Information Technology Security
Indexed description
About Us
ÆON Thana Sinsap (Thailand) PLC (AEONTS) is a Financial Services company located in Bangkok City, Thailand Our company provides a range of services including loans, credit cards, Insurance Broker and installment programs to our customers. We are committed to providing exceptional customer experience and value to our customers.
Key Responsibilities:
- Manage and Control IT Security of company’s Infrastructure such as Firewalls, Cloud-based hosting, Internet policies and etc.
- Perform IT security assessments, monitor and analyze cyber security event.
- Work on IT security design and analysis, and business continuity management.
- Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
- Advise company on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.
- Assist company’s internal developers and the development team in patching any security vulnerabilities.
- Implement security guidelines for all company’s collaboration with the team.
- Operationalize Cyber Security Risk Management capabilities such as Business Impact Assessment of the Business unit’s digital portfolio of services and applications to identify Crown jewels to be protected in line with Risk appetite.
- Deployment of relevant cybersecurity controls, including required local regulatory compliance, to ensure digital solutions, both applications and services, are developed with a secure-by-design principle.
- Drives Cyber Risk acceptance, risk mitigation, finding management processes, and risk reporting consistently to ensure Cyber Risks are managed and residual risks understood by the leadership.
- Champion Cyber Security Change program activities to drive awareness, behaviors among the business unit, and increase the Cyber Resilience
- Drive implementation and integration/adoption of security capabilities and change management to ensure business alignment and effectiveness.
- Business-level security KPIs/KRIs (e.g., patch compliance, phishing click rates, third-party risk ratings) dashboards, reports to management level.
Requirements:
- Bachelor’s degree in Computer Engineering or related field.
- Minimum 8-10 years of IT Security Management and Project Management in complex projects in banking, fintech, insurance business.
- Good knowledge and understanding in IT and/or Cybersecurity related laws and regulations such as IT Risk Management Implementation, Cyber , Computer Crime Act, Personal Data Protection Act (PDPA), etc
- Relevant industry certifications are an advantage (e.g., ISO 27001, CISA, CISSP, CGEIT, etc.)
- Working knowledge of local information and cybersecurity-related regulations and requirements is a MUST.
- Ability to develop, review, and maintain documentation on time.
- Excellent English communication and interpersonal skills, with a proven ability to resolve conflicts and build strong, lasting rapport with diverse stakeholders.
- Proven ability in building partnerships across local, regional, and cross-functional teams to align security goals with business objectives.
- A detail-oriented self-starter with strong analytical skills and a result-oriented mindset, capable of multitasking and adapting quickly to shifting priorities in a fast-paced environment.
Location : Sermmit Tower (Work from office)
If you are interested in the above position, please send your full resume to HRSSC-Recruitment ([email protected]) Tel. 02-302-4771
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search