 3 lines of defense model is a significant advantage.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.

Experience:

5 years required

Skills:

Compliance, ISO 27001, Legal

Job type:

Full-time

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

Job type:

Full-time

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.

Experience:

5 years required

Skills:

Internal Audit, Automation, Data Analysis

Job type:

Full-time

• Implement Third party - Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance.
• Design policies and procedures that support the successful implementation.
• Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
• Establish questionnaire, checklist, and risk score for vendors evaluation process.
• Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan.
• Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues.
• Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings.
• Review completed risk assessments and confirmed completion of due diligence prior to agreement signature.
• Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities.
• Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations.
• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Drive continued operational and automation improvements to improve operational efficiency.
• Support ad-hoc data analysis.
• 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
• Bachelor s degree in Management Information Systems, Computer Science, or related field.
• Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Experience developing and refining technical and business operational processes.
• Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
• Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
• Works effectively as an individual and part of a team.
• Strategic thinking with the ability to see/understand the big picture.
• Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
• Ability to solve problems and bring clarity to ambiguous situations.
• Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.

Experience:

5 years required

Skills:

Problem Solving, English

Job type:

Full-time

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.