5 Cybersecurity Specialists jobs in Thailand

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

To better reflect this, ‘The exceptional EY experience. It’s yours to build.’ is our new promise to our people.

**The opportunity**

EY is committed to doing its part in building a better working world. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

Cybersecurity Team Provide end-to-end services to secure digital infrastructure and data, including strategy design and implementation, vulnerability testing, compliance, assurance, and operational management

**Your key responsibilities**
- Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.)
- Work on IT security design, analysis and implementation of security protection solution.
- Evaluate and analyze threat, vulnerability, system weakness, impact and risk to security issues discovered from security assessments like Vulnerability Assessment (VA), Penetration Testing (PenTest), etc.
- Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
- Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).

**Skills and attributes for success**

**To qualify for the role you must have**
- Bachelor's degree or Master’s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields. **New graduated are also welcome!**:

- Familiar with leading IT security processes and tools.
- Highly proficient in both English and Thai with good written and oral communication and analytical skills.

**Ideally, you’ll also have**
- Having experience in project planning and management will be a plus.
- Professional experience in such areas as IT security management design and implementation, IT security assessment and IT technical background will be a plus
- Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered
- Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design)
- Experience in Emerging Technologies (i.e. Cloud Computering, Blockchain, Big Data, A.I./M.L.)

**What we look for**

We’re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

**What we offer**

We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
- **Continuous learning**: You’ll develop the mindset and skills to navigate whatever comes next.
- ** Success as defined by you**: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- ** Transformative leadership**:We’ll give you the insights, coaching and confidence to be the leader the world needs.
- ** Diverse and inclusive culture**: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

**If you can demonstrate that you meet the criteria above, please contact us as soon as possible.**

**The exceptional EY experience. It’s yours to build.**

**EY | Building a better working world**

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and h

**Nice to know**:
**Your Day at Allianz Ayudhya***:

- Perform and consult Business Owner and stakeholders as the Subject Matter Expert for all risks assessments related including Cloud IT Risk Assessment for consumed cloud-services, 3rd Party/Outsourcing Security Risk Assessment, Application Risk Assessment
- Support the Information Risk Owners to systematically identify, assess, monitor and steer Information Security Risks
- Identify weak controls and create, align, and monitor plans to close control weaknesses
- Monitor Information Security risks along the Information Security Risk Management (ISRM) framework in accordance with the overall Information Risk Management Process
- Manage, track, and supervise closure of opened risk or appropriate extension of risk acceptances
- Escalate systematic control shortcoming to ISO, Group and service provider
- Develop information security risk culture and awareness of local stakeholders
- Review the financial quantification of Cyber Risk and cooperate with Company Top Risk Assessment process
- Align and adopt the Cyber Risk Management strategy
- Ensure communication of applicable corporate rules and Information Security relevant information regularly
- Ensure implementation of Information Security related requirements deriving from Corporate Rules
- Other security related matters upon assignments
- In respect to these responsibilities the information security team must have a local reporting line (e.g. by regular information meetings, reports) to the ISO

**Must Have**:

- Bachelor or Master Degree in related field
- Professional experience in Information Security field for 5 years
- ISO27001 / NIST Framework
- CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional) is an advantage

**Nice to Have***:

- Statistical report and systematic thinking
- Technical & professional skills and qualities
- Knowledge and skills in the areas of risk and information systems control
- Knowledge and skills in the areas of cloud services and cloud security framework
- Project planning and monitoring
- Consulting Skills
- Good English communication skills are required
- Let’s care for tomorrow. For a career with plenty of room to grow. Care to join us?_

**Nice to know**:
**Your Day at Allianz Ayudhya***:

- Perform a self-assessment to check the level of compliance with the requirements of the GISF and the compliance with any applicable laws and regulations at least on an annual basis.
- Prepare the Compliance Report for GISF for the ISO
- Define and enable the Companies specific action plans to attain and maintain compliance to minimum requirements, security standards and Operation Entities (OE) specific requirements
- Advise the ISO in all information security related issues, regularly report about the information security status to the ISO
- Immediately escalate to ISO identified breach of the requirements from the GISF
- Liaise with and report to the ISO
- Communicate applicable corporate rules relevant to Information Security in coordination with the ISO
- Plan and monitor local Information Security project portfolio to fulfil local GISF and regulatory requirements
- Other security related matters upon assignments
- In respect to these responsibilities the information security team must have a local reporting line (e.g. by regular information meetings, reports) to the ISO

**Must Have**:

- Bachelor or Master Degree in related field
- Professional experience in Information Security field for 3 - 5 years
- ISO27001 / NIST Framework
- CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional) is an advantage

**Nice to Have***:

- Statistical report and systematic thinking
- Technical & professional skills and qualities
- Project planning and monitoring
- Consulting Skills
- Good English communication skills are required
- Let’s care for tomorrow. For a career with plenty of room to grow. Care to join us?_

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Information Security Governance, Risk and Compliance (GRC) Specialist is a seasoned subject matter expert, responsible for supporting the organization's information security program by assessing risks, implementing security controls, ensuring compliance, managing security awareness initiatives, and contributing to policy development.
This role collaborates with internal teams to enhance security practices and maintain a strong security posture.
**Key responsibilities:**
+ Assists in conducting risk assessments and vulnerability assessments.
+ Contributes to the development and maintenance of security policies and procedures.
+ Collaborates with internal stakeholders to ensure compliance with industry standards and regulations.
+ Participates in security awareness and training initiatives.
+ Supports incident response activities and investigations as required.
+ Monitors and reports on security compliance metrics.
+ Assists in the implementation of security controls and best practices.
+ Stays updated with emerging security threats and trends.
+ Performs any other related task as required.
**To thrive in this role, you need to have:**
+ Seasoned familiarity with information security frameworks and standards.
+ Seasoned understanding of risk assessment methodologies, compliance, and policy development.
+ Strong communication and interpersonal skills for effective collaboration.
+ Strong attention to detail and ability to follow established processes.
+ Seasoned project management skills for coordinating security initiatives.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology or Computer Science degree or related field.
+ Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
+ Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable.
**Required experience:**
+ Seasoned experience in information security or related roles.
+ Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial.
**Workplace type** **:**
On-site Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.