We are seeking an experienced and proactive IT Security Senior Executive / Assistant Manager to support our IT Director in managing the information security framework for the organization. This role will be instrumental in implementing a robust security strategy to safeguard our company's data, systems, and networks while ensuring compliance with international standards.
Role & Responsibilities: Security Implementation and Monitoring: Implement and maintain robust security controls to protect IT infrastructure and sensitive data.Develop and configure firewalls, IDS/IPS, and other network security measures to secure network traffic.Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks.Ensure timely application of all security patches, version upgrades, and certificate renewals according to SOPs, maintaining an up-to-date patch inventory.Monitor network traffic for unusual activity and manage security incidents effectively.Policy, Training, and Awareness: Develop and implement security policies, procedures, and comprehensive security plans to safeguard personnel, assets, and information.Provide security awareness training and guidance to employees, promoting a strong security culture.Document known security breaches, vulnerabilities, and incidents, ensuring continuous learning and process improvement.Compliance and Incident Management: Ensure compliance with relevant government and industry regulations, including GDPR, PDPA, and ISO standards.Track and manage security incidents, conducting breach assessments and leading incident response efforts.Work with internal teams to ensure policies and processes adhere to compliance standards and best practices.Cross-Functional Collaboration and Disaster Recovery: Collaborate with cross-functional teams (IT Application, MES, IT Infrastructure, ERP, and Technology Support Services) to embed security into systems and applications across the organization.Plan and conduct semi-annual Disaster Recovery (DR) exercises, annual Business Continuity Planning (BCP) assessments, and restoration drills.Security Architecture and Technology Integration: Plan, research, and design reliable, scalable, and flexible security architectures for IT projects.Research, evaluate, and implement innovative security technologies to enhance the organization's cybersecurity posture.Leadership and Initiative: Demonstrate strong initiative and leadership in managing security tasks and projects, collaborating effectively with other IT and business teams to drive security improvements.Take ownership of the security lifecycle, overseeing vulnerability assessments, remediation actions, and improvements to maintain a secure environment. Key Requirements: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.Minimum of 3 years' experience in IT security, with at least 1 year in a supervisory role.Technical Expertise:Strong knowledge and practical experience in network and system security, cryptography, Identity and Access Management (IAM), and security operations.Familiarity with DNS-related security concepts, including routing, authentication, VPNs, proxy services, and DDoS mitigationFamiliarity with DNS-related security concepts, including routing, authentication, VPNs, proxy services, and DDoS mitigation.Proven experience conducting security audits, vulnerability assessments, and implementing controls.Ability to lead security training initiatives, communicate effectively across teams, and manage crisis situations calmly.Strong project management skills, with the ability to manage multiple security initiatives concurrently.