Job Purpose (Accountability)

Responsible for monitoring and detecting information security incidents through Security Monitoring systems (such as SIEM, EDR, IDS/IPS), including managing Incident Response Handling, conducting threat analysis, and preparing reports. Work collaboratively with relevant teams to remediate vulnerabilities and enhance system security. Develop and test Cyber security Incident Playbooks, support forensic activities, and ensure log retention in compliance with PDPA and related standards, in order to maintain the readiness and effectiveness of the organization’s information security.

Duties / Responsibilities

1. Monitor, detect, and analyze information security incidents through Security Monitoring systems such as SIEM, EDR, IDS/IPS.
2. Manage and respond to security incidents (Incident Response Handling) in a systematic and timely manner.
3. Assess, analyze, and prepare reports on Cyber Security threats and risks.
4. Collaborate with relevant departments to remediate vulnerabilities and security issues, and propose preventive measures.
5. Develop, update, and test Cybersecurity Incident Playbooks to ensure effectiveness and relevance.
6. Support Digital Forensics activities and log retention for internal/external investigations or audits.
7. Maintain and manage log data in compliance with PDPA requirements and relevant standards to ensure legal and regulatory adherence.
8. Research and track emerging Cyber Security Threats to recommend improvements in security measures.
9. Support audit activities and security assessments as assigned.

Education

Work Experience

Certifications

Certifications such as CEH, CompTIA Security+, or Blue Team certifications are considered an advantage.

TOEIC

Minimum 650 score or above.

Other Qualification

1. Minimum of 3–5 years of experience in Network Security or Security Operations Center (SOC).
2. Solid understanding of SIEM, EDR, Firewall, and Security Protocols.