หน้าที่และความรับผิดชอบ

Job Purpose: 
Play a key role in avoiding disasters by identifying any weak areas that might make information systems vulnerable. Assess organization’s security measures such as anti-virus software, passwords, and firewalls to identify any areas that might make information systems vulnerable to attack. Analyze reports generated by the monitoring system to identify risk. 

Responsibilities: 

• IT Risk Manager - Actively involved in minimizing, mitigating and or avoiding risk relating to security
• IT Quality Manager - Ensure organizational compliance to international standard (e.g. ISO, COBIT, etc.)
• IT Disaster Recovery Support - Look after the recovery of data in disaster situations
• IT Security Audit - Oversee security violation investigations
• IT Security Assessment - Carry out simulate attacks/testing in order to test the efficiency of the security measures that are in place
• IT Security Ambassador - Provide security awareness for employees such as security risks to not using strong passwords and protecting data when using mobile devices outside the office

คุณสมบัติ

Required Knowledges: 

• Implementation and/or advice International Standards (i.e. ISO, COBIT, NIST)
• Develop specifications, standards, and documentation for the infrastructure and application
• Cyber Security, Network Security, Application Security, Systems Architecture, Project Management
• Close off security vulnerabilities and threats in the case of an attack
• Involve in IT & business project by providing security and technical consult • Provide guidance to employees and IT staff on IT best practices with focus on security
• Manage and coordinates urgent and complicates support issues. Acts as an escalation point of infrastructure and network teams 

Qualifications:  

• Bachelor’s Degree or above in Science/Engineering or relevant field
• Over 5 years of relevant experience • Cloud Security knowledge is required
• Security Audit, Forensics, vulnerability assessment and/or Penetration Testing
• Infrastructure and Network Security (On-Premise and Cloud)
• Security Architecture (On-Premise and Cloud) • Application Security Testing
• Project management and delivery experience
• Information Security and Event Management (SIEM)
• Data Leak Protection • Thailand Personal Data Privacy Act. (PDPA)
• Knowledge of security standard/certification such as CISSP, CISM, CISA, ISO 27001 & 22301 Lead Auditor, PCI DSS, CEH, OSCP