Business Analyst - Digital Security
- Bangkok
- Permanent
- Full-time
Level: Deputy Department Manager
Work location: Bangkok (SM Tower)Job Purpose:We are seeking a detail-oriented and proactive Business Analyst to join our Digital Security team. You will play a critical role in enhancing the organization's cybersecurity health, conducting assessments, and supporting key initiatives to strengthen digital security practices. This role involves collaboration across multiple teams and functions to ensure compliance, operational resilience, and robust data protection.Job Responsibilities:
1. Cybersecurity Health Metrics Improvement
- Assist in defining, tracking, and improving cyber health metrics aligned with organizational goals.
- Generate regular reports and dashboards to provide insights into risk posture and compliance status.
2. NIST Framework
- Assist in performing assessments using the NIST Cybersecurity Framework 2.0 & 800-53 Control Library.
- Identify gaps, recommend remediation actions, and support implementation to enhance maturity levels.
3. Business Continuity Planning (BCP) and Disaster Recovery (DR) Testing
- Collaborate with relevant stakeholders to develop and update BCPs and DR plans.
- Plan, execute, and document DR tests, identifying areas for improvement and tracking corrective actions.
4. Risk Assessments
- Conduct privacy impact assessments to ensure compliance with data protection regulations (e.g., GDPR, CCPA).
- Evaluate third-party vendors for cybersecurity risks and compliance with organizational policies.
- Assess applications for potential security risks, including vulnerabilities, access controls, and data protection.
5. Documentation and Reporting
- Prepare comprehensive reports, including risk analysis, compliance status, and assessment findings.
- Maintain accurate and up-to-date documentation for audits and regulatory purposes.Qualifications and Skills
1. Education and Experience:
- Bachelor's degree in information technology, Cybersecurity, or a related field.
- 3+ years of experience in IT risk management, cybersecurity, compliance, or a similar role.Technical Skills:
- Familiarity with NIST Cybersecurity Framework (CSF), ISO 27001, and related standards.
- Experience with business continuity planning (BCP) and disaster recovery (DR) testing.
- Strong understanding of privacy regulations such as GDPR, CCPA, or equivalent.
- Knowledge of third-party risk management practices and tools.
- Proficiency in any GRC tools along with Excel, Power BI, or similar for reporting and data analysis.
Soft Skills:
- Excellent analytical and problem-solving abilities.
- Strong communication and presentation skills, with the ability to convey technical concepts to non-technical stakeholders.
- Collaborative mindset and ability to work effectively in cross-functional teams.
- Attention to detail and a proactive approach to identifying and mitigating risks.Remark:1) Work location base at Thai Union's corporate office - SM Tower, Bangkok.Direction to work location: