81 Information Security jobs in Thailand

Working Hour : Monday to Friday, 8:30 – 17:00

Responsibilities:

• Design, implement, and maintain secure enterprise network infrastructure (LAN, WAN, VPN, WLAN).
• Deploy, configure, and manage Next-Generation Firewalls (e.g., Palo Alto, Fortinet).
• Monitor network performance and troubleshoot complex network/security issues.
• Implement and maintain network segmentation, security policies, and IDS/IPS systems.
• Lead or support network-related projects (e.g., data center migration, office relocation, cloud integration).
• Conduct network risk assessments and vulnerability scans (optional).
• Create and maintain documentation (e.g., network diagrams, change logs, configuration files).
• Ensure compliance with IT security policies, standards, and best practices.

Requirements:

• Bachelor's degree in Computer Science, IT, or related field.
• English as communication (Intermediate)level
• 2–5 years of experience in network engineering and security.
• Strong understanding of TCP/IP, routing protocols (Static, OSPF, BGP), and switching technologies (VLAN, STP).
• Proven experience with NGFW platforms (e.g., Palo Alto Networks, FortiGate).
• Hands-on experience with VPNs (IPSec, SSL) and network segmentation.

All applications will be treated in strict confidence. All material submitted in connection with your application will become part of our confidential recruitment files. We regret that only shortlisted candidates will be notified.

By submitting your curriculum vitae or personal data to us in connection with your job application, you are deemed to have read and agreed to the terms of our Privacy Policy, and consented to the collection, use and disclosure of your personal data by us and our affiliates, in accordance with our Privacy Policy. Please visit for a copy of our Privacy Policy. If you wish to withdraw your consent, please drop us an email to let us know.

***

Job Description

• Act as the primary liaison between the company and the client, coordinating with internal teams to achieve agreed SLAs.
• Plan and manage Network & Security Operation activities in collaboration with the Site Manager.
• Oversee Service Request, Incident Management, and Problem Management in compliance with ITIL 4.0 and SLA requirements.
• Analyze, design, and supervise Network & Security operations aligned with industry standards or best practices.
• Provide guidance to Junior Network & Security Operation Engineers on Process and Technology.
• Ensure service delivery quality complies with ISO/IEC 27001, PCI-DSS 4.0, and BOT regulations.
• Coordinate 24×7 emergency incident handling and prepare Post-Incident Reports with improvement recommendations.

Qualification

• Bachelor's degree or higher in Computer Engineering, Information Technology, Computer Science, or related field.
• Minimum of 5 years in Network & Security Operation with at least 3 years in a senior-level role.
• Understand and apply the knowledge of Network Infrastructure, Security Technology, and Public Cloud (Huawei Cloud, Google Cloud Platform).
• Experience in key network security technologies such as: NGFW, Proxy, CWAAP, WAF (Not required to have all, but should possess core expertise in some and be able to apply effectively)
• Solid understanding of ITIL 4.0 and IT Service Management principles.
• Strong customer service orientation (Service Mind) and high responsibility for completing assigned tasks (Sense of Ownership).
• Certifications in IT/Service Management (e.g., ITIL, ISO/IEC 2000, COBIT) are preferred.

The Senior Information Security Governance Consultant will work closely across business channels to identify and assess security risks, gaps in the application of policies and standards, and weaknesses in processes, and take lead role in managing them. The Senior Information Security Consultant will work closely with the wider team to deliver a number of group wide security improvement initiatives.

Job Scopes:

• Implement security policies, standards, procedures, and guidelines for the organization in compliance with ISO27001
• Provide consultation to local teams to ensure that locally implemented technology solutions meet the AXA security standards, government rules and regulations.
• Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards.
• Support regional audit, financial audit , ITSP audit and follow-up the remediation of findings.
• Ensure that Krungthai-AXA environment including staff comply with AXA Security Standards and local regulations related to Information Security
• Monitors compliance with the organization's security policies and procedures among employees, contractors, alliances and other third parties and takes corrective action.
• Plan and coordinate Disaster Recovery testing.
• Develop security policies, standards, procedures and guidelines in compliance in ISO 27001.
• Implement security controls to Krungthai-AXA and AXA-Tech to achieve ISO27001 certification.
• Provide consultation to business units and IT team to operate in compliance with ISO27001.

Job Qualification:

• 7-10 years' experience in information security management, information risk management security tool implementation and/or IT Security Operations
• In-depth knowledge of Security Standards, such as ISO27001 and experience in their implementation
• Advanced knowledge of information risk management, business protection systems,  and technology associated with information security
• CISSP, CISM, CISA, CRISC, GIAC and/or CEH certifications preferred
• Computer literacy, good in using Microsoft Office and Microsoft Visio.
• Good command of written and spoken English.
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executive).
• Logical & systematic approach to problem solving
• Experience in Disaster Recover Management, including backup and recovery processes

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

A career in our Threat, Intelligence and Vulnerability Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You'll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

Our team helps organisations to rapidly and effectively respond to threats against potential security incidents by helping to detect, respond to, investigate, and remediate threats across the incident management life cycle.

• Perform technical security assessments, such as penetration testing, source code review, and security system configuration testing on various cyber assets, such as websites, mobile application, networks and IoT
• Articulate and present security vulnerabilities clearly in both written and verbal reports to clients.
• Develop tools or scripts as necessary to create proof-of-concepts in challenging engagements.
• Conduct security research to discover critical hidden vulnerabilities and interpret results from common security tools.
• Complete client engagements effectively and efficiently.

Preferred skills

• Bachelor's degree in Computer Engineering, Computer Science, Information Systems or a related field. A Master's degree is a plus
• Have  knowledge of industry standard classification schemes, such as NIST, ISO27000, and PCI DSS.
• Be able to conduct and simulate manual penetration tests.
• Be able to code at least in one scripting language such as SQL, C +, JavaScript, Ruby, or Python.
• Have demonstrated leadership, problem solving, and verbal and written communication skills. You need to be able to communicate clearly in both Thai and English.
• Have proven analytical, decision-making, and presentation skills.
• Have a high level of MS Office proficiency.
• Be able to adapt and learn new things.
• Be able to prioritize tasks, work on multiple assignments, and manage ambiguity.
• Be able to work both independently and as part of a team with professionals at all levels
• Offensive Security Certified Professional OSCP certifications are beneficial but not required.

Responsibilities :

·    Ensuring information security compliance with external and internal requirements and mitigating risk commensurate with the organization's risk tolerance.

·    Provide/Develop awareness activities including analytics and support to internal function.

·    Develop and report monthly and metrics to management on regularly basis for Information Security Risk.

·    Ensures and support that the organization's leadership, staff, policies, processes, practices, and technologies provide ongoing maturity measurement related cybersecurity and all information security activities.

Qualifications :

·    Bachelor's degree in computer engineering, Computer Science, Information Security or IT related field.

· years of experience in cybersecurity, information security or risk management or related field.

·    Experience with GRC or Information security tools, data analytic and some programming skill, etc.

·    Knowledge of common information security management frameworks, such as ISO/IEC 27001, ISO 27799.

Location :Samitivej Srinakarin Hospital or Bangkok Hospital

Responsibilities :

•Establish a plan and execution of information security operations and projects that align with bank policy and strategy.

•Develop and maintaining roadmaps for vulnerability management programs and co-op with related parties to close the gaps.

•Work with internal stakeholders across the business to identify, assess, report, track, and remediate risks and support the development of risk mitigation strategies.

•Own, maintain, and update information security document e.g., guideline, baseline, internal processes.

•Take a part in groups or project to ensure the solution are in line with security.

•Ensure all security operation in compliance in Bank policy or ISO27001 and implemented.

• Actively work closely with 2nd line department or business partner to identify and mitigate risk in an acceptable level.

•Proactive maintain and report responsible team KPIs.

•Provide risk base advice or support that align with IT and related department.

Qualification :

•Bachelor's degree in computer engineering, Computer Science, Information Technology, or any related fields.

•At least 7 years' experience in Information Security or related fields.

•Demonstrated experience in team and project management.

•Experience leading in vulnerability management and mitigation solution.

•Professional certifications such as CISSP, CISM, CISA would be an advantage.

•Good communication and presentation skill

•Proven in depth knowledge of technical skills in information security.

• Excellent in communication and presentation skill.

We are seeking a Cybersecurity Solution Consultant to join our team and support enterprise clients in designing and implementing effective cybersecurity solutions. The ideal candidate will possess strong technical knowledge, excellent communication skills, and the ability to translate complex security concepts into business value.

• Collaborate with sales teams to understand customer requirements and propose tailored cybersecurity solutions.
• Design and present solution architectures involving technologies such as Firewall, EDR, SIEM, IAM, DLP, and Cloud Security.
• Conduct product demonstrations, Proof of Concept (POC), and technical workshops for clients.
• Analyze customer environments to identify security gaps and recommend mitigation strategies.
• Respond to technical sections of RFPs/RFIs and assist in proposal development.
• Stay updated on cybersecurity trends, threats, and emerging technologies.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum 2 years of experience in presales, technical consulting, or cybersecurity engineering.
• Solid understanding of network security, endpoint protection, cloud security, and identity management.
• Strong presentation and communication skills, both verbal and written.
• Relevant certifications such as CEH, CISSP, CCSP, Security+, or vendor-specific (e.g., Palo Alto, Fortinet NSE) are a plus.

"Work Where Wow, Happens Every Day"

Become Our: Advanced IT Security Engineer/ Architect

Why You'll Love Being Part of Our Team:

Join KBTG – where innovation drives impact With a purposeful mission, collaborative spirit, and a positive attitude, we create fintech solutions that empower. Be part of the future

How You'll Make An Impact

• Define and maintain the Bank's cybersecurity strategy, roadmap, and enterprise security architecture, including IT security requirements and standards.
• Establish security frameworks for emerging technologies such as cloud computing, biometrics, and DevSecOps integration in the software development lifecycle.
• Provide security advisory and risk assessments for internal projects and third-party systems, identifying policy non-compliance and managing exceptions.
• Conduct reviews and testing of information security controls, including pre-production application assessments and critical system testing.
• Evaluate, select, and implement security solutions and maintain up-to-date security standards for the Bank's information technologies.

What Will Set You Up For Success

• A bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field is required
• Minimum of 5 years' experience in cybersecurity, including hands-on work in defining security strategies, conducting risk assessments, implementing security frameworks, and managing enterprise security architecture.
• Skilled in SIEM, vulnerability scanning, cloud security, DevSecOps tools, and IAM systems.
• Drive practically with passion.
• Innovate to beat the best and adapt to change.
• Strong teamwork and open communication.
• Proactive, resilient, and optimistic mindset.

Embracing IDEA (Inclusion, Diversity, Equity, and Accessibility)

At KBTG, diversity fuels innovation. We embrace different perspectives, foster an inclusive culture, and create opportunities for growth. Be yourself, make an impact, and grow with us. Join us.

Rewards That Go Beyond the Paycheck

• Hybrid Working – Balance office collaboration and remote flexibility.
• Competitive Provident Fund – Secure your future with high contributions.
• Financial Wellness – Expert support and tools for managing finances, including home loans.
• Comprehensive Health Coverage – Enjoy peace of mind with top-tier health insurance and annual health check-ups for you, your spouse, and your children.
• Flexible Benefits – Customize your perks with generous policies, including support for work-from-home equipment, wellness, and more.
• Wellness & Comfort – Recharge in our Nap Room, enjoy occasional massages, and access mental wellness support via Occa.
• Business Travel & Commuting Support – Enjoy Grab for Business rides and other travel perks for professional journey with ease and convenience.
• Continuous Learning – Access Udemy, Coursera, and top training programs.
• K Point Reward – Earn points and enjoy exciting rewards as you grow with us.

Location: Krungthep Kreetha

Website:

Job Scope:

• Lead the deployment, configuration, tuning, and maintenance of SIEM and SOAR platforms for effective threat detection and response.
• Develop and optimize detection use cases, correlation rules, alerts, enrichment strategies, response actions, and dashboards based on threat intelligence and business requirements.
• Integrate diverse security telemetry sources (endpoint, network, cloud, identity, etc.) into SIEM, SOAR, EDR platforms, threat intelligence feeds, notification and ticketing systems to support automation.
• Continuously evaluate and improve SOAR playbooks to ensure scalability and reduce false positives.
• Automate routine response actions using SOAR tools to reduce manual effort and improve mean time to detect (MTTD) and mean time to respond (MTTR).
• Perform proactive threat hunting using SIEM, SOAR, and EDR data to detect advanced persistent threats (APTs) and insider threats.
• Provide mentorship and technical guidance to Security Operations Center (SOC) team members to enhance detection capabilities.
• Collaborate with IT, Infrastructure, DevOps, and application teams to ensure comprehensive and accurate security telemetry.
• Support compliance and audit requirements by generating reports and providing evidence of security monitoring activities.
• Evaluate emerging SIEM and SOAR technologies to enhance the organization's security monitoring capabilities.
• Document detection methodologies, incident handling procedures, and operational workflows.
• Communicate effectively with internal stakeholders and external clients to build strong relationships and ensure successful outcomes.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Minimum 5 years of experience in cybersecurity roles, with a focus on SIEM, SOAR, XDR, or related security monitoring tools.
• Proven hands-on experience with leading SIEM platforms such as Google SecOps, Splunk, Microsoft Sentinel, or equivalents.
• Proficiency with security technologies including EDR, SIEM, SOAR, IDS/IPS, and firewalls, Cloud-native security solutions(AWS, Azure, GCP) including their integration.
• Strong understanding of network protocols, endpoint security, cloud security, and identity/access management principles.
• Familiarity with scripting or programming languages such as YARA-L 2.0, PowerShell, Python or similar for automation and data processing.
• Deep understanding of the incident response lifecycle and threat intelligence utilization.
• Strong analytical and problem-solving abilities, with attention to detail.
• Excellent communication skills and ability to work collaboratively in cross-functional teams.