เงื่อนไขการค้นหา

ทักษะ:

Legal, Research, Energetic, English

ประเภทงาน:

งานประจำ

• Cooperate, provide legal advice, and prepare application to be registered with government as well as contact and submit application to governmental offices for company's corporate matter.
• Cooperate, arrange, and prepare documents for directors' meeting and shareholders' meeting including share related documents including conclude minutes.
• Cooperate, provide legal advice, and prepare application to secure all required business licenses and privileges as well as contact and submit application to government ...
• Provide legal advice to and cooperate with other departments and all group companies including other affiliates worldwide.
• Conduct research on legal issues and provide knowledge and awareness to management, colleagues and related suppliers or service providers.
• Update and inform other departments of related new laws or regulations.
• Translate legal documents.
• Interpret laws, legal documents and agreements.
• Review and audit legal compliance process of all functions of the company.
• Complete all assignments as shall be assigned by superior.
• Qualifications Bachelor's Degree of law.
• At least 4 years' experience in corporate and commercial laws; managing corporate registration work, preparing application for business licenses and privileges such as BOI Promotion, and Foreign Business License.
• Good command of English both written and spoken.
• Mature, energetic, positive attitude, adaptable, fast response with result-driven.
• Strong business acumen, service-minded, well-organized with detail-oriented person.
• Strong communication, interpersonal and presentation skills.
• Must be able to drive.
• If you are interested in this job role, please prepare your updated resume or LinkedIn profile for the application process through the Nissan Job Portal.
• Only shortlisted candidate will be contacted for an interview".
• For more information about Nissan's products, services, and commitment to sustainable mobility, visit nissan-global.com. You can also follow us on Facebook, Instagram, X and LinkedIn and see all our latest videos on YouTube.
• Why Nissan?.
• You will definitely get the right answers why you should join us through watching the video on YouTube.
• Bangkok Thailand

ทักษะ:

Continuous Integration, Legal, Procurement

ประเภทงาน:

งานประจำ

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• SDLC Security & DevSecOps Integration.
• Develop and implement security frameworks and best practices within the SDLC to minimize vulnerabilities.
• Collaborate with development, operations, and security teams to embed security controls and processes within continuous integration/continuous deployment (CI/CD) pipelines.
• Advise on the integration of automated security testing tools and manual assessments throughout development, staging, and production phases.
• Monitor and evaluate the effectiveness of security controls, adjusting strategies as required.
• Pentester Governance & Annual Panel Selection.
• Oversee and manage the overall pentesting program, including planning, scoping, and executing external and internal penetration tests.
• Develop and enforce governance policies for third-party penetration testing, ensuring compliance with internal and industry standards.
• Lead the annual selection process of the pentester panel by evaluating vendor capabilities, reviewing performance metrics, and coordinating panel evaluations.
• Collaborate with legal, procurement, and compliance teams to negotiate contracts and service level agreements (SLAs) with selected vendors.
• Application Security Testing.
• Define and maintain comprehensive application security testing strategies, including static and dynamic code analysis, vulnerability assessments, and risk management.
• Coordinate regular security assessments, penetration tests, and vulnerability remediation efforts.
• Analyze findings from testing activities and provide actionable recommendations to mitigate risks.
• Work with development teams to ensure security testing is integrated into agile and DevOps methodologies.
• Identity Architecture & Strategy.
• Define and implement enterprise-wide identity governance frameworks, access models, and role designs.
• Develop future-ready IAM architectures to support Zero Trust security, cloud adoption, and business scalability.
• Design identity lifecycle processes such as automated provisioning, de-provisioning, RBAC, and approval workflows.
• Align IAM practices with global standards (NIST, ISO 27001, CIS) and regulatory mandates (PCI-DSS, GDPR, BOT).
• Establish and maintain a comprehensive security governance framework with clear roles, responsibilities, and performance metrics.
• IAM Solution Delivery & Operations.
• Lead the design, deployment, and integration of solutions including SSO, MFA, PAM, and CIAM.
• Oversee directory services and federation platforms such as Active Directory, Azure AD, and cloud identity providers.
• Collaborate with implementation teams and vendors to configure and deploy IAM technologies that ensure security, scalability, and operational excellence.
• Minimum of 12+ years in information security consultancy, with a proven track record in Application security, DevSecOps integration, Vulnerability Management, Penetration testing and Digital Identity.
• Demonstrated expertise in developing and implementing security frameworks and policies that embed secure coding practices and automated security testing within complex, enterprise-level SDLC environments.
• Demonstrates a deep understanding of global security frameworks, including NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as CISSP, CISM, CRISC, OSCP, or equivalent are highly desirable.

ประเภทงาน:

งานประจำ

• Support regular group assessments to evaluate security risks, security maturity and compliance gaps across SCBX Group.
• Policy, Procedures, Standards & Guidelines.
• Support the development, review, and update of security policies, procedures, standards, and guidelines to ensure robust organizational controls.
• Regularly update documentation to reflect the evolving threat landscape and regulatory requirements.
• Security Consultation.
• Lead conversation with senior leadership across SCBX Group and provide value-added insights to delivered outcome.
• Develop a comprehensive proposal and project plan that secures buy-in from senior stakeholders, while establishing an effective delivery approach for the working group to ensure successful project delivery and valued outcomes.
• Embrace creative problem-solving and flexible approaches to navigate challenges, ensuring that critical outcomes are consistently achieved while effectively managing obstacles.
• Provide expert guidance and recommendations to internal and external stakeholders on the best security practices and solutions to address operational and compliance issues.
• Recommend improvements for security governance and operational resilience.
• Security Awareness & Training.
• Develop and manage security e-learning programs, newsletters, and knowledge-sharing initiatives to enhance employee awareness.
• Conduct phishing drills and security simulations to assess and improve employee resilience against cyber threats.
• Design specialized training for executives and high-risk users to enhance their understanding of emerging threats and security best practices.
• Implement interactive learning methods such as gamification, security awareness series, real-world security challenges to encourage participation, on-site engagements to reinforce security culture.
• Digital Identity.
• Assist in Identity Governance & Administration (IGA) by supporting policy enforcement, identity lifecycle management, and compliance monitoring.
• Support Access Management by integrating authentication mechanisms such as SSO, MFA, and adaptive access controls into enterprise systems.
• Contribute to Role Management, ensuring structured RBAC/ABAC models and periodic access reviews.
• Help implement Privileged Access Management (PAM) controls, monitoring privileged user sessions, and enforcing security best practices.
• Assist in Identity Integration & Directory Services, ensuring seamless identity synchronization and federation across cloud and on-prem systems.
• Security Innovation.
• Research and evaluate emerging cybersecurity technologies, AI-driven security analytics, and automation tools, conducting PoCs to assess feasibility.
• Explore AI-driven security solutions for threat detection - prevention, and automated security operation to enhance cybersecurity resilience.
• Provide strategic insights to align security innovations with digital transformation, FinTech, and cloud security initiatives across subsidiaries.
• Partner with internal teams, vendors, and industry leaders to benchmark security advancements and drive innovation initiatives..
• Minimum of 5+ years in information security consultancy, with a proven track record in security assessment, identity & access and data security.
• Experience in conduct IAM solutions, including IGA, identity assessment - planning, access management, PAM, and identity integration within enterprise environments.
• Demonstrates a deep understanding of global security frameworks, such as NIST, ISO 27001/27002, PCI-DSS, BOT and CIS Controls.
• Extensive experience in conducting large-scale security assessments, performance measurements, risk management, and security strategy development that align with organizational objectives.
• Relevant certifications such as from identity products or equivalent are highly desirable.