32 Security Leadership jobs in Thailand

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA

The Information Security Governance, Risk and Compliance (GRC) Specialist is a seasoned subject matter expert, responsible for supporting the organization's information security program by assessing risks, implementing security controls, ensuring compliance, managing security awareness initiatives, and contributing to policy development.

This role collaborates with internal teams to enhance security practices and maintain a strong security posture.

Key responsibilities:

• Assists in conducting risk assessments and vulnerability assessments.
• Contributes to the development and maintenance of security policies and procedures.
• Collaborates with internal stakeholders to ensure compliance with industry standards and regulations.
• Participates in security awareness and training initiatives.
• Supports incident response activities and investigations as required.
• Monitors and reports on security compliance metrics.
• Assists in the implementation of security controls and best practices.
• Stays updated with emerging security threats and trends.
• Performs any other related task as required.

To thrive in this role, you need to have:

• Seasoned familiarity with information security frameworks and standards.
• Seasoned understanding of risk assessment methodologies, compliance, and policy development.
• Strong communication and interpersonal skills for effective collaboration.
• Strong attention to detail and ability to follow established processes.
• Seasoned project management skills for coordinating security initiatives.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in Information Technology or Computer Science degree or related field.
• Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
• Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable.

Required experience:

• Seasoned experience in information security or related roles.
• Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial.

Workplace type:

On-site Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA
The Information Security Governance, Risk and Compliance (GRC) Specialist is a seasoned subject matter expert, responsible for supporting the organization's information security program by assessing risks, implementing security controls, ensuring compliance, managing security awareness initiatives, and contributing to policy development.

This role collaborates with internal teams to enhance security practices and maintain a strong security posture.

Key responsibilities:

• Assists in conducting risk assessments and vulnerability assessments.
• Contributes to the development and maintenance of security policies and procedures.
• Collaborates with internal stakeholders to ensure compliance with industry standards and regulations.
• Participates in security awareness and training initiatives.
• Supports incident response activities and investigations as required.
• Monitors and reports on security compliance metrics.
• Assists in the implementation of security controls and best practices.
• Stays updated with emerging security threats and trends.
• Performs any other related task as required.

To thrive in this role, you need to have:

• Seasoned familiarity with information security frameworks and standards.
• Seasoned understanding of risk assessment methodologies, compliance, and policy development.
• Strong communication and interpersonal skills for effective collaboration.
• Strong attention to detail and ability to follow established processes.
• Seasoned project management skills for coordinating security initiatives.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in Information Technology or Computer Science degree or related field.
• Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
• Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable.

Required experience:

• Seasoned experience in information security or related roles.
• Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial.

Workplace type:
On-site Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Roles and Responsibilities:

• Manage and Control IT Security of company's Infrastructure such as Firewalls, Cloud-based hosting, Internet policies and etc.
• Perform IT security assessments, monitor and analyze cyber security event.
• Work on IT security design and analysis, and business continuity management.
• Review existing security measures and arrange penetration tests for some internal applications.
• Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
• Advise company on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.
• Assist company's internal developers and the development team in patching any security vulnerabilities.
• Implement security guidelines for all company's collaboration with the team.

Preferred Qualifications:

• Bachelor's degree in Computer Engineering or related field.
• Minimum 8-10 years of IT Security Management and Project  Management in complex projects in banking, fintech, insurance business.
• Good knowledge and understanding in IT and/or Cybersecurity related laws and regulations such as IT Risk Management Implementation, Cyber , Computer Crime Act, Personal Data Protection Act (PDPA), etc.

Our Benefits:

• Skill Development & Career Advancement
• Birthday Leave
• Free Clinic at work
• Fitness Membership Special Price
• Special Rate for Insurance Premiums.
• Snack Bar & Co Working Space
• Festive Events and Fun Activities
• Company Outing
• Special Occasion Allowance (Marriage, Childbirth)
• Disaster Support Allowance

Roles and Responsibilities:

• Manage and Control IT Security of company's Infrastructure such as Firewalls, Cloud-based hosting, Internet policies and etc.
• Perform IT security assessments, monitor and analyze cyber security event.
• Work on IT security design and analysis, and business continuity management.
• Review existing security measures and arrange penetration tests for some internal applications.
• Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
• Advise company on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.
• Assist company's internal developers and the development team in patching any security vulnerabilities.
• Implement security guidelines for all company's collaboration with the team.

Preferred Qualifications:

• Bachelor's degree in Computer Engineering or related field.
• Minimum 8-10 years of IT Security Management and Project  Management in complex projects in banking, fintech, insurance business.
• Good knowledge and understanding in IT and/or Cybersecurity related laws and regulations such as IT Risk Management Implementation, Cyber , Computer Crime Act, Personal Data Protection Act (PDPA), etc.

Our Benefits:

• Skill Development & Career Advancement
• Birthday Leave
• Free Clinic at work
• Fitness Membership Special Price
• Special Rate for Insurance Premiums.
• Snack Bar & Co Working Space
• Festive Events and Fun Activities
• Company Outing
• Special Occasion Allowance (Marriage, Childbirth)
• Disaster Support Allowance

Officer, Building and Security assists Building Management and Security Manager in the assigned scopes to ensure building and office facilities, Mechanical, Electrical & Plumbing (MEP) system, space utilization and facilities services meet business requirements and complied with PTTEP rules/regulations, standard and guideline, SSHE policy and regulations and services quality standard.

Provide strategic planning and analysis for building management and security operations in the assigned scopes. The scope of responsibilities are include but not limit to:

• Overall planning and implement for improve building operations and facilities management i.e. the preventive and corrective maintenance program, efficient utility usage and alternative energy etc.
• Lead and advise MEP system for building and office renovation, operation and maintenance (O&M) for 4 sites under department responsibility.
• Develop and review procurement Term Of Reference (TOR) and contract for building management and security, include monitor the services performance in accordance with procurement and contract procedures.
• Source and analyse data for building and facility management benchmarking, cost effectiveness analysis, in order to improve process and seek new initiatives.
• Develop, review, and update building management and security standards, procedures, guidelines, process and systems.
• Develop and prepare work plans & budget (WPB). Plan and control budgets under his/her own responsibility in accordance with the approved WPB.
• Drive and be accountable for ISO team leader or focal point i.e. ISO41001 Facility Management, ISO14001 Environmental Management, ISO45001 Occupational Health and Safety Management to compliance with internationally standard and act as a focal point to obtain ISO and related certification in the future.
• Provide and utilize office space and facilities management, coordinate relevant parties for staff for seating arrangement, as well as provide technical advice on issues arise.
• Supervision and monitoring building management and security operations to ensure coverage of Safety Security Health and Environmental (SSHE) policy, regulations and Department's strategy for 4 sites under FFM responsibility. (PTTEP H.O., PTTEP Technology and Innovation Center (PTIC), PTTEP Rapid Scaled-Up Center (RASC), PTTEP Subsurface Research Center (PSRC)).
• Be responsible for special projects as assigned i.e. work process improvement, operations and maintenance office utility systems of PTTEP alternative office, etc.

• Bachelor's Degree in any fields preferably in Electrical/Mechanical Engineering, Facilities Management
• Minimum 10-year experience in building and facility management
• Good command of spoken and written English
• Good computer skills in standard software (Word, Excel, Power Point, etc.)
• Good supervisory, leadership skills, and service-minded
• Good communication/interpersonal skills with excellent project management and analytical skills
• Knowledge in Government Procurement and Supplies Management would be an advantage
• Able to travel upcountry occasionally

Position :

Senior IT Security Management, Risk Management & Performance Department

Responsible for enterprise-wide Information Security program, Data Security, Access Control, Cryptographic Control, Operation Security, Communication system security, IT project management, IT incident management and IT contingency plan to comply with related regulator.

Job Description :

• Establish UOBAMTH-wide IT Security Management and Cyber Resiliency Policy and supporting standards to ensure confidentiality and availability of data.
• Provide security awareness training on the security policy of UOBAMTH.
• Develop IT Security procedures in accordance with The Policy.
• Ensure that responsibilities for IT security and cyber resiliency are defined and disseminated to all personnel.
• Consider security requirements when setting the direction for the information technology and architecture that UOBAMTH should adopt.
• Review and approve the use of new and appropriate technologies that enhance the security and integrity of IT assets in UOBAMTH.
• Monitor and review the security of UOBAMTH's IT assets.
• Guide the handing of and responding to security incidents within UOBAMTH in accordance with the established Incident Response Plan.

Requirements :

• Bachelor or Master's degree in Computer Engineering, MIS, IT or a related field.
• At least 5 years experiences in cyber security area in Finance or Banking industry.
• Experience with offensive security analysis tools and tactics.
• Strong cyber threat intelligence and information security experience in complex organizations
• Experience in system and application security management and control.
• Experience in facilitating information security risk assessments.
• Familiarity with cyber security threats, defenses, motivations and techniques.
• A positive, can-do attitude, who naturally expresses a high degree of empathy to others.
• Efficient communication and team- player skills.

Information Security will partner with Axons' IT team to manage and support all-level stakeholders, ensure policies, processes, practices, and technologies are successfully implemented and maintain. Oversight performance measurement, and course correction of all information security activities. This role includes awareness activities, analytics and support internal investigation function. Overall team should ensure information security compliance align between external and internal requirements, mitigating risk commensurate with the organization's risk tolerance.

Responsibilities:

• Plan, execute, and maintain information security risk program
• Allocate adequately trained/skilled resources to implement the information security risk program and plan
• Measure and monitor cost, schedule, and performance of the program
• Establish and execute information security risk management process
• Implement, and enforce information security policies
• Ensure that controls are adequate to meet legal, regulatory, policy, standards, and security requirements through controls review exercises
• Manage relationship and interface with external parties, e.g., regulator, HR, legal, compliance, risk management, suppliers.
• Plan, develop and conduct information security awareness activities, including an enterprise-wide role-based information security awareness and training program
• Manage the employment lifecycle, including performance, knowledge, skills, capabilities, and availability of the information security risk team.
• Perform analytics in the support for enterprise risk management activities
• Perform forensic analytics in the support for hazardous risk response, including internal investigation

Qualifications:

• Minimum 6 years of experience in fields relating to of risk management, IT audit, analytics, information security and technology, and/or information technology management with large enterprise or consulting firm
• Background in IT Audit/ IT Assurance and/or developer will be advantage
• Experience with project/program management for large and multi-national enterprise
• Experience with policy development and implementation is a plus.
• Experience with awareness training and/or people coaching is a plus.
• Experience with data analytics is a plus.

Skills & Knowledge:

• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ISO/IEC 2000, CIS, and NIST.
• Knowledge of regulation and standards compliance for information security domain
• Knowledge of analytics technology
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams plus financial and planning skills
• Project management or Relevant professional certification is a plus.

Benefits:

• Work From Anywhere
• Fixed Bonus
• Healthcare Allowance for employee and family member
• Flexible Working Hours
• Work From Anywhere Allowance
• Special Interest rate for home loan

Location: Bangkok (Hybrid Working)

About the Company

Cathcart Technology is assisting a leading technology-driven organization to find an experienced Information Security Specialist. This role will play a critical part in strengthening the security of a financial platform in cloud environments. You'll be working closely with teams, regulators, and external vendors to ensure compliance with regulations, while applying best-practice security standards

Responsibilities

• Design and implement cybersecurity policies and frameworks such as ISO/IEC 27001 & NIST
• Conduct risk and vulnerability assessments, and recommend strategies to mitigate threats
• Develop cybersecurity strategies to ensure protection of internal technology operations
• Collaborate with internal risk owners to develop risk assessment process
• Lead in preparing cybersecurity risk/incidents, and reporting to executive management & regulators.

Qualifications

• Bachelor's Degree in IT, Computer Science, Engineering, or related field
• At least 3 years of experience working in the IT/Information Security field
• Strong knowledge of IT Security standards & best practices (ISO/IEC 27001, NIST, COBIT, PCI DSS, ITIL).
• Skills in cybersecurity assessments and controls
• Experience in a highly regulated industries (Financial) would be advantageous

If you're looking to take a next step in your Cybersecurity Career, we'd love to hear from you.

Please feel free to contact Cathcart Technology at for more details.