Information Security Senior Engineer (Bangpoo)

Location: Samutprakarn

Working Hours: 07:40 - 17:25 / Mon - Fri

Objective: 

The Information Security Coordinator will be responsible for managing and coordinating activities related to ISO 27001 compliance, monitoring security logs, conducting training, and ensuring adherence to the Personal Data Protection Act (PDPA). This role is pivotal in enhancing the organization's information security posture and ensuring compliance with relevant standards and local regulations.

Your main role is to:

1. Management and Coordination of ISO 27001 Compliance 

   1.1 Coordinate ISO 27001 Implementation: Oversee the implementation and maintenance of the Information Security Management System (ISMS) in alignment with ISO 27001 standards. This includes conducting gap analyses to identify areas for improvement and ensuring that security controls are effectively integrated into business processes. 

   1.2 Risk Assessment Management: Conduct regular risk assessments to identify vulnerabilities and ensure that appropriate controls are in place to mitigate risks. Monitor compliance with established objectives and KPIs. 

   1.3 Policy Development: Draft, update, and implement information security policies, procedures, and work instructions to align with ISO 27001 requirements. Ensure that all documentation is maintained accurately. 

2. Security Log Monitoring and Training 

   2.1 Security Log Analysis: Regularly review security logs to detect anomalies or potential security incidents. Collaborate with IT teams to address any identified issues promptly. 

   2.2 Training Development and Delivery: Develop and deliver training programs on information security best practices, including awareness sessions on ISO 27001 compliance and data protection regulations. Ensure that all employees understand their roles in maintaining security standards. 

3. Compliance with PDPA 

   3.1 PDPA Compliance Oversight: Ensure that all data handling practices comply with the Personal Data Protection Act (PDPA). 

   3.2 Stakeholder Engagement: Liaise with relevant stakeholders to ensure they are informed about PDPA requirements and their implications for the organization. Provide guidance on best practices for personal data management

Who are we looking for?

• Education: Bachelor’s degree in information technology, Cybersecurity, or a related field. 

• Certifications: Relevant certifications such as ISO 27001 Lead Implementer or Auditor, Certified Information Systems Security Professional (CISSP), or similar credentials are preferred.

• Experience: Proven experience in information security management, particularly with ISO 27001 implementation and compliance. 

• Good command of English, Chinese is advantage 

• Strong analytical skills for risk assessment and log analysis. 

• Excellent communication skills for training delivery and stakeholder engagement. 

• Knowledge of data protection laws and best practices.

Top reasons for why join us?

• Opportunity to join a diverse and international company where can help create a greener more intelligence-driven future.

• A number of programs each year to support you in your career journey and our program offering continues to grow annually.

• Balance life as we have 5-day work week policy

• We offer comprehensive medical insurance coverage for you and your family.

• Yearly bonus and quarterly incentive to reward your achievements.

• We provide a free bus and van shuttle service to many locations around the company.

For more details about Delta Electronics please visit www.deltathailand.com