This position requires a comprehensive knowledge and understanding of asset and information protection principles necessary to plan and implement security programs and solutions in support of the business.
Responsibilities:
- Developing and maintaining IT security policy
- Defining security requirements for new or modification to services
- Monitoring and handling of security incidents
- Generating IT Service Management reports and manage service levels according to agreed SLAs
- IT service continuity management, Business impact analysis for all existing and new services
- Maintaining information asset register
- Monitoring compliance to IT Security Policy and regulatory compliance requirements
- Change management, Change Request review to secure Production Systems - authorizing change requests
- IT Security evaluates of internal/external application development, various technical systems and provides report of controls (BRD).
- Coordinate requirements of Information Protection in TH Local and Regional office.
- Assessment security vulnerabilities and ensure all vulnerabilities remediated such as security patches, security threats and cyber security.
- Provide IT Security Awareness Training to staffs
- Support regular Business Continuity Plan (BCP) test.
- User account management (registration/ de-registration process, periodic user account review, maintaining user access matrix)
- High-privileged user account management
- Perform other related duties as assigned.
Qualifications & Skills:
- A degree in Information Systems, Computer Science or equivalent field of study and professional experience.
- At least 5 years relevant Information Technology infrastructure, ITIL and security working experience.
- In depth understanding of core security monitoring and response services - process, technology and governance - including attack detection, vulnerability management, security incident management and threat intelligence
- Solid in security service governance and management e.g. definition of policies, standards, procedures, and metrics to measure and report on service effectiveness and performance
- Good security incident response - ability to assessment and verify security events, and direct and execute containment actions
- Focused on delivering good customer service - responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests
- Proven and delivering continuous service improvement and IT governance experience
- Experience in conducting risk assessment activities, security analysis and incident response review and reporting
- Risk management, ITIL implementation and service management knowledge.
- ISO 27001 audit task
- Business Continuity Plan and Disaster Recovery Plan
- Strong vendor management
- Require ITIL, CISA, CISM, PCI DSS and COBIT5 certification
- Excellent written and spoken English
The successful candidate will be provided a promising career opportunity and attractive compensation package. To submit your application, in strict confidence, please send your full resume in Word format by click "Apply Now"
For a confidential discussion please call 02-106-8600 and ask to speak to the Technology Team.
Your application will be treated with strict confidential.
en world Recruitment (Thailand) Co., Ltd.
Athenee Tower, 12th Floor, Unit 1201-1202
63 Wireless Road, Lumpini, Pathumwan, Bangkok 10330 Thailand
Tel: +66 (2) 106 8600 | Fax: +66 (0) 2654 0901
www.enworld.co.th
