About LINE MAN Wongnai
LINE MAN Wongnai is Thailand’s Leading On-Demand Delivery and Lifestyle e-Commerce platform services. We build technology to help Thai people live better, to empower all local businesses by creating an end-to-end food ecosystem through our channel LINE MAN and Wongnai. Connected consumers, riders, and local businesses and improved the daily life of all parties with restaurants nationwide. And because we are local, we provide the deepest variety and services that are tailor-made for Thai people.
We are looking for an experienced in Identity Access Management roles, have a solid security principle, baseline, and expert in security concept. Working in a fast-paced environment, you will bring your expertise and skills to tackle the challenges that impact millions of people on our journey to become the No.1 food platform in Thailand.
What you do:
As Identity Access Management (IAM) you are responsible for:
- Manage user identities and access privileges within the organization's systems and applications.
- Implement and maintain the AM framework, policies, and procedures to ensure proper access controls.
- Provision and deprovision user accounts, including user onboarding, offboarding, and access revocation.
- Collaborate with various teams to gather access requirements and define access control rules.
- Create and manage user access roles and permissions based on job functions and organizational policies.
- Conduct periodic access reviews and audits to ensure compliance with security standards and regulations.
- Monitor user access activities and investigate any security incidents or access violations.
- Administer and support IAM tools and technologies, such as identity governance, privileged access management, and single sign-on.
- Collaborate with IT teams to integrate IAM solutions with existing systems and applications.
- Implement and maintain cryptography key management solutions, utilizing robotic automation to generate, store, and rotate cryptographic keys securely.
- Design and plan to utilize robotic automation tools to provision and deprovision user accounts, ensuring timely and accurate user IDs provisioning.
- Implement and maintain privileged access management solutions to enforce access controls, monitor privileged accounts, and streamline access reviews.
- Stay up-to-date with industry best practices, emerging trends, and advancements in IAM technologies.
What you need to succeed in this role:
- 8+ years work experience in Identity Access Management roles, preferably for banking and payment companies or similar industries.
- Strong communication and organization skills.
- Good understanding and knowledge of information security fundamentals.
- Familiarity with network security and information systems security principles and best practices.
- Strong understanding of identity and access management concepts, principles, and frameworks.
- Experience in administering IAM tools and technologies, such as identity and access governance platforms, privileged access management systems, and single sign-on solutions.
- Familiarity with security standards and regulations, such as ISO 27001, NIST, and PDPA.
- Analytical mindset and problem-solving skills to assess access requirements and resolve access-related issues.
- Strong attention to detail and ability to handle sensitive information securely.
- Designed and implemented a robust cryptography key management system, ensuring secure generation, storage, and rotation of cryptographic keys, enhancing data protection.
- Developed and implemented a comprehensive IAM governance framework, ensuring compliance with relevant regulations and industry standards.
- Successfully conducted access reviews and audits, identifying and resolving access control gaps, and ensuring compliance with security policies and regulations.
- Developed and delivered comprehensive IAM training programs to educate employees and raise awareness about security best practices and compliance requirements.
It would be great if you have:
- Earned any of security, audit, and compliance-related certification e.g., Associate of (ISC), CISSP, CISA, CRISC, CISM, CompTIA Security+, ISO/EC 27001.
- Understanding of multi-factor authentication methods and implementation.
- Familiarity with identity lifecycle management and role-based access control (RBAC) concepts.
- Familiarity with industry regulations and compliance standards relevant to the organization(e.g., SEC regulations, PDPA, PCI DSS).
- Experience with implementing and managing identity and access management in large-scale enterprises.
- Strong project management skills to lead IAM initiatives and coordinate with stakeholders.