121 Military & Public Safety jobs in Thailand

The Senior Information Security Governance Consultant will work closely across business channels to identify and assess security risks, gaps in the application of policies and standards, and weaknesses in processes, and take lead role in managing them. The Senior Information Security Consultant will work closely with the wider team to deliver a number of group wide security improvement initiatives.

Job Scopes:

• Implement security policies, standards, procedures, and guidelines for the organization in compliance with ISO27001
• Provide consultation to local teams to ensure that locally implemented technology solutions meet the AXA security standards, government rules and regulations.
• Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards.
• Support regional audit, financial audit , ITSP audit and follow-up the remediation of findings.
• Ensure that Krungthai-AXA environment including staff comply with AXA Security Standards and local regulations related to Information Security
• Monitors compliance with the organization's security policies and procedures among employees, contractors, alliances and other third parties and takes corrective action.
• Plan and coordinate Disaster Recovery testing.
• Develop security policies, standards, procedures and guidelines in compliance in ISO 27001.
• Implement security controls to Krungthai-AXA and AXA-Tech to achieve ISO27001 certification.
• Provide consultation to business units and IT team to operate in compliance with ISO27001.

Job Qualification:

• 7-10 years' experience in information security management, information risk management security tool implementation and/or IT Security Operations
• In-depth knowledge of Security Standards, such as ISO27001 and experience in their implementation
• Advanced knowledge of information risk management, business protection systems,  and technology associated with information security
• CISSP, CISM, CISA, CRISC, GIAC and/or CEH certifications preferred
• Computer literacy, good in using Microsoft Office and Microsoft Visio.
• Good command of written and spoken English.
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executive).
• Logical & systematic approach to problem solving
• Experience in Disaster Recover Management, including backup and recovery processes

Minimum of 5-7 years experience in security management, preferably in hospitality, resorts, mixed-use complexes, or large-scale commercial facilities.

Certifications in OHS, fire safety, CPR/First Aid, or equivalent are an advantage.

Proven experience managing multi-site security operations or complex environments with high guest and team members volume.

Prior experience in emergency response planning, crisis management, and coordination with local authorities is highly desirable.

Strong leadership, coaching motivation, interpersonal & coordination, good problem-solving skill and conflict management skill.

Good personality with excellent communication and strong service minded.

Additional InformationThis is a complex role overseeing security operations for both Anantara Riverside Bangkok Resort and Avani+ Riverside Bangkok Hotel.

Job Descriptions:

• Monitor IT operational processes and procedures using compliance management methodologies to ensure adherence to legal regulations and ethical standards.
• Manage the flow of information by researching, recording, and analyzing data, conducting compliance risk assessments, and maintaining regular reporting.
• Develop and deliver training programs to educate staff on updates or changes to compliance policies and guidelines.
• Conduct regular assessments and audits to ensure that IT policies, procedures, and operations comply with applicable laws, regulations, and internal standards.
• Provide guidance and support to IT teams and stakeholders on compliance-related matters.
• Identify potential compliance risks, propose mitigation plans, and recommend improvements to strengthen internal controls.
• Stay updated on industry regulations, best practices, and emerging trends in IT compliance.

Qualifications:

• Bachelor's degree or higher in Computer Engineering, Computer Science, or a related field.
• 3–5 years of experience in infrastructure is an advantage.
• Good command of English (both speaking and writing).
• Ability to work independently with minimal supervision in a fast-paced environment.
• High-energy, motivated self-starter with a strong willingness to learn new technologies quickly.
• Ability to work under pressure and meet tight deadlines.
• Strong communication and teamwork skills, with the ability to collaborate across functions.
• Excellent troubleshooting and problem-solving skills.
• Willingness to work in up-country locations as assigned.

Working Location: Sarasin Building, Silom, Bangrak, Thailand

Responsibilities :

·    Ensuring information security compliance with external and internal requirements and mitigating risk commensurate with the organization's risk tolerance.

·    Provide/Develop awareness activities including analytics and support to internal function.

·    Develop and report monthly and metrics to management on regularly basis for Information Security Risk.

·    Ensures and support that the organization's leadership, staff, policies, processes, practices, and technologies provide ongoing maturity measurement related cybersecurity and all information security activities.

Qualifications :

·    Bachelor's degree in computer engineering, Computer Science, Information Security or IT related field.

· years of experience in cybersecurity, information security or risk management or related field.

·    Experience with GRC or Information security tools, data analytic and some programming skill, etc.

·    Knowledge of common information security management frameworks, such as ISO/IEC 27001, ISO 27799.

Location :Samitivej Srinakarin Hospital or Bangkok Hospital

Security Manager Services Site Security Management Services includes all aspects of the physical security operation; including, but not limited to, the following at the location(s) assigned within a given metro or geographic area:

• Responsible for overall administration of the services and deliverables provided pursuant to the contract and ensuring contractor and Personnel's compliance with the regulatory and contractual requirements of the SOW.
• Liaison between contractor and client, with law enforcement agencies, with client customers at the facilities, and with all Personnel.
• Plan, organize, direct, and control the operational and administrative activities of the services and deliverables required of Personnel on a day to day basis.
• Interact directly with the different internal groups on a daily basis to help ensure a fluent operational continuity throughout the site, thereby maintaining a transparent and trustful partnership with the client.
• Prepare for upcoming Marcus construction projects and help provide a strategic security plan.
• Oversee security exercises and continuous improvement initiatives.
• Respond and provide security support to all emergencies.
• Enforce physical security measures and practices to ensure client directives are completed.
• Knowledgeable of, and able to enforce, all policies/procedures from security related documentation.
• Continuously review the site security posture and immediate area for any gaps or known risk(s) to the site, site personnel, etc.
• Propose and implement proactive measures to detect security and safety weaknesses, provide relevant solutions, improve performance and expand operations.
• Collect, input, and review for accuracy all site metrics and assigned reporting requirements in compliance with contract requirements.
• Ensure timely and accurate reporting of all incidents using the reporting system.

• After coordinating with and gaining approval from the assigned Client Point of Contact, conduct site investigations.

• Oversee the ordering and issuing of access badges for employees, extended workforce members, and visitors.

• Provision new contract security personnel as outlined in policy an procedures.
• Ensure contract security personnel have completed background checks and pre-deployment training before gaining access to the site, oversee the required on-the-job (OJT) training program, and continuing training of the security staff.
• Serve as a member of the local site Emergency Response Team (ERT) and coordinate / participate in weekly/monthly drills in addition to the Monthly Operational Exercise.
• Ensure key control is in compliance with set policies and procedures.
• Audit physical security systems to ensure functionality and resolve any issues that may compromise the security of the site in a timely manner.
• Conduct post inspections to ensure officers are following assigned Post Orders and Standard Operating Procedures.

1. วิเคราะห์งานเพื่อความปลอดภัย ตรวจสอบและเสนอแนะการทำงานให้ถูกต้องตามกฎหมาย
2. ตรวจสอบและเสนอแนะให้นายจ้างปฏิบัติตามกฎหมายว่าด้วยความปลอดภัยอาชีวอนามัยและสภาพแวดล้อมในการทำงาน
3. วิเคราะห์งานเพื่อชี้บ่งอันตรายและกำหนดมาตรการป้องกันและขั้นตอนการทำงานอย่างปลอดภัยเสนอต่อนายจ้าง
4. ประเมินความเสี่ยงด้านความปลอดภัยอาชีวอนามัยและสภาพแวดล้อมในการทำงาน
5. วิเคราะห์หาสาเหตุเมื่อเกิดอุบัติเหตุ จัดทำรายงานเสนอผู้บริหาร
6. จัดฝึกอบรมความปลอดภัย ให้กับพนักงาน
7. รณรงค์และส่งเสริมกิจกรรมความปลอดภัย เช่น กิจกรรม 5ส., Safety Week, การจัดทำป้ายเตือน ฯลฯ
8. ปฏิบัติงานอื่น ๆ ตามที่กฎหมายกำหนด

Location: Krungthep Kreetha

Website:

Job Scope:

• Lead the deployment, configuration, tuning, and maintenance of SIEM and SOAR platforms for effective threat detection and response.
• Develop and optimize detection use cases, correlation rules, alerts, enrichment strategies, response actions, and dashboards based on threat intelligence and business requirements.
• Integrate diverse security telemetry sources (endpoint, network, cloud, identity, etc.) into SIEM, SOAR, EDR platforms, threat intelligence feeds, notification and ticketing systems to support automation.
• Continuously evaluate and improve SOAR playbooks to ensure scalability and reduce false positives.
• Automate routine response actions using SOAR tools to reduce manual effort and improve mean time to detect (MTTD) and mean time to respond (MTTR).
• Perform proactive threat hunting using SIEM, SOAR, and EDR data to detect advanced persistent threats (APTs) and insider threats.
• Provide mentorship and technical guidance to Security Operations Center (SOC) team members to enhance detection capabilities.
• Collaborate with IT, Infrastructure, DevOps, and application teams to ensure comprehensive and accurate security telemetry.
• Support compliance and audit requirements by generating reports and providing evidence of security monitoring activities.
• Evaluate emerging SIEM and SOAR technologies to enhance the organization's security monitoring capabilities.
• Document detection methodologies, incident handling procedures, and operational workflows.
• Communicate effectively with internal stakeholders and external clients to build strong relationships and ensure successful outcomes.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Minimum 5 years of experience in cybersecurity roles, with a focus on SIEM, SOAR, XDR, or related security monitoring tools.
• Proven hands-on experience with leading SIEM platforms such as Google SecOps, Splunk, Microsoft Sentinel, or equivalents.
• Proficiency with security technologies including EDR, SIEM, SOAR, IDS/IPS, and firewalls, Cloud-native security solutions(AWS, Azure, GCP) including their integration.
• Strong understanding of network protocols, endpoint security, cloud security, and identity/access management principles.
• Familiarity with scripting or programming languages such as YARA-L 2.0, PowerShell, Python or similar for automation and data processing.
• Deep understanding of the incident response lifecycle and threat intelligence utilization.
• Strong analytical and problem-solving abilities, with attention to detail.
• Excellent communication skills and ability to work collaboratively in cross-functional teams.

About the Job

As a Local Information Security Officer (ISO) at Allianz Technology Thailand, you will play a crucial role in driving the implementation and evolution of the Allianz SE Group and Technology Information Security Framework and related guidelines. You will ensure compliance with the IS framework by providing control assurance for services offered to customers, as well for those that are consumed by the hub. In addition, this role is also responsible for Protection & Resilience (P&R) matters including Business Continuity Management (BCM), Crisis Management (CM) and Protective security management

Your role will be pivotal in fostering a secure and resilient environment for Allianz Technology Thailand, aligning with Allianz's commitment to protection and resilience. Dive into a dynamic environment where your expertise will drive information security excellence and protect Allianz's interests.

What you do

Information Security Officer (ISO)

• Drive the implementation of and ensure compliance with Group-wide standards, regulatory requirements and industry security standards included but not limited to Global information security framework assessment, Global functional rule assessment, DORA, NIS2 in all Allianz Technology services and in projects.
• Oversee the compliance reporting process for local entities; assess and address deviations from security policies and contractual security provisions, as well as developing effective strategies to mitigate identified information security risks.
• Lead local Information Security Steering Boards and support preparation of Information Security action plans.
• Support local executive body in their regulatory Information Security-related governance requirements and their responsibility to set up sound organizational and operational structures and procedures.
• Implement the actions under the LISO´s responsibility (e. g. IS Management Meetings, ISSB meetings, IS Risk Management), proactively manage the implementation of relevant follow-up measures in a timely manner.
• Ensure that all Allianz Technology IS Governance related documents are ratified by local entity management and follow up on the implementation of those.
• Serve as Local contact point for information security-related matters, including interfaces to business, partners, customers and other safeguarding functions.
• Provide information security consulting and liaison with all relevant stakeholders.
• Systematically assess the effectiveness of security controls in all services provided by Allianz Technology, its partners and third-party providers.
• Drive Security Risk Management, including supporting the life cycle of security risk assessments, assessing and addressing deviations from security policies and contractual security provisions, as well as developing effective strategies to mitigate identified information security risks.
• Ensure that all IS related deviations (aka IS risks) are reported in the GRC tool and managed there as defined in the information security risk management process
• Promote awareness of Allianz Technology security requirements and processes via regular communication to workforce across multiple channels.
• Manage the local roll-out of global information security trainings and monitor and report the attendance of local workforce
• Engage with senior stakeholders and providing regular, high-impact reports to the regional management, the Allianz Technology Thailand Board of Directors, and the Board of Management of Allianz Technology
• Regularly exchange with and contribute to the regional and global Allianz Technology ISO community.
• Support the annual IT compliance reporting process for the local entity.
• Support local management in their regulatory Information Security-related governance requirements.

Protection & Resilience (P&R)

• Perform the Business Continuity Management (BCM) lifecycle activities for Allianz Technology Thailand, including business impact analysis (BIA), risk identification and assessment (RIA), response strategies, response planning, exercise and testing
• Monitor and advise about applicable laws and regulations and ensure that the Allianz Technology Thailand ratifies the Protection and Resilience Policy
• Act as resilience point of contact and coordinate resilience related requests; verify IT Disaster Recovery (DR) capabilities, identify possible IT DR gaps and ensure DR data consistency
• Monitor incidents with potential crisis and report these to the Allianz Technology Crisis Unit Office
• Regularly assess resilience controls and report results to Protection & Resilience Office
• Create internal awareness of Protection & Resilience and associated responsibilities within Allianz Technology Thailand
• Regularly participate in reviews being undertaken by global Protection & Resilience Office
• Coordinate and assess the organization maturity in protective security management.
• Perform annual review and execution of organizational business continuity plan and

What you bring

• Bachelor's or master's degree in computer or information technology in related fields
• Recognized Information Security Certifications e.g. CISSP, CISA, CISM. CRISC, PCI DSS or ISO27001 Lead Auditor preferred
• 8+ years of experience in information security, Information risk management, controls assurance & compliance programs.
• Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
• Previous experience creating and/or performing review and gap analysis of information security policies and standards against cybersecurity frameworks
• Related security control and compliance experience in various frameworks including: PCI DSS, PCI PA-DSS, PCI PTS, GLBA, NYDFS, ISO, NIST, etc.
• Strong presentation skills
• Excellent communication skills, interpersonal, oral, and written in English

What we offer

• We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working.
• We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
• From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
• Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.

About Allianz Technology

With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in over 20 countries around the world, Allianz Technology is tasked to run, optimize, transform, and innovate the infrastructure, applications, and services together with Allianz companies to co-create the best customer experience.

We service the entire spectrum of digitalization – from one of the industry's largest IT infrastructure projects that spans data centers, networks, and security, to application platforms ranging from workplace services to digital interaction.

In short: We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.

Find us at:

Commitment to Integrity, Fairness & Inclusion

Allianz Technology is proud to be an equal opportunity employer dedicated to fostering an inclusive work environment for everyone. We embrace individuals of all gender identities and expressions, sexual orientations, ethnicities, ages, nationalities, religions, disabilities, and philosophies of life. Ultimately, our greatest strength as a company lies in the unique skills, experiences, and backgrounds our employees contribute.

To Recruitment Agencies:

Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agency or search firm recruiters. When we engage with recruitment agencies, the partnership is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate is ultimately employed by Allianz.

การจ้างงาน

full-time

* มีความสนใจงานในตำแหน่ง

* มีประสบการณ์โดยตรง หรืออาจเคยเป็น Bellman มาก่อน สนใจจะเปลี่ยนสายงาน

* สามารถทำงานได้ทุกรอบ ( เช้า บ่าย ดึก)

* สามารถสื่อสารภาษาอังกฤษขั้นพื้นฐานได้เหมาะสมกับตำแหน่งงาน

* มีใจรักงานบริการ

รับผิดชอบในตำแหน่งงาน และทำงานให้บรรลุเป้าหมายที่กำหนด

• Service Charge
• 2 Meals provided
• Uniforms & Laundry
• Group Insurance
• Night Shift Allowance
• 8 Days Off / Month
• 14 Public Holiday/Year
• Upselling incentive
• Guest review incentive

เมษายน 2024