Job Summary :
The primary responsibility is to monitor, detect, analyze, and respond to cyber threats in order to protect the organization’s systems and data. The role also supports Governance, Risk, and Compliance (GRC) by helping to establish and enforce security measures aligned with laws, standards, and internal policies. Additionally, the role also expands into proactive (Offensive Security) activities such as security assessments, penetration testing, and threat simulations.
Key Responsibilities :
1. Security Monitoring & Incident Response
· Monitor, analyze, and respond to security incidents.
· Use SIEM, EDR/XDR, IDS/IPS tools for threat detection and monitoring.
· Perform root cause analysis and basic forensic investigation of incidents.
· Conduct adversary simulations to evaluate detection and response effectiveness.
2. Threat, Vulnerability & Offensive Security
· Assess and track vulnerabilities in networks, applications, and endpoints.
· Collaborate with Infrastructure/Development teams for remediation and patch management.
· Perform vulnerability scanning and penetration testing.
· Contribute to the development of use cases, detection rules, and threat hunting playbooks.
3. Policy, Risk & Compliance (GRC Support)
· Support the development of security policies, standards, and guidelines aligned with frameworks such as ISO27001, NIST CSF, and CIS Controls.
· Assist with risk assessments and compliance tracking.
· Prepare security reports, KPIs, and metrics for management.
· Support gap analysis and audit preparation for internal/external audits.
4. Awareness, Testing & Continuous Improvement
· Assist in conducting security awareness training for employees.
· Participate in Red/Blue/Purple Team exercises with other security teams.
· Design and conduct incident response drills, tabletop exercises, and pen test simulations.
· Contribute to the improvement of incident response processes and playbooks.
บริษัท เอ็ม บี เค จำกัด (มหาชน)
