Information Security (Specialist / Division Manager)
About this position
The Information Security Specialist / Division Manager will be responsible for defining, assessing, and improving cybersecurity policies and guidelines, maintaining IT controls risk management, enhancing security awareness, identifying vulnerabilities, leading incident monitoring and response, and coordinating secure infrastructure solutions.
Responsibilities
• Define, document, assess, improve, and maintain policies and guidelines related to cybersecurity in respect of policy, roadmap and standard of organization, and legislation and regulations that impact cybersecurity.
• Maintain cybersecurity and IT controls risk management which includes risk assess, risk treatment plan development, and follow the plan.
• Support the implementation, operation and maintenance of IT security policy, standards, and guidelines in compliance with the security regulations from regulators, and Cybersecurity process (e.g., Risk Assessment, Vulnerability Assessment and Penetration testing)
• Continuously enhance security awareness for all personnel which may include develop security awareness and communicate it to whole organization.
• Actively look for security vulnerabilities in our application and network, reporting issues and describing possible solutions.
• Lead and support cybersecurity incident monitoring, response, and resolve.
• Coordinate and assist IT teams in delivering secure infrastructure solutions with security recommendations and ensure key security controls are working as intended.
• To implement cyber security projects and improvement by assessing current situation; evaluating trends; anticipating requirements
• Other tasks as assigned by supervisor.
Requirements
• Bachelor’s degree or master’s Degree in computer engineering, Computer Science, Information Technology or related fields
• Experience in IT Security / Cybersecurity at least 5 years
• Understanding of IT infrastructure and Application
• Rapid learning capability and able to work under pressure.
• The ability to interact with a wide range of people from different backgrounds and races.
• General knowledge and understanding of information security principles and best practice (e.g., ISO27001, NIST CSF, OWASP and PDPA)
• Good working knowledge of current IT risks and experience implementing security solutions.
• Relevant security certification is a plus, e.g., Sec+, CEH, OSCP, CISSP, CISM and related Data privacy Certificated.
• Have experience in project management is a plus.
• Good command in English
Benefits
40,000 - 80,000 THB per month