117 Security Consultant jobs in Thailand

As a security consultant, applicant will be responsible for performing all kinds of security assessments for the company, including

• Secure Code Review
• Penetration Testing
• Red Teaming Exercise
• Patch Management Scanning
• Data Secure Assessment
• ETC.

Responsibilities
:

• Conduct project kickoff meetings with application development team and perform project scoping.
• Breakdown assessment tasks and estimate effort for each task.
• Perform assessment on the application with a proper methodology, which can vary, depending on the assessment type.
• Clarify the findings and provide practical recommendations to the application development team.
• Provide a complete assessment report to the application development team.
• Manage the assessment project performed by the vendor.

Qualifications
:

• Bachelor's degree in IT fields.
• Knowledge on one or more programming languages.
• Security knowledge on web application, mobile application, API, and network.
• Experience in the Cybersecurity assessment jobs such as Penetration tester.
• Good written and verbal communication skills in Thai and English.
• Professional certification such as OSCP, Security+, CEH, or CREST is an advantage but is not required.

Benefits
:

• Arrangeable Hybrid Working Personal
• Personal MacBook
• Special Housing Loan Rate
• World-Class Development Program
• Group Insurance : Health, Dental & Life Insurance
• Wellbeing : Annual Health Check-up, Mental Health Counselling Service
• Special Discounts e.g. Fitness, Cafe, Eating, Wellness, Clinic, and etc.
• Free Snack
• Opportunity to be a part of team that drives Thailand Digital Economy (The maker of renowned mobile applications for all Thais including Paotang, Krungthai Next, and Tungngern)

Working Location
:

The ParQ Office Building, 5th, 9-10th Floor

Near MRT Queen
Sirikit
National Convention Centre Station, Exit 2

Public and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face. Dealing with cyber threats is a complex challenge. KPMG professionals recognize that cyber security is about risk management – not risk elimination.

We are looking for consultants to join our cyber team to focus on the below.

Job Responsibilities:

• Focus on Cyber Security / Network / Web-Mobile Application / IT Security Framework
• Communicating vulnerabilities to Technology stakeholders and assisting them with remediation activities
• Tracking, assisting and managing to resolution the closure of security risks including review plans and monitor progress or remedial actions
• Analysing the results of the security testing conducted and assisting stakeholders with identifying viable remediation solutions for any vulnerability identified.
• Delivery of technical Security Testing (includes Penetration Testing) and Security Assessments
• Establish appropriate metrics in order to have a solid understanding of the operational issues and provide more value reporting to the stakeholders.
• Provide an in-depth review of an organization's ability to protect its information assets and its preparedness against cyber threats
• Provide a review of an organization's ability to respond to cyber security incidents
• Proactive assessment of review of an organization's technical infrastructure including host-based log analysis, and/or network analysis to determine if any unidentified compromise has occurred previously
• Support client in an identification, creation and execution of an IR program after a cyber incident has occurred

Job Qualifications:

• A minimum of 2 years of relevant experiences in cyber security.
• Have a passion in cybersecurity, IT Security / willing to learn new things.
• Have knowledge in the area of network infrastructure, OS, web application, mobile application.
• Have knowledge in programming and scripting.
• Have experience on the security tools such as Metasploit, Burp, SQLMap, Kali Linux etc.
• Have experience in CTF / Cyber competitor in TH or abroad
• Excellent report writing skills in both English and Thai
• Project management and communication skill
• Bachelor's or Master's degree in computer engineering, Computer Science, or any other related field
• Preferred Certifications: OSCP or GPEN or equivalent certificates.

The Security Consultant leads the design

,

development

and deployment

of innovative security architectures for protecting data deployed into

different types

of cloud and cloud/hybrid systems. This position will directly give to the overall

customer

architecture and lead the security vision and strategy around cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS).

S

erve as the

central point

of contact for other Technology teams for all matters related to cloud security.

Should

possess

the good interpersonal and communication skills

required

to partner with other leaders across the business to find opportunities

and risks and develop and deliver solutions that support business strategies

.

Expertise

– Collaborate with Application Owners, Technical Owners, Platform Leads, and Information Security teams, to architect and design cloud security solutions.

Knowledge of cloud security services such as Azure and AWS is essential

.

Delivery

– Complete architecture assessments across projects, prove use of security solutions to support new distributed computing solutions that span private cloud and public cloud services.

Security Technology Strategy

– Work with engineering,

service

and business teams to build technology roadmaps.

Job Requirements

• Craft and develop security architectures for cloud and cloud/hybrid-based systems. Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and the Microsoft Azure platforms. Based on business requirements, design and implement cloud-native architecture and design that will allow those requirements to be met with a minimal degree of risk and with

appropriate security

controls present.

• Act as the ambassador and technical representative for Information Security while engaging with other senior technical leaders in design and implementation of cloud and cloud/hybrid-based implementations and solutions.

• Lead

security workshops

and technical forum

s

to share knowledge across Security and Technology groups.

• Identify

, recommend, coordinate, and/or conduct informal/formal training sessions to deliver

timely

knowledge to support teams

regarding

technologies,

processes

or tools.

• proven ability with Security Architect and/or Engineering.

• 3-5 years of experience with Cloud platforms such as Microsoft Azure and Amazon Web Services (AWS).

• Experience architecting solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers.

• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (
  **secure software development (Application Security), data protection, cryptography, key management,

identity

and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.**

• Proven understanding of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).

• Experience with deployment orchestration, automation, and security configuration management preferred.

• Understanding of cloud-based services that use a comprehensive architecture.

• Experience working with cloud security and governance tools, cloud access security brokers (
  CASBs

), and server virtualization technologies.

**Technical

Experience :**

• Knowledge on crafting IaaS

and PaaS

cloud solutions in

AWS and

Azure Platform that meet customer needs for scalability, reliability

,

security

and performance

.

• Experience performing threat

modeling

and design reviews to assess security implications and requirements for introduction of

new technologies

.

• Experience

representing

technical viewpoints to diverse audiences and in making

timely

and prudent technical risk decisions.

• Experience with enterprise architecture and working as part of a complementary team to implement solutions.

• Experience with enterprise applications (architecture, development, support, and seek).

• Detailed understanding of SSL/TLS protocols and certificate-based solutions

.

**Professional

Attributes :**

• Strategic problem solver, have ability

grasp

new technologies

,

innovate,

develop

and nurture new

security

solution

s

.

• Experience in driving

security

consulting workshops

(security training and awareness)

, crafting content of workshops in short deadlines to C-levels

.

• Demonstrate thought leadership,

build good impacts in engagements,

handle time

and

demonstrate

flexibility

by

adapt

ing

to situation

s

.

• An ability to follow processes

.

• S

trong documentation

skill

.

• Good communication

skills both written and verbal with the client

.

• Strong interpersonal and communication skills; ability to work in a team environment

.

• Ability to work independently with minimal direction; self-starter/self-motivated

**Certifications

:**

Relevant industry certifications such as CISSP, CISM, or CCSP

is preferred.
- AWS

Solution Architect

Associate

& Professional.
- AWS

Certified Security – Specialty.
- Microsoft

Certified :

Azure Security Engineer Associate.

Company description

SoftwareOne is a leading global software & cloud solutions provider that is redefining how companies build, buy and lead everything in the cloud. By helping clients to migrate and modernize their workloads and applications – and in parallel, to navigate and optimize the resulting software and cloud changes – SoftwareOne unlocks the value of technology. The company's 8,900 employees are driven to deliver a portfolio of 7,500 software brands with sales and delivery capabilities in 90 countries. Headquartered in Switzerland, SoftwareOne is listed on the SIX Swiss Exchange under the ticker symbol SWON.

Visit us

Key Responsibilities:

• Conduct thorough security assessments and audits to identify potential vulnerabilities and threats to information systems.
• Develop and implement effective security policies, procedures, and controls to ensure the confidentiality, integrity, and availability of data.
• Provide expert guidance on security architecture and the deployment of security technologies.
• Monitor and analyze security incidents, conducting root cause analysis and implementing corrective actions.
• Perform risk assessments and develop risk mitigation strategies tailored to the specific needs of each client.
• Stay up-to-date with the latest security trends, vulnerabilities, and regulatory requirements.
• Conduct security awareness training for clients to promote best practices and enhance overall security posture.
• Collaborate with IT teams, management, and other stakeholders to ensure seamless integration of security measures.
• Prepare detailed reports and presentations to communicate findings, recommendations, and progress to clients and management.
• Assist in the development and execution of incident response plans and disaster recovery strategies.

Qualifications:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or similar are highly desirable.
• Proven experience as an Information Security Consultant or in a similar role.
• Strong understanding of security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR).
• Experience with security technologies, including firewalls, intrusion detection/prevention systems, and encryption tools.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and manage multiple projects simultaneously.
• Strong organizational skills and attention to detail.
• Experience in conducting security training and awareness programs is a plus.

Job Summary

The Cyber Security Consultant provides strategic and technical advisory
to government agencies and regulators in strengthening national cybersecurity governance, compliance, and resilience. The role involves
policy research, framework development, and capability enhancement
aligned with Thailand's cybersecurity laws and international standards.

Key Responsibilities

• Conduct research and analysis
on cybersecurity policies, risk management frameworks, and best practices (e.g. NIST, ISO/IEC

• Support
development of cybersecurity standards, guidelines, and regulatory frameworks
for government and critical infrastructure sectors.

• Assist in
cyber risk assessments
, maturity evaluations, and security architecture reviews.

• Draft
policy papers, compliance guidelines, and technical reports
for government agencies.

• Design and deliver
training or capacity-building programs
on cybersecurity governance and incident response.

• Collaborate with stakeholders across legal, technical, and operational domains to ensure coherent cybersecurity strategies.

Qualifications

• Bachelor's or Master's in Cybersecurity, Information Technology, Engineering, or related fields
.

•
3–5 years
of experience in cybersecurity, IT risk, or regulatory consulting.

• Knowledge of
NIST, ISO/IEC 27001/27005, or Cybersecurity Act frameworks
.

• Experience with
government or regulated industries
is preferred.

• Strong
analytical, documentation, and communication
skills (Thai & English).

• Certifications such as
CISSP, CISA, ISO 27001 Lead Implementer/Auditor
are an advantage.

Interested in?

• Please send your CV and expected salary to

About the Company

Join a leading global technology organization providing cloud consulting, enterprise architecture, and security services for Fortune 500 companies and public sector clients. The team delivers large-scale cloud adoption and transformation programs with a strong emphasis on
security, compliance, and automation
.

About the Role

We're seeking an experienced
Senior Cloud Security Consultant
to help enterprise customers design, implement, and secure their cloud environments across the ASEAN region. This is a
customer-facing, hands-on consulting role
that combines cloud security strategy, technical architecture, and regulatory compliance expertise. You will work closely with technical and business leaders, guiding them through complex security challenges as they scale in the cloud.

Key Responsibilities:

• Lead the design and deployment of security solutions for enterprise cloud projects.
• Deliver
  cloud security architecture, controls, and automation
  using Infrastructure-as-Code and DevSecOps practices.
• Advise clients on risk management, regulatory compliance, and security best practices for cloud adoption.
• Act as a trusted security SME, influencing architecture decisions and transformation initiatives.
• Engage with executives, technical teams, and partners to align cloud security with business objectives.
• Mentor colleagues and contribute to knowledge sharing across the team.

Requirements:

• 10+ years' experience in IT security, compliance, or risk management.
• Strong expertise in
  cloud platforms
  (AWS or equivalent), with hands-on experience in secure cloud deployments.
• Proficiency with security tools (SSO, Federation, WAF, IPS, SIEM, Anti-DDoS).
• Strong scripting skills (Python, PowerShell, Bash, etc.) and Infrastructure-as-Code (Terraform, CloudFormation, Ansible, etc.).
• Deep understanding of compliance standards (ISO 27001, PCI DSS, GDPR, Thailand PDPA, BOT regulations).
• Excellent communication skills, capable of engaging both executives and engineers.
• Bachelor's degree or equivalent experience; fluency in English and Thai.

Nice-to-Have

• Experience delivering regional or global enterprise-scale security programs.
• Cloud security or architecture certifications (CISSP, CCSP, CISM, AWS Solutions Architect, etc.).

if interested, please submit an updated resume or reach out to

Company Description

Bluebik Group Public Company Limited is a digital transformation consultancy focused on enhancing the capabilities of Thai business organizations through comprehensive technological applications. The company's services include Management Consulting, Digital Excellence & Delivery, Strategic PMO, Big Data & Advanced Analytics and Cyber Secur. Bluebik Group bases its consulting on a profound understanding of the business contexts in Thailand and employs more than 750 consultants with experience from world-class consulting firms.

Role Description

This is a full-time, on-site role for a Cyber Security Consultant Manager, located in Bangkok. The Manager will be responsible for overseeing cybersecurity initiatives, assessing application and network security, managing information security protocols, and conducting vulnerability assessments. The role involves leading teams, collaborating with clients, and ensuring the implementation of best practices to safeguard digital assets and infrastructure.

Qualifications

• Proficiency in Cybersecurity and Privacy, Information Security Management, Cyber Risk Management
• Experience in Application, System, Network, Cloud Security
• Strong leadership, project and team management skills
• Excellent problem-solving and analytical abilities
• Effective communication and client collaboration skills
• Self motivation, continuous leaning, growth mindset, goal driven attitude
• Bachelor's degree in Cybersecurity, Information Technology, or a related field
• Relevant certifications such as CISSP, CISM, or ISO27001 are a plus

หน้าที่ความรับผิดชอบ

• ให้คำปรึกษากับลูกค้าให้ปฏิบัติงานได้สอดคล้องตามระบบมาตรฐานที่ขอรับรองและตามข้อกำหนดของลูกค้า
• จัดทำเอกสารอย่างละเอียด รีวิว และปรับปรุงเอกสารนโยบาย กระบวนการ แนวปฏิบัติ ให้คำแนะนำกับลูกค้าให้ปฏิบัติงานได้สอดคล้องตามระบบมาตรฐานที่ขอรับรองและตามข้อกำหนดของลูกค้า
• การตรวจสอบและประเมินความปลอดภัยทางไอที (IT Audit) ให้คำแนะนำได้
• ถ่ายทอดความรู้และอบรมการรับรู้ด้านความปลอดภัยทางไซเบอร์ รวมทั้ง Security Awareness อัพเดตเทคโนโลยีและภัยคุกคามรูปแบบใหม่
• การสื่อสาร, จัดทำข้อมูลและการนำเสนอ รับฟังข้อมูล
• ระบุ, ประเมิน, และลดความเสี่ยงด้าน IT ที่เกี่ยวข้องกับความปลอดภัย, โครงสร้างพื้นฐาน, และปฏิบัติการ
• ตรวจสอบมาตรฐานความปลอดภัย ISO27001, NCSA, NIST, PDPA และอื่นๆ

คุณสมบัติด้านความรู้และความสามารถ

• จบการศึกษาปริญญาตรีสาขา Computer Engineering, Computer Science, Information Technology, หรือสาขาอื่นๆ ที่เกี่ยวข้องจะพิจารณาเป็นพิเศษ
• มีความรู้ความเข้าใจ และประสบการณ์มาตรฐาน ISO/IEC 27001 เป็นอย่างน้อย
• มีทักษะในการสื่อสารและนำเสนอข้อมูลได้อย่างชัดเจนและเข้าใจง่าย
• มีทักษะในการวิเคราะห์และการแก้ไขปัญหา ได้อย่างมีเหตุผล
• สามารถตัดสินใจและแก้ไขปัญหาได้อย่างรวดเร็วและมีประสิทธิภาพ
• มีความรับผิดชอบ ตรงต่อเวลา มีความซื่อสัตย์ มีความคล่องตัวสูง และรักษาความลับของข้อมูลลูกค้า
• หากมีใบรับรองที่เกี่ยวข้องจะพิจารณาเป็นพิเศษ
• มีประสบการณ์อย่างน้อย 1 ปี ด้าน Information Security หรือ IT Security หรือหากเคยทำโครงการ ISO27001 (ISMS) มาโดยตรงจะพิจารณาเป็นพิเศษ
• ใฝ่เรียนรู้และพัฒนาตนเองอยู่เสมอสามารถทำงานเป็นทีมได้ สามารถบริหารเวลาได้

สวัสดิการ

• Hybrid, WFH
• ทำงานสัปดาห์ละ 5 วัน
• มีเวลาการทำงานที่ยืดหยุ่น
• เงินโบนัสตามผลงาน
• ค่าใช้จ่ายในการเดินทาง
• ประกันสังคม
• ตามข้อตกลงของบริษัท
• งานเลี้ยงรายเดือน
• ท่องเที่ยวประจำปี