top of page

True Digital Cyber Security is the leading trustworthy Cyber Security service provider, providing end-to-end cyber security services, including managed detection and response, cyber security and data privacy  consultant, security implementation, managed security services and penetration testing.

true_cyber_security.png
Risk and Governance
  • Information Security Risk Assessment

     TDG provides information security risk assessment to help an organization to measure of cyber maturity, either using industry standard frameworks by identifying and evaluating risk while aligning with business objectives.

  • Identify asset vulnerabilities

  • Gather threat and vulnerability information

  • Identify internal and external threats

  • Identify potential business impacts and likelihoods

  • Determine risk

  • Identify and prioritize risk responses

  • Cyber Security Maturity Assessment

      TDG provides cyber security maturity assessment service that finds the possibility of business damage due to a loss in confidentiality, integrity and availability of information. Risk assessments serve as the foundation for a strategic approach to business goals with security and compliance requirements while helping to create an effective long-term risk management.

  • ISO 27001 Consulting Services

      TDCS provides assistance in the implementation of ISO 27001 framework and help organizations strategize, build, and certify a robust and effective Information Security Management System (ISMS).   With a team of experienced information security professionals who are also ISO 27001 certified Lead Implementers and Auditors, who have an in depth understanding of the standard.  Throughout the entire certification process, from ISMS Scoping through on-site Certification Audit Support.

  • Security Awareness Training 

      TDG provides Security awareness training as a strategy used by an organization’s IT to prevent and mitigate user risk.  This training helps users and employees understand the role they play in helping to combat information security breaches those are introduced to basic security concepts, regulations and policies.  Effective security awareness training helps employees understand proper cyber hygiene, the security risks associated with their actions and to identify cyber attacks they may encounter via email and the web.

Offensive
  • Vulnerability Assessment (VA)
  • Vulnerability Assessment (VA)

     TDG provides scanning the potential threats according to common risk followed by public vulnerabilities discovered.  In order to protect an organization asset, a vulnerability assessment should be performed in every layer such as network, operating system, database and application. There are several security automations tools to do vulnerability assessment, it can provide fully-reports including severity risk, remediation to ensure that administrators know their own risk and fixing each of defects.

  • Penetration Testing (PT)

    TDG provides penetration testing (Black Box, Gray Box, White Box) to effectively manage cyber security risk by test penetrating the systems and experts to identify vulnerabilities that could lead to systems being compromised by malicious attackers based on international framework NIST and OWASP for providing test results and preventive recommendations. This vulnerability detection is part of the measures against cyber threats, suitable for organizations with strong needs for security and regular system tests.

  • Red Team exercise

      TDG provides the testing of the organization's detection and response capabilities.  The red team will try to get in and access sensitive information in any way possible, as quietly as possible.  The red teamer will simulate attacks to gauge the strength of the organization’s existing security capabilities and identify areas of improvement by going a step further, and adding physical penetration, social engineering, and an element of surprise.

Defensive
  • Security Operation Center (SOC)

     TDG provides a Security Operation Center (SOC) as a centralized security monitoring 24/7 to continuously monitor and improve an organization's security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents across an organization's IT infrastructure, including its networks, devices, appliances, and information stores, wherever those assets reside.  Essentially, the SOC is the centralized correlation point for every event logged within the organization that is being monitored.

  • Security Monitoring Managed Detection and Response

     TDG provides comprehensive and cost-efficient 24/7 security monitoring designed to keep business safe from malicious activity.   TDG focuses on detection and response an Cyber Security Attack by integrating parts of SIEM, endpoint detection and response, real-time cyber threat monitoring, managed intruder network alarms, and continuous vulnerability monitoring services.

  • Cyber Incident Response

    TDG provides Incident response service to support an organization to respond to and manage a cyberattack.  An cyberattack can wreak havoc potentially affecting customers, intellectual property, company resources, and brand value.   An cyber incident response is focused to reduce this damage and recover as quickly as possible.

  • Forensics Investigation

     TDG provides Forensics investigations to recover data from computers and hard drives to solve a crime or find evidence of misconduct.  Computer investigators can uncover things like employee internet abuse, unauthorized disclosure of corporate information, and other illegal internet activity.  Forensic computer investigations can find information on computer and hard drives including emails, browsing history, downloaded files, and even deleted data.

Managed Security Service
  • Web Application Firewall (WAF)

     TDG provides expertise to ensure that your WAF is configured to provide maximum protection of your websites using the native features of the WAF.   Alert notifications are sent to you directly from the WAF via email.  All WAF related reporting is also available in the WAF Portal.  A weekly report of summary activity will be provided, along with access to the WAF as a Service portal.  You will have the ability to generate a WAF report or define a schedule to email.

  • Privileged Access Management (PAM)

     TDG will manage your PAM solution and provide much-needed security over administrators and privileged credentials while minimizing the impact of the operational team.   PAM managing it over time requires a strategy for evolving your policies and coverage to meet different use cases. These can include ensuring enterprise-wide adoption as the environment and users change and demonstrating compliance with corporate policies and regulatory or industry mandates.

Managed services will provide support around the lifecycle of your PAM solution, including:

  • Safe Management

  • Access Management

  • Policy Management

  • Platform Management

  • Reporting

  • Solution Patching and Updates

  • Disaster Recovery

  • Session Management

  • Local Admin Management

  • Endpoint Detection and Response (EDR)

    TDG provides an advanced managed security service for Endpoint Detection and Response (EDR) that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response.  Using advanced security analytics on endpoints, user behavior, application, and network; MDR provides deeper detection without rely on rules and signature.  MDR also uses Artificial Intelligence (AI) and Machine Learning to investigate, auto contain threats, and orchestrate response.

  • Source Code Scan

     TDG provides a Source Code Scan to discovers hidden vulnerabilities, design flaws, and verifies the key security controls are implemented.    The scanning tools and manual review to detect insecure coding practices, backdoors, injection flaws, cross site scripting flaws, insecure handling of external resources, weak cryptography, etc.

PDPA and Data Governance
  • PDPA Compliance Assessment

      TDG provides PDPA compliance assessment by assessing current data collection practices of organization’s personal information collection and use practices by carrying out a detailed gap analysis.   TDG will focus on basic principles, key requirements, and the building-blocks of data privacy, organization based on the new PDPA regulatory requirements.

     TDG also supports the organization to determine a designated lead, Data Protection Officer to determine which employees deal with client data and how much personal data it has access to and where it is all stored. This process will involve a careful assessment of local and cloud-based operating systems, personal and company mobile devices, spreadsheets and databases, personal files, and etc. 

  • Data Inventories

    TDG provides a Data Inventories to create a source of truth with relevant metadata that provides instant insight into all sources of data an organization has what information these sources collect and where these data are stored.   Policies and compliances demand that organization exactly know for all user data and user activities on those data.

    Data inventory is also important for knowing the data in your business collects leads to improved efficiency and increased accountability for the organization.  Data inventory can also lead to better overall reporting, decision-making and operational performance optimization.

  • Consent Management Platform

     TDG provides a consent management platform (CPM) to enable a website or application to comply with PDPA, GDPR, CCPA and other data privacy regulations.  CMP allows websites to inform visitors about the types of data that requires to collect and ask users for consent for specific processing purposes

       Consent management platform supports:

  • Collect and handle user consent

  • Display consent banners and pop-ups to users

  • Prevent tags from running before obtain legal consent

  • Manage data subject requests 

  • Fire tags used in ad networks based on a user’s consent decision

  • Data Classification

     TDG provides a Data classification to helps determine where regulated data is located across the enterprise, ensures that appropriate security controls are in place, and that the data is traceable and searchable, as required by compliance regulations.  Data classification enables organizations to safeguard sensitive corporate and customer data.


To ensures that sensitive data is handled appropriately for different regulations, such as medical, credit card, and personally identifiable information.

  • Data Leakage Prevention

    TDG provides a Data Leakage Prevention for organizations requiring redaction of personal data according to enables organizations to maintain the policies and compliances.  DLP is part of the data security regime that prevents data from being transmitted outside of an organization.   TDG supports DLP to safeguards important data, including financial information, customer contacts, contracts, and etc.   DLP helps reduce unauthorized transmission of data and thereby minimize damages to the organization.

Cyber Security Incident Responder
Job Description:

     Reporting to the Incident Manager, the Cyber Security Incident Responder/Handler is responsible for conducting real-time analysis on escalated cyber security incidents impacting MDR Centre constituency. The responder will analyze security incidents, triage and remediate security incidents and escalate for further treatment as well as manage, mitigate and coordinate remediation activities.

Key Responsibilities:

• Working with the Incident Manager, to perform the triage and validation of alerts from the various tool sets in the MDR Centre.
• Completing in-depth analysis of alerts that are generated by the various toolsets in use by the MDR Centre.
• Investigating alerts and escalating to the appropriate team for further action.
• Executing approved manual, scripted or automated mitigation actions.
• Coordinating and/or assisting remediation activities as directed.
• Working with the MDR Centre Platform Management team to provide feedback into alerts that are deemed to be false positive or/nor performing
properly.
• Working with the Incident Manager to provide feedback into improving and fine tuning the playbooks as and when appropriate.
• Working cases through to closure in a case management tool.
• Interacting with peer organizations within True Digital to identify root-causes of incidents and assisting in closing/preventing these incidents in the future.
• Participating in Post-Incident Analysis for key cases closed by the Cyber Security Investigations and Response team.
• Working with the Threat Intelligence team and Threat Hunter to assist in refining “hunting grounds” to limit the amount of in-scope data for hunts and provide additional context to findings.
• Hunting through existing sets of data to understand what is normal and what is abnormal.
• Working with respective system and application team to hunt for malicious activity that may or may not be present in unmonitored applications when
incident is detected.
• Investigating abnormal or anomalous behavior identified in hunts.

Qualifications:

• Bachelor degreein a related field such as information security, management or computer engineering.
• Experience in the detection, response, mitigation and/or reporting of cyber threats affecting mid to large organization environment.
• Experience in computer intrusion analysis and incident response.
• Experience in networkand systemsurveillance and monitoring, and intrusion detection.
• Good working knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architecture.
• Experience in systemlog analysis.
• Experience with current cyber threatsand the associated tactics, techniques and procedures used to infiltrate computer networks, including the use of threat intelligence during the course of response.
• Working experiencein MDR Centre, Security Operations Centre (SOC), Managed Security Service (MSS), or enterprise network environment is desirable.
• Active CompTIA Security+ or similar certifications are required.
• Other relevant certifications (such as GCIH, GCIA)are desirable.
• Strong attention to detail, concern for data accuracy and high personal integrity.
• In depth experience with industry standard incident handling methodologies.
• Ability to clearly document and communicate findings, opinions, and recommendations to both technical and non-technical audiences.

Cyber Security Incident Responder
SOC Use-Case Development Engineer
Job Description:

     We are searching for a SOC Engineer who will be responsible for analyzing, developing the SOC Use Case and Playbook to detect the Cyber security attack. The primary function of this position is to analyze the attack result to improve the detection rate and reduce the time needed for incident investigation by using automation.

Key Responsibilities:

• Collaborate with the Security Operations Center (SOC) and Security Engineering teams to improve existing security automation technology 
• Assess, design, and improve SOC processes and workflows with an aim on automation through Security Orchestration, Automation and Response (SOAR) and cyber security technology to improve detection flexibility and reliability.
• Build SOC Use Case and Playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.
• Analyze SOC alerts statistics and workflows to reduce false positives and properly focus engineering efforts.
• Develop custom scripts to automate current detection and response workflows.
• Enrich Incident results to provide comprehensive view for customers.

Preferred Skills And Experience:

• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
• Experience using Python for the purpose of automating security operations and incident response processes.
• Strong understanding of security architecture, tool integration, API development and automation.
• Understanding of common SOC and SOAR processes and workflows.
• Working knowledge of network TCP/IP protocols.
• Experience using Splunk and/or other SIEMs.
• Exceptional written and verbal communication skills.
• Exceptional organizational skills.

Basic Qualifications:

• Bachelor’s degree in information systems, information security, computer science, engineering or similar technical field of study with 2+ years of information security experience.
• Experience with network and endpoint security solution, such as IPS, Firewall, Response (EDR) platforms.
• Experience with Python scripting language for automation.
• Experience with operating system internals for both Linux and Windows platforms.

SOC Use-Case Development Engineer
SOC Platform Engineer
Job Description:

Reporting to the Platform Manager, the MDR Platform. Engineer is responsible for testing and building new, or updating existing, automation within MDR Centre technologies and integration between such technologies and the larger set of systems and applications within True Digital. The role involves designing, developing, testing and deploying automation and integration using toolsets provided by various MDR Centre technology vendors. The role is also involving in planning and supporting the operational security team with required security technologies to fulfill their day-to-day operations. The role will support new platform engineering, updating the existing environment as well as implementing any new requirement.

Key Responsibilities:

• Evaluating and selecting appropriate technology solutions to meet MDR Centre consumer needs.
• Preparing, testing, staging and deploying new MDR Centre technology platforms.
• Preparing, testing, staging and deploying major releases and major changes to existing MDR Centre technology platforms.
• Analysis of automation and integration within the current MDR Centre technology stack to identify areas for improvement.
• Working with other MDR services to design automation and integration that meets their needs.
• Developing, testing and deploying new automation and integration via custom code and scripts.
• Working with the MDR Architect to test and fine tune the technical design of the use case to be implemented in the SIEM.
• Documenting MDR Centre technology platformarchitecture and deployments.

Basic Qualifications:

• Bachelor degreein a related field such as information security, management or computer engineering.
• Platform-specific certifications are desirable.
• Good workingknowledge of security concepts forboth Windowsand Unix related operating Systems.
• Good workingknowledge of network concepts.
• Familiar with well-known SIEM tools (e.g. Splunk and ELK) and dashboard/analytic tools (e.g. Grafana).
• Familiar with SOAR and UEBA tools.
• Working experiencein a MDR Centre, Security Operations Centre (SOC),Managed Security Service Provider (MSSP) or enterprise network environment preferred.

SOC Platform Engineer
Cyber Security Analyst
Job Description:

     The Cyber Security Analyst provides 24x7 eyes-on-glass service; formed from a team of security analysts with some years of experience. The monitoring and identification tier are responsible for the real-time monitoring and identification of security incidents. Analysts staffed at Level 1 monitor the MDR Centre main channel event streams within the MDR Centre security information and event management (SIEM)platform, SOAR and other MDR Centre tools. They identify suspicious activity, open an incident investigation and perform preliminary investigation to validate the incident. If the incident is determined to be more complex and requires more time and/or deeper expertise to analyze, the Tier 1 – Analyst will transfer the open investigation to Tier 2 for further analysis and escalation.

     Cyber Security Analyst is also responsible for providing a combination of strategic, tactical and operational intelligence to the MDR Centre and its constituency. They gather and analyze tactical cyber threat and vulnerabilities intelligence and provide timely intelligence support to incident responders and guidance to threat hunter.

     In addition, Cyber Security Analyst is responsible for the validation and analysis of investigations passed up from Tier 1 analysts. Tier 2 incident responder and investigator will complete the documentation of the investigation, determine the validity and priority of the activity and escalate to the SOC Manager. Analysts staffed at Level 2 would be senior staff.

Key Responsibilities:

• Performs real-time monitoring of security alerts generated by various MDR tools deployed by True Digital.
• Investigates potential security incidents under the guidance of playbooks and procedures. 
• Analyses and assesses security alerts. 
• Validates, classifies and opens security incident cases or escalates to Level 2 analysts. 
• Serves as a primary contact point for reporting potential security incidents. 
• Document security incidents as identified by the case management process. 
• Provides feedback on enhancing the operations of the cyber security operations center. 
• Responds to security alerts generate within the SLA time window. 
• Establishes priority intelligence requirements for all key stakeholders. 
• Demonstrates an understanding of business processes, risk management, and related standards and regulatory requirement. 
• Performs threat modeling to identify, classify, prioritize and rate threats based on thorough analysis of the organization’s top risks and critical assets, and derive appropriate use cases to be implemented into the MDR platform. 
• Investigates and researches known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning for a variety of threats. 
• Analyzes internal and external threat intelligence data sets, including vulnerabilities intelligence, detect and track emerging threats and security trends. 
• Produces timely, accurate, relevant and predictive intelligence by identifying and reporting on malicious actors, campaigns, and other relevant activities. 
• Produce and deliver timely, actionable threat intelligence to foster situational awareness, enables proactive decision-making, and promote enhance active defense measures within True Digital. 
• Monitors open source information feeds and threat actor activity to identify activity levels and indicators for threats, targets of interest and possible attack vectors. 
• Work with the other MDR Centre team to ensure that actionable indicators of compromise are incorporated into appropriate technologies. 
• Proactively recommends short-term and long-term changes based on threat intelligence to improve MDR Centre tools and detection capabilities. 
• Recognizes successful intrusions and compromises through review and analysis of relevant event detail information. 
• Investigates potential security incidents - recognizes attacks based on techniques, tactics and procedures and differentiates false positives from true intrusion attempts. 
• Follow up and track investigations to resolution. 
• Further validate, classify incidents and update security incident cases. 
• Alert system and information owners of intrusions and potential intrusions and compromises to their network infrastructure 
• Escalate security incidents to appropriate teams 
• Provide an assistance during remediation of security incidents. 
• Security services management including finetuning security use cases. 
• Fine tuning SIEM tools and reducing false positives. 
• Update the MDR tools as necessary. 
• Continuously improve the MDR services. 
• Maintain and provide data required to calculate the MDR Centre services’ SLAs, KPIs and KRIs. 
• Update MDR processes and procedures as necessary. 
• Follow and implement the change management process. 
• Publish regular reports to internal teams. 
• Conduct regular information security awareness sessions to the general community of the organization.

Qualifications:

• Bachelor degree in a related field such as information security, management or computer engineering.
• Platform-specific certifications are desirable.
• Good working knowledge of security concepts for both Windows and Unix related operating systems.
• Good working knowledge of network concepts.
• Familiar with well-known SIEM tools (e.g. Splunk and ELK) and dashboard/analytic tools (e.g. Grafana).
• Familiar with SOAR and UEBA tools.
• Working experience in a MDR Centre, Security Operations Centre (SOC),Managed Security Service Provider (MSSP) or enterprise network environment preferred.

Cyber Security Analyst
Penetration Tester
Job Description:

     The Vulnerability Analyst & Pen-Tester (VAPT) is responsible for identifying threats and vulnerabilities and their associated security risks within True Digital by performing vulnerability testing and penetration testing across the MDR Centre constituency and provide advice on how to remediate the vulnerabilities discovered. The VAPT team owns the vulnerability testing plans and keep current on security attack risks and methods.

Key Responsibilities:

• Performs security vulnerability assessment and penetration testing of internal, perimeter, external and wireless network and web and mobile applications.
• Identifies security weaknesses and vulnerabilities, and non-compliance within the MDR Centre constituency.
• Characterizes threats and provides recommendation for remediation.
• Advises appropriate business units on technical configuration and process changes, remediation and best practices to adapt to changing threat, vulnerabilities and new attack methods.
• Conducts follow up assessment to ensure proper action has been taken.
• Researches and develops testing tools, technique and process.
• Maintains, executes and refines processes to monitor, collect and update information about threats and vulnerabilities.

Qualifications:

• Bachelor degree in a related field such as information security, management or computer engineering.
• Experience in security incident management and response, threat modelling, penetration testing and/or secure application development.
• Active OSCP, OSCE, GPEN, GWAPT, GXPN, CEH, ECSA, LPT certifications good to have.
• Other relevant certifications (such as GCIH, GCIA, GCFA and others) desirable.
• Experience in architecture design and assessment (manual approach to penetration testing).
• Good working knowledge of security concepts for both Windows and Unix related operating Systems.
• Familiar with application and infrastructure vulnerabilities.
• Experience with exploit research and mitigation.
• Good working experience using various assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzier, etc.
• Good working knowledge of web technologies, solutions and attack vectors that apply to application technologies, such as OWASP.
• Experience with threat modelling methodologies.
• Experience with security source code review or development experience in C/C++, C#, VB.NET, ASP, or Java.
• Familiar with application reverse engineering techniques and procedures.
• Good working knowledge of IDS and AV evasion techniques.

Penetration Tester
Threat Hunter
Key Responsibilities:

• Perform intrusion analysis using SIEM technology, packet captures, reports, data visualization, log analysis and pattern analysis.
• Finetune EDR for blocking and reporting based on customer business need.
• Assist SOC Analyst by providing next level in-depth analysis.
• Conduct pro-active threat hunting and analysis.
• Respond to security incidents and perform investigation.
• Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
• Interact and assist other investigative teams
• Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat.
• Analyzing data from technical security controls, such as firewalls, IPS/IDS, enterprise AV, network analyzers
• Deploy and maintain EDR sensors and tools.
• Identify incident root cause and develop proactive mitigation steps.

Education:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field. 

Knowledge and Technical Skills:

• Effective written and verbal communication skills to interact with customers.
• Keeps current on the current IT threat landscape and upcoming trends in security.
• Knowledge on Information security best practices & network security architecture, Cyber Kill chain and MITRE ATT&CK Framework.
• Hands-on experience in SOC devices such as SIEM and EDR.
• Hands-on working experience with EDR will be advantage.
• Strong knowledge of Linux, Windows system internals.
• Strong knowledge of web applications and APIs.
• Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
• Strong knowledge of malware families and network attack vectors.
• Knowledge of the TCP/IP networking stack or network IDS technologies.
• Experience with IT infrastructure.
• Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyse.

Threat Hunter
Forensic Investigator
Job Description:

     The Digital Forensic Investigator is responsible for collecting and investigating digital forensics artifacts to assist investigations and/or perform evidence management. When investigating, they focus on the forensics capture and analysis of media and network artifacts to reconstruct timelines associated with an identified attack or breach.

Key Responsibilities:

• Analyzing requests, and planning and executing forensic support for both simple and complex investigations. 
• Providing recommendations for identification, collection and preservation of digital evidence. 
• Determining tools and procedures required for preservation. 
• Collecting, processing and analyzing electronically stored information (ESI) obtained from network, cloud and end user digital sources in accordance with industry standards. 
• Providing required documentation demonstrating chain of custody of evidence. 
• Generating formal forensic analysis reports in a clear and concise manner to a non-technical audience, e.g. senior management. 
• Working with other team members to provide guidance and assistance. 
• Using industry standard digital forensic tools (e.g. FTK, Axiom) during the course of investigation. 
• Conducting research into project-related issues. 
• Maintaining forensic credentials and ability to provide expert testimony.

Recommended Qualifications:

• Bachelor degree in a related field such as information security, management or computer engineering. 
• Experience in digital forensics. 
• Active CISSP, CISM and CCE or similar certifications are required. 
• Other relevant certifications (such as GCIH, GCIA) are desirable. 
• Strong attention to detail, concern for data accuracy and high personal integrity. 
• In depth experience with industry standard digital forensics methodologies, including: evidence handling, chain of custody procedures, and commonly used forensic toolsets. 
• Experience using physical, local and remote acquisition tools across multiple OS systems. 
• Ability to clearly document and communicate findings, opinions, and recommendations to both technical and non-technical audiences.

Forensic Investigator
Technical Pre-Sales
Job Description:

● Act as in customer success and solution consulting for security technology related and service offering.
● Well understand customer requirements and cybersecurity solution mapping as technical presalerole to gain and contribute project achievement.
● Identify and recommend solution components as mostly suitable and fit with customer environments and budgeting.
● Provide manage security service selling platform with solution guidance to support SOC incident and use case development.
● Participate in security proposal presentation, clarification with Q & A as well as proof of concept.
● Prepare technical documents to respond with both Requests For Information (RFI) and Requests For Proposals (RFP).
● Develop a comprehensive understanding of customer expectation and typical challenges faced with outcome delivery for customer satisfaction.
● Engagement with account manager, business development, service delivery.

Recommended Qualifications:

● Experience in a customer-facing and security presale roles.
● Bachelor degree in Computer Engineering, Computer Science, MIS, or related fields.
● Expertise in Information security, infrastructure and application security with cross-border of security line-of-defense.
● Capability to design and adoption cybersecurity solution and managed security service platform.
● Technical solution knowledge and understand security architecture and SOC integration.
● Ability to multi-tasks of project handling effectively with coordinate customers and internal stakeholders.
● Strong in communication skill act as solution sale-talk with proactive working as a team.
● Logical thinking & systematic approach for problem solving.
● Good command on both English and Thai.

Technical Pre-Sales
Cloud Security Engineer
Job Description:

• Build, design, deploy, maintain the secure implementation of Cloud solutions across multiple public cloud offerings (Google, AWS, Private Cloud, MS Azure, etc).
• Identify attack surface reduction opportunities via vulnerability analysis, trends, threat, and technology management.
• Lead the review of security vulnerabilities across a variety of cloud technologies and environments to determine high risk vulnerabilities to business assets. 
• Implement cloud security compliance and provide advice to remediate security vulnerabilities.

Educations:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field. 
• Experience in cloud security, application security, secure software development, vulnerability management, solution design/configuration of security tools and penetration testing.

Experiences:

• CISSP, GIAC, OSCP and/or related certifications preferred .
• Knowledge and experience in cloud security, application security, vulnerability management and/or solution design/configuration of security tools. 
• Familiar with public cloud eg. GCP, AWS or Azure .
• Familiar with DevOps technology and platform; Kubernetes, Terraform, Ansible, Jenkins, Git is a plus.
• Good command of written and spoken English. 
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executives). 
• Logical & systematic approach to problem solving .

Cloud Security Engineer
Security Architecture Engineer
Job Description:

• Provide technical security expertise to the company's teams' solutions including communicating security architectural decisions, benefits and risks; provide security consulting services internally to the company by giving security guidance and functioning as an information security subject matter professional.
• Interact with project teams to provide advice on security and assist with compensating control alternatives where security requirements cannot be met.
• Stay abreast of the latest information security regulatory requirements, technologies, controls, practices, techniques and threats.
• Support internal skills development activities for information security personnel on new technologies or process changes driven by security requirements.

Educations:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field.

Experiences:

• CISSP, GIAC and/or related certifications preferred.
• Knowledge and experience in application security, network security, data security, cloud security, identity and access management, endpoint security, vulnerability management.
• Familiar with public cloud e.g. GCP, AWS or Azure.
• Good command of written and spoken English. 
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executives). 
• Logical & systematic approach to problem solving.

Security Architecture Engineer
Security Governance Consultant
Job Description:

• Develop and implement information security and data governance policies, standards,processes and security controls for the organisation in compliance with ISO27001, PCI DSS,PDPA, regulations and law.
• Perform Data Classification and Information Security risk assessment.
• Perform data governance and security compliance review to internal teams and third parties.
• Identify emerging threats/vulnerabilities and analyze cyber threat modeling and identify preventive countermeasures to mitigate the risk of cyber attack.
• Work with project teams to ensure that the implemented technology solutions meet the policies, standards, regulations and law.
• Develop role-based access control for applications to prevent the risk of insider threat.
• Conduct access right review for applications/systems to minimize the risk of unauthorized access.
• Establish information security and data governance awareness program for staff and OWASP secure coding guidelines for developers.
• Guide relevant teams to harden OS, DBs, workstations and network components based on CIS baseline.
• Update knowledge and technical skill to cope with new vulnerability and threats.

Educations:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field.
• Experience in information security governance and risk management, threat medeling, secure solution design and/or penetration testing.

Experiences:

• CISSP, CISM, CISA, CRISC, GIAC, OSCP and/or CEH certifications preferred.
• Knowledge of Thailand’s information security regulations and security standards, such as ISO27001, PCI DSS and experience in their implementation.
• Knowledge and experience in information security governance and risk management, threat modeling, secure solution design and/or penetration testing.
• Good command of written and spoken English.
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executives).
• Logical & systematic approach to problem solving.

Security Governance Consultant
DevSecOps Engineer
Job Description:

• Manage static and dynamic application security testing for vulnerabilities and embed security tools in Jenkins pipeline. 
• Automation/Build such as Jenkins, Docker, Chef or Puppet.
• Designing and implementing container (Docker) solutions on Kubernetes or OpenShift. 
• Design and implementation of Continuous Integration, Continuous Deployment, Continuous Delivery and DevOps Operations for Agile projects, working with technologies and platforms including UNIX/Linux, Java, Git, Jenkins, OpenStack, Ansible, Chef, Puppet, Kubernetes and Docker 
• Converting the agile process to the DevSecOps Framework. 
• Modify and develop new CI/CD pipelines to support a wide variety of software languages and software product teams. 
• Automated processes to support continuous software deployments. 
• Linux Administration (Installation, Configuration, Tuning and Upgrades of Linux).

Educations:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field. 
• Experience in application security, secure software development, vulnerability management, encryption key management and solution design/configuration of security tools.

Experiences:

• CISSP, GIAC, and/or related certifications preferred 
• Knowledge and experience in network security, application security, vulnerability management, encryption key management and/or solution design/configuration of security tools. 
• Familiar with public cloud eg. GCP, AWS or Azure 
• Familiar with DevOps technology and platform; Kubernetes, Terraform, Ansible, Jenkins, Git 
• Good command of written and spoken English. 
• Good interpersonal skills – able to communicate effectively with various levels (from end-users to executives). 
• Logical & systematic approach to problem solving.

DevSecOps Engineer
Technical Aftersales Engineer
Job Description:

The Technical Aftersales Engineer is to manage and responsible for Security Operations Centre (SOC) service delivery by getting feedback and catch-up operation service support by working with customer including maintain client satisfaction, service expansion and revenue growth. As the Security Delivery Engineer will be the pivot between the operational excellent of the SOC experience and the face to the clients.

Experiences:

● Manage and provide helping for SOC projects with timeline planning and communication with clients
● Identify SOC project and security project schedule deliverable with prioritized task milestone for POC, On-boarding, Implementation, Transition and Migration
● Build and develop SOC requirement prospect as a part of the SOC enhancement with driving the platform capability expansion
● Work with internal team and client to negotiate and ensure SOC service readiness with timeline appropriately
● Regularly meeting with internal SOC team and catch up and translate client point of concern and SOC operation requirement for improvement 
● Coordinate and escalate delivery team to provide service direction for support and operation enhancement
● Create and present the SOC report deliverable as weekly, monthly, quarterly and yearly with clients
● Review SOC operation process to ensure meet SLA for operation collaboration work-well
● Manage and support SOC documentation related project deliverable with client expectation

Qualifications:

● Experience in security project delivery and Security Operation Center (SOC) as service 
● Experience with SOC Service delivery or security operation engagement
● Strong ability to communicate at technical and business level
● High level of initiative, ownership of issues, accountability, professional diligence, attention to detail and problem-solving capabilities
● Familiarity with delivery mechanisms of Managed Security Services (MSS) will be an advantage
● Excellent written and verbal communication skills to develop client relationships across working levels of customers
● Good command on both English and Thai

Technical Aftersales Engineer
Project Manager for Cyber security
Project Manager for Cyber security
Job Description:

● Manage and deliver projects with timeline planning within project resource and task utilization
● Identify and prioritized project schedule with key deliverables, milestones tasks; with collecting report on progress upate in basis
● Work with team leader to ensure complete and appropriate resourcing by performing project plan analysis to identify critical path and resource issues
● Regularly meet with project sponsor and working team to build relationship and manage expectation
● Assign and coordinate project team members; provide support and direction while providing coaching and mentoring to other project team members
● Create and execute a communication plan and report that includes both internal and external project communication.
● Provide change management control and problem solving to ensure project delivery on time and resolution in case of issue happen
● Manage project documentation including project deliverable documents 
● Ensure project management aligned with customer policies and standards
● Enable close cooperation across all roles and functions

Qualifications:

● Experience in project management and organizational role 
● Experience with Project Management methodologies (Agile and Scrum methodology is advantage)
● Ability to do project contribution and driven and result-oriented, problem solving and adoption for any change management
● Excellent written and verbal communication skills to develop relationships across working levels of customers
● Ability to use project management tools and related materials 
● Effective project team leadership and motivation capability
● PMP certification a plus 
● Good command on both English and Thai

bottom of page