เงื่อนไขการค้นหา

ทักษะ:

Procurement, Contracts, Market Research, English

ประเภทงาน:

งานประจำ

• Manage the full lifecycle of sourcing and procurement for IT requirements, including hardware, software, services, and IT Outsource Turnkey solutions.
• Identify, evaluate, and onboard new potential suppliers to meet organizational needs.
• Negotiate contracts, pricing agreements, and terms with suppliers, ensuring favorable and sustainable conditions.
• Monitor supplier performance and ensure adherence to contractual obligations, addressing any discrepancies as they arise.
• Collaborate with internal stakeholders to understand their requirements and ensure alignment with procurement strategies.
• Proactively identify and resolve procurement-related challenges to avoid operational disruptions.
• Conduct market research and competitor analysis to identify cost-effective, high-quality suppliers that meet the company's needs.
• Educational Background: Bachelor's degree in Supply Chain Management, Business Administration, Information Technology, or a related field. A master's degree or relevant certifications are a plus..
• Experience: Proven experience in IT procurement, sourcing, or vendor management, ideally within a technology-driven environment..
• Technical Knowledge: Strong understanding of IT hardware, software, services, and outsourcing models..
• Negotiation Skills: Demonstrated ability to negotiate contracts and pricing agreements that deliver favorable outcomes for the organization..
• Supplier Management: Experience in identifying, qualifying, and nurturing long-term relationships with suppliers..
• Problem-Solving Abilities: A proactive approach to resolving procurement challenges and driving solutions that support organizational objectives..
• Market Awareness: Ability to conduct comprehensive market research and competitor analysis to identify high-quality, cost-effective suppliers..
• English Communication Skills: Strong verbal and written communication skills in English..

ทักษะ:

Compliance, Automation, Risk Management

ประเภทงาน:

งานประจำ

• Lead and enhance security operations, mentoring team members and implementing advanced security strategies.
• Architect and enforce security frameworks for IT systems, networks, and cloud environments.
• Monitor, detect, and respond to cyber threats, conducting forensic investigations and post-incident analysis.
• Oversee vulnerability management, system hardening, and security compliance.
• Manage identity and access controls, privileged accounts, and authentication mechanisms.
• Drive security automation, process improvements, and adoption of emerging technologies.
• Conduct security awareness training and ensure best practices across the organization.
• Minimum 5+ years of experience in security operations, with a strong focus on incident response, vulnerability management, and risk assessment.
• Proven experience leading incident response efforts and conducting root cause investigations.
• Experience with vulnerability management, and overseeing the security pipeline.
• Experience with security standardization and IT compliance certification and audit.
• Experience with risk management frameworks and methodologies.
• Expert knowledge of security tools, including SIEM, EDR, vulnerability scanners, and penetration testing tools.
• Strong understanding of network protocols, cloud operating systems, and security concepts.
• Strong understanding of security frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Exceptional analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong attention to detail and a commitment to accuracy.
• Strong documentation and reporting skills.
• Ability to effectively communicate technical risks to non-technical stakeholders.
• Understanding of the 3 lines of defense model is a significant advantage.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Internal Audit, Automation, Data Analysis

ประเภทงาน:

งานประจำ

• Implement Third party - Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance.
• Design policies and procedures that support the successful implementation.
• Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
• Establish questionnaire, checklist, and risk score for vendors evaluation process.
• Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan.
• Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues.
• Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings.
• Review completed risk assessments and confirmed completion of due diligence prior to agreement signature.
• Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities.
• Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations.
• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Drive continued operational and automation improvements to improve operational efficiency.
• Support ad-hoc data analysis.
• 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
• Bachelor s degree in Management Information Systems, Computer Science, or related field.
• Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Experience developing and refining technical and business operational processes.
• Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
• Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
• Works effectively as an individual and part of a team.
• Strategic thinking with the ability to see/understand the big picture.
• Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
• Ability to solve problems and bring clarity to ambiguous situations.
• Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.

ทักษะ:

System Security

ประเภทงาน:

งานประจำ

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Compliance, ISO 27001, Legal

ประเภทงาน:

งานประจำ

• Design and implement a cybersecurity strategy that aligns with the organization's overall business objectives.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing to evaluate the organization s cyber defenses; subsequently, develop and implement security risk mitigation strategies and programs.
• Lead and coordinate response efforts in the event of security incidents, overseeing investigation, mitigation, and post-incident analysis.
• Compliance & Regulatory Management.
• Ensure adherence to relevant laws, regulations, and standards (e.g., PDPA).
• Implement and lead initiatives for security and compliance audit certifications, including ISO 27001, NIST, the Cyber Resilience Assessment Framework (C-RAF), and other applicable standards and best practices.
• Recommend, implement, and manage continuous monitoring of IT security systems and tools.
• Collaborate with legal and data protection teams to establish policies and safeguards for sensitive and personal data.
• IT Governance.
• Establish and maintain an IT governance framework, policies, and processes that align with the organization s business goals while ensuring compliance with legal, regulatory, corporate, and industry requirements.
• Work in partnership with management, legal, finance, and external auditors to promote transparency and alignment in governance practices.
• Generate and present reports on IT governance performance, compliance status, and the risk landscape to stakeholders.
• Data Governance.
• Develop and implement data governance policies that ensure data quality, security, and compliance.
• Manage the data lifecycle, align data strategies with business objectives, and collaborate with cross-functional teams to enhance data integrity.
• Oversee data stewardship, regulatory compliance, and provide best practices for data management to support effective decision-making.
• Team Leadership and Development.
• Lead and mentor a small team of IT governance, compliance, and security professionals.
• Foster a culture of continuous improvement and knowledge sharing within the team and across business units.
• Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• A minimum of 5 years of experience in IT governance, cybersecurity, and compliance, with at least 2 years in a managerial role.
• Strong understanding of IT governance frameworks (e.g., ITIL, COBIT), cybersecurity standards (e.g., ISO 27001, NIST), and regulatory requirements (e.g., PDPA).
• Possession of basic IT governance and cybersecurity certifications (e.g., CISSP, CISM) is advantageous.
• Proficient in common technical team/project management tools (e.g., JIRA, Asana, Github). Collaborative team player with strong interpersonal skills, capable of working effectively with both internal and external teams.
• Working-level fluency in English and Thai. Proficient in English equivalent to IELTS 5.5, CEFR B2, or TOEFL 72; excellent spoken and written communication to effectively work with a global management team.
• Familiarity with local regulatory bodies (e.g., OIC, SEC, BOT) is a plus.
• Experience in the insurance industry will be an added advantage.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

ประเภทงาน:

งานประจำ

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.