Responsibilities:
SOC Operations & Incident Management
- Lead and oversee daily SOC operations, including 24/7 security monitoring, alert triage, incident investigation, and response activities.
- Ensure timely identification, containment, mitigation, and resolution of cybersecurity incidents.
- Drive continuous enhancement of incident response procedures, escalation frameworks, and operational playbooks.
- Lead post-incident reviews, root cause analysis, and lessons learned initiatives to strengthen overall security posture.
Threat Detection & Security Monitoring
- Oversee threat monitoring, threat hunting, and vulnerability management activities to proactively identify potential security risks.
- Ensure effective optimization and management of security technologies including SIEM, SOAR, EDR, IDS/IPS, firewall, and threat intelligence platforms.
- Monitor evolving cyber threats, attack trends, and adversarial tactics using frameworks such as MITRE ATT&CK.
Leadership & Team Management
- Lead, mentor, and develop SOC teams including L1 and L2 Analysts to drive operational excellence and continuous skill enhancement.
- Manage workforce planning, shift scheduling, resource allocation, and SOC capacity management.
- Foster a high-performance, collaborative, and security-focused culture within the SOC environment.
Governance, Reporting & Continuous Improvement
- Monitor SOC performance metrics, KPIs, and SLAs to ensure operational effectiveness and service excellence.
- Work closely with internal stakeholders, management teams, and clients on incident reporting, security advisory, and remediation efforts.
- Support compliance initiatives, audits, and governance activities aligned with security standards such as ISO 27001, NIST, and industry best practices.
- Drive continuous improvement initiatives to enhance SOC maturity, automation, and operational resilience.
Requirements:
- Bachelor’s Degree in Cyber Security, Information Technology, Computer Science, or related discipline.
- Minimum 7–10 years of experience in cybersecurity, with at least 2–3 years in a SOC leadership or management role.
- Strong hands-on experience in SOC operations, cyber threat management, incident response, and security monitoring.
- Solid experience managing enterprise security technologies such as SIEM (Splunk, QRadar), SOAR, EDR, IDS/IPS, firewall, and endpoint security solutions.
- Strong understanding of cyber threat intelligence, malware analysis, vulnerability management, and attack methodologies.
- Experience managing 24/7 SOC operational environments and incident escalation processes.
- Excellent leadership, stakeholder management, analytical, and decision-making skills.
- Strong verbal and written communication skills with the ability to engage both technical and non-technical stakeholders.
- Local Malaysian only