เกี่ยวกับเรา :We provides consultancy services regarding Information Security and Compliances to serve Thailand’s leading enterprises for reducing litigation risk upfront makes the company a more attractive investment. Frame regulatory issues. Our services provide greater insight into insurance, indemnity and liability issues and allow the company to better focus and structure its inquiry.
Develop and implement IT compliance programs, policies, and procedures, in accordance with applicable regulations and standards, such as PCI-DSS, HIPAA, SOX, GDPR, PDPA , ISO 27001 and ISO 27701
Conduct compliance assessments, risk assessments, and gap analyses, to identify compliance risks and recommend risk mitigation strategies
Develop and deliver IT compliance training programs to employees, to raise awareness of IT compliance requirements and best practices
Conduct internal audits of IT systems, processes, and controls, to ensure compliance with regulatory and legal requirements
Monitor and evaluate changes in IT regulations and standards, and provide guidance to the organization on necessary changes to IT policies and procedures
Develop and maintain IT compliance documentation, such as policies, procedures, and risk assessments
Collaborate with other departments, such as Legal, Risk Management, and IT Security, to ensure alignment and coordination of IT compliance efforts
Provide guidance and support to IT project teams, to ensure that new IT systems and processes comply with relevant regulations and standards
คุณสมบัติ
เพศ : ไม่ระบุ
อายุ(ปี) : 24 ปีขึ้นไป
ระดับการศึกษา : ปริญญาตรี ขึ้นไป
ประสบการณ์(ปี) : 1 - 3
คุณสมบัติด้านความรู้และความสามารถ
knowledge of IT regulatory requirements, such as PCI-DSS, HIPAA, SOX, GDPR, PDPA and ISO 27001
Excellent communication and interpersonal skills, including the ability to communicate effectively with both technical and non-technical stakeholders
analytical and problem-solving skills, with the ability to identify, evaluate, and mitigate compliance risks
IT security and data privacy requirements, such as encryption, access controls, and data classification