IT Information Security Officer



The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of the company’s IT systems and applications. The ISO safeguards information by identifying, analyzing and reducing the likelihood and impact of possible threats to IT assets.Additionally, the ISO is charged with ensuring procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
Take the lead on developing, maintaining and updating an Information Security Strategy
Enhance and maintain the company’s Information Security Framework and underlying policies, procedures, standards and guidelines
Ensure that disaster recovery and emergency operating procedures are in place, effective and tested on a regular basis
Manage and assist in performing on-going security monitoring of IT systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with regulatory requirements
Implement and regularly conduct effective staff training programs to increase security awareness across the company
Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy
Develop and prepare effective reports and dashboards to quickly visualize and monitor the IT security situation of the company.


Bachelor or Master Degree in Computer Science / Information Technology or related fields
At least 3 years experience in IT Security field or System Administration field with a larger company.
Hands-on experience with Windows and Linux system administration
Hands-on experience with administration of Cisco or comparable enterprise-level network and security devices
Hands-on experience with common web technologies such as Apache, nginx, IIS, Magento, MySQL and SQL Server
Practical experience with scripting and automation (Linux shell scripting, Microsoft PowerShell) is an advantage
Some relevant technical certifications are expected, e.g. Linux, Microsoft, VMWare, Cisco, Server and Storage technologies
Information security related certification such as CISSP is of great advantage
Good command of verbal and written English
Good analytical skills and problem solving abilities
Excellent communication skills to communicate with various levels in the company
Organized, enthusiastic, self-motivated and service-minded



  • ประสบการณ์: ไม่เคยมีประสบการณ์


Apply Now