289 IT Security jobs in Thailand

Job description

1. Security requirements (standards / patterns):

2. Support in surfacing recommended refinements to program-level security requirements as part of lower-level squad designs, and by incorporating enterprise standards, regulatory standards, program design principles & standards, and industry best practices.

3. Security assessments:

4. Support program (overall & squad-level) security assessments (e.g., Threat Modelling) to identify critical assets, potential security threats and vulnerabilities within the application and its infrastructure.

5. Security Controls Architecture design:

6. Support development of program's security controls architectures, focusing on requirements gathering, researching & analyzing appropriate controls, that encompasses network security, application security, data protection, and identity and access management. Establish security patterns to be adopted by the program

7. Security squad-level support:

8. Support squads in analyzing & recommending application of program-wide security controls and policies, including identifying specific security threat, analyzing solutions, & helping to ensure squad-level designs appropriately incorporate security requirements

9. Document security findings, recommendations, and remediation plans.

Skills / experience required

• Understanding of Security Principles: Strong foundation in the principles of security, including identity & access management, data security, cryptography, code security, infrastructure protection, etc.
• Experience with banking security architecture for major retail digital banking platforms and addressing the emerging threat landscape with suitable controls.
• Basic understanding & experience with Security Frameworks and Standards: Familiarity with security frameworks and standards such as NIST, ISO 27001, OWASP, and knowledge of banking regulations affecting application security.
• Knowledge of Network and Infrastructure Security: Understanding of network protocols, firewalls, VPNs, and other security measures that protect application infrastructure.
• Strong collaboration and communication skills given need for close working relationships with cross-functional squads

If you require more information, please contact K.Kamonporn Taisub Tel

Working Location :

1. Bangkok Bank Rama 3

2. Bangkok Bank Silom

T.D. Software Co.,Ltd. กำลังเปิดรับสมัครตำแหน่ง งานสัญญาจ้าง/ชั่วคราวSecurity Analyst ที่ เขต สาทร, กรุงเทพมหานคร สมัครเลยเพื่อเป็นส่วนหนึ่งของทีมเรา

สรุปงาน:

• มีเวลาการทำงานที่ยืดหยุ่น
• ต้องมีประสบการณ์มากกว่า 4 ปี ที่เกี่ยวข้องกับการทำงานตำแหน่งนี้
• เงินเดือนที่คาดหวัง: ฿70,000 ต่อ เดือน

IAM Security Analyst

Employment Condition: contract 12 months

Work Type: Hybrid

Responsibilities:

• Liaise with business application owners and system owners to implement Role Based Access Control (RBAC) project.
• Analyze the identity life cycle, articulating access requirements and defining identity & role-based access for applications.
• Follow documented framework, methods, and practices to deliver effective and efficient project and support ISO 27001.
• Follow up cybersecurity non-compliance issues.
• Prepare quality project status report and materials needed to facilitate critical decisions by the management.

Qualifications:

• 5+ years experiences in Cybersecurity and Identity and Access Management or other related fields in insurance, banking business, consulting, or other services industry.
• Experience in Identity and Access Management (IAM) and Role Based Access Control (RBAC) is preferable.
• Experience in ISO 27001 standard implementation
• Experience in cybersecurity awareness training program
• Good communication in English is a plus.

About Agoda

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

Our Purpose - Bridging the World Through Travel

We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.

We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone.

Get to Know our Team:

The Security Department oversees security, compliance, GRC, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees in order to keep Agoda safe and protected. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.

This role is a 11-month contract based in Bangkok, Thailand and the succeeded candidate will be assigned to the project.

The Opportunity:

You will be working with a diverse group of expert security professionals from different parts of the world, pooling in years of experience in securing software products and corporate environments.

In this Role, you'll get to:

• Help triage and track security findings, and collaborate with various teams to ensure timely remediation.
• Participate in code reviews, vulnerability assessments, and penetration testing under the guidance of senior analysts.
• Research and analyze the impact of security issues and help design strategies to minimize risk.
• Get hands-on experience with industry-standard security tools and platforms.
• Work with the team to understand how security integrates into CI/CD pipelines and modern cloud environments.

What you'll need to succeed:

• Bachelor's degree in IT or related fields
• Fresh graduates are welcome to apply. Preferably less than two years of experience.
• Familiar with basic programming
• Security and risk mindset
• Good English communication skill
• Ready to learn fast

It's Great if you have:

• Practical knowledge or experience in performing security assessments and vulnerability management
• Built some back-end applications and services.
• Familiarity with OWASP Top 10 and other security frameworks

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunity regardless of gender, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency's representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

About Upbit

Upbit is one of the world's largest and the most advanced digital asset exchanges founded in 2017. It is currently one of the biggest multinational FinTech companies operating in various countries, such as South Korea, Singapore, Indonesia and Thailand.

Role Summary

IT Security Analyst is responsible for delivering end-to-end IT Security Administration, IT Risk Management, being our threat intelligence to help Upbit build and run successful security programs.

Responsibilities:

• Manage network administration, access control, log monitoring, and vulnerability/penetration testing across products, services, and infrastructure.
• Support IT Risk Management.
• Develop, review, and maintain IT policies and standards for compliance.
• Enhance security based on regulation changes.
• Oversee security operations, compliance, awareness, and routine network design/operation reviews.
• Coordinate with SEC and other regulators.
• Supervise IT auditing.
• Monitor IT Security Policy and Standard effectiveness, staying updated on industry frameworks.
• Manage IT Asset Management and ensure internal compliance.
• Advise stakeholders on blockchain security innovation.
• Collaborate with developers on system updates.
• Work with software developers on source code and executives for requirements.
• Generate actionable findings from reviews.
• Create communication plans and provide IT security training.
• Manage security network devices and office access control.

Qualifications:

• Bachelor's or higher in IT, computer science, engineering, or information security.
• 1-3 years IT industry or relevant IT security/risk management experience.
• Strong programming knowledge, capable of code reviews.
• Solid understanding of IT security policy/regulations, concepts, and architectures.
• Knowledge of cryptography and its weaknesses.
• Strategic thinker, able to align IT security with regulatory/SEC standards.
• Interpersonal and collaborative skills, communicating security concepts to technical and non-technical audiences.
• Strong written/verbal communication in Thai and English.
• Responsible and a good team player.
• Positive attitude and eagerness to learn.

Bonus Points for:

• Proven blockchain/cryptocurrency experience (e.g., published code, blogs, contributions).
• Security certifications.

Compensation & Benefits:

• Competitive salary
• Annual paid holidays
• Health insurance
• Provident Fund
• Fast-track your career in the blockchain & crypto industry
• Flexible work environment

Office location: Pier 111 (Ratchaprasong/Pratunam, Bangkok)

Cyber Security Analyst 

Section : Cyber Security Operation Center (CSOC)

We are looking for Cyber Security Analyst to perform real-time monitoring security alert and investigate security incidents base on the guidance, playbooks and procedures for our large enterprise customers

What we want?

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance.

Who are we looking for?

• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• **Able to work in shift.**

Job Purpose:

Responsible for monitoring and analyzing security events, identifying potential threats, and implementing solutions to prevent security breaches. The SOC Analyst will work closely with other IT professionals to ensure the safety and integrity of our organization's data.

Location : Avani Charoen Nakhon (Thonburi) with shuttle van service from BTS Krungthon

Key Responsibilities:

• Continuously monitor security alerts and events from various sources including firewalls, intrusion detection , threat protection systems, and security information and event management (SIEM) systems.
• Investigate security incidents, identify root causes, and recommend corrective actions to mitigate threats.
• Actively participate in the incident response process, including incident detection, analysis, containment, eradication, and recovery.
• Conduct routine security vulnerability assessment scan and provide remediation or mitigation suggestions for the discovered vulnerabilities.
• Stay updated on the latest cybersecurity threats and trends, and utilize threat intelligence to enhance the organization's security posture.
• Maintain accurate and detailed records of security incidents, response actions, and follow-up activities.
• Work with other IT and security teams to develop and implement security policies, procedures, and best practices.
• Generate reports on security incidents, trends, and overall security posture for management and stakeholders.
• Safeguards information system assets by identifying and solving potential & actual risks.
• Recognizes problems by identifying abnormalities, investigating forensics, detect violations and conducting periodic audits.
• Implements security improvements by assessing current situation, evaluating trends & anticipating requirements.
• Maintains quality service by following industrial standards.

Job Specification:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in a SOC Analyst or similar role.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA Security+ are preferred.
• Proficiency in using security tools and technologies such as SIEM, EDR software and VA scan tools.
• Strong analytical and problem-solving skills with the ability to think critically and act decisively under pressure.
• Strong knowledge of information security best practices and standards.
• Good understanding and appreciation of technology development life cycles.
• Ability to work effectively in a team-oriented environment and collaborate with colleagues from diverse backgrounds.
• High attention to detail and accuracy in monitoring, detection, and documentation of security events.
• Self-motivated, proactive, and self-initiative.
• Excellent verbal and written communication skills with the ability to convey complex technical information to non-technical stakeholders.
• Good command of English.

Junior Level

Cyber Security

Work Level: Junior

Job Type: Contract

Offer Salary : Not Specified

Job Descriptions :

We are looking for Cyber Security Analyst to perform real-time monitoring security alert and investigate security incidents base on the guidance, playbooks and procedures for our large enterprise customers

What we want?

• Validates, classifies, priorities and opens ticket.
• Acting as focal contact point for report security incidents.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Provide daily summary reports of security incidents.
• Responds to security alerts generate within the SLA time window.
• Follow-up and tracking security incidents base on team process.
• Examine network topologies to understand data flows through the network.
• Validate security incidents alerts against network traffic using packet analysis tools.
• Isolate or remove malware.
• Identify applications and operating systems of a network device based on network traffic.
• Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Notify cybersecurity service provider team members of suspected cyber incidents, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
  Work with stakeholders to resolve computer security incidents and vulnerability compliance.

Who are we looking for?

• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Analytical and problem-solving skills are required.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Experience in IT Security, Network Security or Security Compliance.
• Knowledge of common security tools such as anti-virus, firewall and intrusion detection system.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Able to work in shift.

Location :

Head Office : Chatuchak, SJ Infinite One Business Complex

Key Responsibilities:-

Cyber Security Incident Analysis:

· Risk assessment activities, analyzing potential threats to the organization's assets and recommending mitigation strategies

· Lead and manage the investigation and response to complex security incidents, from detection to mitigation.

· Conduct in-depth Root Cause Analysis (RCA) to identify the true cause of attacks and vulnerabilities.

· Conduct deep analysis of security alerts, logs, and network traffic to identify and contain threats.

· Continuously develop and improve Incident Response Playbooks.

· Actively contribute to the development and maintenance of the Disaster Recovery (DR) and Business Continuity Plans (BCP) to ensure the organization can effectively recover from major security incidents or outages.

Digital Forensics:

· Perform the collection, analysis, and preservation of digital evidence related to cybersecurity incidents.

· Utilize forensic tools and techniques to recover data and reconstruct the timeline of an attack.

· Prepare detailed forensic analysis reports and present findings to stakeholders.

Threat Intelligence:

· Collect, analyze, and disseminate the latest threat intelligence information from various sources (OSINT, Commercial Feeds).

· Create reports and alerts on threats that could impact the organization.

· Apply intelligence to develop proactive defense strategies and improve security systems.

Qualifications:-

· Bachelor's degree in Engineering, Computer Engineering, Computer Science, Information Technology, Telecommunications or a related field.

· 5+ years of experience in a Security Analyst or related role, with a focus on Incident Response and Digital Forensics.

· Proficiency in using various security tools and technologies such as SIEM, EDR, Sandboxing, and Forensic Tools.

· Deep knowledge and understanding of cyber-attack techniques (TTPs) and threat trends.

· Excellent analytical and problem-solving skills, with the ability to work effectively under pressure.

· Strong communication and presentation skills, capable of explaining complex technical issues to non-technical audiences.

· Relevant security certifications such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), or equivalent are highly desirable.

IT Security Analyst is responsible for delivering end-to-end IT Security Administration, IT Risk Management, being our threat intelligence to help Upbit build and run successful security programs.

Responsibilities:

• In charge of the Company's overall network administration and access control, including log monitoring, conducting vulnerability assessments-penetration tests across the company's products, services and infrastructure.
• Assist in IT Risk Management
• Create, review, revise, and keep record of all Company's policy and standard for Board of IT and Board of Directors to review and approve, and provide these formal documentation for Company's staff to comply with the protocol.
• Enhance system security measures in response to any regulation changes.
• Handle security operations, Compliance and Awareness, and conduct a routine review of network design and secure network operations.
• Coordinate with SEC and other regulators as required.
• Oversee the IT auditing process
• Monitor and periodically evaluate the efficiency and effectiveness of IT Security Policy and IT Standard and stay up-to-date on the industry IT Security framework.
• Conduct the Company's IT Asset Management and coordinate with internal parties to comply with IT Asset Management Policy.
• Provide guidance to internal and external stakeholders on blockchain security innovation and related technologies.
• Collaborate with system developers to implement system updates and developments.
• Confident working directly with software developers on source code as well as internal executives for requirements gathering.
• Generate actionable findings from review activities.
• Create an up-to-date communications plan and give periodic training on all IT Security measures to Company's staff and relevant stakeholders.
• Manage security network devices and office access control devices.

Qualifications:

• Bachelor's degree or higher in IT, computer science, computer engineering, information security or related field of study.
• Minimum of 1-3 years of IT industry or relevant experience in IT security and/or risk management.
• Strong knowledge of programming languages, able to give a code review.
• Strong working knowledge of IT security policy/regulations, security concepts and secure architectures.
• Knowledge of cryptography and weaknesses in cryptographic implementations.
• Strategic thinker, and ability to align IT security system with regulatory / SEC standards.
• Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Strong written and verbal communication skills in Thai and English.
• Strong sense of responsibility and a good team player.
• Have a positive attitude and willingness to learn.

Bonus Points for:

• Proven experience in blockchain and cryptocurrency, such as published source code, blog posts, contribution to blockchain organizations, etc.
• Security certificates are a plus.

Compensation & Benefits:

• Competitive salary
• Annual paid holidays
• Health insurance
• Provident Fund
• Fast-track your career in the blockchain & crypto industry
• Flexible work environment

Office location:

Pier 111 (Ratchaprasong/Pratunam, Bangkok)