Career
IT Risk & Security Controls Specialist
Risk Management
|
Permanent
Risk Management
Permanent
About Us
Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.
SCB DataX is a new venture of SCBx, the mothership of the financial technology business group comprising Siam Commercial Bank (SCB) and other subsidiaries, a leading financial services and digital services holdings in Thailand and ASEAN.
As part of the transformation of SCBx group of product and technology companies, under the SCBx brand, SCB DataX is the technology company to centralize data and provides AI/ML and data science services and products to the group.
With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.
We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.
Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.
I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice
Benefits
Other
Preferred Qualifications
Qualifications
Bachelor's degree in a relevant field (e.g., Computer Science, Information Security) or equivalent practical experience.
Extensive experience in technology risk management or information security roles.
Strong knowledge of technology infrastructure, systems, and processes, with an understanding of associated risks.
Proven experience in identifying vulnerabilities, implementing security controls, and performing risk assessments.
Familiarity with security frameworks and regulations (e.g., NIST CSF, ISO 27001, PDPA) and their practical application.
Proficiency in using automated risk assessment tools and conducting security maturity assessments.
Excellent analytical and problem-solving skills, with the ability to think strategically and propose effective solutions.
Strong communication skills, with the ability to convey complex information to both technical and non-technical audiences.
Attention to detail and ability to work independently as well as collaboratively in cross-functional teams.
Professional certifications in information security (e.g., CISSP, CISM, CRISC) are highly desirable.
Experience with incident response and familiarity with incident response frameworks is a plus.
Responsibilities
Identify, assess, and mitigate risks associated with technology infrastructure, systems, and processes.
Evaluate vulnerabilities, design and implement controls to protect against threats.
Perform risk assessments to identify gaps and areas of improvement in the security posture.
Coordinate with Security and IT teams to ensure the implementation of security controls and measures.
Conduct risk assessments, control checks, and evaluate maturity of control environment using appropriate tools and methodologies.
Align technical security controls and processes with industry frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements.
Monitor and stay updated with emerging threats, vulnerabilities, and security practices to propose proactive measures.
Collaborate with cross-functional teams to implement security awareness and training programs for employees.
Regularly report to senior management and regulators on the status of security controls, risks, and compliance with regulations.
About Team & Role
At DataX, we recognize the critical role that effective risk management plays in our operations. DataX Risk Management division is responsible for data governance, privacy, security, technology risk, operational risk, model risk, business continuity, legal and compliance. We are tasked with development and execution of risk management strategies and ensuring the integrity of our processes and the safeguarding our organization.
This role sits within IT Risk and Security functions of the Risk Management division.
As a dynamic and innovative AI/ML startup operating in the fintech industry, we are seeking a motivated and skilled IT Risk & Security Controls Specialist to join our team. This role offers an exciting opportunity to contribute in design and development of our risk management processes in a fast-paced environment.
In this role, you will be exposed to new ways of working, new risk management techniques, complex business model, and a collegial working environment.