'%3e%3cpath fill='%233D4245' d='M12.997 0H5.003A5.016 5.016 0 0 0 0 5.003v7.994C0 15.777 2.25 18 5.003 18h7.994A4.982 4.982 0 0 0 18 12.997V5.003A4.999 4.999 0 0 0 12.997 0'/%3e%3cpath fill='white' fill-rule='evenodd' d='M13.326 4.714a1.022 1.022 0 0 0-1.462 0L8.94 7.652 6.018 4.714a1.022 1.022 0 0 0-1.462 0 1.035 1.035 0 0 0 0 1.47L7.48 9.122l1.462 1.47 1.462-1.47 2.923-2.938c.408-.41.408-1.06 0-1.47m-.73 9.236a1.03 1.03 0 0 0 1.034-1.04V6.637l-2.068 2.078v4.195c0 .58.456 1.04 1.034 1.04m-7.36-.035a1.029 1.029 0 0 1-1.034-1.04V6.602L6.271 8.68v4.195c0 .58-.457 1.04-1.034 1.04' clip-rule='evenodd'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='a'%3e%3crect width='18' height='18' fill='white' rx='4.5'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3cpath fill='black' d='M6.846 1.246h-.699a.194.194 0 0 0-.194.194v4.351c0 .107.087.194.194.194h.7a.194.194 0 0 0 .194-.194v-4.35a.194.194 0 0 0-.195-.195M5.153 4.9H3.269V1.44a.197.197 0 0 0-.196-.194h-.699a.195.195 0 0 0-.194.194v4.353c0 .106.086.194.194.194h2.779a.194.194 0 0 0 .194-.194v-.7a.194.194 0 0 0-.194-.194m10.39-2.564a.194.194 0 0 0 .195-.194v-.7a.195.195 0 0 0-.195-.195h-2.778a.194.194 0 0 0-.195.194v4.353c0 .106.086.194.195.194h2.778a.194.194 0 0 0 .195-.194v-.7a.195.195 0 0 0-.195-.194H13.66v-.738h1.883a.194.194 0 0 0 .195-.194v-.7a.195.195 0 0 0-.195-.194H13.66v-.738zm-3.905-1.088h-.699a.194.194 0 0 0-.194.194V3.96l-1.83-2.618c-.052-.073-.13-.095-.215-.095-.011-.002-.022 0-.033 0h-.7a.194.194 0 0 0-.194.194v4.352c0 .107.087.195.195.195h.699a.194.194 0 0 0 .194-.195v-2.63l1.909 2.73.022.026c.033.039.08.064.135.069h.713a.194.194 0 0 0 .194-.195V1.441a.195.195 0 0 0-.194-.194z'/%3e%3cpath fill='%2308BF5B' d='M15.79 7.574H2.22a.533.533 0 0 0-.533.533v8.115c0 .294.24.533.533.533h13.57a.533.533 0 0 0 .532-.533V8.107a.533.533 0 0 0-.533-.533'/%3e%3cpath fill='white' d='M6.967 11.154c0 .807-.649 1.456-1.486 1.456h-.636v1.19a.143.143 0 0 1-.143.143h-.684a.143.143 0 0 1-.143-.142V9.84c0-.078.064-.142.143-.142H5.48c.837 0 1.486.65 1.486 1.456zm-.97 0c0-.31-.218-.546-.516-.546h-.636V11.7h.636c.298 0 .516-.237.516-.545m4.577-.169v2.882a.076.076 0 0 1-.075.076H9.74a.075.075 0 0 1-.075-.076v-.21c-.2.23-.497.37-.903.37-.794 0-1.45-.697-1.45-1.6 0-.903.656-1.6 1.45-1.6.406 0 .704.14.903.37v-.21c0-.04.033-.075.075-.075h.759c.04 0 .075.033.075.075zm-.91 1.44c0-.454-.302-.739-.72-.739s-.72.285-.72.74c0 .454.302.74.72.74s.72-.286.72-.74m3.932-1.437-.698 1.758-.722-1.76a.126.126 0 0 0-.116-.078h-.774a.075.075 0 0 0-.07.104l1.204 2.935-.438 1.105a.076.076 0 0 0 .07.103h.774a.124.124 0 0 0 .116-.078l1.614-4.065a.076.076 0 0 0-.07-.104h-.774a.124.124 0 0 0-.116.079z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='a'%3e%3cpath fill='white' d='M1.68 1.246h14.635v15.508H1.68z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
What you’ll Do:
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
- Work directly with the business units to facilitate risk assessment and risk management processes.
- Develop and enhance an information security management framework.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services.
- Provide leadership to the enterprise's information security organization.
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
- Maintain a current understanding the IT threat landscape for the industry.
- Translate that knowledge to identification of risks and actionable plans to protect the business and schedule periodic security audits.
- Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced.
- Constantly update the cyber security strategy to leverage new technology and threat information.
- Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget.
- Encourage employees in Tech and Non-tech to understand security best practices and risk to build secure platforms such as software, infrastructure and processes.
What you’ll Need:
- Bachelor or Master’s degree in Computer Engineering, Computer Science, Cyber Security or related fields.
- 8-10 years of work experience in Information Technology Security related and at least 2 year experiences in team management.
- Hands-on experience in writing company-wide security policies and controls.
- Able to manage and work across with stakeholders both in the external and internal department.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001/27002, COBIT and/or NIST.
- Knowledge about global Data Protection Regulations and the Personal Data Protection Act.
- Knowledge of E2E security design including network, platform and application.
- Experience in Agile software development practices in combination with CI/CD.
- Experience in system and applications security management and control.
- Experience with security technologies e.g. Intrusion Detection System (IDS) monitoring, Incident Response, and Disaster Recovery Planning.
- Experience in facilitating information security risk assessments.
- Experience with Cloud computing and Cloud security practice.
- Professional certificates related to work (e.g. CISSP, CISM, ISO 27001, PCI DSS or similar general security certification) is very desirable.
- Proficient written and verbal communication skill in Thai and English.