Head of IT Security

Job Title: Head of IT Security
Contract Type: Permanent
Location: Bangkok, Bangkok Province, Thailand
Salary: THB2400000.00 - THB3000000.00 per annum + attractive
Start Date: ASAP
Reference: JN -082019-442695
Contact Name: Anya Buthsing
Contact Email:
Job Published: September 13, 2019 05:15

Job Description

Argyll Scott is helping the client looking for Head of IT Security/Infosec. This role will responsible for the development, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program

Key Responsibilities

  • Work directly with the business units to facilitate risk assessment and risk management processes
  • Develop and enhance an information security management framework
  • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
  • Provide leadership to the enterprise's information security organization
  • Partner with business stakeholders across the company to raise awareness of risk management concerns
  • Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
  • Maintain a current understanding the IT threat landscape for the industry
  • Ensure compliance with the changing laws and applicable regulations
  • Translate that knowledge to identification of risks and actionable plans to protect the business and schedule periodic security audits;
  • Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced.
  • Manage all teams, employees, contractors, and vendors involved in IT security which may include hiring.
  • Provide training and mentoring to security team members.
  • Constantly update the cyber security strategy to leverage new technology and threat information.
  • Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget.
  • Encourage employee in Tech and Non-tech to understand security best practices and risk to build secure platforms such as software, infrastructure, and processes.

Key Qualifications

  • Bachelor or Master's degree in Computer Engineering, Computer Science, Cyber Security or related technical field
  • 10 years of work experience in information technology (at least 5 of these years must be in the field of information security and at least 2 years in management level)
  • Experience in Banking /Financial industries and work with regulator such as BOT
  • Hands-on Experience in writing company-wide security policies and controls
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001/27002, COBIT and/or NIST
  • Knowledge about global Data Protection Regulations and the Personal Data Protection Act
  • Knowledge of E2E security design including network, platform and application
  • Experience in system and applications security management and control
  • Experience with security technologies, including Intrusion Detection System (IDS) monitoring
  • Incident Response, and Disaster Recovery Planning
  • Experience in facilitating information security risk assessments
  • Technical writing, documentation development, process mapping, and visual communication skills
  • Specific experience in agile software development practices in combination with CI/CD
  • Experience with Cloud computing and Cloud security practice
  • Experience with contract and vendor negotiations and management including managed services
  • Professional certificates related to work (e.g. CISSP, CISM, ISO 27001, PCI DSS or similar general security certification) is very desirable
  • Good command of English

Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.