What Jobs are available for Information Security in Thailand?

Key Responsibilities

• Gather and analyze business and technical requirements to design and improve IAM processes.
• Manage user account lifecycle, including onboarding, offboarding, RBAC, and access governance.
• Translate business needs into effective IAM solutions and system designs.
• Collaborate with cross-functional teams to define functional requirements and deliver IAM initiatives.
• Support IAM tools, including identity provisioning, governance, and PAM solutions.
• Lead and contribute to IAM-related projects, ensuring successful delivery and compliance with security policies.
• Identify risks, gaps, and issues, providing effective solutions and recommendations.
• Monitor service performance, support incident/problem management, and participate in on-call rotations.
• Ensure audit readiness and maintain required IAM documentation.
• Drive improvements in IAM governance, lifecycle workflows, and key management controls.
• Promote secure access control practices across the organization.

Skills & Prerequisites

• A positive, proactive mindset with strong empathy and team collaboration skills.
• Bachelor's or Master's degree in Computer Engineering, Information Security, MIS, or a related field.
• Minimum of 3 years of experience in cybersecurity or IAM domains.
• Solid foundation in information security principles and best practices.
• Knowledge of international security frameworks and standards, such as COBIT, NIST 800 series, ISO/IEC 27001, PCI-DSS, and OWASP.
• Familiarity with end-to-end security architecture including network, platform, and application layers.
• Experience with application/system security controls, IAM risk assessments, and access governance.
• Strong skills in technical writing, documentation, process mapping, and visual communication.
• Ability to develop and execute a clear vision for IAM and security solutions.

Cyber Security Engineer

About the Role

We are seeking a skilled and motivated Cyber Security Engineer to join our team. You will be responsible for designing, implementing, and managing security solutions across cloud platforms, applications, and enterprise infrastructure. The ideal candidate will bring deep technical knowledge of cybersecurity technologies, proactive risk management, and the ability to align security initiatives with business goals.

Key Responsibilities

• Design, deploy, and maintain security solutions across cloud platforms (AWS, Azure, GCP).
• Implement and manage Web Application Firewalls (WAF) to protect applications and APIs from threats.
• Manage and enforce Identity and Access Management (IAM) policies, roles, and best practices.
• Secure corporate communications with Email Security platforms (anti-phishing, DLP, encryption).
• Deploy and manage Endpoint Detection & Response (EDR) tools to detect and mitigate threats.
• Develop, document, and enforce security standards, policies, and incident response playbooks.
• Collaborate with IT, cloud, and application teams to embed security into infrastructure and DevOps.
• Stay updated on the latest security threats, trends, and compliance regulations.

Qualifications

• Bachelor's degree in computer science, IT, Cybersecurity, or related field.
• 3–5 years of experience in cybersecurity engineering or operations.
• Strong knowledge of cloud security (AWS, Azure, or GCP).
• Hands-on experience with WAF solutions.
• Experience with IAM platforms (Azure AD, Okta, etc.).
• Knowledge of Email Security solutions.
• Proficiency with EDR tools.
• Familiarity with SIEM/SOC tools.
• Understanding of ISO27001, NIST, GDPR, PDPA, or other compliance standards.
• Strong problem-solving, analytical, and communication skills.

Preferred Skills

• Security certifications (CISSP, CISM, CISA, CEH, CCSP, or equivalent).
• Knowledge of scripting (Python, PowerShell, Bash) for automation.
• Experience in DevSecOps and CI/CD pipeline security.
• Background in penetration testing or ethical hacking.

Location: Krungthep Kreetha

Website:

Job Scope:

• Lead the deployment, configuration, tuning, and maintenance of SIEM and SOAR platforms for effective threat detection and response.
• Develop and optimize detection use cases, correlation rules, alerts, enrichment strategies, response actions, and dashboards based on threat intelligence and business requirements.
• Integrate diverse security telemetry sources (endpoint, network, cloud, identity, etc.) into SIEM, SOAR, EDR platforms, threat intelligence feeds, notification and ticketing systems to support automation.
• Continuously evaluate and improve SOAR playbooks to ensure scalability and reduce false positives.
• Automate routine response actions using SOAR tools to reduce manual effort and improve mean time to detect (MTTD) and mean time to respond (MTTR).
• Perform proactive threat hunting using SIEM, SOAR, and EDR data to detect advanced persistent threats (APTs) and insider threats.
• Provide mentorship and technical guidance to Security Operations Center (SOC) team members to enhance detection capabilities.
• Collaborate with IT, Infrastructure, DevOps, and application teams to ensure comprehensive and accurate security telemetry.
• Support compliance and audit requirements by generating reports and providing evidence of security monitoring activities.
• Evaluate emerging SIEM and SOAR technologies to enhance the organization's security monitoring capabilities.
• Document detection methodologies, incident handling procedures, and operational workflows.
• Communicate effectively with internal stakeholders and external clients to build strong relationships and ensure successful outcomes.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Minimum 5 years of experience in cybersecurity roles, with a focus on SIEM, SOAR, XDR, or related security monitoring tools.
• Proven hands-on experience with leading SIEM platforms such as Google SecOps, Splunk, Microsoft Sentinel, or equivalents.
• Proficiency with security technologies including EDR, SIEM, SOAR, IDS/IPS, and firewalls, Cloud-native security solutions(AWS, Azure, GCP) including their integration.
• Strong understanding of network protocols, endpoint security, cloud security, and identity/access management principles.
• Familiarity with scripting or programming languages such as YARA-L 2.0, PowerShell, Python or similar for automation and data processing.
• Deep understanding of the incident response lifecycle and threat intelligence utilization.
• Strong analytical and problem-solving abilities, with attention to detail.
• Excellent communication skills and ability to work collaboratively in cross-functional teams.

Technology Consulting - Cyber Security (Senior Manager)

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

The Opportunity

You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cyber-crime.

Your key responsibilities

This is a role where no two days are the same – so you'll find yourself taking on plenty of new responsibilities as you go. You'll work alongside clients and colleagues, balancing your time between developing security strategies, advising stakeholders, providing workshops and supporting business development. If you're flexible and ready to adapt to a constantly changing environment, there's no better place to develop your skills.

Skills and attributes for success

• Equipped with security knowledge and done related projects in technical IT domains such as operating systems, networks, databases, cloud or solution development etc.
• Possess knowledge in assessing solution architectures at the planning and design level for security issues and vulnerabilities.
• Experience in practical security vulnerability remediation.
• Information Security domains - in particular one or more of the following: Cyber Program Management, Cyber Threat Management, Identity & Access Management, Data Protection, Privacy, Organisational Resilience. This experience should include both advisory, implementation and operation experience.
• Strong technical security skills in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps).
• Implementation skill set for identity and access management platforms, security information and event management platforms, security automation and orchestration platforms, advance threat detection systems, endpoint protection systems, data leak prevention systems or network security devices.

To qualify for the role you must have

• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent
• Experience with a leading Security technology like Microsoft Security, Crowdstrike, Splunk and others would be a strong advantage

• Creative, independent with good problem solving skills

• Excellent communicator with strong analytical, interpersonal and writing skills

• Candidates with minimum 10-15 years of relevant experience, including managing a team, will be considered for a Leadership role

Ideally, you'll also have

• Industry related certification preferred (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF, ITIL).
• Solution Level Certifications, OSCP, CREST, GIAC would be advantageous, as well as penetration testing experience.

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you'll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.

What we offer

EY offers a competitive remuneration package where you'll be rewarded for your individual and team performance. We are committed to being an inclusive employer. Plus, we offer:

• Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It's yours to build.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

Job Description

Job description;

• Maintain security surveillance systems to prevent and detect cybercrime threat and to increase effective, efficiency of security surveillance e.g. SIEM (Splunk), ATP, and etc.
• Monitor, review and analyze Daily Security Surveillance including all external and internal intrusion logs
• Regularly conduct vulnerability assessment of the Bank's systems, network and sub-systems, generate report, and coordinate with related parties to resolve the valid vulnerability.
• Execute Information Security Incident Response process; work with various parties to perform investigative steps to confirm security incident.
• Support IT security operation Bank wide projects
• Maintain IT security operation network diagram. Ensure it is always up-to-date
• BCP & DRP coordination – in term of IT security surveillance
• Ensure Audit, Risk & Compliance Management
• Coordinate with other functions in relation to information technology security
• Learn and promote Bank's security awareness

Qualification;

• Bachelor's in Computer Science or Computer Engineering
• Minimum of 5 years progressive experience working in information technology or related fields with at least 3 years of direct, hands on experience in information security and control
• Well versed in security concepts including but not limited to networking security, perimeter protection, intrusion detection/prevention in depth, incident handling and response, vulnerability assessments, penetration testing, and system, and sub-system security
• Analysis experience with various system platforms
• Technical skill especially IT Security tools e.g. SIEM, IPS, Proxy web filtering, Advance Threat Protection
• Able to work at UOB Phetkasem (MRT Phasicharoen)

หมายเหตุ : ธนาคารมีความจำเป็นจะต้องดำเนินตรวจสอบและเก็บข้อมูลประวัติอาชญากรรมของผู้สมัครในตำแหน่งงานนี้เพื่อตรวจสอบคุณสมบัติหรือลักษณะต้องห้ามตามนโยบายของธนาคาร

Remark:The Bank requires the checking and collection of criminal records for candidates of this position in order to verify qualifications and/or disqualifications for the job position in accordance with the Bank's policy.

Additional Requirements

Be a Part of the UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a Difference

About UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values – Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

Job Description
Job description;

• Maintain security surveillance systems to prevent and detect cybercrime threat and to increase effective, efficiency of security surveillance e.g. SIEM (Splunk), ATP, and etc.
• Monitor, review and analyze Daily Security Surveillance including all external and internal intrusion logs
• Regularly conduct vulnerability assessment of the Bank's systems, network and sub-systems, generate report, and coordinate with related parties to resolve the valid vulnerability.
• Execute Information Security Incident Response process; work with various parties to perform investigative steps to confirm security incident.
• Support IT security operation Bank wide projects
• Maintain IT security operation network diagram. Ensure it is always up-to-date
• BCP & DRP coordination – in term of IT security surveillance
• Ensure Audit, Risk & Compliance Management
• Coordinate with other functions in relation to information technology security
• Learn and promote Bank's security awareness

Qualification;

• Bachelor's in Computer Science or Computer Engineering
• Minimum of 5 years progressive experience working in information technology or related fields with at least 3 years of direct, hands on experience in information security and control
• Well versed in security concepts including but not limited to networking security, perimeter protection, intrusion detection/prevention in depth, incident handling and response, vulnerability assessments, penetration testing, and system, and sub-system security
• Analysis experience with various system platforms
• Technical skill especially IT Security tools e.g. SIEM, IPS, Proxy web filtering, Advance Threat Protection
• Able to work at UOB Phetkasem (MRT Phasicharoen)

หมายเหตุ :
ธนาคารมีความจำเป็นจะต้องดำเนินตรวจสอบและเก็บข้อมูลประวัติอาชญากรรมของผู้สมัครในตำแหน่งงานนี้เพื่อตรวจสอบคุณสมบัติหรือลักษณะต้องห้ามตามนโยบายของธนาคาร

Remark:
The Bank requires the checking and collection of criminal records for candidates of this position in order to verify qualifications and/or disqualifications for the job position in accordance with the Bank's policy.

Additional Requirements
Be a Part of the UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a Difference

Job Description – Thailand –Consultant (Risk & Safety)
ERM is seeking a self-motivated Safety & Risk Consultant to join our Thailand office. In this role, you will work closely with Managing and Principal Consultants on risk management projects involving risk analysis, modeling, calculations, and other studies. This is an excellent career opportunity to work with an expert consulting team on challenging safety and risk projects for large global clients. Access to ERM's national risk management experts provide knowledge sharing of best practices across the industry and ongoing learning opportunities for our team.

RESPONSIBILITIES:

• Provide technical assistance on safety and risk projects involving risk analysis, modeling, calculations, and other studies.

• Perform technically sound analysis based on reasoned argument and defensible data/information. Typical analysis and studies include:

• Quantitative Risk Analysis (QRA) models using Excel spreadsheets

• Risk calculations (e.g., probability of unfortunate events occurring)
• Non-flammable hazard analysis
• Escape, Temporary Refuge, Evacuation and Rescue Analysis (ETRERA) for offshore facilities
• Safety Critical Element/Systems Analysis
• Pipeline risk assessments
• Cost/benefit analysis
• Safety integrity level (SIL) studies
• Participate in safety workshops (i.e., HAZIDS, HAZOPS, ALARP), including workshop preparation, scribe, and client reporting.
• Attend client meeting and preparation of proposal.
• Prepare safety cases, including facility descriptions, safety management system descriptions, and formal safety assessment summaries.
• Prepare reports with clear diagrams and explained analysis and calculations.
• Perform project within scope/budget/schedule expectations and ensure quality standards on project deliverables.
• Support ERM Partners-in-Charge and Project Managers to effectively manage projects.

Mandatory roles

• Delivering other small/ discrete projects and/ elements of larger projects
• Building effective working relationships within Business Unit and across practice area and also clients
• Work within quality/budget/schedule expectations and scope-specific assignments.
• Support ERM Partners-in-Charge and Project Managers to effectively manage projects.
• Work collaboratively and effectively with clients, ERM employees, and vendors.
• Stay knowledgeable of trends in the field.

REQUIREMENTS:

• Bachelor's degree in chemical engineering or technical safety engineering.
• 4-8 years of relevant experience and projects under a variety of local, regional and national regulatory standards.
• Possess strong written, verbal communication and data presentation skills in English.
• Strong commitment to safety, including following established Health and Safety protocols.
• Ability to multi-task, maintain flexibility, travel, and work independently with minimal supervision

We are looking for a DPO Manager to lead our Data Protection and Privacy program in line with Thailand's PDPA and international standards. This role will be the key contact for the PDPC and data subjects, ensuring that customer data is handled securely, lawfully, and transparently. The DPO will embed privacy into every business process, manage vendor compliance, and drive awareness across the organization.

• Develop, implement, and maintain data protection policies to ensure full compliance with PDPA and relevant regulations.
• Oversee Data Subject Rights (DSAR) handling, including identity verification, logging, and responding to requests.
• Maintain and update Records of Processing Activities (RoPA), Data Inventories, DPIAs, LIAs, vendor registers, and retention schedules.
• Advise management, staff, and partners on lawful data use, consent, retention, security, and compliance practices.
• Ensure Data Processing Agreements (DPA) are in place with third parties and sub-processors.
• Act as the primary liaison with PDPC on incidents, complaints, investigations, and audits.
• Conduct training and awareness programs on PDPA and data privacy for all employees.

What we're looking for

• Bachelor's degree or higher in Law, IT, Business Administration, or related fields.
• Minimum 5–7 years of experience in data protection, compliance, legal, risk, audit, or IT governance.
• Strong knowledge of PDPA and familiarity with international frameworks such as GDPR.
• Experience managing sensitive data, incidents, or regulatory interactions.
• Excellent communication, advisory, and stakeholder management skills.
• Ability to work independently and manage confidential matters with discretion.

What we offer

At AIS, we are committed to providing our employees with a rewarding and fulfilling work environment. Some of the benefits you can enjoy include:

• Competitive salary and performance-based bonuses
• Comprehensive health and wellness benefits
• Opportunities for professional development and career advancement
• Access to company discounts and exclusive employee perks

If you're ready to embark on an exciting career in the dynamic world of Digital Banking, we encourage you to apply now