Design, develop, and maintain the organization's cybersecurity architecture to ensure secure, resilient, and scalable systems.
Define and enforce security standards, frameworks, and reference architectures for applications, networks, cloud, and infrastructure.
Conduct security architecture reviews of new systems, applications, and technology initiatives, ensuring alignment with business and regulatory requirements.
Collaborate with IT, Engineering, and Product teams to integrate security by design into all technology projects.
Evaluate emerging technologies, security tools, and industry best practices to strengthen the bank's security posture.
Perform threat modeling and risk assessments to identify potential weaknesses in system design and architecture.
Provide technical guidance and recommendations on security solutions (e.g., IAM, encryption, network segmentation, endpoint protection, cloud security).
Ensure compliance with international standards and regulatory requirements (e.g., BOT, AMLO, NIST, ISO 27001, PCI-DSS, OWASP).
Act as a subject matter expert for security incidents, advising on containment and long-term remediation strategies.
Prepare and present architecture diagrams, security design documents, and risk analysis reports to stakeholders.
Qualifications:
Bachelor's or Master's degree in Computer Engineering, Computer Science, Information Security, or a related field.
Minimum 5 years of experience in cybersecurity architecture, information security, or related roles.
Strong knowledge of enterprise security architecture, network security, application security, and cloud security (AWS, Azure, or GCP).
Hands-on experience with security frameworks and standards (e.g., SABSA, NIST, ISO 27001, CIS Controls).
Understanding of threat modeling, risk analysis, and secure systems design.
Familiarity with modern security tools and platforms such as SIEM, IAM, DLP, WAF, and endpoint protection.
Excellent analytical and problem-solving skills, with the ability to balance security needs and business objectives.
Strong communication and presentation skills, able to explain complex security concepts to technical and non-technical audiences.
Fluency in Thai and English, both written and spoken.
Professional Certificated related to work e.g. (CISSP, CSSLP, CDPSE, OSCP, TOGAF) is desirable.
Your Skills:
Expertise in designing and reviewing secure architectures across applications, networks, cloud, and infrastructure.
Strong ability to apply security frameworks and threat modeling to guide technology decisions.
Proven track record in integrating security by design into projects and advising stakeholders effectively.
Collaborative mindset with IT, Engineering, and Risk teams to ensure consistent and effective security practices.
