Officer, Digital Foundation

PTTEP Energy Development Company Limited

Key Accountabilities

  • Planning, implementing, managing, monitoring and upgrading security measures for the protection of the organizations endpoint, data, systems and networks.
  • Implement and design future state security architectures and roadmaps for cloud cloud/hybrid systems including architecture standards, guidelines, and industry best practices.
  • Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
  • Participate in technology evaluation and reengineering teams to support strategy-definition and continuous process improvement activities
  • Ensuring that the organization's endpoint, data and infrastructure are protected by enabling the appropriate security controls.
  • Perform regular audits to ensure security practices are compliant.
  • Design, Implement and maintain comprehensive vulnerability management systems across all assets on-premises and in the cloud.
  • Engage in 'ethical hacking', for example, Penetration test or simulating security breaches.
  • Participate in setting up a shared disaster recovery/business continuity plan in the event of any security breaches.
  • Develop training and communication program and maintain good level of employee cyber security awareness.

Key Accountabilities (Cont.)

  • Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
  • Proactively monitor user activity, systems, network and application to identify and irregular activity or abnormalities.
  • Reporting violations and responding to all security breaches.
  • Adhere to firm Change Management, Problem Management policies and familiarity with ITIL or other formalized IT operations foundations
  • Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
  • Develop and maintain documentation on processes, procedures, configurations, and user guides
  • Maintain an information security risk register and assist with internal and external audits relating to information security
  • Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
  • Providing high-level employee satisfaction for all engagements, including all priority incidents, enhancements, and projects

Professional Knowledge & Experiences

  • Bachelor’s Degree in Computer Science, Computer Engineering or related.
  • Minimum 10 years of relevant IT security experience
  • Strong IT skills including knowledge on hardware, software, networks, data centers and cloud.
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations
  • Experience with vulnerability scanning solutions and Vulnerability management program
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
  • Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands
  • Experience with architecting and deploying disaster recovery solutions
  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification are highly desirable.

Professional Knowledge & Experiences (Cont.)

  • Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
  • Ability to think like a hacker and anticipate hacker moves
  • Thorough work ethic, attention to detail
  • Desire to self-educate on the ever-changing landscape of cyber hacking tactics
  • Good understanding of ITSM\ITIL processes
  • Ability to think laterally, possess strong problem solving, planning and prioritization skills
  • Excellent customer management skills in managing expectations and ensuring a high degree of customer experience.
  • Excellent command of Thai/English and ability to effectively communicate at all levels (written and verbal)
  • Strong verbal communication skills
  • Active listening skills
  • Interpersonal skills, such as empathizing with angry users
  • Analytical skills
  • Problem solving skills