General Description of Duties and Responsibilities:

100% Onsite

Location - MRT Rama9

Insight and Planning

• Take responsibility for understanding cyber security and privacy protection laws and regulations, industry policies, standards, best practices, and ecosystems within the representative office/country.
• Develop and implement cyber security and privacy protection business plans, budgets, and KPIs aligned with business strategies.

Process and System Development

• Guide local offices in creating cyber security and privacy protection frameworks.
• Build management systems and optimize local business regulations and processes while ensuring their implementation.

Compliance and Risk Control

• Proactively identify risks in alignment with business strategies using risk control methodologies.
• Develop risk maps, compliance, and risk control solutions while implementing crisis prevention mechanisms and handling emergencies.

Communication and Trust Building

• Collaborate with internal and external stakeholders to establish communication channels with regulators, industry organizations, and customer privacy bodies.
• Build trust mechanisms for cyber security and privacy protection.

Organization Building and Capability Improvement

• Develop and lead teams to enhance cyber security and privacy capabilities within the country.
• Manage and mentor officers and improve compliance awareness across the organization.

Candidate Requirements:

Knowledge and Experience:

• Comprehensive understanding of cyber security and privacy protection trends, standards, and certifications.
• Familiarity with global and regional privacy protection laws and regulatory requirements.
• Proficiency in international cyber security standards (e.g., 3GPP SCAS, NESAS, ISO 27001, ISO 28000).
• Proven experience presenting at national or international cyber security conferences.

Business Understanding:

• Deep knowledge of CT/IT business and solutions, including government and customer security requirements.
• Ability to align product development with privacy and security needs.

Risk and Crisis Management:

• Adept at identifying cyber security risks and implementing preventive measures.
• Capable of leading emergency drills and responding to crises effectively.

External Communication Capability:

• Strong communication and public relations skills.
• Experience maintaining relationships with regulatory bodies and building local trust.

Qualifications:

• CISSP or equivalent cyber security certification.

Preferred Background:

• Candidates with experience in the banking sector are encouraged to apply due to their familiarity with stringent compliance and data security protocols.