Career
Security Architect
Technology
|
Permanent
Technology
Permanent
About Us
Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.
SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN.
As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provides AI and data science services and products to the group.
With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.
We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.
Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.
I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice
Benefits
Other
Preferred Qualifications
Certifications (Preferred)
CISSP – Certified Information Systems Security Professional
CCSP – Certified Cloud Security Professional
CISM – Certified Information Security Manager
GIAC / SANS certifications
TOGAF®
Microsoft Certified: Cybersecurity Architect Expert (SC-100)
Azure / AWS cloud security certifications
Soft Skills
Strong communication skills with ability to explain complex security concepts to both technical and non-technical stakeholders
Strong analytical, critical-thinking, and problem-solving capabilities
Strategic mindset with ability to align security architecture with long-term business goals
Strong stakeholder management and architecture governance skills
Ability to make risk-based decisions under pressure and during security incidents
Strong collaboration and leadership skills across cross-functional teams
Qualifications
Education
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field
Master’s degree in Cybersecurity or related discipline is preferred
Professional Experience
7–12+ years of experience in IT and Cybersecurity, including Security Architecture, Cloud Security, Infrastructure Security, or Enterprise Security
Experience in banking, financial services, or regulated environments preferred
Strong experience across multiple security domains including cloud, application, network, IAM, infrastructure, and data security
Experience leading architecture review, security governance, and enterprise security transformation initiatives
Previous experience in roles such as Security Engineer, Security Analyst, Infrastructure Engineer, Network Engineer, or DevSecOps Engineer is preferred
Technical Skills
Strong knowledge of enterprise network architecture, TCP/IP, firewalls, VPN, IDS/IPS, segmentation, and Zero Trust architecture
Deep understanding of cloud security architecture for Azure (preferred), AWS, or GCP
Expertise in IAM, SSO, MFA, PAM, authentication, authorization, and identity governance
Strong understanding of encryption standards, TLS, key management, PKI, and DLP technologies
Knowledge of container, Kubernetes, API, and hybrid infrastructure security
Familiarity with Windows, Linux, container, and platform hardening standards
Experience with threat modeling, vulnerability management, penetration testing, and risk assessment methodologies
Familiar with NIST, ISO 27001, CIS Benchmark, PCI DSS, and banking regulatory requirements
Experience with scripting or automation tools such as Python, PowerShell, Terraform, or CI/CD security integration
Responsibilities
1. Security Architecture & Strategy
Define enterprise security architecture covering cloud, infrastructure, application, data, network, IAM, and AI security
Create security blueprints, reference architectures, and technical security patterns
Establish security standards, baselines, and best practices aligned with NIST, CIS, ISO 27001, and financial security requirements
Drive Zero Trust architecture, network segmentation, encryption, secure access, and identity security models
Ensure security-by-design adoption across SDLC, DevSecOps, AI, and platform engineering initiatives
Align long-term security architecture strategy with business and technology objectives
2. Architecture Governance & Security Review
Lead ARB security reviews for cloud, data, AI, infrastructure, and enterprise platform initiatives
Review solution architecture, technical design, and deployment approaches to ensure compliance with security standards
Provide security sign-off, design recommendations, and risk mitigation guidance
Support CAB escalation and security governance activities where required
Review and assess security exceptions, compensating controls, and risk acceptance requests
3. Threat & Vulnerability Management
Conduct security risk assessments, architecture risk analysis, and threat modeling exercises
Identify potential attack vectors and security weaknesses across enterprise environments
Review and interpret vulnerability assessments, penetration testing, and security scan results
Prioritize remediation activities based on risk impact and exposure
Collaborate with Security Operations and Engineering teams to improve security posture and resilience
Stay updated on emerging cybersecurity threats, attack techniques, AI security risks, and industry trends
4. Cloud, Data & AI Security
Define cloud security architecture and guardrails for Azure, container, Kubernetes, and hybrid environments
Design secure architecture patterns for data platforms, AI/GenAI solutions, APIs, and enterprise integrations
Define controls for encryption, DLP, key management, secure data sharing, and sensitive data protection
Review AI security risks such as prompt injection, model abuse, unauthorized access, and data leakage
Support Responsible AI, AI Trust, and regulatory compliance initiatives
5. Security Technology & Engineering Enablement
Evaluate, recommend, and govern security technologies including IAM, PAM, DLP, IDS/IPS, SIEM, firewall, and cloud security solutions
Translate security and regulatory requirements into technical controls and engineering requirements
Support policy-as-code, automation, and security integration within CI/CD pipelines
Collaborate with engineering teams to embed preventive and detective security controls into platforms and applications
6. Stakeholder, Audit & Regulatory Management
Work closely with Technology, Security Operations, Risk, Audit, Compliance, and business stakeholders
Support regulatory assessments, customer security reviews, and audit activities
Present security architecture recommendations and risk decisions to technical and non-technical stakeholders
Provide strategic advisory and guidance during major incidents or critical security decisions
About Team & Role
The Security Architect is responsible for designing, governing, and maintaining enterprise security architecture across cloud, infrastructure, applications, data platforms, and AI solutions. This role ensures security-by-design adoption across all technology initiatives and aligns security architecture with banking regulatory requirements, enterprise risk standards, and Zero Trust principles.
The role acts as a key advisor to Architecture Review Board (ARB), Platform Engineering, Data Engineering, Software Development, Infrastructure, and Risk teams to ensure secure technology adoption, cyber resilience, and operational sustainability.