เงื่อนไขการค้นหา

ทักษะ:

Risk Management, Software Development, Kubernetes

ประเภทงาน:

งานประจำ

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

ประเภทงาน:

งานประจำ

• Lead and mentor a team in designing, building, and protecting enterprise systems.
• Conduct thorough penetration testing on various platforms and devices.
• Engage with multiple teams and drive key decisions.
• Collaborate with the security team to identify vulnerabilities and recommend solutions.
• Manage internal and external stakeholders to ensure synergy and effective outcomes.
• Enhance the cybersecurity operating model and develop strategies against evolving threats.
• Master proficiency in Mobile Penetration Testing and Web Application Penetration Testing.
• OSCP certification is required.
• Proven experience in penetration testing and people management.
• Join us to lead and make a significant impact on our cybersecurity initiatives!.

ทักษะ:

ISO 27001

ประเภทงาน:

งานประจำ

• Protect the organization's computer networks and systems against a range of cyber threats, such as hacking attempts, data breaches, and different types of cyber attacks. The
• responsibilities of this role include creating, deploying, and overseeing security strategies and technologies to defend the organization IT security.
• Lead the strategic direction, development, and implementation of cybersecurity solutions and practices to protect the organization from sophisticated cyber threats and ...
• Serve as the foremost cybersecurity expert within the organization, providing deep technical expertise and leadership in the design, evaluation, and optimization of complex security architectures.
• Develop comprehensive cybersecurity frameworks that align with industry best practices and regulatory standards, ensuring the organization's resilience against cyber attacks.
• Conduct sophisticated risk assessments and threat modeling exercises to identify potential security gaps and develop advanced strategies for mitigation and prevention.
• Lead the incident response and crisis management efforts for high-impact security breaches, coordinating with cross-functional teams to ensure rapid containment and recovery.
• Drive the adoption of cutting-edge security technologies and methodologies, including artificial intelligence and machine learning, to enhance detection and response capabilities.
• Establish and maintain strong relationships with external cybersecurity agencies, industry groups, and technology partners to stay abreast of emerging threats and trends.
• Develop and manage the cybersecurity budget, ensuring strategic allocation of resources to high-priority projects and initiatives.
• Advanced degree in Computer Science, Information Security, or a related field, with specialized knowledge in cybersecurity.
• A minimum of 5 years of experience in Infrastructure, 3 years of cybersecurity, with at least 2 years in a strategic leadership or management role overseeing cybersecurity functions.
• Professional cybersecurity certifications, such as CISSP, CISM, CCSP, or similar, are required.
• Proven expertise in developing and implementing cybersecurity strategies and architectures to protect complex enterprise environments.
• Other: Deep knowledge of the cybersecurity landscape, including emerging threats, advanced persistent threats (APT), regulatory requirements, and industry best practices.
• Other: ISO 27001.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Risk Management, Project Management, English

ประเภทงาน:

งานประจำ

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

ทักษะ:

Data Analysis

ประเภทงาน:

งานประจำ

• ปฏิบัติงานตรวจสอบด้านสารสนเทศตามที่ได้รับมอบหมาย และสนับสนุนให้งานตรวจสอบสำเร็จตามระยะเวลาที่กำหนด.
• ปฏิบัติงานโดยใช้เทคนิคและวิธีการตรวจสอบที่เหมาะสม ให้สอดคล้องตามแนวทางการตรวสอบที่ได้รับการเห็นชอบ และตามมาตรฐานการตรวจสอบภายใน เพื่อให้ได้ผลการตรวจสอบบรรลุตามวัตถุประสงค์.
• จัดทำกระดาษทำการ (Working Papers) เพื่อบันทึกขั้นตอนและผลการตรวจสอบ.
• รวบรวม วิเคราะห์ ข้อมูลที่ได้จากการตรวจสอบ เพื่อประเมินความเพียงพอและความมีประสิทธิภาพของการควบคุมของระบบงานที่ตรวจสอบ.
• ปริญญาตรีหรือสูงกว่า สาขาเทคโนโลยีสารสนเทศ ระบบสารสนเทศทางธุรกิจ วิศวกรรมคอมพิวเตอร์ วิทยาการคอมพิวเตอร์ หรือสาขาที่เกี่ยวข้อง.
• ประสบการณ์อย่างน้อย 1-2 ปีในด้าน IT Audit.
• ความเข้าใจเกี่ยวกับกรอบการกำกับดูแล IT (IT Governance frameworks).
• ผ่านการอบรมด้าน IT Governance หรือ IT Best Practice หรือมาตรฐานการตรวจสอบสารสนเทศ.
• มีใบรับรองคุณสมบัติในด้าน IT Audit หรือ Security.
• ทักษะทางเทคนิค: การวิเคราะห์และตีความข้อมูล / ขั้นตอนและวิธีการตรวจสอบ IT (Data analysis and interpretation / IT audit procedures and methodologies).
• สถานที่ปฏิบัติงาน: อาคารเล้าเป้งง้วน 1 ถนนวิภาวดีรังสิต จตุจักร.
• วันทำงาน: จันทร์-ศุกร์.
• เวลา: 8.30 น. - 17.00 น..
• อภิชญา [email protected].
• สำนักทรัพยากรบุคคล บริษัท ไทยเบฟเวอเรจ จำกัด (มหาชน).

ทักษะ:

Data Analysis

ประเภทงาน:

งานประจำ

• จัดทำแผนการปฏิบัติงานตรวจสอบ (Audit Schedule) แนวทางการตรวจสอบ (Audit Program) เพื่อกำหนดขอบเขตการตรวจสอบ.
• ปฎิบัติงานตรวจสอบให้บรรลุวัตถุประสงค์การตรวจสอบและเป็นไปตามมาตรฐานสากลการประกอบวิชาชีพตรวจสอบภายใน.
• มอบหมาย ควบคุมและสอบทานการปฏิบัติงานของผู้ใต้บังคับบัญชา เพื่อให้การปฏิบัติงานบรรลุวัตถุประสงค์การตรวจสอบและเป็นไปตามมาตรฐานสากลการประกอบวิชาชีพตรวจสอบภายใน.
• เข้าร่วมประชุม ชี้แจง หารือถึงประเด็นที่ตรวจพบ พร้อมกำหนดแนวทางการแก้ไขปรับปรุงร่วมกับผู้บริหารหน่วยรับการตรวจ.
• จัดทำรายงานผลการตรวจสอบพร้อมข้อเสนอแนะเพื่อเสนอผู้เกี่ยวข้อง และติดตามผลการปฏิบัติตามข้อเสนอแนะ.
• ให้คำแนะนำ ปรึกษาเพื่อเพิ่มประสิทธิภาพการทำงานแก่ผู้ใต้บังคับบัญชา และประเมินผลการปฏิบัติงานของผู้ใต้บังคับบัญชา.
• ปรับปรุงและพัฒนาตนเองเพื่อให้มีความสามารถในการปฏิบัติงานตรวจสอบให้ได้มาตรฐานตามที่กำหนดไว้.
• ปริญญาตรีหรือสูงกว่า สาขาเทคโนโลยีสารสนเทศ ระบบสารสนเทศทางธุรกิจ วิศวกรรมคอมพิวเตอร์ วิทยาการคอมพิวเตอร์ หรือสาขาที่เกี่ยวข้อง.
• ประสบการณ์อย่างน้อย 3 ปีในด้าน IT Audit.
• ความเข้าใจเกี่ยวกับกรอบการกำกับดูแล IT (IT Governance frameworks).
• ผ่านการอบรมด้าน IT Governance หรือ IT Best Practice หรือมาตรฐานการตรวจสอบสารสนเทศ.
• มีใบรับรองคุณสมบัติในด้าน IT Audit หรือ Security.
• ทักษะทางเทคนิค: การวิเคราะห์และตีความข้อมูล / ขั้นตอนและวิธีการตรวจสอบ IT (Data analysis and interpretation / IT audit procedures and methodologies).
• สถานที่ปฏิบัติงาน: อาคารเล้าเป้งง้วน 1 ถนนวิภาวดีรังสิต จตุจักร.
• วันทำงาน: จันทร์-ศุกร์.
• เวลา: 8.30 น. - 17.00 น..
• อภิชญา [email protected].
• สำนักทรัพยากรบุคคล บริษัท ไทยเบฟเวอเรจ จำกัด (มหาชน).

ทักษะ:

Procurement, Safety Management, Compliance, English

ประเภทงาน:

งานประจำ

• Provide strategic planning and analysis for building management and security operations in the assigned scopes. The scope of responsibilities are include but not limit to:Overall planning and implement for improve building operations and facilities management i.e. the preventive and corrective maintenance program, efficient utility usage and alternative energy etc.
• Lead and advise MEP system for building and office renovation, operation and maintenance (O&M) for 4 sites under department responsibility.
• Develop and review procurement Term Of Reference (TOR) and contract for building management and security, include monitor the services performance in accordance with procurement and contract procedures.
• Source and analyse data for building and facility management benchmarking, cost effectiveness analysis, in order to improve process and seek new initiatives.
• Develop, review, and update building management and security standards, procedures, guidelines, process and systems.
• Develop and prepare work plans & budget (WPB). Plan and control budgets under his/her own responsibility in accordance with the approved WPB.
• Drive and be accountable for ISO team leader or focal point i.e. ISO41001 Facility Management, ISO14001 Environmental Management, ISO45001 Occupational Health and Safety Management to compliance with internationally standard and act as a focal point to obtain ISO and related certification in the future.
• Provide and utilize office space and facilities management, coordinate relevant parties for staff for seating arrangement, as well as provide technical advice on issues arise.
• Supervision and monitoring building management and security operations to ensure coverage of Safety Security Health and Environmental (SSHE) policy, regulations and Department s strategy for 4 sites under FFM responsibility. (PTTEP H.O., PTTEP Technology and Innovation Center (PTIC), PTTEP Rapid Scaled-Up Center (RASC), PTTEP Subsurface Research Center (PSRC)).
• Be responsible for special projects as assigned i.e. work process improvement, operations and maintenance office utility systems of PTTEP alternative office, etc.
• Professional Knowledge & Experiences.
• Bachelor s Degree in any fields preferably in Electrical/Mechanical Engineering, Facilities Management.
• Minimum 10-year experience in building and facility management.
• Good command of spoken and written English.
• Good computer skills in standard software (Word, Excel, Power Point, etc.).
• Good supervisory, leadership skills, and service-minded.
• Good communication/ interpersonal skills with excellent project management and analytical skills.
• Knowledge in Government Procurement and Supplies Management would be an advantage.
• Able to travel upcountry occasionally.
• Work Location.
• Bangkok-Thailand.

ทักษะ:

Compliance

ประเภทงาน:

งานประจำ

• User Identity Management: Overseeing the creation, modification, and removal of user accounts and access rights within the CP axtra's IAM system.
• Access Reviews and Audits: Conducting regular access reviews and audits to ensure compliance with security standards and regulatory requirements.
• Worked closely with Human Resources and Business team to address and resolve employee issues.
• Engage with application teams to understand and onboarding new applications with IAM system.
• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Proven experience 2-3 years in designing, implementing, and managing Identity and Access Management solutions, with a focus on SSO and IGA platforms.
• Strong understanding of IAM technologies, protocols, and standards (e.g., SAML, OAuth, LDAP, RBAC).
• Familiarity with IAM solutions from leading vendors like Onelogin, Saviynt, Azure AD, MS Entra, etc.
• Solid knowledge of security frameworks, compliance standards, and best practices.
• Excellent leadership and communication skills, with the ability to work collaboratively across teams.
• Extensive experience in implementing and managing enterprise-level Identity and Access Management solutions, ensuring compliance with regulatory requirements and leading cross-functional teams to maintain a secure IAM environment.
• Access Control Management: Proficient in designing and administering access control policies, user provisioning/deprovisioning, and managing user roles and permissions.
• Incident Response and Troubleshooting: Ability to handle IAM-related incidents.
• Identity Lifecycle Management: Knowledge of managing user identities throughout their lifecycle, including onboarding, offboarding, and managing access changes in accordance with organizational policies.
• Vendor Management: Skill in coordinating with IAM solution providers, evaluating vendor offerings, and managing vendor relationships to ensure optimal IAM services and support.
• CP AXTRA | Lotus's
• CP AXTRA Public Company Limited.
• Nawamin Office: Buengkum, Bangkok 10230, Thailand.
• By applying for this position, you consent to the collection, use and disclosure of your personal data to us, our recruitment firms and all relevant third parties for the purpose of processing your application for this job position (or any other suitable positions within Lotus's and its subsidiaries, if any). You understand and acknowledge that your personal data will be processed in accordance with the law and our policy. .

ประเภทงาน:

งานประจำ

• About TikTok.
• TikTok will be prioritizing applicants who have a current right to work in Singapore, and do not require TikTok sponsorship of a visa.
• TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
• Why Join Us.
• Creation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible.
• Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day.
• To us, every challenge, no matter how difficult, is an opportunity; to learn, to innovate, and to grow as one team.
• Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact - for ourselves, our company, and the communities we serve.
• Join us.
• Ecommerce's Governance and Experience is a global team responsible for ensuring our marketplace is safe and trustworthy for not only our users but also sellers and creators. We value user satisfaction and work on policies, rules, and systems to ensure quality.
• Lead investigations and analysis of suspicious behaviour, fraudulent transactions, and abuse in a timely manner to protect the integrity of the platform.
• Identify vulnerabilities, and collaborate with cross functional teams to mitigate or prevent occurrences of fraudulent activity.
• Monitor user communities for emerging threats and new methods of fraud.
• Produce regular high-quality fraud reports to summarize new trends and business impacts for updating senior management teams.
• Engage with various business, technology, and security/risk stakeholders to identify and solve risk problems at scale.
• Collaborate with product, and data teams to build solutions to proactively or reactively prevent exploitation of the platform.
• Collaborate with Legal, Public Affairs, and other cross-functional teams (when needed) to investigate and respond to regulator inquiries on fraud and (or) crime-related activities.
• Perform other ad-hoc tasks related to fraud operations.
• Minimum of 5+ years professional experience in operation and investigation related to fraud, abuse, or cybercrime.
• Detail-oriented, highly analytical, and strong project management skills.
• Preferred Qualifications.
• Ability to understand opposing points of view on highly complex issues.
• Strong ability to gather information from various online sources and community groups.
• Capacity to draw actionable insights from datasets; knowledge of SQL, Python, or equivalent is a plus.
• Prior law enforcement and/or prosecution experience a plus.
• About 10~20% of travel if needed.
• TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

ทักษะ:

Project Management, Linux, UNIX, English

ประเภทงาน:

งานประจำ

• Manage CCII (Cloud, Cyber Security, IOT, ICT) project for single and multi-tower solution for Property, Retail, Conglomerate, and international customer segments.
• Be a committee of AIS bid management for validating large projects at TCV > 10MB.
• Manage project stakeholders to meet expectation and requirement.
• Communicate project progress to stakeholders.
• Plan and manage project issue and risk with proper actions.
• Plan and manage project to meet project objective, within timeline, project budget, scope and give customer satisfied.
• Manage project resource both internal delivery and external suppliers.
• Bachelor's degree or higher in computer science, business, or a related field.
• 8-15 years of project management and related experience.
• Strong in communication and stakeholder management.
• Project Management Professional certification preferred.
• Proven ability to solve problems creatively.
• Strong familiarity with project management software tools, methodologies, and best practices.
• Experience seeing projects through the full life cycle.
• Excellent analytical skills.
• Strong interpersonal skills and extremely resourceful.
• Proven ability to complete projects according to outlined scope, budget, and timeline.
• Engineering Specialist (Cyber Security).
• Oversee the implementation of cyber security solutions and services to ensure customer satisfaction and security effectiveness.
• Plan and establish procedures and systems that enhance operational efficiency.
• Delegate tasks effectively to team members to achieve organizational objectives.
• Strategically allocate resources to optimize project outcomes.
• Monitor and support staff in their work progress to ensure timely delivery of services.
• Evaluate staff performance through regular assessments and feedback mechanisms.
• Foster professional development among team members to enhance their skills and capabilities.
• Drive productivity and maintain high quality standards within the division.
• Provide guidance and coaching to staff to support exceptional service delivery.
• Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Some positions may require a master s degree.
• Relevant work experience in cybersecurity roles, typically ranging from 3-7 years, depending on the seniority of the position. Hands-on experience with security technologies and methodologies is essential.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) may be preferred or required.
• Proficiency in network security, firewalls, intrusion detection systems, and VPN.
• Knowledge of operating systems (Windows, Linux, UNIX) and databases.
• Experience with security protocols (SSL, IPsec, etc.) and encryption.
• Familiarity with security frameworks and standards (NIST, ISO 27001, etc.).
• Knowledge of Compliance: Understanding of regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI-DSS).
• Ability to work both independently and collaboratively in a team environment.
• Strong attention to detail and the ability to prioritize tasks effectively.
• Engineering/IT Specialist (Cyber Security)
• Design/Implement Cyber Security project for Private Cloud and Global Cloud (AWS and MS Azure).
• Solution integration and migration.
• Control suppliers in the assigned project.
• Do project quality control.
• Do project risk assessment and management.
• Do project UAT with customer.
• Create final project document.
• Do customer project training (OJT).
• At least 4 years of Cyber Security experience.
• Bachelor s degree in Computer Engineering, Information Technology, Computer Science or related fields.
• Experience in installation and operation Security product e.g. Firewall, IPS, SIEM, NAC, Anti-Virus, Endpoint.
• Knowledge on network security and cloud technology.
• Knowledge of monitoring tools (What s up gold, Zabbix, Nagios).
• Has valid Security product Certification e.g. Fortinet NSE3-7, Palo Alto PCNSA, PCNSE, Cisco CCNA, CCNP Security.
• Experienced in ITIL framework.
• Senior Engineer (System Infrastructure)
• Implement Server, Storage, Virtualization, Backup system for Enterprise customer.
• Hypervisor and Operating system configuration and customization.
• Network and firewall integration for Cloud infrastructure.
• Hand-over completed solution to related team.
• At least 3 years experience on Server, Storage, VMware and Veeam delivery.
• Strong knowledge of Cloud environment and Operating system. (Windows and Linux).
• Basic skill of Database and Middleware installation.
• Strong organizational skills and ability to take on multiple assignments.
• Experienced firewall and cloud network implementation.
• Ability to occasionally work or assign work during nights/weekends during critical incidents per on-call rotation or major project implementations.
• Good command of English.
• VMware VCP or Linux certificate knowledge is an advantage.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Accounting, Legal, Financial Analysis, Risk Management, English

ประเภทงาน:

งานประจำ

• Conduct an investigation of any matter, value or size at its sole discretion according to the Fraud Risk policy, to assist the Audit Committee / Board of Directors in obtaining the assurance it requires regarding the identified gaps, internal control deficiencies, modus operandi employed and the extent and impact of such fraudulent activities to the CIMB Thai Bank Group.
• Prepare and deliver timely and informative investigation reports in English to an agreed quality standard.
• Develop effective approach for recognize fraud actions constantly.
• Regulatory reporting as required by the relevant regulations, if any.
• At least bachelor's degree or Professional Qualification in the relevant discipline (Accounting/ Finance/ Economics/ Law).
• Minimum 5 years of relevant work experience.
• Minimum 3 years of experience in banking and securities business compliance in a banking role in established financial institutions.
• Experience of conducting investigative interviews is essential.
• Strong evidence collection ability to support fraud investigation.
• Strong interpersonal skills and strong verbal and written communication skills.
• Be able to work under high pressure with a growth mind set.
• Good team player and work independently.
• Strong command of English in report writing and speaking preferred.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Compliance, Legal, Risk Management

ประเภทงาน:

งานประจำ

• Develop data security policy review, data security policy exceptions, and control risk mitigation processes.
• Define the security controls for access management lifecycle (i.e., requirement for creation, deletion, transfer and review).
• Operate:Advice on technology relating to Data Privacy and Protection (i.e., PDPA) related security controls implementation.
• Drive and support data security controls such as Data Loss Prevention (DLP), Data Masking, Data Encryption capabilities to protect sensitive data.
• Drive compliance (or collaborate with compliance team) to organization security policies, standards, metrics, and legal requirements.
• Communicate and enforce security policies, rules, and standards.
• Conduct impact assessment of data initiatives from a security point of view.
• Ensure the cryptographic keys and related components are safety and protection of confidential information.
• Resolve data security audit and risk findings.
• Review and develop security controls to current access controls policies and procedures.
• Provide requirements for create and manage roles, access rights (includes privileged access), authentication and identity within the environment.
• Conduct periodic review of user access.
• Review, approve and monitor the usage of privileged access.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• Work experience in privacy, compliance, information security, auditing or a related field may also be an accepted alternative, according to Cybersecurity.
• Minimum 3 years of experience in and strong knowledge of privacy, data, operational risk management, information security, or related areas in IT.
• OTHER REQUIREMENTS.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No

ประสบการณ์:

2 ปีขึ้นไป

ทักษะ:

Network Infrastructure, Security Design, Big Data, English

ประเภทงาน:

งานประจำ

• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to secu ...
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
• Skills and attributes for success.
• To qualify for the role you must have.
• Bachelor's degree or Master s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
• Ideally, you ll also have.
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.).
• We re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
• What we offer.
• We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
• Continuous learning: You ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You ll be embraced for who you are and empowered to use your voice to help others find theirs.
• If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
• The exceptional EY experience. It s yours to build.
• EY | Building a better working world.
• EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
• Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
• Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

ทักษะ:

Procurement, Cost Estimation, Budgeting

ประเภทงาน:

งานประจำ

• Work under supervision to support engineering works in every asset life cycle including but not limited to concept selection, basic / detailed engineering, construction engineering, procurement support, operations and maintenance support, and decommissioning.
• Be present onsite or at the vendor/contractor premise to perform investigation, troubleshooting, audit, site survey, commissioning and/or acceptance test.
• Perform engineering studies which involves engineering calculation, cost estimation, ...
• Practice and learn to apply engineering concepts, methods, and technical knowledges to carry out the work assignment.
• Carry out engineering works adhering to cooperate/department standards, guidelines, work procedures, and practices.
• Practice and assist in technical administration of related service contracts / procurement of simple package/ well-defined contracts.
• To be trained intensively on the necessary fundamental E&P engineering concepts / methodologies.
• Participate in team discussion to build up the fundamental knowledge / capability of technical.
• Follow the company s SSHE policy and regulations in all works under his/her responsibilities.
• Undertake other duties as assigned including special projects.
• Bachelor s Degree in Engineering (Chemical Engineering, Mechanical Engineering and Instrumentation Engineering).
• Good command of both written and spoken English.
• Required TOEIC score 650 and up.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Research, ISO 27001, Enthusiastic, English

ประเภทงาน:

งานประจำ

• Collect and analyze threat intelligence reports covering new threats, vulnerabilities, products.
• Conduct technical and operational threat intelligence research, both independently and as part of a wider team.
• Identify emerging threats, techniques and trends, the means of protecting or defending against them, and articulate these in a range of report formats to relevant stakeholders.
• Conduct deep-level analysis of malware, including how it is developed, functions, and employed.
• Support the Consulting and Managed CTI teams, Vulnerability Management, Incident Response and CSOC team with up-to-date technical intelligence, detection logic and situational awareness on current and emerging threats.
• Support Cybersecurity Posture Management to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level. Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm.
• Assist technology security team leaders/others in responding to cybersecurity incidents that have an impact on cybersecurity posture, in order to guarantee quick reaction, tracking, and proper maintenance.
• Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 5 years of experience in Information Security or a related field.
• Knowledge of security technology e.g. WAF, SIEM, EDR, IAM, CSOC and Vulnerability Management.
• Experience in cloud cybersecurity technologies and services.
• Exposure to malware reverse engineering, network intrusion analysis, host intrusion analysis, log analysis, vulnerability research or digital forensics is preferred.
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS is preferred.
• Relevant certifications such as CISSP, CISM, or CISA are a plus.
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication.
• Enthusiastic, thriving, good interpersonal skills.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ทักษะ:

Linux, Good Communication Skills, English

ประเภทงาน:

งานประจำ

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance, English

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Penetration Tester (Manual & Automate).
• Minimum years experience required.
• Over 1 years of Experience in related fields.
• Additional application instructions.
• Good Communication in English.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

ประสบการณ์:

7 ปีขึ้นไป

ทักษะ:

English

ประเภทงาน:

งานประจำ

• Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
• Deal effectively with ambiguous and unstructured problems and situations.
• Initiate open and candid coaching conversations at all levels.
• Move easily between big picture thinking and managing relevant detail.
• Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
• Contribute technical knowledge in area of specialism.
• Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
• Navigate the complexities of cross-border and/or diverse teams and engagements.
• Initiate and lead open conversations with teams, clients and stakeholders to build trust.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Security Operation Center (SOC).
• Minimum years experience required.
• 7 years of experiences and above.
• Additional application instructions.
• Good communication in english.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more}Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

ประสบการณ์:

8 ปีขึ้นไป

ทักษะ:

Business Development, Assurance, Software Development, English

ประเภทงาน:

งานประจำ

• Provide integrated services focused on IT security related to help clients develop a vision for their cybersecurity and privacy program.
• Design and build a sustainable and agile Cybersecurity program in responding to changes as a part of economic and business development where IT and Cyber are catalyst.
• Operate aspects of the program and provide an independent review and assurance of their program to Management or 3rd party stakeholders.
• Provide thought leadership and direction and contribute to the firm s intellectual property by driving the development of toolkits, methodologies, accelerators, and training.
• Build, retain, coach, and develop the team through superior leadership skills.
• Bachelor s or Master s degree in Management Information Systems, Computer Engineering, Computer Science and any related fields.
• Minimum 5-8 years of working experiences in Cyber Security or Technical Implementation experience working with Commercial Off the Shelf (COTS) products (IAM, SIEM, and other security products) leading sizable teams in development lifecycle.
• Strong knowledge of IT Security Domain concepts (e.g. Identity and Access Management, Asset Security, Network Security, Security Operations, Software Development Security).
• Strong project management, interpersonal, influencing, and advisory skills.
• Strong presentation and communication skill through leading or delivering a high impact presentation to senior executives.
• Flexibility to travel and work on out-of-town engagements and overseas assignments.
• Clear, articulate, and confident written and verbal communication in Thai and English.
• Professional Certificate (e.g. CISSP, CISA, CIPP, CEH, PMP).
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Desired Languages (If blank, desired languages not specified).
• English, Thai
• Travel Requirements.
• Up to 80%
• Available for Work Visa Sponsorship?.
• No
• Government Clearance Required?.
• No