IT Governance and Risk Manager

Location: Bangkok Province, Thailand
Job Type: Permanent
Salary Negotiable
Specialization: Information Security/Cyber Security/IT Risk/IT Governance
Sub Specialization: IT Audit, Infrastructure and Services Delivery
Contact: Vinarin Kanjanapol
Reference: JO-2006-442265

This position requires a comprehensive knowledge and understanding of asset and information protection principles necessary to plan and implement security programs and solutions in support of the business.


  • Developing and maintaining IT security policy
  • Defining security requirements for new or modification to services
  • Monitoring and handling of security incidents
  • Generating IT Service Management reports and manage service levels according to agreed SLAs
  • IT service continuity management, Business impact analysis for all existing and new services
  • Maintaining information asset register
  • Monitoring compliance to IT Security Policy and regulatory compliance requirements
  • Change management, Change Request review to secure Production Systems - authorizing change requests
  • IT Security evaluates of internal/external application development, various technical systems and provides report of controls (BRD).
  • Coordinate requirements of Information Protection in TH Local and Regional office.
  • Assessment security vulnerabilities and ensure all vulnerabilities remediated such as security patches, security threats and cyber security.
  • Provide IT Security Awareness Training to staffs
  • Support regular Business Continuity Plan (BCP) test.
  • User account management (registration/ de-registration process, periodic user account review, maintaining user access matrix)
  • High-privileged user account management
  • Perform other related duties as assigned.

Qualifications & Skills:

  • A degree in Information Systems, Computer Science or equivalent field of study and professional experience.
  • At least 5 years relevant Information Technology infrastructure, ITIL and security working experience.
  • In depth understanding of core security monitoring and response services - process, technology and governance - including attack detection, vulnerability management, security incident management and threat intelligence
  • Solid in security service governance and management e.g. definition of policies, standards, procedures, and metrics to measure and report on service effectiveness and performance
  • Good security incident response - ability to assessment and verify security events, and direct and execute containment actions
  • Focused on delivering good customer service - responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests
  • Proven and delivering continuous service improvement and IT governance experience
  • Experience in conducting risk assessment activities, security analysis and incident response review and reporting
  • Risk management, ITIL implementation and service management knowledge.
  • ISO 27001 audit task
  • Business Continuity Plan and Disaster Recovery Plan
  • Strong vendor management
  • Require ITIL, CISA, CISM, PCI DSS and COBIT5 certification
  • Excellent written and spoken English

The successful candidate will be provided a promising career opportunity and attractive compensation package. To submit your application, in strict confidence, please send your full resume in Word format by click "Apply Now"

For a confidential discussion please call 02-106-8600 and ask to speak to the Technology Team.
Your application will be treated with strict confidential.

en world Recruitment (Thailand) Co., Ltd.
Athenee Tower, 12th Floor, Unit 1201-1202
63 Wireless Road, Lumpini, Pathumwan, Bangkok 10330 Thailand
Tel: +66 (2) 106 8600 | Fax: +66 (0) 2654 0901