1/ Position Overview

We are seeking a highly skilled and detail-oriented Security Compliance Officer to ensure our organization adheres to security policies, regulatory requirements, and industry best practices. The ideal candidate will play a critical role in safeguarding sensitive data, minimizing cybersecurity risks, and maintaining compliance with applicable laws and standards. This position involves developing security policies, conducting risk assessments, monitoring compliance, and educating employees on security protocols.

2/ Key Responsibilities:

*Developing and maintaining Security policies:

• Create, document, and update comprehensive security policies and procedures.
• Align security measures with industry standards and regulatory requirements.

*Risk Assessment and Mitigation:

• Conduct regular risk assessments to identify potential vulnerabilities.
• Prioritize risks and develop actionable mitigation strategies.

*Compliance Monitoring and Auditing:

• Perform internal audits to verify compliance with security policies and regulations.
• Identify compliance gaps and implement corrective actions.

*Incident Response:

• Investigate security incidents and manage response activities.
• Implement containment, remediation measures, and prevent recurrence.

*Security Awareness Training:

• Develop and deliver training programs to educate employees on security best practices, including data protection and password management.
• Promote a culture of security awareness across the organization.

*Vendor Management:

• Assess the security practices of third-party vendors to ensure compliance with organizational and regulatory standards.
• Collaborate with vendors to address identified risks.

*Regulatory Compliance:

• Stay updated on evolving security regulations (e.g., OWASP, GDPR, PCI DSS).
• Ensure the organization meets all applicable compliance requirements.

*Reporting and Communication:

• Prepare detailed reports on compliance status, security risks, and incident investigations for senior management.
• Communicate security concerns and recommendations effectively to stakeholders.

* Collaboration with SecurityTeam:

• Work closely with the Security team to implement security controls and monitor systems for potential threats.
• Provide guidance on securing IT and SA infrastructure and processes.

3/ Required Skills and Qualifications:

*Technical Expertise:

• Strong understanding of cybersecurity principles, including network security, data protection, and access controls.
• Familiarity with security frameworks and compliance regulations such as OWASP, NIST, ISO 2700 or PCI-DSS.

*Analytical and Problem-Solving Skills:

• Ability to identify security risks and develop effective solutions.
• Strong decision-making skills to address compliance and security issues promptly.

*Communication Skills:

• Excellent verbal and written communication skills for training, reporting, and stakeholder engagement.
• Ability to present complex security concepts to both technical and non-technical audiences.

*Tools and Techniques:

• Experience with security auditing tools, techniques, and monitoring solutions.
• Proficiency in incident response management and risk assessment methodologies.

*Certifications (Preferred):

• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Other relevant certifications are a plus. 

• Employee Support: Assistance with accommodation, living expenses, and work visa procurement for all staff.
• Home Visit Support: Financial assistance for employees to visit home fourth a year.
• Competitive Salary: A salary package that reflects your skills, experience, and contributions to the company.
• Essential Equipment: Provision of necessary work equipment, including a MacBook and iPhone.
• Development: Continuous development of hard and soft skills through work and professional training.
• Holiday Bonus: A holiday and New Year bonus to recognize your hard work and dedication.
• Inclusive Environment: A professional, dynamic, and inclusive workplace culture that fosters collaboration and innovation.
• Life experience: Enjoy the new culture, living environment in Thailand.