Head of IT Security

About LINE MAN Wongnai

LINE MAN Wongnai is Thailand’s Leading On-Demand Delivery and Lifestyle e-Commerce platform for services. We build technology to help Thai people live better, to empower all local businesses by creating an end-to-end food ecosystem through our channel LINE MAN and Wongnai. Connected consumers, riders, and local businesses and improved the daily life of all parties with restaurants nationwide. And because we are local, we provide the deepest variety and services that are tailor-made for Thai people.

We are looking for an experienced Head of IT Security to organize and oversee all security operations of our company. Security personnel will be under your command while you develop and implement policies and procedures to maintain security standards. You should have prior organizational leadership experience, be able to collaborate with team members, and be a strategic problem-solver. Working in a fast-paced environment, you will bring your expertise and skills to tackle the challenges that impact millions of people on our journey to become the No.1 E-Commerce platform for services in Thailand.

What you’ll Do:

Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
Work directly with the business units to facilitate risk assessment and risk management processes
Develop and enhance an information security management framework
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
Provide leadership to the enterprise's information security organization
Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
Maintain a current understanding the IT threat landscape for the industry;
Translate that knowledge to identification of risks and actionable plans to protect the business and schedule periodic security audits;
Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced.
Constantly update the cyber security strategy to leverage new technology and threat information.
Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget.
Encourage employees in Tech and Non-tech to understand security best practices and risk to build secure platforms such as software, infrastructure and processes.

What you’ll Need:

Bachelor or Master’s degree in Computer Engineering, Computer Science, Cyber Security or related fields.
8-10 years of work experience in Information Technology Security related and at least 2 year experiences in team management
Hands-on experience in writing company-wide security policies and controls.
Able to manage and work across with stakeholders both in the external and internal department.
Knowledge of common information security management frameworks, such as ISO/IEC 27001/27002, COBIT and/or NIST.
Knowledge about global Data Protection Regulations and the Personal Data Protection Act
Knowledge of E2E security design including network, platform and application
Experience in Agile software development practices in combination with CI/CD.
Experience in system and applications security management and control.
Experience with security technologies e.g. Intrusion Detection System (IDS) monitoring, Incident Response, and Disaster Recovery Planning.
Experience in facilitating information security risk assessments.
Experience with Cloud computing and Cloud security practice.
Professional certificates related to work (e.g. CISSP, CISM, ISO 27001, PCI DSS or similar general security certification) is very desirable
Good command of English