Responsible for the Implementation and Operations Compliance of all Data Centre IT Security Policies and Practices at all Thai eP Data Centre & Perso and Enrolment sites. The IT Security is responsible for designing security elements in IT environments, information
systems, and data repositories and implementing security measures and practices that meet all required policies and standards to safeguard information and technology assets.
Key Function of the IT Security Engineer is to Support the Site Operations / DC Manager in ensuring that the security systems are in full operation at all times, and that the site is complying with the ISO 27001 and other accreditation requirements.
Main Activities / Tasks:
Data Center / Manufacturing IT Security Operations & Compliance :
Knowledge and skills
- Provide expertise for the development of security practices, procedures and controls.
- Analysis, design, configuration, implementation, documentation of security operation.
- Ensure optimum availability and security of information system part of the project.
- Own proactive measures for the confidentiality, integrity, availability of all information assets.
- Conduct regular vulnerability assessment, reporting, plan and implement remedial measures.
- Lead security incident management with necessary follow-up to provide a thorough post-event analysis & recommendations to prevent re-occurrence.
- Propose and implement tools to assist in detection, prevention and analysis of security threats detection and incident respond solutions as needed
- Manages IT and information security risk assessments and audits
- Review, Plan and implementation of security hardening for IT
- Security Configuration management of all information assets.
- Review, coordinate and implement firewall policies for DC and branch offices.
- Implement secure network communication to branches, and external agencies.
- Manage & Support Operational IT Security Technical & Administrative actions as needed including but not limited to 0
- Drive security monitoring efforts, reporting & remediation.
- Ensure regular patch management for information systems.
- Ensure the signatures updates of all security systems.
- Administration of firewall, IDS, IPS, SIEM, Antivirus and WAF
- Support New System / Solution Deployment & Change Management
- Administration and coordination of key management renewal procedures.
- Plan and coordinate preventive maintenance of for DC security systems.
- Support internal and external security audit related activities.
- Any other task, activities and special projects specified, as and when required.
- Good knowledge of IT security operations, Defense in depth approach to security.
- Good hands on data center security technologies, Firewall, WAF, IDS, IPS, SIEM, and antivirus and access control systems.
- Scripting & Automation across Windows / Linux etc.
- Strong hands-on implementing & managing enterprise IT security products.
- Experience in ISO 27001 requirements and audit
- TCP/IP Protocol stack, IPSEC, VPN (PPTP, L2TP), OSPF, BGP.
- Familiar with security tools, Net flow, vulnerability assessment, Patch management tools
- Good knowledge in Public Key infrastructure, Cryptography (symmetric and asymmetric)
- Change control procedure, Disaster recovery procedure, backup and restore procedure.
- Authentication protocol, NTLM, Kerberos, TACACS, 802.1X, Active directory.
- Windows group policy, system hardening, and security benchmarks.
- High availability, Cluster servers, load balancer, HA proxy.
- Hands on experience in security solution implementations.
- Familiar with Operating system, Linux, windows, Hypervisors.
- Experience in CISCO, Palo Alto, and Fortinet security solution.
- Familiarity with SW Dev & Application Security and safe computing practices.
- Experience with security assessment frameworks (NIST, CIS Top 20, OWASP, ISO 27000)
- Third party vendor management, escalation and incident management, datacenter operation documentations, SOP.
- Familiar with Security and Risk Management process
- Hands on experience in security operations of data center.
- 3-4 years of IT Security Operations & Support experience.
- 5-8 years IT Operations / Infrastructure Management Experience
- 5 years Security/IT security operations in established organization
- Proven ability to to react quickly, decisively, in a mission critical & sensitive operations env.
24 x 7 Standby / On-Call Availability
Bangkok and Bang Pa In (Willing to travel for both site).
ECnet Systems (Thailand) Co., Ltd.
Office: 02 751 9663 | Fax: 02 751 9667 | Mobile: 085-0555454
www.ecnet.com | Singapore . Malaysia . Thailand . China . Japan . US . India