ABOUT THE JOB
The Head of Security Operations Center (SOC) is responsible for overseeing the operations of the SOC team that provides Security Operations and managed security services to customers. This role requires a strategic leader with extensive experience in cybersecurity, customer service, and incident response. The Head of SOC will ensure the delivery of high-quality security services, maintaining strong customer relationships, and enhancing the security posture of customer organizations.
KEY RESPONSIBILITIES
SOC Operation Management
- Work closely with the GM Cybersecurity SOC to implement SOC strategy direction.
- Plan and manage SOC daily operations inclusive resources, hiring, training and performance evaluation and budget.
- Lead and provide operational support for security incidents.
- Develop, implement and ensure compliance of SOC policies, procedures, and workflows
Service Delivery and Customer Management:
- Oversee the daily operation and delivery of managed security services to customers, ensuring service level agreements (SLAs) are met or exceeded.
- Maintain regular communication with customer to understand their security needs, provide updates on security incidents, and offer recommendations for improving their security posture.
- Conduct regular service reviews with customer to ensure their satisfaction and address any concerns or feedback.
Security Monitoring and Incident Response:
- Oversee 24/7 monitoring of security events to identify and respond to potential security incidents across customer environments. This includes security threat analysis, investigation/forensics and vulnerability management.
- Ensure timely and effective investigation and resolution of security incidents, including root cause analysis and remediation.
- Coordinate with internal and external stakeholders during major security incidents and ensure appropriate communication and escalation.
Technology and Tools Management:
- Ensure the effective use and configuration of SOC tools, including XDR (Extended Detection & Response), SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection System/Intrusion Prevention System), and endpoint protection platforms.
- Ensure Managed Security Services/Devices operation includes meeting the SLA/SLG, incident resolution and configurations/platform management.
- Evaluate and recommend new security technologies and tools to enhance the SOC's capabilities and service offerings.
- Manage relationships with vendors and service providers to ensure the SOC has access to the latest security technologies and support.
Compliance and Reporting:
- Ensure SOC operations comply with relevant regulatory and industry standards applicable to customer environments.
- Develop and maintain SOC metrics and reporting mechanisms to provide insights into security posture and operational effectiveness for customer.
- Prepare and present reports to senior management and customer on security incidents, trends, and SOC performance.
Collaboration and Communication:
- Work closely with Group Information Security, Product and other teams within customer organizations to ensure alignment and integration of security operations with overall IT strategy.
- Collaborate with business units and stakeholders within customer organizations to understand their security needs and provide guidance on best practices.
- Act as a liaison between the SOC and external entities, such as law enforcement and regulatory bodies, during incident investigations affecting customer.
CANDIDATE MUST HAVE
- Degree in Computer Science, IT/ Software Engineering, Information Security and Assurance, Network Security, Information Technology Management
- Professional cybersecurity certifications (CISSP, CISM, CISA, CCNP, CCNA Security, ISC2,CompTIA Security, GSEC, GDSA)
WE VALUE
- Minimum 8 years in cybersecurity domain
- Deep knowledge of security tools, technologies, and best practices (XDR, SIEM, EDR, SOAR etc)
- Proven experience in security operations, incident response, and threat hunting
LOCATION
- TM Cyberjaya, Lingkaran Teknokrat, Cyber 4, Cyberjaya 63000 Selangor
- TM Annexe 1, Taman Bukit Pantai, 59100 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur
