เงื่อนไขการค้นหา

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Business Development, Risk Management, ISO 27001

ประเภทงาน:

งานประจำ

• Assess existing cybersecurity frameworks, identify gaps, and provide actionable recommendations for improvement.
• Develop tailored cybersecurity strategies that align with the client s business goals, regulatory requirements, and risk profile.
• Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats.
• Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Manage cybersecurity projects from inception through completion, ensuring timely delivery and client satisfaction.
• Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Lead and mentor a team of cybersecurity consultants, fostering a culture of collaboration and continuous improvement.
• Support business development activities by identifying new opportunities and contributing to proposal development.
• Your role as a leader: At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Assistant Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about youDegree in cyber security, computer science, business IT or equivalent.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• 3+ years of experience in cybersecurity, with a focus on strategy development, security governance, and risk management.
• Strong understanding of cybersecurity frameworks, regulatory requirements, and industry standards (e.g., NIST, ISO 27001, MITRE).
• Preferred CISA, CISM, CISSP certification or related security certification.
• Due to volume of applications, we regret that only shortlisted candidates will be notified. Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information.
• LI-AA1 Requisition ID: 106366In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Business Development, Risk Management, ISO 27001

ประเภทงาน:

งานประจำ

• Assess existing cybersecurity frameworks, identify gaps, and provide actionable recommendations for improvement.
• Develop tailored cybersecurity strategies that align with the client s business goals, regulatory requirements, and risk profile.
• Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats.
• Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Manage cybersecurity projects from inception through completion, ensuring timely delivery and client satisfaction.
• Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Lead and mentor a team of cybersecurity consultants, fostering a culture of collaboration and continuous improvement.
• Support business development activities by identifying new opportunities and contributing to proposal development.
• Your role as a leader.
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about you.Degree in cyber security, computer science, business IT or equivalent.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• 5+ years of experience in cybersecurity, with a focus on strategy development, security governance, and risk management.
• Strong understanding of cybersecurity frameworks, regulatory requirements, and industry standards (e.g., NIST, ISO 27001, MITRE).
• Preferred CISA, CISM, CISSP certification or related security certification.
• Due to volume of applications, we regret that only shortlisted candidates will be notified. Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information.
• LI-AA1 Requisition ID: 106371In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Compliance, Finance, Accounting

ประเภทงาน:

งานประจำ

• Act as a trusted advisor to our clients as well as our engagement team to provide delivery leadership.
• Perform As-Is analysis of GRC maturity and provide robust recommendation for To-Be GRC stage by customizing with good practices for FSI industry or client industry.
• Develop / Assist and implement GRC strategies that align with the regulatory framework and business objectives of clients.
• Develop and deliver GRC policy, procedure, and training programs for clients on risk management, compliance, and governance best practices.
• Work closely with clients, business stakeholders, and technical teams to understand requirements, design solutions, and deliver successful implementations using GRC platforms.
• Conduct workshops and meetings with business stakeholders to understand their risk, compliance, business continuity management (BCM), Third Party Risk Management (TPRM) and Audit management needs.
• Translate business requirements into functional and technical specifications for GRC platform configuration.
• Assist in the design, configuration, and implementation of GRC solutions based on client requirements.
• Develop and customize GRC solutions, including workflow creation, dashboards, reporting features and integrations.
• Design powerful GRC insight dashboards for key stakeholders (e.g., top management, risk manager, risk owner, compliance team, internal audit team).
• Support User Acceptance Testing (UAT) and troubleshoot issues to ensure a smooth transition to production environments and system readiness.
• Provide ongoing support for GRC implementations, resolve issues, fine-tune systems to meet business and compliance needs, and monitor performance to recommend optimizations for continuous improvement.
• Create and deliver comprehensive documentation for system configurations, testing, user guides, and prepare regular reports on system performance, issues, and enhancements, ensuring the resource can effectively manage and deliver GRC project deliverables.
• Your role as a leader
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Consultant, Senior Consultant and Manager across our Firm are expected to:Develop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Align your team to key objectives as well as set clear priorities and direction.
• Make informed decisions that positively impact the sustainable financial performance and enhance the quality of outcomes.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Lead with integrity and make a strong positive impact by energising others, valuing individual differences, recognising contributions, and inspiring self-belief.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Qualifications:Bachelor s degree in finance, Accounting, Information Systems, Risk Management, or related field.
• GRC Platform certifications (e.g., Archer, ServiceNow, MetricStream, Bwise, IBM Open Pages) are highly preferred.
• Relevant certifications (e.g., CPA, CFA, GRCP, CRM, CRISC, CISA, CISM) are highly preferred.
• 5+ years of extensive experience in Risk Management & Compliance, BCM, Third-Party Risk Management and Audit Management within the banking or financial services industry.
• Hands-on experience in implementing, configuring, and managing GRC platforms.
• Fair understanding in banking products and overall banking processes.
• Strong understanding of global and local regulatory requirements such as Bank of Thailand (BOT), MAS, ISO 27001, Basel, COSO, IIA and related financial compliance frameworks.
• Experience in GRC consulting or professional firm or project management roles is highly preferred.
• Technical Skills:Hands on experience of GRC processes configuration and automation within GRC platforms, including but not limited to access control, workflow configuration, reporting, and dashboard creation.
• Hands-on experience integrating GRC platform with various systems (e.g., ERP, ITSM, SAP, Oracle, JIRA) using multiple integration methods, including REST/SOAP Web Services, API-based integrations, flat file transfers, and middleware solutions.
• In-depth knowledge of HTML, CSS, and XML, with experience in applying these technologies for system customization.
• Experience in installation, upgrading, and maintaining infrastructure for GRC platforms, ensuring optimal performance and system stability.
• Soft Skills:Excellent written and verbal communication skills with the ability to work effectively with both technical and non-technical stakeholders.
• Strong client-facing skills and ability to build and maintain client relationships.
• Excellent problem-solving capabilities, adaptability, and critical thinking, with an analytical mindset to solve complex issues and provide strategic recommendations in GRC roles.
• Highly organized with attention to detail and the ability to manage multiple projects simultaneously.
• Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorised Deloitte Recruiters via firm s business contact number or business email address.Requisition ID: 106944In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ทักษะ:

Risk Management, Software Development, Kubernetes

ประเภทงาน:

งานประจำ

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

ประสบการณ์:

7 ปีขึ้นไป

ทักษะ:

Compliance, Risk Management, Project Management, English

ประเภทงาน:

งานประจำ

• Project Delivery/Management: Support the delivery of data security projects focused on implementing tools such as Opentext, Securiti.AI, Fortanix, Guardium, OneTrust, Thales, Protegrity, and others across Southeast Asia.
• Client Collaboration: Work with clients to assess comprehensive data security risks and provide tailored recommendations for implementing capabilities including for data discovery, classification, encryption, anonymization, tokenization, certificate management, key management, safe data deletion, data loss prevention, Information Prot ...
• Subject Matter Expertise: Offer deep knowledge on security capabilities such as identity management, encryption, endpoint management, data loss prevention, email security, web and browser security, zero trust and key and certificate mgt. (e.g., Information and Data Protection, DLP, Insider Risk Management).
• Configuration and Deployment: Support the setup and deployment of data security solutions, ensuring seamless integration with client environments.
• Project Delivery: Ensure successful delivery of data security solutions across on-premise and cloud environment through strong project management and leadership.
• Client Relationships: Build and nurture positive working relationships with clients, aiming to exceed their expectations.
• Profitability Improvement: Identify opportunities to enhance engagement profitability through automation, creation of accelerators, and reuse of best practices.
• Your role as a leader.
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Requirements:Degree in cyber security, computer science, business IT or equivalent.
• 7+ years of experience in cybersecurity, with a focus in data security, particularly in developing, implementing, or architecting security solutions from one or more of the listed vendor solutions above.
• 1+ years of hands-on experience with tools across and such as: Identity(Active Directory), Data Security including encryption solutions for storage, databases, networks (Guardium, Opentext, Protegrity, Fortanix, Securiti.AI etc), tokenization (for structured data), digital rights management for unstructured data (MS IRM / Purview), data loss prevention (Symantec, MS, Trellix, Zscaler), data posture mgt. (BigID, Sentra, Wiz, Securiti.AI, IBM Guardium etc.) and should have hands on experience including configuration, deployment, and management.
• Familiarity with standards, frameworks and privacy laws such as ISO/IEC 27701, ISO/IEC 27001, GDPR, PDPA and DAMA International Data Management Body of Knowledge (DAMA-DMBOK) would be a plus.
• Excellent communication and presentation skills, with the ability to influence senior stakeholders and deliver compelling recommendations.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• Preferred CIPP, CIPM, CIPT, CISSP certification or related security certification.
• Able to speak Thai and English fluently.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website. #LI-AA1Requisition ID: 106368In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ทักษะ:

Project Management, Linux, UNIX, English

ประเภทงาน:

งานประจำ

• Manage CCII (Cloud, Cyber Security, IOT, ICT) project for single and multi-tower solution for Property, Retail, Conglomerate, and international customer segments.
• Be a committee of AIS bid management for validating large projects at TCV > 10MB.
• Manage project stakeholders to meet expectation and requirement.
• Communicate project progress to stakeholders.
• Plan and manage project issue and risk with proper actions.
• Plan and manage project to meet project objective, within timeline, project budget, scope and give customer satisfied.
• Manage project resource both internal delivery and external suppliers.
• Bachelor's degree or higher in computer science, business, or a related field.
• 8-15 years of project management and related experience.
• Strong in communication and stakeholder management.
• Project Management Professional certification preferred.
• Proven ability to solve problems creatively.
• Strong familiarity with project management software tools, methodologies, and best practices.
• Experience seeing projects through the full life cycle.
• Excellent analytical skills.
• Strong interpersonal skills and extremely resourceful.
• Proven ability to complete projects according to outlined scope, budget, and timeline.
• Engineering Specialist (Cyber Security).
• Oversee the implementation of cyber security solutions and services to ensure customer satisfaction and security effectiveness.
• Plan and establish procedures and systems that enhance operational efficiency.
• Delegate tasks effectively to team members to achieve organizational objectives.
• Strategically allocate resources to optimize project outcomes.
• Monitor and support staff in their work progress to ensure timely delivery of services.
• Evaluate staff performance through regular assessments and feedback mechanisms.
• Foster professional development among team members to enhance their skills and capabilities.
• Drive productivity and maintain high quality standards within the division.
• Provide guidance and coaching to staff to support exceptional service delivery.
• Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Some positions may require a master s degree.
• Relevant work experience in cybersecurity roles, typically ranging from 3-7 years, depending on the seniority of the position. Hands-on experience with security technologies and methodologies is essential.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) may be preferred or required.
• Proficiency in network security, firewalls, intrusion detection systems, and VPN.
• Knowledge of operating systems (Windows, Linux, UNIX) and databases.
• Experience with security protocols (SSL, IPsec, etc.) and encryption.
• Familiarity with security frameworks and standards (NIST, ISO 27001, etc.).
• Knowledge of Compliance: Understanding of regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI-DSS).
• Ability to work both independently and collaboratively in a team environment.
• Strong attention to detail and the ability to prioritize tasks effectively.
• Engineering/IT Specialist (Cyber Security)
• Design/Implement Cyber Security project for Private Cloud and Global Cloud (AWS and MS Azure).
• Solution integration and migration.
• Control suppliers in the assigned project.
• Do project quality control.
• Do project risk assessment and management.
• Do project UAT with customer.
• Create final project document.
• Do customer project training (OJT).
• At least 4 years of Cyber Security experience.
• Bachelor s degree in Computer Engineering, Information Technology, Computer Science or related fields.
• Experience in installation and operation Security product e.g. Firewall, IPS, SIEM, NAC, Anti-Virus, Endpoint.
• Knowledge on network security and cloud technology.
• Knowledge of monitoring tools (What s up gold, Zabbix, Nagios).
• Has valid Security product Certification e.g. Fortinet NSE3-7, Palo Alto PCNSA, PCNSE, Cisco CCNA, CCNP Security.
• Experienced in ITIL framework.
• Senior Engineer (System Infrastructure)
• Implement Server, Storage, Virtualization, Backup system for Enterprise customer.
• Hypervisor and Operating system configuration and customization.
• Network and firewall integration for Cloud infrastructure.
• Hand-over completed solution to related team.
• At least 3 years experience on Server, Storage, VMware and Veeam delivery.
• Strong knowledge of Cloud environment and Operating system. (Windows and Linux).
• Basic skill of Database and Middleware installation.
• Strong organizational skills and ability to take on multiple assignments.
• Experienced firewall and cloud network implementation.
• Ability to occasionally work or assign work during nights/weekends during critical incidents per on-call rotation or major project implementations.
• Good command of English.
• VMware VCP or Linux certificate knowledge is an advantage.