Secruity Advisory

4 months ago

กรงเทพมหานคร, Thailand SCB Tech X Company Limited Full time

**Job Summary**

**Responsibilities**:

- Responsible for improving the security posture of SCB Tech X and customer through the development of enterprise information security policies and procedures include IT security requirement and IT 3rd Party Due Diligence Questionnaire and Control in accordance with BOT compliance.
- Make recommendations to business, enterprise architecture or related units regarding security policy, best practices and standard (PCI, ISO, CIS, NIST)
- Develop roadmap for development of a comprehensive information security policy template, IT security requirement and IT 3rd Party Due Diligence Questionnaire and Control.
- Develops new security programs by strategically reviewing existing security programs; conducting comprehensive studies of present and anticipated threats; evaluating, analyzing, and continuously reviewing collection activity results on potential threats against the organization. Include training and awareness strategies.
- Support identity and access management, data encryption deployments and applied cryptography, maintaining and regularly updating data encryption and key management in the system in accordance with corporate policies.

**Qualifications**
- Bachelor: Computer Science, Computer Engineering, Business Computer or Related
- Minimum 0-5 Years of work experience in security role include security policy development, security architecture, security analyst, penetration testing, risk analysis, compliance testing, and related roles
- Experience with the most well-known cloud vendors (Amazon Web Service, Azure, Google Cloud Platform)
- Experience with developing IT security metrics to facilitate compliance with requirements, industry standards, and guidelines
- Familiarity with the Software Development Lifecycle (SDLC) and how to implement security into the process properly
- Working experience as a solution/system architect or similar roles
- Extensive hands-on knowledge of key management and identity & access management best practices, procedures, and software solutions