top of page

Career

Head of IT Security Risk Management

Risk Management

|

Permanent

Risk Management

Permanent

About Us


Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.

SCB DataX is a new venture of SCBx, the mothership of the financial technology business group comprising Siam Commercial Bank (SCB) and other subsidiaries, a leading financial services and digital services holdings in Thailand and ASEAN.

As part of the transformation of SCBx group of product and technology companies, under the SCBx brand, SCB DataX is the technology company to centralize data and provides AI/ML and data science services and products to the SCBX and its subsidiaries.

With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.

We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.


Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.

 I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice

Benefits

Other

Preferred Qualifications

Qualifications

  • 12+ years of progressive experience in cybersecurity, IT security risk management, or information security, with at least 5 years in a leadership role.

  • Proven track record in establishing and managing security frameworks, controls, and governance aligned with international standards (e.g., NIST, ISO 27001) and regulator (e.g. BOT).

  • Experience working in complex enterprise environments, preferably within financial services or regulated industries.

  • Demonstrated success in leading cross-functional teams, managing vendors, and driving security initiatives across business units.

  • Hands-on experience with cloud security posture management, data loss prevention, and vulnerability remediation.

  • Familiarity with security operations, including threat detection, incident response, and continuous monitoring.

  • Experience in designing and delivering security awareness programs and employee training.


Skills

  • Strong understanding of security controls, risk assessment frameworks.

  • Ability to translate technical risks into business impacts and communicate effectively with stakeholders at all levels.

  • Proficiency in security tools and platforms, including SIEM, DLP, and cloud-native security solutions.

  • Strategic thinking with the ability to develop and implement proactive defense strategies.

  • Excellent project management and organizational skills, with the ability to manage multiple initiatives simultaneously.

  • Strong analytical and problem-solving skills, especially in resolving complex security risk-related issues.

  • Effective mentoring and coaching abilities to support team development and capability building.


Mindset: 

  • Agile, adaptive, and proactive; able to thrive in a “move fast, change fast, learn fast” culture. 

  • Comfortable with ambiguity and capable of driving clarity in dynamic environments. 

  • Commitment to continuous learning and staying current with emerging threats, technologies, and regulatory changes.

  • Strong sense of ethics and integrity in handling sensitive information and making decisions. 

Responsibilities

We are seeking a visionary and experienced leader to oversee our enterprise-wide cybersecurity and technology risk strategy as head of IT Security Risk Management. This role is pivotal in ensuring robust cybersecurity governance, oversight, and risk management across our Infrastructures, Data & AI platforms and services, which support SCBX group companies.


To work in the Second Line of Defense, the successful candidate will define frameworks, monitor controls, and provide independent assurance on the effectiveness of cybersecurity practices.


Strategic Leadership & Governance

  • Provide strategic guidance and ensure the effectiveness of threat detection and response capabilities.

  • Drive proactive defense strategies and implement continuous monitoring to safeguard systems and data.

  • Collaborate closely with the SCBX cybersecurity and DataX security teams to ensure implementation of ICS policies, standards, and processes is fully aligned with the group’s strategic direction and governance approach.

  • Design awareness programs to educate employees and strengthen human defenses against cyber risks.

  • Stay abreast of industry best practices and regulatory changes, adapting strategies and processes accordingly.


Security Frameworks & Compliance

  • Establish and maintain IT security frameworks, processes, and controls to ensure compliance with SCBX group frameworks, regulatory requirements, and international standards (e.g., NIST, ISO 27001).

  • Ensure the implementation of data discovery, classification, and loss prevention strategies to protect sensitive information across the organization.

  • Oversee cloud security posture management and workload protection, ensuring secure configurations and protection against cloud-native threats.

  • Support and validate security testing efforts, providing expert advice on vulnerability remediation.


Risk Management & Controls

  • Assist, challenge, and monitor security risks and provide guidance on necessary mitigation measures.

  • Follow-up and track security controls and remediation reports for security risk dashboard reporting.

  • Contribute to the development and enhancement of risk management tools, methodologies, and frameworks.


Team Leadership & Development

  • Provide guidance and support to the team, assisting in the resolution of complex IT & Security risk-related issues.

  • Mentor and coach team members, fostering their professional growth and development.

  • Demonstrate a strong desire to upskill in security risk management and seize opportunities to drive new capabilities within the team.

  • Lead or contribute to security/ risk-related projects, collaborating with stakeholders to achieve project objectives.

About Team & Role


At DataX, we recognize the critical role that effective risk management plays in our operations. DataX Risk Management division is responsible for data governance, privacy, security, technology risk, operational risk, model risk, business continuity, legal and compliance. We are tasked with development and execution of risk management strategies and ensuring the integrity of our processes and the safeguarding our organization. 

This role sits within IT & IS Risk Management of the Risk Management division.

As a dynamic and innovative AI/ML startup operating in the fintech industry, we are seeking a motivated and skilled Head of IT Security Risk Management to join our team. This role offers an exciting opportunity to contribute in design and development of our risk management processes in a fast-paced environment.

In this role, you will be exposed to new ways of working, new risk management techniques, complex business model, and a collegial working environment.


bottom of page