เงื่อนไขการค้นหา

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Research, System Administration, Android

ประเภทงาน:

งานประจำ

• Implements IT security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Protects IT system by defining access privileges, control structures, and required resources.
• Process & analyze to gain insights on past IT areas on, current or potential attacks and threats that pose a risk to the organization.
• Primary point of contact with Internal Audit. Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls. Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies, and acting on recommendations.
• Safeguards IT infrastructure and system as well as information system assets by identifying and solving potential and actual security problems.
• Research cyber security topics and promote Cyber security awareness throughout Thaioil.
• EDUCATION.
• Bachelor s degree in computer science, Information Systems, or equivalent education or work experience.
• EXPERIENCE.
• 3+ years of prior relevant experience, especially in IT working environment.
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with Vulnerability Management program.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• Have knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• OTHER REQUIREMENTS.

ทักษะ:

Negotiation

ประเภทงาน:

งานประจำ

• Bachelor degree or higher in Computer Science or related filed.
• There are 5-8 years, Experience in Network skills.
• Able to do network design, evaluation, POC, implementation.
• Self-Motivation and Hard Working.
• Able to work some time on night and weekend by job duties.
• Able to troubleshooting related to network problem & connecting equipment.
• Willing to self-study for network knowledge and learn new knowledge from team.
• Good communication,interpersonal, problem-solving, presentation, and negotiation skill.

ประสบการณ์:

2 ปีขึ้นไป

ทักษะ:

Quality Assurance, Product Development, GMP, HACCP, English

ประเภทงาน:

งานประจำ

• Work closely with manufacturers and operations managers to achieve organic products' desired quality and consistency.
• Manage and plan Jasberry product production to deliver to the overseas customer on time.
• Analyze and summarize all production steps to improve the operational process.
• Effectively calculate production costs.
• Responsible for the quality assurance and quality control of Jasberry's healthy and delicious organic products from organic rice to other value-added products! Ensure that all processes are of the highest standard conforming to international certifications such as HACCP, GMP, IFS, EU & USDA organic standards, Gluten-free, Non-GMO, Fair-trade, etc.
• Support customers in technical terms of standards, regulations, product specifications, and quality control.
• Excellent planning, critical thinking, analytical skills, learning, and positive attitude.
• Comfortable with numbers and calculations.
• Excellent listener and observant with a willingness to learn from others.
• Comfortable with detailed work and preparing documents both in Thai and English.
• Good interpersonal skills, humble, responsible, and accountable.
• Can use MS Word, Excel, and PowerPoint.
• Can read, write, and communicate in English.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Legal, Compliance

ประเภทงาน:

งานประจำ

• Design and work on cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
• Data pattern and trend identification via metric analysis, driving operational excellence and improvement.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Provide certification advisory across Information Security Management System (ISMS).
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonised approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• Bachelor s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
• Minimum 4 - 5 years of prior relevant working experience.
• Experience with vulnerability scanning solutions and cybersecurity systems.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)² ) or relevant certifications.
• Strong interpersonal and stakeholder management skills with ability to coordinate between technical and business teams.
• Excellent verbal, written communication and interpersonal skills with stakeholders at all levels.
• Knowledge and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR, and Privacy Shield) and industry standards and frameworks, such as GAPP and BCR.
• Ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements.
• An analytical mindset, strive for quality and are able to work in a result-oriented environment.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance, English

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Penetration Tester (Manual & Automate).
• Minimum years experience required.
• Over 1 years of Experience in related fields.
• Additional application instructions.
• Good Communication in English.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• April 30, 2025

ประสบการณ์:

1 ปีขึ้นไป

ทักษะ:

Risk Management, Compliance

ประเภทงาน:

งานประจำ

• Invite and provide evidence-based feedback in a timely and constructive manner.
• Share and collaborate effectively with others.
• Work with existing processes/systems whilst making constructive suggestions for improvements.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with technical developments for business area.
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
• Uphold the firm's code of ethics and business conduct.
• referred skills.
• Cyber Security and Data Privacy.
• Minimum years experience required.
• 1-3 years of Experiences.
• Additional application instructions.
• N/A.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No

ทักษะ:

Research, Automation, English

ประเภทงาน:

งานประจำ

• Fulfill tasks of cybersecurity vulnerability management program, i.e. cyberthreat intelligence analysis, cybersecurity assessment, vulnerability profiling, vulnerability compensation and vulnerability remediation tracking.
• Support on implementing and running DevSecOP operation.
• Keep abreast of the knowledge in cybersecurity, new digital technology and CI/CD area.
• Collaborate with business and technology team to carry-out the assigned Vulnerability Management / DevSecOP tasks.
• Senior person will act as a security advisor to provide a security recommendation on the new or the change on Application solution and Infrastructure design.
• Perform Research and Development on Offensive Security and security automation.
• Qualifications Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• Experience in Vulnerability Assessment and Penetration testing (Fresh graduate is also welcome).
• Have knowledge in Threat intelligence, red teaming and Secure coding review and CI/CD DevSecOP implementation and certified relevant security certification is a plus.
• Strong security analytical and problem-solving skill.
• Good command in English.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ประสบการณ์:

4 ปีขึ้นไป

ทักษะ:

Compliance, English

ประเภทงาน:

งานประจำ

• Establish and maintain IT security standards and guidelines in compliance with the security regulations from regulators, and the security best practices, that governs new technology adoption.
• Advise business units and technology group on how to comply with IT security policy, standards, guidelines and best practices.
• Keep abreast of the knowledge in cybersecurity, new digital technology.
• Support on Cyber-drill program management and BCP coordinator across different Technology security units.
• Provide security awareness to the employee and service providers.
• Manage security supervision programs to track on non-compliance items to security policies, standards and guidelines.
• Inspecting and assessing the security of IT third parties that will access the organization s data or systems.
• Ensuring compliance with security requirements for IT third parties.
• Analyzing security risks and establishing preventive measures in case of incidents involving IT third parties.
• Qualification Bachelor s or Master degree in computer science, Computer Engineering, Information Technology, or related field.
• At least 4 years of experience in Information Security or a related field.
• Knowledge in new Banking Technology and associated security control is a plus.
• Relevant security certification is a plus, e.g. CISSP, CISM.
• Strong security advisory, analytical, and problem-solving skill.
• Good command in English.
• We're committed to bringing passion and customer focus to the business. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us.

ประสบการณ์:

8 ปีขึ้นไป

ทักษะ:

Business Development, Assurance, Software Development, English

ประเภทงาน:

งานประจำ

• Design and work on cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
• Data pattern and trend identification via metric analysis, driving operational excellence and improvement.
• Designing and implementing data protection and privacy programs for our clients and supporting their business.
• Evaluating the data protection and privacy practices of our clients and Conducting Privacy Impact Assessments.
• Monitor processes and drive improvements in efficiency and quality of cybersecurity programs.
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
• Assist in designing the security organisation structure including cyber defense.
• Develop security policies, procedures, standards based on the security strategy and roadmap.
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
• Conduct security process implementation reviews to assess security effectiveness and reporting.
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
• Provide certification advisory across Information Security Management System (ISMS).
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
• Assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience.
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. EU General Data Protection Regulation).
• Deploying processes and tools to help detect and prevent privacy breaches.
• Ensuring a harmonised approach towards data protection and privacy by bringing together our client s stakeholders (e.g. legal, compliance, risk, HR, security, business functions).
• Assisting clients in privacy related incident response activities.
• Supporting the client s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst).
• Proactively identifying and pursuing opportunities for further business and team growth.
• Preferred skills.
• Bachelor s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
• Minimum 4 - 5 years of prior relevant working experience.
• Experience with vulnerability scanning solutions and cybersecurity systems.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)² ) or relevant certifications.
• Strong interpersonal and stakeholder management skills with ability to coordinate between technical and business teams.
• Excellent verbal, written communication and interpersonal skills with stakeholders at all levels.
• Knowledge and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR, and Privacy Shield) and industry standards and frameworks, such as GAPP and BCR.
• Ability to efficiently understand client organisations and their business model and to tailor relevant processes to privacy requirements.
• An analytical mindset, strive for quality and are able to work in a result-oriented environment.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Bachelor Degree Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

ทักษะ:

Project Management

ประเภทงาน:

งานประจำ

• Responsible for the protection of Celestica assets and to respond to alarms, emergency situations and to assist employees with security issue as part of our mission to provide a safe work environment.
• Responsible for maintaining appropriate access to all areas of the facility for both employees and customers.
• Controlling daily security operations including incident investigation, property passes, loss prevention, and all administrative duties required at the site.
• Knowledge/Skills/Competencies.
• In-depth knowledge of facilities management and operations.
• Understanding of environmental, health and safety regulations (local and government).
• Good organization and project management skills.
• Ability to evaluate, diagnose and troubleshoot problems.
• Ability to gather and analyze data and determine root cause of problems.
• Ability to effectively communicate with a variety of internal and external customers.
• Typical Experience.
• Two to Four years relevant experience.
• Typical Education.
• Bachelor's degree in a related field, or an equivalent combination of education and experience.
• Educational requirements may vary by geography.
• Notes.
• This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
• Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).
• At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
• Celestica (NYSE, TSX: CLS) enables the world s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
• Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
• Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.

ทักษะ:

Risk Management, Software Development, Kubernetes

ประเภทงาน:

งานประจำ

• Design, develop, and maintain security systems, tools, and best practices across the stack (frontend, backend, mobile, and infrastructure).
• Identify, assess, and mitigate security vulnerabilities through proactive risk management and threat modeling.
• Collaborate with product managers and developers to embed security into the software development lifecycle (SDLC).
• Develop and enforce policies for secure coding, data protection, and incident response.
• Implement robust authentication and authorization mechanisms.
• Conduct regular security assessments, including penetration testing and code reviews.
• Monitor, detect, and respond to security incidents using advanced tools and methodologies.
• Enhance infrastructure security using Kubernetes, Docker, and cloud platforms (GCP, AWS).
• Stay current on emerging threats, vulnerabilities, and security trends, and recommend actionable insights to improve defenses.
• Champion security awareness across the organization, including training sessions and knowledge-sharing activities.
• Ensure compliance with relevant security standards and regulations such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Basic QualificationsProven expertise in application security, cloud security, and infrastructure security.
• Proficiency in securing systems built with technologies such as Node.js, Golang, Elixir, Python, React, Svelte, or Flutter.
• Experience with tools like Docker, Kubernetes, and cloud services (GCP, AWS).
• Strong understanding of cryptographic principles and secure communication protocols.
• Familiarity with CI/CD pipelines and secure DevOps practices.
• Hands-on experience with security tools for vulnerability scanning, penetration testing, and threat detection.
• Deep understanding of database security, especially with PostgreSQL or other relational or non-relational databases.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent communication skills and the ability to collaborate effectively in Agile teams.
• Self-motivation, adaptability, and a strong work ethic.
• Preferred Qualifications We re especially excited if you bring:Experience leading security initiatives or mentoring other engineers in security best practices.
• Expertise in compliance frameworks such as ISO 27001, PDPA, GDPR, SOC 2, or PCI DSS.
• Advanced knowledge of security monitoring and incident response systems.
• Strong system design skills with a focus on secure architectures and long-term trade-offs.
• A proven track record of securing fast-paced, high-growth tech environments.
• A passion for securing user-centric products and contributing to their success.
• Perks & Benefits Flat Structure As we continue to grow fast, we strive to retain our culture where everyone is heard, contributes, and grows with the company..
• Work-life Harmony We believe that quality time outside of work is important to sustaining a healthy and happy lifestyle.
• Remote Work Hybrid-mode activated! It comes with the package: flexibility, focus and productivity!.
• Urban Office One breath from Phrom Phong BTS. No sweat whatsoever! The office should also feel like a second home so we dedicated a lot of care and resources into building the best environment for you to wake up to every morning.
• Fun Workshop The best relationships are built over new experiences, that s why we have workshops filled with a range of activities for you to look forward to and enjoy.
• Game Tournament It s getting fun and competitive! Challenge doesn t only have to come from work. Own the championship and show the peeps how great of a gamer (and player) you are.
• Group Insurance Health comes first, we know, don t worry, we ve got you covered.
• Health & Wellness Only a healthy army wins the war. We invest to take care of you from physical, mental and happiness-level. Adopted health & wellness applications plus activities to make sure everyone here is on cloud nine

ประสบการณ์:

7 ปีขึ้นไป

ทักษะ:

English

ประเภทงาน:

งานประจำ

• Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
• Deal effectively with ambiguous and unstructured problems and situations.
• Initiate open and candid coaching conversations at all levels.
• Move easily between big picture thinking and managing relevant detail.
• Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
• Contribute technical knowledge in area of specialism.
• Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
• Navigate the complexities of cross-border and/or diverse teams and engagements.
• Initiate and lead open conversations with teams, clients and stakeholders to build trust.
• Uphold the firm's code of ethics and business conduct.
• Preferred skills.
• Security Operation Center (SOC).
• Minimum years experience required.
• 7 years of experiences and above.
• Additional application instructions.
• Good communication in english.
• Education (if blank, degree and/or field of study not specified).
• Degrees/Field of Study required: Degrees/Field of Study preferred:Certifications (if blank, certifications not specified).
• Required Skills.
• Optional Skills.
• Desired Languages (If blank, desired languages not specified).
• Travel Requirements.
• Not Specified
• Available for Work Visa Sponsorship?.
• Yes
• Government Clearance Required?.
• No
• Job Posting End Date.
• December 31, 2024

ทักษะ:

Linux, Good Communication Skills, English

ประเภทงาน:

งานประจำ

• Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, and applications.
• Perform vulnerability assessments and security audits to evaluate the effectiveness of existing security measures.
• Develop and execute simulated cyber-attacks to assess the organization s readiness to defend against real-world threats.
• Employ various attack methodologies to test the resilience of systems against hacking attempts and security breaches.
• Perform threat modeling to anticipate potential attack vectors.
• Analyze risks associated with identified vulnerabilities and recommend appropriate mitigation strategies.
• Develop custom tools and scripts to automate penetration testing and exploit known vulnerabilities.
• Keep up to date with the latest exploitation techniques and security tools.
• Prepare detailed reports on findings from penetration tests and security assessments.
• Document and present risks and vulnerabilities to relevant stakeholders, along with recommended countermeasures.
• Collaborate with the Blue Team to enhance the organization s defensive strategies based on offensive findings.
• Share insights and knowledge on emerging threats and attack techniques with the cybersecurity team to continually improve defensive measures.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 10 years of experience in penetration testing and vulnerability assessments or related roles.
• Strong knowledge of network and application security, ethical hacking, and cybersecurity principles.
• Familiarity with penetration testing tools (e.g., Metasploit, Burp Suite, Kali Linux).
• Excellent problem-solving skills and ability to think like an adversary.
• Good communication skills for effective reporting and stakeholder engagement.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, etc.
• Professional Certificated related to work e.g. (CISSP, OSCP, OSWE) is desirable.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Risk Management, Project Management, English

ประเภทงาน:

งานประจำ

• Oversee the planning, execution, and monitoring of security-related projects.
• Coordinate with cross-functional teams to ensure successful project delivery.
• Develop project plans, schedules, and budgets, and track progress against established objectives.
• Communicate project status, risks, and issues to relevant stakeholders.
• Identify, assess, and prioritize security risks across the organization.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the effectiveness of risk management activities.
• Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
• Develop, review, and maintain security policies, standards, and procedures.
• Ensure alignment with regulatory requirements and industry best practices.
• Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
• Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
• Effectively communicate security issues and concerns to the technology team.
• Collaborate with the technology team to develop and implement solutions to address identified security issues.
• Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
• Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
• Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Bachelor s degree in Information Security, Computer Science, or a related field.
• A minimum of 5 years of experience in information security, with a focus on security governance.
• Professional certifications such as CISSP, CISM, or CRISC are preferred.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience in audit management, risk assessment, and policy development.
• Excellent project management and organizational skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
• Demonstrated ability to work independently and deliver results under tight deadlines.
• Talent to identify and create a broad vision for a security solution and to execute it.
• Systems Thinking - the ability to see how parts interact with the whole (big picture thinking).
• Proven experience of acting as an expert in project teams.
• Ability to explain your thoughts or findings also to non- technical professionals.
• Good command in written and spoken Thai and English language.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

5 ปีขึ้นไป

ทักษะ:

Problem Solving, English

ประเภทงาน:

งานประจำ

• Design, implement and maintain the IT Security of the organization which involves developing and executing security strategies, standards and procedures to protect IT assets from cyber threats and vulnerabilities.
• Develops solution conceptual designs and solution blueprints for IT projects.
• Design security architecture elements to mitigate emerging threats.
• Reviewing security measures and recommending to implementing enhancements.
• Review and advise security solution architect for the proposed system such as: Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies.
• Conducting security advisory consultancy and working with RED and BLUE team for security testing along the pipeline of the system delivery.
• Bachelors or Masters Degree in Computer Engineering, Computer Science or related field.
• At least 5 years of experience of IT Security Advisory, Penetration tester or Enterprise Architect or related role.
• Comprehensive understanding of the IT Security Concept, Security Architect, Risk assessment.
• Ability to analyst finding form Offensive and Defensive Security team.
• Ability to analyze end-to-end security processes and provide advice in order to reduce risk to acceptable levels.
• Strong analytical and problem solving.
• Rapid learning capability and able to work under pressure.
• Good command in written and spoken Thai and English language.
• Ability to present technical solutions with stakeholders in an easy way.
• Knowledge of International Security frameworks, Standards, and Guidelines e.g., NIST-800-53, PCI-DSS, OWASP, and etc.
• Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
• Location: True Digital Park, Punnawithi.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Compliance, Project Management, Business Development

ประเภทงาน:

งานประจำ

• Design, Implement, and Optimize Secure Landing Zones: Lead the creation and enhancement of secure landing zones across multiple cloud service providers (CSPs) such as AWS, Azure, and Google Cloud for clients in Southeast Asia.
• DevSecOps Pipelines: Architect and implement DevSecOps pipelines, integrating security controls into CI/CD processes to automate security and compliance testing.
• Infrastructure as Code (IaC): Design and deploy infrastructure as code using tools like Terraform, AWS CloudFormation, and Azure Resource Manager (ARM) templates to aut ...
• High Availability Architectures: Implement multi-region and high availability architectures to meet performance, scalability, and disaster recovery requirements.
• Security Configurations: Configure Web Application Firewalls (WAFs), DDoS protection (e.g., AWS Shield, Azure DDoS Protection), and network firewalls (e.g., AWS Network Firewall, Azure Firewall).
• Access Control: Implement role-based access control (RBAC), least privilege principles, and multi-factor authentication (MFA) across cloud environments.
• Cloud-Native Security Expertise: Provide subject matter expertise in cloud-native security technologies, including identity and access management (IAM), encryption, security monitoring, and vulnerability management.
• Project Management and Leadership: Ensure the successful delivery of cloud security solutions through strong project management and leadership.
• Business Development: Assist in business development efforts, including proposal creation and identifying opportunities to grow cloud security service offerings.
• Client Relationships: Build and nurture positive working relationships with clients, aiming to exceed their expectations.
• Engagement Profitability: Identify opportunities to improve engagement profitability.
• Mentorship: Mentor and develop junior staff, promoting knowledge sharing and skills development within the team.
• Your role as a leader At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Assistant Managers across our Firm are expected toDevelop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively - leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.
• Enough about us, let's talk about you.3+ years of experience in cloud security implementations across multiple CSPs (AWS, Azure, GCP).
• Extensive hands-on experience in designing and implementing Security Landing Zones, cloud security architectures, and securing hybrid/multi-cloud environments.
• Relevant certifications such as AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer, Google Cloud Professional Cloud Security Engineer, or CISSP, CCSP are highly desirable.
• Proven experience managing cloud security projects, including landing zone implementations and security automation.
• Expertise in cloud-native security controls, including IAM, key management, network security, and security monitoring tools (e.g., AWS Security Hub, Azure Security Center).
• Strong knowledge of compliance frameworks such as NIST,CSA CCM, and CIS Benchmarks and how to apply them to cloud security implementations.
• Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Bachelor s degree in Computer Science, Information Security, or a related field; Master s degree preferred.
• Limited immigration sponsorship may be available.
• Excellent problem-solving skills and proven ability to lead a team of engineers.
• Ability to optimally communicate and advocate key security requirements to senior stakeholders.
• Strong critical-thinking and problem-solving skills with clear communication.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website. #LI-AA1 Requisition ID: 106369In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ประเภทงาน:

งานประจำ

Greenline Synergy provides the information security governance to the BDMS hospitals which is a framework of policies, practices, and strategies that align organizational resources toward protecting information through cybersecurity measures.

ประสบการณ์:

3 ปีขึ้นไป

ทักษะ:

Industry trends

ประเภทงาน:

งานประจำ

• Risk Assessment & Analysis: Conduct comprehensive assessments of clients OT environments to identify vulnerabilities and recommend mitigation strategies.
• Security Strategy Development: Design and implement tailored OT security frameworks and policies in alignment with industry standards (NIST, ISA/IEC 62443, etc.).
• Stakeholder Engagement: Collaborate with cross-functional teams, including IT, operations, and management, to foster a culture of security awareness and resilience.
• Training & Mentorship: Provide training and mentorship to junior consultants and client teams on OT security best practices and emerging threats.
• Thought Leadership: Stay abreast of industry trends, emerging technologies, and regulatory changes; contribute to white papers, presentations, and client workshops.
• Your role as a leader
• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Consultants across our firm are expected to:Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
• Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
• Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
• Build relationships and communicates effectively in order to positively influence peers and stakeholders.
• Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.
• Enough about us, let's talk about youBachelor s degree in Cybersecurity, Information Technology, Engineering, or a related field; a Master s degree is a plus.
• At least 3 years of experience in cybersecurity, with a focus on operational technology and industrial control systems (ICS).
• Relevant certifications such as CISSP, CISM or GICSP,.
• Deep understanding of relevant standards and guidelines.
• Proficiency in network security, vulnerability assessment tools, and incident response methodologies specific to OT environments.
• Strong knowledge of industrial control systems, SCADA systems, and PLCs.
• Experience with network segmentation, access control, and secure communication protocols.
• Exceptional verbal and written communication skills, with the ability to articulate complex concepts to technical and non-technical stakeholders alike.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing potential security issues.
• Due to volume of applications, we regret that only shortlisted candidates will be notified.
• Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website. #LI-AA1 Requisition ID: 106367In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.

ทักษะ:

Sales

ประเภทงาน:

งานประจำ

• Be the security leader and expert for your assigned territory. Leads and plans for accounts across territories, does business analysis to pursue high-potential sales opportunities and manages the End-to-End Security business across the territory.
• Develop and maintain a strong pipeline of sales opportunities, ensuring that sales targets are met or exceeded.
• Build, own and manage CISO and other key C-stakeholders' relationships in your accounts driving awareness and excitement for Microsoft security platform value and influ ...
• Understand customer cloud and security initiatives, compete landscape as well as gaps between current and desired security posture. Capture the opportunity of customers journey to balance the need for security and employee productivity with the right process and visibility.
• Demo and whiteboard the cloud security solutions and the relevant security architecture. Lead and orchestrate V-Team to drive an end-to-end value selling from discovery to demonstrating and proving business value.
• Engage security partners to help scale and accelerate the sales cycle while also ensuring a deployment plan is in place for accelerated deployment with partner added value services.
• Perform ROI and TCO analysis and leverage various commercial offers and programs to build a compelling business case accelerating negotiations and deal closure. Drive to exceed quarterly and yearly revenue targets and other sales goals. Manage sales hygiene via accurate forecasting and deal updates within sales CRM.
• Completes required training and obtains relevant product and role certifications aligned to the role and workload/industry.
• Technical Expertise: Leads end-to-end Security conversations, shares best practices and key competitor knowledge across solution areas, and evaluates opportunities to make recommendations on pursuit or withdrawal. Exhibits outstanding operational excellence - including monthly/quarterly forecasting, building healthy pipeline, CRM entry and hygiene, opportunity management and virtual team orchestration.
• Experience driving new sales and new customers using innovative approaches, leveraging joint partnership events, social selling (LinkedIn) and networking.
• Enterprise customer level experience with cloud, security technologies (Identity and Access Management, Threat protection, Data protection, Cloud Security), and industry standards recommended.
• Sales Excellence: Leads and plans for strategic accounts in the assigned territory, does business analysis to pursue high-potential customers and manages the End-to-End Security business across the assigned territory. Completes required training and obtains relevant product and role certifications aligned to the role and workload/industry.
• Sales and Technology Exceed sales goals in an assigned sales territory.
• Demonstrated sales and partner management experience.
• Competes to win new market share.
• Significant experience delivering persuasive presentations to business decision makers..
• Required/minimum qualifications Bachelor's Degree in Computer Science, Information Technology, Business Administration, or related field AND 6+ years technology-related sales or account management experience OR.
• 7+ years technology-related sales or account management experience.
• Security Sales Experience: experience selling security solutions to CISO, CDO, CTO and other key C-level stakeholders.
• Understanding of cloud security technologies: Threat protection (Endpoint security, E-mail security, Incident Response, etc.), Kill Chain, CNAPP, SIEM., Multi-Cloud Security, Identity and Access management.
• Additional or preferred qualifications 6+ years solution or services sales experience. Master's Degree in Business Administration (i.e., MBA), Information Technology, or related field AND 5+ years technology-related sales or account management experience OR.
• Bachelor's Degree in Information Technology, or related field AND 8+ years technology-related sales or account management experience OR.
• 9+ years technology-related sales or account management experience.
• MCAPSRegionsASEAN Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.