Cybersecurity Engineer Lead

About Hytech

Hytech is a leading management consulting firm headquartered in Australia and Singapore, specialising in digital transformation for fintech and financial services organisations. We deliver end-to-end consulting services and provide robust middle- and back-office solutions that enable our clients to optimise operations, enhance efficiency, and stay ahead in a fast-evolving digital landscape.

With more than 2,000 professionals worldwide, Hytech has a strong and growing international presence, with offices across Australia, Singapore, Malaysia, Taiwan, the Philippines, Thailand, Morocco, Cyprus, Dubai, and beyond.

About the Role:

As aSOC Team Lead, you will be responsible for leading a team of security analysts and engineers, overseeing the daily operations of the Security Operations Center (SOC). You will play a crucial role in maturing our security incident response process, managing security infrastructure strategy, and acting as the primary escalation point for complex security threats. This role requires a blend of deep technical expertise, people management skills, and the ability to translate technical risks into business impact.

Job Responsibilities:

• Team Leadership & Mentorship:Lead, mentor, and develop a team of SOC engineers/analysts, conducting performance reviews, identifying training needs, and fostering a culture of continuous learning.
• Incident Management:Oversee the end-to-end incident response process, acting as the primary decision-maker and coordinator during high-severity security incidents.
• Operational Excellence:Manage the daily operations of the SOC, ensuring SLAs are met, backlogs are managed, and processes are running efficiently.
• Process Maturation:Own the creation, review, and enhancement of the full suite of cybersecurity SOPs and playbooks, ensuring they remain effective and current.
• Tooling & Strategy:Lead the evaluation, implementation, and optimization of security technologies (SIEM, XDR, SOAR, etc.), including managing POCs for new security products and driving automation initiatives.
• Threat Intelligence & Hunting:Guide the team's threat intelligence efforts and proactive threat hunting exercises to identify and mitigate emerging risks before they become incidents.
• Stakeholder Communication:Report on SOC metrics, incident trends, and security posture to management and stakeholders, translating technical findings into clear, actionable insights.
• Use Case Management:Oversee the creation and tuning of security use cases to reduce false positives and improve detection capabilities.

Job Requirements:

• Experience:Minimum 3-5 years of experience in a SOC environment, with at least 1-2 years in a team lead or senior supervisory role.
• Leadership:Proven experience leading, training, and developing technical security teams.
• Incident Response:Deep expertise in leading complex incident response investigations, root cause analysis, and digital forensics.
• Technical Breadth:
• Advanced knowledge of SIEM, XDR, EDR, Anti-Malware, and Email Security technologies.
• Strong understanding of networking (Firewalls, IDS/IPS, VPN, WAF) and core infrastructure (Active Directory, Databases, Cloud).
• Proficiency in log analysis and correlation across diverse data sources.
• Process Oriented:Experience developing and refining SOC processes, runbooks, and playbooks.
• Communication:Excellent verbal and written communication skills, with the ability to convey technical risks to non-technical leadership.
• Mindset:Proactive, strategic thinker who is passionate about staying ahead of the threat landscape.

Good to Have:

• Automation & Scripting:Experience leading automation efforts using Python, PowerShell, or Bash to streamline SOC workflows.
• Cloud Security:Hands-on experience with cloud security monitoring (AWS, Azure, or GCP) and related services (e.g., GuardDuty, CloudTrail).
• Frameworks & Standards:Strong working knowledge of industry frameworks such as MITRE ATT&CK, NIST Cybersecurity Framework, ISO 27001, and PCI DSS.
• Advanced Certifications:Possession of advanced security certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GMON), or equivalent.
• SOAR Experience:Experience with Security Orchestration, Automation, and Response (SOAR) platforms.

What We Offer

• Easy access to public transportation (LRT & KTM).
• Transportation allowance.
• Corporate insurance coverage, including dental, optical, and outpatient claims.
• Gym and fitness claims.
• Ongoing training and development opportunities.
• Exposure to exciting projects that support career growth and professional development.