Key Responsibilities:
- Identity Strategy & Lifecycle: Lead the end-to-end Identity Lifecycle, Management (Joiner, Mover, Leaver) across a complex environment of legacy systems, cloud-native infrastructures, and Super App microservices.
- AI & Automation Pioneering: Drive the implementation of AI/ML for Identity Governance, including Smart Access Certifications, Role Mining, and Predictive Analytics to detect toxic combinations of access or anomalous behavior.
- Next-Gen IGA Operations: Manage and optimize enterprise-grade IGA solutions (e.g., SailPoint, Saviynt, or One Identity) to automate workflows, reduce manual intervention, and enhance user experience.
- Access Governance & Compliance: Define and enforce Segregation of Duties (SoD), Least Privilege, and Privileged Access Management (PAM) policies in alignment with SEC (กลต.) and ITMX regulations.
- Frictionless Security: Collaborate with DevOps and Product teams to integrate IGA into the CI/CD pipeline, ensuring secure access for developers and automated identity hooks for our Super App features.
- Audit Readiness: Act as the primary point of contact for identity-related audits, leveraging automation to provide real-time compliance reporting and evidence.
Qualifications & Requirements:
- Bachelor's or Master's degree in Computer Engineering, Cybersecurity, or a related field.
- Experience 2–3 years of dedicated experience in Identity & Access Management (IAM/IGA), preferably within the Financial Services Infrastructure (FSI), FinTech, or large-scale Brokerage firms.
- Proven track record in deploying or managing industry-standard IGA platforms such as SailPoint IdentityIQ/Predictive Identity, Saviynt, or IBM Security Verify.
- Strong competency in Security Automation (Python, PowerShell, or API Orchestration) and a clear vision for applying Generative AI or Machine Learning to streamline governance tasks.
- Deep understanding of NIST, ISO 27001, and local Thai regulatory requirements (SEC/BOT) regarding logical access and data privacy.
- Familiarity with Cloud security (AWS/Azure/GCP), OAuth2, OIDC, and managing identities within a high-scale Microservices architecture.
- Fluent in English and Thai with the ability to articulate complex security risks to non-technical stakeholders and executive leadership.
