top of page

Career

Senior Security Operations Engineer

Technology

|

Permanent

Technology

Permanent

About Us

Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.

SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN.

As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provide AI and data science services and products to the group.

With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.

We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.



Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.

 I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice

Benefits

Other

Preferred Qualifications

  • Relevant certifications, such as:

    • Microsoft Certified: SC-200, SC-300, SC-400, MS-500, AZ-104, AZ-500

    • CyberArk Trustee or Defender Certification

    • CompTIA Security+ or other security-related certifications

  • Experience with GPO, PKI, and securing Windows Server environments.

  • Familiarity with industry frameworks such as ISO 27001, NIST, or PDPA.

  • Scripting knowledge with PowerShell or similar automation tools.

Qualifications

  • Bachelor’s degree in Computer Science, Cybersecurity, or related field—or equivalent work experience.

  • 3–5 years experience in Security Operations or System Security Engineering, with a focus on IAM, PAM, or endpoint security.

  • Practical experience with the following tools and platforms:

    • Microsoft Defender for Endpoint

    • Microsoft Intune

    • Microsoft Entra ID / Azure AD

    • CyberArk (Privileged Access Management)

    • PAM server administration (Windows Server–based)

    • SSO configuration (SAML, OAuth, OpenID Connect)

    • Microsoft Purview

    • Active Directory (AD) and Certificate Authority (CA) servers

  • Solid understanding of:

    • Endpoint hardening techniques

    • Access control models (RBAC, ABAC)

    • Zero Trust architecture principles

  • Hands-on experience with Microsoft Sentinel and Microsoft security ecosystem (Defender suite, Entra ID, etc.).

  • Strong knowledge of log formats (Syslog, Windows Event Logs, etc.), parsing, and security telemetry.

  • Strong problem-solving skills with a proactive mindset.

  • Good English communication and collaboration skills, be able to work with internal and external stakeholders, translate technical concepts to non-technical stakeholders, and clearly communicate design solutions

  • Attention to detail and commitment to maintaining high standards of security and documentation.

  • Ability to manage multiple tasks and priorities under minimal supervision.


Responsibilities

Endpoint Security

  • Deploy, configure, and monitor Microsoft Defender for Endpoint to ensure devices are protected, healthy, and compliant with organizational policies.

  • Use Microsoft Intune to enforce device compliance policies, manage MDM/MAM configurations, and monitor enrollment status across devices.

  • Perform security baselining and hardening of endpoint configurations.

  • Investigate and respond to endpoint security alerts and incidents using Microsoft security tools.

  • Support continuous improvement of endpoint protection controls, aligning with Zero Trust and least privilege principles.

 

 

Identity & Access Management (IAM)

  • Manage enterprise identity lifecycle using Microsoft Entra ID / Azure AD, including provisioning, de-provisioning, role-based access control (RBAC), multi-factor authentication (MFA), and conditional access policies.

  • Administer Privileged Access Management (PAM) solutions with CyberArk, including:

    • Onboarding and vaulting privileged accounts

    • Policy enforcement and access approval workflows

    • Monitoring and recording privileged session activity

  • Maintain and operate PAM server infrastructure, focusing on system hardening, patching, monitoring, and ensuring operational continuity.

  • Maintain and configure SSO (Single Sign-On) integrations for internal and SaaS applications using federation protocols (SAML, OIDC).

  • Operate Microsoft Purview to support data classification, labeling, and Data Loss Prevention (DLP).

  • Manage Active Directory (AD) and Certificate Authority (CA) servers, including GPO policies, certificate lifecycle, and privileged access governance.

  • Support audit responses and access reviews for compliance initiatives.

 

SOC Coordinator

  • Act as the main coordinator between internal teams and the corporate SOC.

  • Manage and maintain centralized logging across all key systems and platforms.

  • Administer and optimize Microsoft Sentinel for security monitoring and incident detection.

  • Ensure timely and accurate log forwarding to the corporate SOC for 24/7 monitoring.

  • Collaborate with Infra, App, and Endpoint teams to onboard and maintain critical log sources.

  • Develop and tune detection rules, dashboards, and automated responses (SOAR).

  • Support security incident response, investigations, and continuous improvement efforts.

  • Maintain documentation and ensure compliance with logging and retention standards.

 

Collaboration & Governance

  • Work closely with internal IT, application, and governance teams to ensure consistent enforcement of IAM and endpoint security policies.

  • Maintain up-to-date documentation of operational procedures, configuration standards, and response playbooks.

  • Stay current with security best practices and contribute to initiatives that enhance security operations maturity.

 

About Team & Role

We are looking for a Security Operations Engineer to join our Security Operations team. This role is responsible for supporting endpoint protection platforms and managing enterprise identity and access. You will work with tools such as Microsoft Entra ID (Azure AD), CyberArk, Microsoft Defender for Endpoint, Intune, Purview, and manage core infrastructure components like Active Directory (AD), Certificate Authority (CA) and PAM servers including managing internal logging and Microsoft Sentinel and acting as the bridge to the corporate SOC to strengthen the organization's overall security posture.

bottom of page