About the role
We are seeking an experienced Security Governance Specialist to join our team. The successful candidate will be responsible for audit tracking, security project management, security risk management, and the establishment of policies, standards, and procedures. This role is critical in ensuring that our organization maintains a strong security posture and complies with relevant regulations and industry best practices. The Security Governance Specialist will also play a vital role in effectively communicating security issues to the technology team and collaborating with them to resolve these issues.
Job Description
Security Project Management:
- Oversee the planning, execution, and monitoring of security-related projects.
- Coordinate with cross-functional teams to ensure successful project delivery.
- Develop project plans, schedules, and budgets, and track progress against established objectives.
- Communicate project status, risks, and issues to relevant stakeholders.
Security Risk Management:
- Identify, assess, and prioritize security risks across the organization.
- Develop and implement risk mitigation strategies and controls.
- Monitor and report on the effectiveness of risk management activities.
- Collaborate with stakeholders to ensure a consistent approach to risk management across the organization.
Establishment of Policies, Standards, and Procedures:
- Develop, review, and maintain security policies, standards, and procedures.
- Ensure alignment with regulatory requirements and industry best practices.
- Collaborate with stakeholders to promote the adoption and enforcement of security policies and standards.
- Provide guidance and support to the organization in the interpretation and implementation of security policies and procedures.
Communication and Collaboration with Technology Team:
- Effectively communicate security issues and concerns to the technology team.
- Collaborate with the technology team to develop and implement solutions to address identified security issues.
- Provide ongoing support and guidance to the technology team regarding security best practices and risk mitigation.
- Foster a strong working relationship between the security governance function and the technology team to promote a culture of security awareness and collaboration.
Qualifications
- Positive, can-do attitude, who naturally expresses a high degree of empathy to others.
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- A minimum of 5 years of experience in information security, with a focus on security governance.
- Professional certifications such as CISSP, CISM, or CRISC are preferred.
- Strong understanding of information security principles, frameworks, and best practices.
- Experience in audit management, risk assessment, and policy development.
- Excellent project management and organizational skills.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex security issues in a clear and concise manner.
- Demonstrated ability to work independently and deliver results under tight deadlines.
- Talent to identify and create a broad vision for a security solution and to execute it
- Systems Thinking – the ability to see how parts interact with the whole (big picture thinking)
- Proven experience of acting as an expert in project teams.
- Ability to explain your thoughts or findings also to non- technical professionals
- Good command in written and spoken Thai and English language.
Location: True Digital Park, Punnawithi