Sunthorn L.

IT Risk Mangement at Ayudhya Capital Services Co.,Ltd.
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Bangkok City, Thailand, TH

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • Certified Data Privacy Solutions Engineer (CDPSE)
    ISACA
    Sep, 2020
    - Oct, 2024
  • Certified Information Security Manager (CISM)
    ISACA
    Jan, 2012
    - Oct, 2024
  • Certified Information Systems Auditor (CISA)
    ISACA
    Jun, 2010
    - Oct, 2024

Experience

  • Ayudhya Capital Services Co.,Ltd.
    • Financial Services
    • 200 - 300 Employee
    • IT Risk Mangement
      • Jun 2021 - Present

      • Establish IT Risk Management Policy, relevant procedure and setup risk management framework. • Ensure IT Risk implementation complies with regulatory requirements. • Analyze and define significant IT Risk criteria. • Engage IT Risk assessment, report and monitoring to ensure risk well managed in acceptable level. • Participate in IT Risk advisory on initiatives projects. • Establish IT Risk Management Policy, relevant procedure and setup risk management framework. • Ensure IT Risk implementation complies with regulatory requirements. • Analyze and define significant IT Risk criteria. • Engage IT Risk assessment, report and monitoring to ensure risk well managed in acceptable level. • Participate in IT Risk advisory on initiatives projects.

  • Ayudhya Capital Services
    • Bangkok City, Thailand
    • IT Security Technical Controller
      • Feb 2017 - May 2021

      • Member of IT Enterprise Architecture Committee, review security and privacy design on project e.g. DevSecOps, API, Cloud, Robot Framework, etc. • Approve IT access request e.g. firewall, VPN access, etc. and security deviation. • Vulnerability management on IT Infra/Application/Endpoint. • Conduct external and internal penetration testing. • Manage enterprise Data Loss Prevention rules and reporting. • Manage high privilege account management. • Oversee cybersecurity attack monitoring, security incident management and investigation. • Implement security project e.g. DLP, Advanced Threat Protection (ATP), Key Management, etc. • Support external and internal audit or regulatory review. • Conduct security awareness training and knowledge sharing. Show less

  • SCB – Siam Commercial Bank
    • Thailand
    • Banking
    • 700 & Above Employee
    • AVP - IT Infrastructure Security Specialist
      • Aug 2012 - Jan 2017

      • Manage company wide information security vulnerability management and conduct penetration testing as required. • Participate in IT security review on business project and solution implementation. • Implement PCI-DSS. • Manage company wide information security vulnerability management and conduct penetration testing as required. • Participate in IT security review on business project and solution implementation. • Implement PCI-DSS.

  • Bank of Ayudhya (Krungsri Bank)
    • Thailand
    • Banking
    • 700 & Above Employee
    • IT Audit Manager
      • May 2010 - Jul 2012

      • Responsible for IT general control, IT Application, IT Outsourcing audit activity as planned, issue audit report and arrange audit exit meeting with IT management staffs. • Perform IT audit program development and IT project advisory. • Responsible for IT general control, IT Application, IT Outsourcing audit activity as planned, issue audit report and arrange audit exit meeting with IT management staffs. • Perform IT audit program development and IT project advisory.

  • Thomson Reuters
    • Canada
    • Software Development
    • 700 & Above Employee
    • Operation Security Analyst
      • Oct 2006 - Apr 2010

      • Vulnerability management on TR’s global IT infrastructure • Global TR’s firewall compliance review • Develop global TR’s anti-virus deployment script • Vulnerability management on TR’s global IT infrastructure • Global TR’s firewall compliance review • Develop global TR’s anti-virus deployment script

  • PriceWaterhouse Coopers FAS Co.,Ltd (Thailand)
    • Bangkok City, Thailand
    • Senior Consultant
      • Oct 2005 - Sep 2006

      • Evaluate the effectiveness of clients' information-related controls, processes and document test finding. • Communicate IT audit findings to clients’ senior management. • Perform web application penetration testing. • Conduct IT security audit training for clients. • Evaluate the effectiveness of clients' information-related controls, processes and document test finding. • Communicate IT audit findings to clients’ senior management. • Perform web application penetration testing. • Conduct IT security audit training for clients.

  • AIS - Advanced Info Services Plc.
    • Thailand
    • Telecommunications
    • 700 & Above Employee
    • System Administrator
      • Sep 2001 - Sep 2004

      • Responsible for implementation, configuration and maintenance system, data backup facility and firewall devices. • Supporting day-to-day IT operation. • Perform IT system availability monitoring and performance tuning. • Disaster recovery testing. • Responsible for implementation, configuration and maintenance system, data backup facility and firewall devices. • Supporting day-to-day IT operation. • Perform IT system availability monitoring and performance tuning. • Disaster recovery testing.

  • CATCHA Dot Com (Thailand)
    • Bangkok City, Thailand
    • Web Programmer
      • Dec 2001 - Aug 2002

      • Develop and maintain portal website. • Develop new CATCHA web service such as web mail, friends matching, web board, email advertising tracking system. • Develop and maintain portal website. • Develop new CATCHA web service such as web mail, friends matching, web board, email advertising tracking system.

Education

  • Kasetsart University
    Master, Information Technology
    2002 - 2004

Community

You need to have a working account to view this content. Click here to join now