เงื่อนไขการค้นหา

ทักษะ:

Risk Management, Software Development, Kubernetes

ประเภทงาน:

งานประจำ

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

ทักษะ:

Compliance, Automation, Risk Management

ประเภทงาน:

งานประจำ

• Lead and enhance security operations, mentoring team members and implementing advanced security strategies.
• Architect and enforce security frameworks for IT systems, networks, and cloud environments.
• Monitor, detect, and respond to cyber threats, conducting forensic investigations and post-incident analysis.
• Oversee vulnerability management, system hardening, and security compliance.
• Manage identity and access controls, privileged accounts, and authentication mechanisms.
• Drive security automation, process improvements, and adoption of emerging technologies.
• Conduct security awareness training and ensure best practices across the organization.
• Minimum 5+ years of experience in security operations, with a strong focus on incident response, vulnerability management, and risk assessment.
• Proven experience leading incident response efforts and conducting root cause investigations.
• Experience with vulnerability management, and overseeing the security pipeline.
• Experience with security standardization and IT compliance certification and audit.
• Experience with risk management frameworks and methodologies.
• Expert knowledge of security tools, including SIEM, EDR, vulnerability scanners, and penetration testing tools.
• Strong understanding of network protocols, cloud operating systems, and security concepts.
• Strong understanding of security frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Exceptional analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong attention to detail and a commitment to accuracy.
• Strong documentation and reporting skills.
• Ability to effectively communicate technical risks to non-technical stakeholders.
• Understanding of the 3 lines of defense model is a significant advantage.
• Remark: Given the nature of the mentioned position, where employees are involved with customer data and asset values, and/or the company, to comply with legal and regulatory standards established by the Securities and Exchange Commission, as well as to align with laws and overseeing agencies, the company requires a criminal background check as part of the post-interview process before joining the company. Your criminal history information will be retained for a period of 6 months from the start date..
• Important: Candidate Privacy Policy.
• สำคัญ:โปรดอ่านและทำความเข้าใจ: นโยบายความเป็นส่วนตัวด้านทรัพยากรบุคคล สำหรับผู้สมัครงาน และผู้สมัครเข้าฝึกงาน*.

ประสบการณ์:

4 ปีขึ้นไป

ทักษะ:

Compliance, English

ประเภทงาน:

งานประจำ

• Establish and maintain IT security standards and guidelines in compliance with the security regulations from regulators, and the security best practices, that governs new technology adoption.
• Advise business units and technology group on how to comply with IT security policy, standards, guidelines and best practices.
• Keep abreast of the knowledge in cybersecurity, new digital technology.
• Support on Cyber-drill program management and BCP coordinator across different Technology security units.
• Provide security awareness to the employee and service providers.
• Manage security supervision programs to track on non-compliance items to security policies, standards and guidelines.
• Inspecting and assessing the security of IT third parties that will access the organization s data or systems.
• Ensuring compliance with security requirements for IT third parties.
• Analyzing security risks and establishing preventive measures in case of incidents involving IT third parties.
• Qualification Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 4 years of experience in Information Security or a related field.
• Knowledge in new Banking Technology and associated security control is a plus.
• Relevant security certification is a plus, e.g. CISSP, CISM.
• Strong security advisory, analytical, and problem-solving skill.
• Good command in English.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ทักษะ:

Compliance, Software Development, Finance

ประเภทงาน:

งานประจำ

• Lead the development and implementation of IT governance, risk, and compliance (GRC) policies and procedures. Conduct risk assessments and develop mitigation strategies to ensure IT operations comply with internal policies and regulatory requirements.
• Oversee the entire SDLC process, ensuring that software development projects meet quality standards.
• Implement ITIL best practices to improve IT service management. Monitor and optimize IT service delivery processes, including incident management, problem management, a ...
• Manage IT change management and incident management processes, ensuring that changes are effectively assessed, implemented, and monitored.
• Collaborate with finance teams to manage IT financial planning, budgeting, and forecasting.
• Education: Bachelor s or Master s degree in Information Technology, Computer Science, or a related field.
• Proven experience in IT governance, risk management, and compliance roles.
• Relevant certifications such as ITIL, CISA, or COBIT are an advantage.
• Strong leadership and communication skills.
• In-depth knowledge of risk management methodologies and frameworks.
• Ability to drive continuous improvement in IT governance and compliance practices.
• Excellent problem-solving and decision-making abilities.

ทักษะ:

System Security

ประเภทงาน:

งานประจำ

• ดูแล วางแผน และออกแบบ ระบบรักษาความปลอดภัยสารสนเทศ เช่น Firewall, VPN, Email Security, AAA, Cloud Security, Security Consult.
• บริหารจัดการโครงการด้านความปลอดภัยสารสนเทศ.
• ร่วมพัฒนาระบบงานความปลอดภัยด้านสารสนเทศ ระบบต่าง ๆ ด้าน IOT / ระบบ Email / ระบบป้องกันไวรัส.
• ให้คำแนะนำระบบความปลอดภัยด้านสารสนเทศภายใน และภายนอกแก่หน่วยงานต่าง ๆ พร้อมจัดทำคู่มือ และฝึกอบรมทีมงาน และผู้ใช้งาน.
• ประสานงาน ให้คำปรึกษา และแนะนำระบบความปลอดภัยสารสนเทศให้กับพนักงาน และผู้ที่เกี่ยวข้อง.
• งานอื่น ๆ ตามที่ได้รับมอบหมาย.
• วุฒิการศึกษา: ปริญญาตรี วิศวกรรมศาสตร์ / วิทยาศาสตร์ คอมพิวเตอร์ หรือสาขาอื่น ๆ ที่เกี่ยวข้อง.
• ประสบการณ์ทำงาน: 5 - 10 ปี.
• มีทักษะการสื่อสาร วางแผน และเจรจาต่อรอง.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

DevOps, Automation, Compliance

ประเภทงาน:

งานประจำ

• Fulfill tasks of cybersecurity vulnerability management program, i.e. cyberthreat intelligence analysis, cybersecurity assessment, vulnerability profiling, vulnerability compensation and vulnerability remediation tracking.
• A dedicated DevSecOps or security engineering team is responsible for embedding security practices into the DevOps pipeline. They build and maintain the security tools and automation required for integrating security checks into the development process.
• Implement security tools in CI/CD pipelines (e.g., code scanning, vulnerability assessments).
• Automate security testing, monitoring, and compliance checks.
• Collaborate with development and operations teams to ensure security is applied at every stage.
• Designing, supervising, and validating holistic Banking application/infrastructure security architecture, to ensure that they are aligned with cybersecurity strategy, security requirement principle and generally cybersecurity best practices (through threat modelling or similar methods).
• Designing and Implementing CI/CD (DevSecOps) Technology integration through own teams and virtual team (with the members of Digital Technology Security team) to always tighten security architecture fabrics, and to support cybersecurity transformation, lean and automation process.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in security advisory, security architecture, CI/CD security, Vulnerability Assessment, Penetration test or a related field.
• Good communication skills, with the ability to communicate complex security issues.
• Strong Knowledge in new Banking Technology and associated security controls.
• Knowledge of security best practices in software development.
• Knowledge of SDLC framework.
• Familiarity with CI/CD tools & DevOps tools.
• Experience with Code/Library/Image scanning tools (Dynamic/Static Code Scan).
• Expertise in cloud security (AWS, Azure, GCP, HWC).
• Experience with cloud security and compliance tools (CSPM).
• Knowledge of Securing Cloud Environments to ensure that security practices are tailored for cloud-native and hybrid environments, including container security, infrastructure as code, and microservices security.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ทักษะ:

Compliance, Analytical Thinking, Automation

ประเภทงาน:

งานประจำ

• Design, implement, and manage security controls for cloud environments (AWS, Azure, Google Cloud).
• Perform risk assessments and vulnerability management for cloud-based assets.
• Monitor cloud resources to detect and respond to security incidents.
• Collaborate with IT and development teams to integrate security into the SDLC and DevSecOps.
• Ensure compliance with industry regulations and internal security policies.
• Provide expertise in identity and access management (IAM) within cloud platforms.
• Continuously evaluate and recommend security improvements for cloud operations.
• Strong understanding of network security, encryption, and cloud infrastructure.
• Analytical thinking and problem-solving abilities.
• Ability to work collaboratively in cross-functional teams.
• Excellent communication skills to present security risks and solutions to non-technical stakeholders.
• Bachelor s degree in Computer Science, Information Security, or related field.
• Proven experience in cloud security, with a focus on AWS, Azure, or Google Cloud.
• Experience with cloud security automation and monitoring tools.
• Certifications such as AWS Certified Security Specialty, CISSP, or CCSP are an advantage.

ทักษะ:

Project Management, English

ประเภทงาน:

งานประจำ

• Coordinated to remediation cybersecurity incidents and coordinated to provide cybersecurity services.
• Excellent communication (Thai and English) skill to co-operation with application team, infra team and subsidiaries team.
• Project / service tracking to ensure tasks assignments will be completed within timeline.
• Cybersecurity document in Thai and English such as cybersecurity manual and cybersecurity news etc.
• 3-5 years of experience in cybersecurity incidents & response, cybersecurity services, project coordinator and project management etc.
• Incidents Response (Prefer): Cortex XDR, NTA, Firewall, SIEM, DLP etc.
• Cybersecurity Services (Prefer): Penetration Testing, Awareness Training, Phishing Test etc.
• Cybersecurity Tools: DAST, VA Scan, CyberArk, WAF, Microsoft Security etc.
• Contribute towards the execution of policies, standards and procedures specific set by enterprise industry such as ISO27001, NIST, PDPA etc.
• Ability to think strategically, work with a sense of urgency and pay attention to details.
• Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.

ประเภทงาน:

งานประจำ

• Web Application Penetration Testing Lead (Specialist - Manager).
• Home Country: Thailand.
• Critical Success Factors.
• Web, Mobile, and API Security Testing - Proficiency in testing modern web applications, mobile apps (iOS & Android), and APIs (REST, GraphQL, SOAP).
• Penetration Testing Tools & Techniques - Hands-on experience with Burp Suite, OWASP ZAP, Postman, MobSF, Frida, and other pentesting tools.
• Offensive Security Certified Professional (OSCP).
• OWASP Top 10 & API Security Best Practices - Strong understanding of OWASP Top 10 for Web, Mobile, and API Security (OWASP MASVS, OWASP API Security Top 10).
• Language - Ability to converse & write in both Thai & English - as you will be engaging internal & external stakeholder in both languages.
• Client & Project: We are seeking a new talent to join the Security team where you will have the opportunity to collaborate in a vulnerability assessment and penetration testing project for H&PS clients. We are looking for experiences in the following skills:.
• Conduct thorough penetration testing on various platforms and devices.
• Engage with multiple teams and contribute on key decisions.
• Collaborate with the security team to identify vulnerabilities and recommend solutions to ensure outcomes are reached effectively.
• Effectively manage both internal and external stakeholders to ensure synergy.
• in penetration testing, vulnerability assessments, or cybersecurity.
• Bachelor s degree in Computer Science, Information Security, or a related field (optional).
• 5+ years of experience in penetration testing, vulnerability assessments, or cybersecurity..
• All our consulting professionals receive comprehensive training covering business acumen, technical and professional skills development. You ll also have opportunities to hone your functional skills and expertise in an area of specialization. We offer a variety of formal and informal training programs at every level to help you acquire and build specialized skills faster. Learning takes place both on the job and through formal training conducted online, in the classroom, or in collaboration with teammates. The sheer variety of work we do, and the experience it offers, provide an unbeatable platform from which to build a career..
• Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion, or belief, ethnic or national origin, disability, age, citizenship, marital, domestic, or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law..
• The Organization.
• 1) Technology.
• 2) Strategy & Consulting.
• 3) Interactive.
• 4) Operations.
• As a Fortune Global 500 company, it has been incorporated in Dublin, Ireland since September 1, 2009.
• With more than 800,000 employees worldwide in 200 cities across 120 countries Accenture also operates more than 100 innovation hubs, developing solutions for cloud, finance, and other industries.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

DevOps, Automation, Electrical Engineering

ประเภทงาน:

งานประจำ

• Equipped with security knowledge and done related projects in technical IT domains such as operating systems, networks, databases, cloud or solution development etc.
• Possess knowledge in assessing solution architectures at the planning and design level for security issues and vulnerabilities.
• Experience in practical security vulnerability remediation.
• Information Security domains - in particular one or more of the following: Cyber Program Management, Cyber Threat Management, Identity & Access Management, Data Protection, Privacy, Organisational Resilience. This experience should include both advisory, implementation and operation experience.
• Strong technical security skills in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps).
• Implementation skill set for identity and access management platforms, security information and event management platforms, security automation and orchestration platforms, advance threat detection systems, endpoint protection systems, data leak prevention systems or network security devices.
• To qualify for the role you must have.
• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
• Experience with a leading Security technology like Microsoft Security, Crowdstrike, Splunk and others would be a strong advantage.
• Creative, independent with good problem solving skills.
• Excellent communicator with strong analytical, interpersonal and writing skills.
• Candidates with minimum 10-15 years of relevant experience, including managing a team, will be considered for a Leadership role.
• Ideally, you ll also have.
• Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL).
• Solution Level Certifications, OSCP, CREST, GIAC would be advantageous, as well as penetration testing experience.
• Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.
• What we offer.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

ทักษะ:

Negotiation

ประเภทงาน:

งานประจำ

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Accounting, Legal, Financial Analysis, Risk Management, English

ประเภทงาน:

งานประจำ

• Conduct an investigation of any matter, value or size at its sole discretion according to the Fraud Risk policy, to assist the Audit Committee / Board of Directors in obtaining the assurance it requires regarding the identified gaps, internal control deficiencies, modus operandi employed and the extent and impact of such fraudulent activities to the CIMB Thai Bank Group.
• Prepare and deliver timely and informative investigation reports in English to an agreed quality standard.
• Develop effective approach for recognize fraud actions constantly.
• Regulatory reporting as required by the relevant regulations, if any.
• At least bachelor's degree or Professional Qualification in the relevant discipline (Accounting/ Finance/ Economics/ Law).
• Minimum 5 years of relevant work experience.
• Minimum 3 years of experience in banking and securities business compliance in a banking role in established financial institutions.
• Experience of conducting investigative interviews is essential.
• Strong evidence collection ability to support fraud investigation.
• Strong interpersonal skills and strong verbal and written communication skills.
• Be able to work under high pressure with a growth mind set.
• Good team player and work independently.
• Strong command of English in report writing and speaking preferred.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance, English

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Penetration Tester (Manual & Automate).
• Minimum years experience required.
• Over 1 years of Experience in related fields.
• Additional application instructions.
• Good Communication in English.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

ทักษะ:

Procurement, Safety Management, Compliance, English

ประเภทงาน:

งานประจำ

• Provide strategic planning and analysis for building management and security operations in the assigned scopes. The scope of responsibilities are include but not limit to:Overall planning and implement for improve building operations and facilities management i.e. the preventive and corrective maintenance program, efficient utility usage and alternative energy etc.
• Lead and advise MEP system for building and office renovation, operation and maintenance (O&M) for 4 sites under department responsibility.
• Develop and review procurement Term Of Reference (TOR) and contract for building management and security, include monitor the services performance in accordance with procurement and contract procedures.
• Source and analyse data for building and facility management benchmarking, cost effectiveness analysis, in order to improve process and seek new initiatives.
• Develop, review, and update building management and security standards, procedures, guidelines, process and systems.
• Develop and prepare work plans & budget (WPB). Plan and control budgets under his/her own responsibility in accordance with the approved WPB.
• Drive and be accountable for ISO team leader or focal point i.e. ISO41001 Facility Management, ISO14001 Environmental Management, ISO45001 Occupational Health and Safety Management to compliance with internationally standard and act as a focal point to obtain ISO and related certification in the future.
• Provide and utilize office space and facilities management, coordinate relevant parties for staff for seating arrangement, as well as provide technical advice on issues arise.
• Supervision and monitoring building management and security operations to ensure coverage of Safety Security Health and Environmental (SSHE) policy, regulations and Department s strategy for 4 sites under FFM responsibility. (PTTEP H.O., PTTEP Technology and Innovation Center (PTIC), PTTEP Rapid Scaled-Up Center (RASC), PTTEP Subsurface Research Center (PSRC)).
• Be responsible for special projects as assigned i.e. work process improvement, operations and maintenance office utility systems of PTTEP alternative office, etc.
• Professional Knowledge & Experiences.
• Bachelor s Degree in any fields preferably in Electrical/Mechanical Engineering, Facilities Management.
• Minimum 10-year experience in building and facility management.
• Good command of spoken and written English.
• Good computer skills in standard software (Word, Excel, Power Point, etc.).
• Good supervisory, leadership skills, and service-minded.
• Good communication/ interpersonal skills with excellent project management and analytical skills.
• Knowledge in Government Procurement and Supplies Management would be an advantage.
• Able to travel upcountry occasionally.
• Work Location.
• Bangkok-Thailand.

ทักษะ:

Linux, Good Communication Skills, English

ประเภทงาน:

งานประจำ

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Research, ISO 27001, Enthusiastic, English

ประเภทงาน:

งานประจำ

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Risk Management, Project Management, English

ประเภทงาน:

งานประจำ

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

ทักษะ:

Sharepoint, English

ประเภทงาน:

งานประจำ

• Could have experience to develop information in Microsoft SharePoint 3-5 Years.
• Could have experience quality-control would be more assist.
• Have experience in Thai Oil Service would be more assist.
• EDUCATION.
• Bachelor Degree in Computer Science, Computer Engineering, Information Technology or any equivalent fields of study.
• OTHER REQUIREMENTS.
• Good command of English and computer literacy.
• Work @ Sriracha, Chonburi.
• ROLE & RESPONSIBILITY.
• Be able to communicate and manage Safety and Security information by Standard Program of Thai Oil as well. Thus could be reference and apply to all staff implement.
• สามารถสื่อสารสื่อความและควบคุมจัดการงานข้อมูลเรื่องความมั่นคงปลอดภัยผ่านมาตรฐานโปรแกรมที่มีใช้ในองค์กรได้เป็นอย่างดีเพื่อให้ทุกคนในองค์กรสามารถอ้างอิงและนำไปใช้ได้อย่างถูกต้อง.
• Be able to collect, store, create and update documents of the organization's internal and external security management system standards correctly and able to evaluate according to the standards set
• สามารถรวบรวมจัดเก็บ สร้างและอัพเดทเอกสารของมาตรฐานระบบการจัดการความมั่นคงและปลอดภัยขององค์กรทั้งภายในและภายนอกได้อย่างถูกต้อง และสามารถประเมินผลได้ตามมาตรฐานที่ได้กำหนดไว้.
• Be able to practice Security skill to supervise the team contractor working correctly and effectiveness
• สามารถฝึกฝนเพื่อให้สามารถปฏิบัติการบังคับบัญชาหรือแนะนำงานในด้านความมั่นคงให้กับทีมงานผู้รับเหมาที่ปฏิบัติงานภายใต้บังคับบัญชาปฏิบัติงานได้อย่างถูกต้องและมีประสิทธิภาพได้ในอนาคต.

ประสบการณ์:

7 ปีขึ้นไป

ทักษะ:

English

ประเภทงาน:

งานประจำ

• Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
• Deal effectively with ambiguous and unstructured problems and situations.
• Initiate open and candid coaching conversations at all levels.
• Move easily between big picture thinking and managing relevant detail.
• Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
• Contribute technical knowledge in area of specialism.
• Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
• Navigate the complexities of cross-border and/or diverse teams and engagements.
• Initiate and lead open conversations with teams, clients and stakeholders to build trust.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Security Operation Center (SOC).
• Minimum years experience required.
• 7 years of experiences and above.
• Additional application instructions.
• Good communication in english.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No