Career
Information Security Assurance Lead
Risk Management
|
Permanent
Risk Management
Permanent
About Us
Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.
SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN.
As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provide AI and data science services and products to the group.
With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.
We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.
Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.
I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice
Benefits
Other
Preferred Qualifications
Qualifications
· Bachelor's or master's degree in Computer Science, Information Security, or a related field
· 15-25 years of experience in information security, with at least recent 5 years in a similar Technology Risk role, and/or adjacent role in Cybersecurity architecture role, Security Governance, Technology Risk & Compliance or Security Consulting.
· Experience in working in 1LoD or 2LoD in areas of security architecture and design principles, including knowledge of network security, application security, and cloud security
· Strong knowledge of security standards and regulations, such as ISO 27001, NIST, and GDPR
· Strong communication and collaboration skills in both English and Thai with the ability to work effectively with cross-functional teams
· Security Architecture framework training such as TOGAF, SABSA, O-ESA
· Industry certifications such as CISSP, CISM, CISA or CCSP are highly desirable
· Overall, a Senior Security & Risk Advisor plays a critical role in ensuring the security and integrity of DataX's systems and data from across SCBx Group of companies
Responsibilities
· Be one of senior in Technology Risk & Security Assurance to enforce controls and ensure controls effectiveness in DataX
· Drive, review submitted Risk & Control Self Assessments (RCSA) and make recommendations or highlight security risks to CRO and CISO
· Plan, strategize and help design 1LoD and 2LoD IT & IS controls to mitigate identified technology risks to Group’s risk appetite.
· Develop and maintain relationships with key stakeholders across 1LoD, 2LoD, SCBX and the rest of Group’s subsidiaries.
· Stay up-to-date on the latest Technology Risk and Cybersecurity Assurance trends, tools and techniques.
About Team & Role
The CISO office is the 2nd Line of Defense (LoD) for DataX as we bring Technology Risk & Cybersecurity function within Risk organization, working closely with our other 2nd LoD counterparts that governs DataX’s mission of providing data-science, Analytics and AI capability to the SCBx Group of companies. We want to foster a great risk culture that allows openness in speaking up on what is right for DataX and be responsible to all the data owners our care and be provides an exciting journey to grow together in our journey in DataX.