Saranpong Hongthong

• DLP
• Cybersecurity Incident Response Process
• Budget planning and Project management
• Consolidate and Validate Cyber Security Operation Report comprise of KPIs, Incident, VA, Pentest,
• Threat Intelligence and present to Committee
• Elevate overall specific and related Cyber Security Operation Process such as Vulnerability
• Management, Phishing monitoring
• Domain and SSL monitoring, Incident Response, Dashboard and Report, Security Device Rules tuning/Design, etc
• Oversight for Cybersecurity operation and system
• Review and Approval process
• Act as a project manage Cyber Security Project to meet deliverables
• Ensure Security Operation and Platform are compiled with related regulation e.g
• Internal Policy,
• BOT, ISO27001, computer crime act
• Fine tune current technology and explore for new technology that can help to protect and prevent threat
• Co-Op with related organization such as Thailand Banking Sector CERT (TB-CERT)

• Cybersecurity management and operation in SIEM, VA Scan & Report, Device Control, FIM (File
• Integrity Monitoring
• Monitoring and Reporting Cyber Security
• ISO27001:2013 (ISMS Secretary)
• Security Awareness
• Cyber security Incident Response
• Consolidate and Validate Cyber Security Operation Report comprise of KPIs, Incident, VA, Pentest,
• Threat Intelligence and present to Committee
• Elevate overall specific and related Cyber Security Operation Process such as Vulnerability
• Management, Phishing monitoring
• Domain and SSL monitoring, Incident Response, Dashboard and Report, Security Device Rules tuning/Design, etc
• Oversight for DLP operation and system e.g., DLP hardware performance and Incident, Review and Approval process
• Act as a project manage Cyber Security Project to meet deliverables
• Ensure Security Operation and Platform are compiled with related regulation e.g
• Internal Policy,
• BOT, ISO27001, computer crime act
• Fine tune current technology and explore for new technology that can help to protect and prevent threat
• Support for other department e.g., risk assessment, operation risk, data loss, customer support, etc
• Support for standard compliance Operation e.g., ISO2700, etc
• Co-Op with related organization such as Thailand Banking Sector CERT (TB-CERT)

• Implement & Consultant: Design Process, Documented and Internal Audit
• ISO22301: 2012 Business continuity management systems (BCMS) - ISO20000 -1Information Technology Service Management System (SMS) - ISO/IEC 27001: 2013Information Security Management System (ISMS) - ISO/IEC 27017: 2015Information Technology – Code of practice for information security controls based on ISO/IEC 27002 for cloud services - ISO/IEC 27018: 2014 (GDPR Comply)Information Technology – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors - ISO/IEC 27799:2016Health informatics – Information security management in health using
• ISO/IEC 27002 - CSA (Cloud Security Alliance) STAR
• Vulnerability Scan

• Site: Student Loan Fund (SLF) กยศ (กองทุนเงินให้กู้ยืมเพื่อการศึกษา)
• Project: IT Outsource (10 million baths) (Facility Management)
• Management IT outsource Student Loan Fund (SLF) กยศ (กองทุนเงินให้กู้ยืมเพื่อการศึกษา)
• Responsibility
• Management IT outsource in System Operation IT Support, System Engineer, Network &
• Security, Call Center, Data Center
• Set up and Test Disaster recovery plan
• Design System Infrastructure
• Design Infrastructure Network & Security
• Implement and Operate ITIL process
• Create Monthly report for customer
• Planning process between Technical Team with another team
• Prepare IT master plan document
• Prepare IT security policy
• Set up policy for Data Center
• Setup Disaster Recovery Plan
• IT Security and IT Service Compliance
• Implement ISO/IEC 27001
• Implement iTop (ITIL tool on Web Application)
• Vulnerability Scan

• Working with sales team to support business partners and customer needs
• Significant and innovative problem solving
• Collating and presenting detailed technical information
• Manage the Service Coordination Operation and ensure all customers’ service request are recorded and attended to promptly
• Identify staff’s development and training needs and ensure that training is planned, derived and executed in improving staffs’ knowledge, skill and personality
• Perform any other duties or assignments that may be assigned from time to time.

• Project: IT Outsource (20 million baths) (Facility Management)
• Management IT outsource for Excise Department (ED)
• Data Center Management
• Implement Information Security Procedure
• Support ED requirement
• Support Help Desk and application
• Network & Security
• Set up Disaster recovery plan
• Implement ITIL process for Excise Department IT Operation
• Implement ITIL process
• IT Service Compliance
• Create Monthly report for customer
• Planning process between Technical Team with another team
• Set up policy for Data Center
• Network and Security
• BCMS

• Site: SSO (Social Security Office) สำนักงานประกันสังคม
• Project: IT Outsource 800 million baths) (Facility Management)
• Management IT outsource for SSO (Social Security Office) Data Center Operation Data Center
• Management
• Implement Information Security Procedure
• Design System Infrastructure
• Design Infrastructure Network & Security
• Support Call Center
• Set up Disaster recovery plan
• Implement process for Data Center Operation team
• Implement ITIL process
• IT Service Compliance
• Network & Security
• Create Monthly report for customer (SSO)
• Planning process between Data Center Operation and other team (Call Center; Technical)
• Set up policy for Data Center
• Disaster Recovery Plan

• Part (Supply to Toyota Manufacturing)
• Consult user in ERP (IFS)
• IT Services Support
• System Support
• Design System Infrastructure
• Design Infrastructure Network & Security
• Planning and Implement Backup Consolidate system Project
• Planning and Implement Backup Exchange Server Project
• Planning and Implement Antivirus Project
• Planning and Implement Backup Migration Server from NT4 to Windows 2003 server
• Planning and Implement Data Center
• Planning IT budget all year for company
• Planning purchase software licenses
• ISO 14001 & ISO 9000 Internal audit

• ASP (Application Services Provider in WMS) &Logistics
• Administration Server system (IBM RICS 600)
• Manage Data Center Room
• Design System Infrastructure
• Design Infrastructure Network & Security
• Setup, Install, Maintain PC& Server and Network Device
• Planning and Implement Backup policy
• Captured existing processes and gathered business requirements to identify the customers’ needs for Warehouse Management System functionalities and conduct gap analysis
• Managed system/functional testing and user acceptance testing to reduce the risk of system failure and error before go-live
• Constructed user training session with providing user manuals and related documentation to make sure that all levels of users well-understood the change processes
• Provided the after-implementation stage to support users and resolve any issues
• Coordinated with all stakeholders: customers, team members and suppliers, and supplied the status report to keep all partied informed.

GPA: 2.68