กลับ
 |
02/01/2563 |
Chief information security officer
|
ประกันภัย |
|
กทม. (สาทร) |
|
- Ensure security best practice and standard alignment such as ISO/IEC 27001, PCI-DSS (Payment Card Industry Data Security Standard). - Evaluate and manage risk to be within acceptable risk level in order to risk assessment result. - Responsible for protecting organization’s computers, networks and data against threats, such as security breaches, computer viruses or attacks by cyber-criminals - Governing the implementation of the Group Information Security Framework KEY ACCOUNTABILITIES: - Ensure security best practice and standard alignment such as ISO/IEC 27001, PCI-DSS (Payment Card Industry Data Security Standard). - Define, implement and maintain corporate security policies and procedures to ensure that activities are being performed effectively and efficiently. - Make sure security policies, standards and procedures are established and enforced. - Develop operation, system and network performance standard and measurement systems to encourage best practice and work efficiency. - Monitor and review security performance and submit information security report. - Provide recommendation regarding information security directions on IT Strategy and activities are being performed in alignment with security plans and policies. - Evaluate and manage risk to be within acceptable risk level in order to risk assessment result. - Responsible for IT security assessment and preparing recommendation report to mitigation risk - Engage with local team to assess security threats/vulnerabilities and manage business risk to align with group standard. - Conduct or follow up Penetration Test Result. - Collaborate and support upon request. |
|
- Relevant Bachelor’s Degree or Higher in Information Security, Information Technology (IT), Computer Science, Computer Engineer, Telecommunication or related field. - Experience: 5-8 years of work experience in information technology (at least 2 of these years must be in the field of information security). - Experience with IT Security or IT Operations. - Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies. - Windows, UNIX and Linux operating systems. - Firewall and intrusion detection/prevention protocols. - Network security architecture development and definition. - Experience with Risk Assessment in IT area, crisis management and incident handling. - Knowledge of ISO27XXX Series and other relevant security standard. - Knowledge related to secure software development. - CISSP or other related certification would be preferred. |
|
|
AXA Insurance Public Company Limited, is committed to supporting our customers to achieve stability and prosperity through providing a comprehensive range of services in motor, personal accident, travel, health, property and marine, etc. It is our inherent responsibility to support the communities we operate in, hence creating a sustainable business via constant and considerable contribution in the dimensions of health, environment and the community. AXA values equal employment opportunity. We are committed to promote Diversity and Inclusion (D&I) by creating a work environment where all employees are treated with dignity, respect, and where individual differences are valued. We welcome and treasure diverse profiles to join our family, and to build an inclusive culture together which allows everyone to maximize their full potential. We offer excellent career prospects and attractive remuneration package to the right candidates. Come and joy our AXA’s happy family. |
