Argyll Scott is helping the client looking for IT Security and Compliance Manager. This role will be participating in the overall process related to internal, external and other security compliance activities (e.g., ISO 27001, PCI-DSS, penetration tests etc.). This position will be working with internal IT Team such as IT Service Delivery, IT Solution Delivery in the IT Security related, coordinate with 3rd parties to complete vendor reviews, and other security compliance tasks.
- In addition, this position will also responsible for the collection and organization of evidence for audits, project management of remediation items, and other compliance-related duties while accomplishing these and other critical functions
- Work closely across business channels to identify and assess security risks, gaps in the application of policies and standards, and weaknesses in processes, and take a lead role in managing them. This position will work closely with the wider team to deliver a number of group-wide security improvement initiatives
- Manage defensive security strategy and technology of the company
- Provide consultation to variance teams to ensure that implemented technology solutions meet the company security standards, government rules, and regulations
- Conducting Vendor Management and third party security assessments
- Participate in security / controls gap analysis to define and implement necessary solutions for compliance.
- Co-ordinate, support audit engagement and response to the inquiries from regulator and auditor and monitor the resolution of audit findings as well as ensure agreed action plans are completed as planned
- Promote IT security awareness and share best IT security best practice as well as to demonstrate adherence to internal controls
- Reviews vulnerability reports, researches vulnerabilities to assess risk and develops/documents mitigation strategies
- Compliance objectives by ensuring compliance with Cybersecurity Policies, Bank of Thailand Regulation, ISO-27001, PCI DSS and GDPR/PDPA
- Performing risk assessments, compliance assessments and audits (internal and external) to compliance best practice frameworks and company policy
- Lead, review and groom the team of IT Security and Compliance
- At least 5 years of experience in IT Security/ Cyber Security/ IT Governance/ IT Compliance/IT Audit or related field
- Able to travel to different locations
- Good command in English
- Holding certificate of CISSP, CISA, CISM, ISMS Auditor/Implementer, PCI ISA, PCIP is a plus
- Having prior knowledge or experience in payment business is a plus
Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.