IT Security Assurance
Detail posisi
The IT Security Assurance position involves developing and implementing a comprehensive security assurance program, leading a team of security architects, and ensuring the organization's IT infrastructure is secure against vulnerabilities and threats.
Kewajiban
• Develop and implement a comprehensive security assurance program encompassing vulnerability assessments, penetration testing (coordinating with outsourced vendors), cloud security, IT security architecture, application security, and threat hunting.
• Lead and manage a team of security Architect, fostering a collaborative and high-performing environment.
• Oversee vulnerability assessments to identify, prioritize, and remediate security vulnerabilities across the organization's IT infrastructure, applications, and cloud environments (AWS, Azure, Cloudflare).
• Manage the relationship with outsourced penetration testing vendors, ensuring testing aligns with organizational needs and vulnerabilities are comprehensively addressed.
• Design and implement secure IT security architecture across on-premises and cloud environments.
• Collaborate with IT, development, and business units to promote security awareness, adoption of best practices, and integration of security considerations into architecture and development processes.
• Analyze security testing results, generate reports, and present findings to senior management, providing actionable recommendations for risk mitigation.
• Stay up-to-date on evolving security threats, vulnerabilities, mitigation strategies, and best practices across cloud, on-premises, and application security domains.
• Continuously improve the security assurance program by exploring and implementing new tools, techniques, and best practices.
Kualifikasi
• Bachelor degree or higher in Computer Science or IT related fields
• Experiences in IT Operations, IT Security, IT Network, or IT Infrastructure
• Have a knowledge about security vulnerabilities, security threat, and risks management
• Have a knowledge about Public Key Infrastructure (PKI) and security certificates
• Have a knowledge about security operation such as security event and incident response
• Advance problems solving skills with ability to think and analyze logically and systematically
• Ability to procure, manage, and maintain certificate and application secret keys
• Ability to understand security requirements and suggest appropriate control
• Ability to analyze security events & incidents and response appropriately
• Ability to understand threat, vulnerability, and attack techniques uses to compromise system for the purpose of safeguarding system.
• Excellent communication and writing skills in both Thai and English
• Ability to work as team and highly collaborative
• Certified in IT and security related field such as CompTIA Security+, CompTIA CySA+, CISM, or CISSP