Filter Jobs

Skills:

ISO 27001

Job type:

Full-time

• Provide security consultation on new Core Bank and its architecture e.g. application, container and DepSecOps.
• Provide expert advice on security architecture for applications, cloud (e.g. AWS, Azure, OCP), and on-premises infrastructure.
• Ensure alignment between business requirements and security controls.
• Ensure the solution complies with internal policies and external standards (e.g. ISO 27001, NIST CSF, PDPA, BOT, PCI-DSS, etc.).
• Develop and maintain security documentation (e.g. Security standard, Security requirements, Security hardening guides).
• Security Assessment.
• Assess security scope including estimate required efforts for IT project.
• Conduct and coordinate penetration testing, vulnerability assessments, web application scans, and related activities.
• Provide practical recommendations for IT & BU.
• Maintain and follow up the findings..
• Apply now if you have these advantages.
• Master/Bachelor s degree in Computer Science, Computer Engineer, Information Technology or related fields.
• Minimum of 3-8 years of experience in Information Security design, consulting and assessment (Banking Financial industries are advantage)
• Experience with Security architecture design and consulting
• Experience with Security assessment e.g. penetration tests, source code review, VA scan, DAST
• Experience with Security consulting on DevSecOps
• Experience with Security consulting on Cloud environment e.g. AWS, Azure is advantage
• Experience with Security consulting on mobile application security is advantage.
• Knowledge in local security requirements from Regulatory.
• Relevant local and international security standards and best practices such as OWASP, NIST, ISO 27001, CIS Controls, SOC 2, PCI-DSS, and PDPA (Thailand).
• Why join Krungsri?.
• As a part of MUFG (Mitsubishi UFJ Financial Group), we a truly a global bank with networks all over the world.
• We offer a striking work-life balance culture with hybrid work policies (3 days minimum in office per week).
• Unbelievable benefits such as attractive bonuses, employee loan with special rates and many more..
• Apply now before this role is close. **.
• FB: Krungsri Career(http://bit.ly/FacebookKrungsriCareer [link removed]).
• LINE: Krungsri Career (http://bit.ly/LineKrungsriCareer [link removed]).
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120.
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย (https://krungsri.com/b/privacynoticeth).

Experience:

1 year required

Skills:

DevOps, Automation, Electrical Engineering

Job type:

Full-time

• Equipped with security knowledge and done related projects in technical IT domains such as operating systems, networks, databases, cloud or solution development etc.
• Possess knowledge in assessing solution architectures at the planning and design level for security issues and vulnerabilities.
• Experience in practical security vulnerability remediation.
• Information Security domains - in particular one or more of the following: Cyber Program Management, Cyber Threat Management, Identity & Access Management, Data Protection, Privacy, Organisational Resilience. This experience should include both advisory, implementation and operation experience.
• Strong technical security skills in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps).
• Implementation skill set for identity and access management platforms, security information and event management platforms, security automation and orchestration platforms, advance threat detection systems, endpoint protection systems, data leak prevention systems or network security devices.
• To qualify for the role you must have.
• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
• Experience with a leading Security technology like Microsoft Security, Crowdstrike, Splunk and others would be a strong advantage.
• Creative, independent with good problem solving skills.
• Excellent communicator with strong analytical, interpersonal and writing skills.
• Candidates with minimum 10-15 years of relevant experience, including managing a team, will be considered for a Leadership role.
• Ideally, you ll also have.
• Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL).
• Solution Level Certifications, OSCP, CREST, GIAC would be advantageous, as well as penetration testing experience.
• Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.
• What we offer.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Skills:

Compliance, English

Job type:

Full-time

• Act as a liaison for internal, external, and regulatory auditors (e.g., Bank of Thailand, PCI, SEC, ISO27001).
• Support and monitor IT audit findings, issue tracking, and resolution progress.
• Assist in managing the IT General Controls (ITGC) framework and SOX compliance program.
• Contribute to IT Security control monitoring and risk assessment activities.
• Promote IT governance, compliance, and operational excellence across teams.
• Bachelor s or Master s degree in Information Technology, Computer Management, or related fields.
• 4 years of experience in IT within banking or financial services, including 2 years in IT audit or compliance roles..
• Knowledge of regulatory and security standards such as ISO 27001, NIST, COBIT, COSO, PCI DSS, ITIL, and SOX compliance..
• Strong analytical, communication, and problem-solving skills.
• Ability to manage multiple tasks, influence stakeholders, and work effectively under pressure.
• Good command of English.
• CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer are advantageous..
• Only shortlisted candidates will be contacted.
• Talent Acquisition Department
• Bank of Ayudhya Public Company Limited
• 1222 Rama III Rd., Bangpongpang, Yannawa, Bangkok 10120
• FB: Krungsri Career.
• LINE: Krungsri Career.
• LINKEDIN: Krungsri.
• Applicants can read the Personal Data Protection Announcement of the Bank's Human Resources Function by typing the link from the image that stated below.
• EN: (https://krungsri.com/b/privacynoticeen).
• ผู้สมัครสามารถอ่านประกาศการคุ้มครองข้อมูลส่วนบุคคลส่วนงานทรัพยากรบุคคลของธนาคารได้โดยการพิมพ์ลิงค์จากรูปภาพที่ปรากฎด้านล่าง.
• ภาษาไทย: (https://krungsri.com/b/privacynoticeth).
• หมายเหตุ ธนาคารมีความจำเป็นและจะมีขั้นตอนการตรวจสอบข้อมูลส่วนบุคคลเกี่ยวกับประวัติอาชญากรรมของผู้สมัคร ก่อนที่ผู้สมัครจะได้รับการพิจารณาเข้าร่วมงานกับธนาคารกรุงศรีฯ.
• Remark: The bank needs to and will have a process for verifying personal information related to the criminal history of applicants before they are considered for employment with the bank..

Skills:

ISO 27001, Python, PowerShell

Job type:

Full-time

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT security and governance.
• Strong understanding of IT security principles, practices, and technologies.
• Knowledge of relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
• Experience with risk assessment and vulnerability management.
• Experience with security incident response and management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team..
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+).
• Experience with cloud security (AWS, Azure, GCP) and On-Premises.
• Experience with security information and event management (SIEM) systems.
• Experience with scripting languages (e.g., Python, PowerShell).
• Experience with penetration testing.
• Ability to maintain confidentiality and handle sensitive information.
• Ability to adapt to changing technologies and security threats.
• Strong attention to detail and organizational skills.
• Ability to create and maintain clear and concise documentation..
• โบนัสประจำปี.
• ลาพักร้อน เมื่อพ้นทดลองงาน.
• ลา Workcation.
• กองทุนสำรองเลี้ยงชีพ.
• ประกันสังคม / ประกันสุขภาพ / ประกันชีวิต / ประกันอุบัติเหตุ.
• วันหยุดตามกฏหมาย (ไม่น้อยกว่า 13วัน).
• ลาหยุดในเดือนเกิด.
• ตรวจสุขภาพประจำปี.
• เงินช่วยเหลือสมรส.
• สิทธิคุณพ่อลาเลี้ยงบุตร.
• เงินช่วยเหลือฌาปนกิจ.
• Co working Space.
• ฟิตเนต.
• Point แลกของรางวัล.
• บริการปรึกษานักจิตวิทยาออนไลน์..
• การเดินทาง.
• BTS: สถานีหมอชิต, ห้าแยกลาดพร้าว.
• MRT: สถานีพหลโยธิน.
• บริการเรียกรถผ่าน App MuvMi..
• ติดตามข่าวสารจาก SC ASSET ได้ที่.
• http://insidesc.scasset.com/..

Job type:

Full-time

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• Security Awareness & Training.
• Develop and manage security e-learning programs, newsletters, and knowledge-sharing initiatives to enhance employee awareness.
• Conduct phishing drills and security simulations to assess and improve employee resilience against cyber threats.
• Design specialized training for executives and high-risk users to enhance their understanding of emerging threats and security best practices.
• Implement interactive learning methods such as gamification, security awareness series, real-world security challenges to encourage participation, on-site engagements to reinforce security culture.
• Digital Identity.
• Assist in Identity Governance & Administration (IGA) by supporting policy enforcement, identity lifecycle management, and compliance monitoring.
• Support Access Management by integrating authentication mechanisms such as SSO, MFA, and adaptive access controls into enterprise systems.
• Contribute to Role Management, ensuring structured RBAC/ABAC models and periodic access reviews.
• Help implement Privileged Access Management (PAM) controls, monitoring privileged user sessions, and enforcing security best practices.
• Assist in Identity Integration & Directory Services, ensuring seamless identity synchronization and federation across cloud and on-prem systems.
• Security Innovation.
• Research and evaluate emerging cybersecurity technologies, AI-driven security analytics, and automation tools, conducting PoCs to assess feasibility.
• Explore AI-driven security solutions for threat detection - prevention, and automated security operation to enhance cybersecurity resilience.
• Provide strategic insights to align security innovations with digital transformation, FinTech, and cloud security initiatives across subsidiaries.
• Partner with internal teams, vendors, and industry leaders to benchmark security advancements and drive innovation initiatives..
• Minimum of 5+ years in information security consultancy, with a proven track record in security assessment, identity & access and data security.
• Experience in conduct IAM solutions, including IGA, identity assessment - planning, access management, PAM, and identity integration within enterprise environments.
• Demonstrates a deep understanding of global security frameworks, such as NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as from identity products or equivalent are highly desirable.

Skills:

Automation, English

Job type:

Full-time

• Establish a consistent approach to handle security incidents under committed OLA, SLA, MTTX matrix..
• Effectively and efficiently contain and eradicate cyber threats with all subsidiaries.
• Recover impacted assets from technical and business damage done by cyber threats.
• Develop and distribute security incident reports to all key stakeholders.
• Incorporate root cause and lessons learned into an improvement plan.
• Strengthen processes and maturity of Group security operations.
• Continuous improve security incident operations.
• Security Incident Identification, Triage and Response with MS Sentinel SIEM and SOAR cover 24*7 detection & analysis, containment, eradication & post incident investigation on high, rather high, moderate, rather low and low severity..
• Access to internal or external IR specialists to support in Digital forensics investigations and IR team, Threat hunting using Microsoft Sentinel to proactively identify threats in the environment.
• Gather cyber threat insights on security incidents through governance reporting covering weekly operational reports, monthly tactical reports and quarterly management reports.
• Review use-cases onboarding and continuous optimizations to comprehensively detect threats for all subsidiaries environments.
• Works smooth with SOC operation outsources team under the SCBX Cyber Defense Operating Model..
• Support in helping subsidiaries to containment and resolve security incidents within MTTC SLA.
• Maintained and updated security incident response playbooks and runbooks with all subsidiary s acknowledgement.
• Develop, design and participate in cyber tabletop exercises.
• 5-7 years experienced in cyber security incident response or SOC environments. If you worked in Financial industry will be plus score..
• Strong knowledge of cyber security principles and practices, including vulnerability assessment, incident response, and SOC architecture. If you have Cyber/IR certificates related will be plus score..
• Strong knowledge and skills of security threats, attack countermeasures and threat detection/prevention/mitigation.
• Working experience in SOC (Security Operations Center) with hands-on experience with Automated Analytic Rules and Automation Playbook on MS Sentinel..
• Experience with a variety of cyber security tools such as SIEM, EDR, Firewall, IPS, etc and SOC technologies. Excellent analytical and problem-solving skills.
• Hands-on experience in provisioning and interpreting log and network packet data, cloud environment.
• Ability to work independently and as part of a team.
• Ability to communicate complex technical concepts to both technical and non-technical audiences in both of Thai and English..
• Experienced in multi-vendor management.
• Join our team and contribute to ensuring the best availability and efficiency of our Cyber Defense strategy and Cyber Defense Operating Model.
• Apply today to play a crucial role in safeguarding our organization's security.

Experience:

2 years required

Skills:

Security Design, Big Data, English

Job type:

Full-time

• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
• Skills and attributes for success.
• To qualify for the role you must have.
• Bachelor's degree or Master s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
• Ideally, you ll also have.
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
• We re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
• What we offer.
• We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Shape The Future with Confidence.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
• Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Experience:

6 years required

Skills:

SAP, Finance, Accounting, English

Job type:

Full-time

• Engage clients in workshops and interviews to analyze process and reporting requirements.
• Advise clients on industry/ cross-industry leading practices. Advise clients on SAP recommended processes and functions.
• Design target state SAP solutions for clients. Influence clients thinking in adopting leading/ standard practices while developing target state.
• Analyze application landscape to design interfaces to SAP solution.
• Perform SAP configuration and tests. Develop specifications for development of forms/ reports/ interfaces.
• Lead the consultant and client teams through the implementation cycle including planning and execution of testing, migration and cutover.
• Support change management execution by developing training material, delivering training and supporting users post cutover.
• Develop relationships with internal and external stakeholders.
• Your role as a leaderAt Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Senior Consultant across our Firm are expected to:Develop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Align your team to key objectives as well as set clear priorities and direction.
• Make informed decisions that positively impact the sustainable financial performance and enhance the quality of outcomes.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Lead with integrity and make a strong positive impact by energising others, valuing individual differences, recognising contributions, and inspiring self-belief.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Requirements:Bachelor or Master s degree in Finance and Accounting, Information Technology, Business Admistrative or relevant field, supported by relevant experience.
• Minimum of 6 years of post-qualification experience working with SAPSecurity by completed at least 3 end to end full life cycle.
• Working experience in Consulting firms is most preferred.
• Experience with S4/Hana is a big plus.
• Deep and wide experience in SAP led transformation programs in diverse industries.
• Broad understanding and appreciation of emerging business and technology paradigms.
• Demonstrated ability to engage client stakeholders on a range of issues.
• A self-motivated individual with ability to chart his/ her route to success.
• Ability to provide situational leadership to engagement teams, and coaching/ mentorship to team members.
• Value driven, inclusive individual committed to client service excellence.
• Willingness to work outside of office base and most of all.
• An appreciation of the consulting lifestyle and ability to travel (both locally and abroad) is a pre-requisite to fit to our short-term and long-term project assignments.
• Good command of English communication.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website.Requisition ID: 109990In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

Skills:

Risk Management, Kubernetes, Docker

Job type:

Full-time

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

Skills:

Compliance

Job type:

Full-time

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance.
• Who are we looking for?.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Able to work in shift.
• Location: Head Office: Chatuchak, SJ Infinite One Business Complex

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

Job type:

Full-time

• Entry-level experience with troubleshooting and providing support in security, network, DATA centre, systems, or storage administration and monitoring services within a medium to large ICT organization.
• Working knowledge of ITIL processes.
• Skills in active listening techniques such as paraphrasing, probing for further relevant information, and refraining from interrupting.
• Highly disciplined in handling of tickets on day-to-day basis. Act promptly as per defined Sop s.
• Try to resolve as many tickets as possible using available Knowledge articles or provided Sop s.
• Good understanding of using ITSM tools.
• Ability to communicate and work across different cultures and social groups.
• Capacity to plan activities and projects well in advance, adapting to changing circumstances as needed.
• Positive outlook and ability to perform well under pressure.
• Eagerness to work diligently and extend hours when necessary.
• Client-centric approach, always putting clients at the forefront of interactions.
• Bachelor's degree or equivalent qualification in IT/Computing or demonstrated equivalent work experience.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Skills:

Internal Audit, Research, System Administration

Job type:

Full-time

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

Skills:

Teamwork, Compliance, Problem Solving, English

Job type:

Full-time

• IT Solutions & Services.
• Work with Passion, Professional and Teamwork.
• Work in Shift.
• We are looking for a highly proficient Cyber Security Consultant who has the professional knowledge and skill to drive and enhance our security solutions in any field at MFEC Cyber Security Operation Center (CSOC) for our large enterprise customers.
• What we want?.
• To find the most efficient way to create and to manage every cyber security solution for multiple clients.
• To propose improvement to infrastructure and security systems and may present them to customer s upper management.
• Plan and carry out a customer s information security strategy to be the healthy security architectures for any IT project.
• To implement security system and ensure compliance with corporate cyber security policies and procedures.
• To provide professional supervision and guidance to security teams.
• Works with other business units, partners, and customers to maintain secure methods of security management.
• Work in Shift.
• Who are we looking for?.
• 1-3 Years or experience in Cyber Security field.
• Great awareness of Cyber Security trends and new technology update.
• Strong knowledge and experience with various IT security such as Incident Handler, Forensic Examiner, Forensic Analyst is a plus.
• Excellent knowledge in Security Product (Firewall/VPN, IPS/IDS), Security Platform, Endpoint Solution, and Network Security solution.
• Excellent problem solving and analytical skill, planning and organizing skill and customer oriented.
• Proficiency in English both written and spoken.
• Security Profession Certification is a plus.
• Knowledge in AI and the ability to use AI-related tools and technologies.
• MFEC OKR:- As MFEC People, you will be a part of our talent team. Besides your main responsibilities, you do have special projects as part of OKR. However, the percentages will be different according to the positions and teams.
• Location: Branch: Chatuchak, Lao Peng Nguan Building

Experience:

3 years required

Skills:

Compliance, Legal

Job type:

Full-time

• Develop data security policy review, data security policy exceptions, and control risk mitigation processes.
• Define the security controls for access management lifecycle (i.e., requirement for creation, deletion, transfer and review).
• Operate:Advice on technology relating to Data Privacy and Protection (i.e., PDPA) related security controls implementation.
• Drive and support data security controls such as Data Loss Prevention (DLP), Data Masking, Data Encryption capabilities to protect sensitive data.
• Drive compliance (or collaborate with compliance team) to organization security policies, standards, metrics, and legal requirements.
• Communicate and enforce security policies, rules, and standards.
• Conduct impact assessment of data initiatives from a security point of view.
• Ensure the cryptographic keys and related components are safety and protection of confidential information.
• Resolve data security audit and risk findings.
• Review and develop security controls to current access controls policies and procedures.
• Provide requirements for create and manage roles, access rights (includes privileged access), authentication and identity within the environment.
• Conduct periodic review of user access.
• Review, approve and monitor the usage of privileged access.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Work experience in privacy, compliance, information security, auditing or a related field may also be an accepted alternative, according to Cybersecurity.
• Minimum 3 years of experience in and strong knowledge of privacy, data, operational risk management, information security, or related areas in IT.
• OTHER REQUIREMENTS.

Experience:

3 years required

Skills:

Compliance

Job type:

Full-time

• Develop and implement comprehensive security policies and procedures in compliance with laws and regulations and Shopee regional's security standards.
• Monitor and assess potential security risks, establish preventive measures, and minimize the occurrence of security incidents.
• Coordinate and lead the security team, conducting regular training to build skills and competence of security manpower.
• Maintain a good relationship with local law enforcement agencies to handle potential security incidents and ensure compliance.
• Managing facility and infrastructure support in build up cctv coverage in place ensuring it has managed function as intended including CCTV monitoring.
• Execute security protocol to manage and enforce the compliance of parties involved.
• Summarize monthly KPI and set a monthly meeting with security management team.
• A dequate security manpower is managed during campaign and BAU days.
• To develop body searching standard, frisking process and thief management.
• Guard tour management system.
• Monitor and evaluate the daily, weekly and monthly performance of Security Leaders and Guards to ensure: Perform additional duties as assigned by the reporting manager.
• Requirements:Bachelor's degree or above in Security Management, Occupational health and Safety, or related fields.
• More than 3 years of experience in security management, with a preference for experience in logistics and supply chain/E-commerce business.
• Familiarity with Thai security regulations and International's security management system with strong risk assessment capabilities.
• Qualified TAPA FSR (if applicable) would be advantageous.

Experience:

5 years required

Skills:

Contracts, Procurement, AutoCAD, English

Job type:

Full-time

• Serve as the key business partner working directly with service business partners and internal stakeholders (primarily infrastructure, physical security and operations teams).
• Collaborate with engineers, technicians, project managers, and Sr. Leaders to develop your programs.
• Drive process change and improvement across multiple business and program teams.
• Report ad hoc, weekly, and monthly program and operating metrics.
• Run meetings, create and maintain timelines, and keep large, diverse groups informed of progress and obstacles.
• Manage security system integration vendor contracts to deliver projects.
• Communicate the status of programs with customers, stakeholders and conduct program reviews.
• Must be willing to travel 15% of the time as required when launching new locations (Domestically and Internationally).
• A day in the life
• The SPM team in ASEAN is a high performing unit that supports ASEAN Data Center builds now and into the future. The team work at pace and Take Ownership, able to Deliver Results on a daily basis. We are mindful of each others differences and work tirelessly to support each other daily.
• Diverse Experiences
• Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn t followed a traditional path, or includes alternative experiences, don t let it stop you from applying.
• Why AWS
• Amazon Web Services (AWS) is the world s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating that s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
• Work/Life Balance
• We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there s nothing we can t achieve in the cloud.
• Inclusive Team Culture
• Here at AWS, it s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon conferences, inspire us to never stop embracing our uniqueness.
• Mentorship and Career Growth
• We re continuously raising our performance bar as we strive to become Earth s Best Employer. That s why you ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
• BASIC QUALIFICATIONS.
• 5 years working in Project Management related to construction or physical security.
• Demonstrated ability to manage multiple complex projects and adapt to and control change on a project.
• Fluency/competency in more than one language in Thai and English to communicate with local and overseas stakeholders.
• Experienced in vendor management and procurement processes, to include the establishment of key performance indicators and service level agreements.
• PREFERRED QUALIFICATIONS.
• BA/BS degree or higher in related field of architecture, engineering, or project management. PSP, CPP, PMP Certification will be an added advantage.
• Subject Matter Expertise with Access Control, Intrusion Detection, and Video Surveillance Systems.
• Demonstrated ability to use AutoCad/Desk, BIM, Bluebeam.
• Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you re applying in isn t listed, please contact your Recruiting Partner.

Skills:

Compliance, Project Management, ISO 27001

Job type:

Full-time

• Assists in conducting risk assessments and vulnerability assessments.
• Contributes to the development and maintenance of security policies and procedures.
• Collaborates with internal stakeholders to ensure compliance with industry standards and regulations.
• Participates in security awareness and training initiatives.
• Supports incident response activities and investigations as required.
• Monitors and reports on security compliance metrics.
• Assists in the implementation of security controls and best practices.
• Stays updated with emerging security threats and trends.
• Performs any other related task as required.
• To thrive in this role, you need to have: Seasoned familiarity with information security frameworks and standards.
• Seasoned understanding of risk assessment methodologies, compliance, and policy development.
• Strong communication and interpersonal skills for effective collaboration.
• Strong attention to detail and ability to follow established processes.
• Seasoned project management skills for coordinating security initiatives.
• Academic qualifications and certifications: Bachelor s degree or equivalent in Information Technology or Computer Science degree or related field.
• Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
• Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable.
• Required experience: Seasoned experience in information security or related roles.
• Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Experience:

5 years required

Skills:

English

Job type:

Full-time

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Security Risk Management: Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Establishment of Policies, Standards, and Procedures:Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Communication and Collaboration with Technology Team:Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Essential Skills & PrerequisitesA positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as the expert in project teams. PERSONAL SKILLS: Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Why Ascend Money?Contribute to a safer digital world.
• Gain hands-on experience with cutting-edge cybersecurity challenges.
• Grow your career in a dynamic, fast-moving environment.
• Don t miss this opportunity to be part of something big! Apply now and take the next step with Ascend Money.
• Apply Now: CLICK

Skills:

ISO 27001, Negotiation

Job type:

Full-time

• Extensive understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, and cybersecurity solutions.
• A proven track record in achieving and exceeding sales and financial goals.
• Skill in delivering engaging sales presentations and elevator pitches.
• Meticulousness in maintaining up-to-date, accurate sales forecasts and close plans.
• Experience in a team-selling approach and knowledge of competitors and competing sales strategies.
• Strong negotiation skills to craft solutions beneficial to customers, partners, and our organization.
• The ability to develop and maintain meaningful customer relationships up to the C-level.
• A client-centric mindset with the capability to understand customer problems and find best-fit solutions.
• Flexibility and adaptability to meet urgent deadlines and short missions.
• A bachelor's degree or equivalent in a technical or sales field or related area.
• Industry/Vendor sales certifications required.
• On-site Working About NTT DATA
• NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
• Equal Opportunity Employer
• NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.