Cro- Information and Security Risk
1 day ago
**Responsibilities**:
- Participate in the Risk and Control Self-Assessment (RCSA) and Control Framework (CF) development and review workshops / processes to provide updates on Information Risk Policy, related minimum standards, views on IT / cyber risks and information system controls, and challenge the first line-of-defence functions on risks and key remediation controls during the RCSA and/or CF revisit workshops
- Monitor the new and/or updated IT / cybersecurity laws, regulations, and international standards and review the existing Information Risk Policy, and related minimum standards to identify gaps and propose the required action plans
- Work with team members to review and update Information Risk Policy and related minimum standards according to the defined periodic review cycle to ensure compliance with laws, regulations and in line with international standards or frameworks
- Review and update the contents on e-learning platform for the annual cyber risk awareness training delivery to all staff and concerned parties
- Provide supports to the subordinate specialist team members for the execution of Annual Key Control Testing (KCT) - Quality Assurance (QA) Plan, and review the quality of works done by the subordinate team members as part of KCT QA plan execution
- Coordinate with all relevant parties for IT Non-Financial Risk Committee (IT NFRC) quarterly meeting readiness preparation
- Attend the meetings and provide consult and/or views on IT risk / cyber risk and information system controls to the business units that are product / service owner in the initiative / strategic projects.
- Be the coordinator and provide supports to the Compliance and Internal Audit functions in the annual self-assessment programs and/or IT audits.
- Be the coordinator and provide supports to the regulators e.g., in the Annual IT Examination visit by Bank of Thailand (BOT) and to the external auditors in the independent review
- Participate the annual Business Continuity and/or IT Disaster Recovery plans exercises
- Manage special assignments (if any)
**Qualifications**:
- Master or bachelor’s degree in computer related or equivalent fields
- 8-10 years of professional experienced in Information Security related fields
- 5-10 years of working experienced in banking or financial service industry
- Knowledge and skills in the areas of IT governance, IT / cyber risk, and information systems control
- Knowledge and skills in the areas of system development life cycle,
- Good knowledge and understanding in IT and/or Cybersecurity related laws and regulations such as BOT’s IT Risk Management Implementation, BOT’s Cyber Resilience Assessment Framework (CRAF), Computer Crime Act, Personal Data Protection Act (PDPA), etc.
- Good knowledge and understanding in international standards such as NIST 800-53, ISO 27000 series, ISO 22301, PCI DSS, COBIT, ITIL, etc.
- Certified Information Security Manager (CISM), Certified in Risk and Information System Control (CRISC), Certified Information Systems Auditor (CISA) or Certified Information System Security Professional (CISSP) is an advantage
- Good English communication skills are required
- Good consulting skills
- Good managerial skills, can work under pressure or manage multiple assignments simultaneously to provide deliverables on tim
**Location : Jatuchak (Head Office)**
**For more information**:
-
Thailand KPMG-Thailand Full timeOur IT Audit professionals advise our clients how to manage IT-related risks to balance the opportunities and threats arising from the use of technology and provide assurance over their IT controls. Literate in the technologies deployed by our clients and with deep industry experience, our professionals provide practical recommendations that cut through...
-
Manager, Operational Risk
7 months ago
Thailand CIMB Group Full time**Responsibilities**: - Implementation the ORM framework and IT Risk Management Policy & Procedure to effectively manage technology related risks, enhance technology resiliency and mitigate risks against technology security threats across CIMBT. - Champion, socialize and embed the progressive development, definition and role of enterprise-wide Technology...
-
Head, Operational Risk
2 months ago
Thailand CIMB Group Full time**Responsibilities**: - Provide leadership for the implementation of and compliance with the ORM framework and IT Risk Management Policy & Procedure to effectively manage technology related risks, enhance technology resiliency and mitigate risks against technology security threats across CIMBT. - Champion, socialize and embed the progressive development,...
-
Manager, Operational Risk
59 minutes ago
Thailand CIMB Group Full time**Responsibilities**: - Implementation the ORM framework and IT Risk Management Policy & Procedure to effectively manage technology related risks, enhance technology resiliency and mitigate risks against technology security threats across CIMBT. - Champion, socialize and embed the progressive development, definition and role of enterprise-wide Technology...
-
Manager - Technology Risk
2 weeks ago
Thailand KPMG-Thailand Full timeOur IT Audit professionals advise our clients how to manage IT-related risks to balance the opportunities and threats arising from the use of technology and provide assurance over their IT controls. Literate in the technologies deployed by our clients and with deep industry experience, our professionals provide practical recommendations that cut through...
-
Cyber Security IT Governance
7 months ago
Thailand Argyll Scott Full time**Main responsibilities**: - **Planning, organizing and carrying out information security management, IT security design & implementation, IT security **assessment assignments and Cyber Simulation exercise as assigned. - Develop excellent professional oral and written communication skills in order to establish working relationships with client personnel. -...
-
Manager - Cyber Security Governance
2 weeks ago
Thailand KPMG-Thailand Full timePublic and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face. Dealing with cyber threats is a complex challenge. KPMG professionals recognize that cyber security is about risk management - not risk elimination. We are looking for consultants to join our...
-
Assistant Manager- Ot Security
2 weeks ago
Thailand KPMG-Thailand Full timePublic and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face. Dealing with cyber threats is a complex challenge. KPMG professionals recognize that cyber security is about risk management - not risk elimination. We are looking for experienced consultants...
-
Junior/senior - IT Audit Services (Bc Risk)
2 weeks ago
Thailand KPMG-Thailand Full timeAn effective, well-managed IT system is one of the most valuable business advantages an organization can secure. The right technology, implemented properly, appropriately managed and monitored, can lead to significant gains in growth and efficiency. It is essential to get sound business advice to ensure technology risks are managed. IT is challenging to get...
-
Senior Associate
2 weeks ago
Thailand KPMG-Thailand Full timePublic and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face. Dealing with cyber threats is a complex challenge. KPMG professionals recognize that cyber security is about risk management - not risk elimination. We are looking for consultants to join our...
-
Technology Consulting
7 months ago
Thailand NodeFlair Full time**Job Summary**: **Job Type** Permanent **Seniority** Manager **Years of Experience** At least 7 years **Tech Stacks** Strategy play - EY is committed to doing its part in building a better working world. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop...
-
Technology Consulting
7 months ago
Thailand NodeFlair Full time**Job Summary**: **Job Type** Permanent **Seniority** Senior **Years of Experience** At least 2 years **Tech Stacks** Strategy play - EY is committed to doing its part in building a better working world. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop...
-
Safety, Security and Access
8 months ago
Thailand Save the Children Full time**The Opportunity The Safety, Security and Access Manager will ensure great coordination between Save the Children Thailand Foundation programs, ASRO entity and implement Save the Children’s Safety and Security Policy and Standards within the ASRO and related bodies in Thailand, will help drive systemic change in the quality of safety and security...
-
Risk Manager
7 months ago
Thailand Thakral One Full timeEnd-to-end coordination and oversight of all authorisation and fraud payment success optimisation themed recommendations shared with the issuer as part of the diagnostic and assessment phases **Key Requirements**: Adept domain expert in card authorisations and fraud risk management process operating in a bank’s credit card environment with familiarity to...
-
Risk Analyst
56 minutes ago
Thailand Bitfinex Full timeFounded in 2012, Bitfinex is a digital asset trading platform offering state-of-the-art services for crypto traders and global liquidity providers. We are one of the oldest exchanges and a top 10 player by volumes, with a solid customer base of both institutional and retail customers. We list almost 200 different tokens and also more than 60 perpetual...
-
Svp Enterprise Risk Management and Data Privacy
4 months ago
Thailand HSBC Full time-Job description **SVP Enterprise Risk Management and Data Privacy Officer** **Risk Department** **GCB4** *** **Some careers** **grow faster than others.** If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new...
-
Security (Avp)
1 day ago
Thailand Talentvis Full timeRequirements:6-7 years of experience in computer security systems network computer information systems management at the management level - Educational qualifications: Bachelor's degree/Master's degree, B.Eng./Bachelor of Science in computer, information technology, electricity, telecommunication or related fields. - Have Certification in Cyber Sec such as...
-
Security Manager
1 day ago
Thailand Talentvis Full timeRequirements:More than 5 years experience in computer security system network computer information systems management at the management level - Educational qualifications: Bachelor's degree/Master's degree, B.Eng./Bachelor of Science in computer, information technology, electricity, telecommunication or related fields. - Have Certification in Cyber Sec such...
-
Security Manager
2 months ago
Thailand Lazada Full timeLocation: **Thailand** - Department: Supply Chain & Logistics- Location: Thailand- 1. Responsible for security management in Suksawas Sortation Center, ensuring the safety of company assets and personnel. 2. Develop and implement comprehensive security policies and procedures in compliance with laws and regulations and Alibaba International's security...
-
Senior Associate/assistant Manager
2 weeks ago
Thailand KPMG-Thailand Full timePublic and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face. Dealing with cyber threats is a complex challenge. KPMG professionals recognize that cyber security is about risk management - not risk elimination. We are looking for consultants to join our...