Share this Job
Officer, Digital Foundation
PTTEP Energy Development Company Limited
Key Accountabilities
- Planning, implementing, managing, monitoring and upgrading security measures for the protection of the organizations endpoint, data, systems and networks.
- Implement and design future state security architectures and roadmaps for cloud cloud/hybrid systems including architecture standards, guidelines, and industry best practices.
- Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
- Participate in technology evaluation and reengineering teams to support strategy-definition and continuous process improvement activities
- Ensuring that the organization's endpoint, data and infrastructure are protected by enabling the appropriate security controls.
- Perform regular audits to ensure security practices are compliant.
- Design, Implement and maintain comprehensive vulnerability management systems across all assets on-premises and in the cloud.
- Engage in 'ethical hacking', for example, Penetration test or simulating security breaches.
- Participate in setting up a shared disaster recovery/business continuity plan in the event of any security breaches.
- Develop training and communication program and maintain good level of employee cyber security awareness.
Key Accountabilities (Cont.)
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
- Proactively monitor user activity, systems, network and application to identify and irregular activity or abnormalities.
- Reporting violations and responding to all security breaches.
- Adhere to firm Change Management, Problem Management policies and familiarity with ITIL or other formalized IT operations foundations
- Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
- Develop and maintain documentation on processes, procedures, configurations, and user guides
- Maintain an information security risk register and assist with internal and external audits relating to information security
- Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
- Providing high-level employee satisfaction for all engagements, including all priority incidents, enhancements, and projects
Professional Knowledge & Experiences
- Bachelor’s Degree in Computer Science, Computer Engineering or related.
- Minimum 10 years of relevant IT security experience
- Strong IT skills including knowledge on hardware, software, networks, data centers and cloud.
- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations
- Experience with vulnerability scanning solutions and Vulnerability management program
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
- Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands
- Experience with architecting and deploying disaster recovery solutions
- Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification are highly desirable.
Professional Knowledge & Experiences (Cont.)
- Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
- Ability to think like a hacker and anticipate hacker moves
- Thorough work ethic, attention to detail
- Desire to self-educate on the ever-changing landscape of cyber hacking tactics
- Good understanding of ITSM\ITIL processes
- Ability to think laterally, possess strong problem solving, planning and prioritization skills
- Excellent customer management skills in managing expectations and ensuring a high degree of customer experience.
- Excellent command of Thai/English and ability to effectively communicate at all levels (written and verbal)
- Strong verbal communication skills
- Active listening skills
- Interpersonal skills, such as empathizing with angry users
- Analytical skills
- Problem solving skills