Responsibilities
- Security Monitoring: Monitor and analyze security events (SIEM) to detect and respond to potential threats or unauthorized access.
- Infrastructure & Defense: Manage and configure security solutions, including Firewalls, VPNs, IDS/IPS, Endpoint Protection (EDR), and WAF.
- Vulnerability Management: Perform regular vulnerability assessments (VA) and coordinate with the IT team for patching and remediation.
- Policy & Governance: Develop and maintain Information Security Policies and Procedures in alignment with frameworks like ISO 27001 or NIST.
- Compliance: Ensure the company's systems comply with regulatory requirements, specifically PDPA (Thailand) and Bank of Thailand (BoT) IT guidelines.
- Incident Response: Act as a key member of the Incident Response Team to contain, investigate, and recover from security breaches.
- Business Continuity: Assist in the development and testing of the Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP).
- Security Awareness: Conduct training sessions to educate employees on cybersecurity best practices and phishing prevention.
QualificationsEducation & Experience
- Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Experience: Proven experience in IT Security, Network Security, or System Administration within a corporate environment.
- Technical Skills: * Strong understanding of TCP/IP, Routing, and Switching.
- Familiarity with Cloud Security (AWS/Azure) and Hybrid architectures.
- Knowledge of Encryption, Identity & Access Management (IAM), and Data Loss Prevention (DLP).
- Certifications (If any):Security+, CEH, CISSP, CISA, or related technical certifications.
- Soft Skills: Analytical mindset, strong problem-solving skills, and the ability to work under pressure.
