Job Summary

We're looking for a Security Program and Posture Management Specialist. In this role, you'll take charge of defining and maintaining our cybersecurity strategy. Your responsibilities will include overseeing cybersecurity transformation initiatives, managing programs, and closely tracking activities to guarantee that our cybersecurity posture consistently meets the agreed-upon standards set by our stakeholders. You'll also be responsible for ensuring that our cybersecurity aligns seamlessly with our planned security architecture and our cyber fraud application. Beyond this, you'll play a leadership role as a co-leader in the operations and execution of Threat Intelligence.

Job Description

• Co-lead/assist in cybersecurity priorities and strategy, reporting to Head of Cybersecurity Program & Posture Management Specialist
• Co-lead/assist in Cybersecurity Posture Management in coordination with other Technology Security leaders to guarantee that a good cybersecurity posture is consistently maintained at an acceptable level.
• Liaison with external audit, internal audit, financial crime and associated consultants, and the group firm for the establishment of cybersecurity programs
• Run program technical development for Cyber fraud prevention to strengthen application defense against cyber fraud.
• Liaison with Business coordinators and Technology Security leaders to develop a roadmap for cybersecurity solution and platform replacement, including end-to-end asset life cycle management
• Liaison with Business coordinators and the other Technology Security team leaders for Cybersecurity service catalogue to third parties, as well as the end-to-end service billing scheme and tracking
• Co-Lead/Assist in Cybersecurity Threat intelligence operation and 3rd party cybersecurity posture monitoring and maintenance in collaboration with Security Team leaders and members. Publication and communication are required time-to-time for threat intelligence analysis and distribution for designated stakeholders
• Co-Lead/Assist in R&D and innovation on cybersecurity technology and approaches for continuous cybersecurity uplift
• Analyze and assess personnel actions and KPIs pertaining to cybersecurity projects, initiatives for cybersecurity transformation, and cybersecurity activities that influence the maintenance of our cybersecurity posture and strategy. This evaluation encompasses both proactive and reactive measures
• Generate Ad Hoc Reports and Lead Communication Efforts. Prepare any necessary on-the-spot reports, take the lead in conducting briefings, craft presentations, compose speeches, and take responsibility for addressing a wide range of organizational and strategic cybersecurity posture matters and concerns
• Maintain and update the cybersecurity posture program and measurement dashboard to ensure ongoing progress and the current state of the posture

Program Coordination

• Acts as the primary point of contact for cybersecurity programs and transformation projects that are critical to the functional and strategic success of Technology Security
• Supervise and lead the course of cybersecurity changes and cybersecurity elevating projects
• Provide strategic direction and oversight for cybersecurity projects, people capabilities, process improvement, and cybersecurity posture agendas
• Conducts project status meetings with the Head of Technology Security and the leadership team to support the organization's cybersecurity goals

Qualifications

• Bachelor’s or Master degree in computer science, Computer Engineering, Information Technology, or related field
• At least 2-3 years of experience in information security or a related field
• Knowledge of security advisory, security technology selection & management, e.g. WAF, EDR, IAM, SOC, Security posture and Vulnerability Management are a plus
• Strong understanding of industry best practices and standards, including ISO 27001, NIST, and CIS are plus
• Excellent communication and problem-analytical skills, with the ability to communicate complex security issues to non-technical stakeholders.
• Effective English for verbal, written communication is a must
• Knowledge of cloud security
• Relevant certifications such as CISSP, CISM, or CISA are a plus
• Experience in Cybersecurity uplifting/ Transformation program management, Cybersecurity Leaders are plus
• Excellent English both written and verbal communication skills
• Energetic, good interpersonal skills

Recruiter

s84404@scb.co.th