Summary
The Security Operation Lead is responsible for leading Tranglo's Security Operations function, including 24x7 monitoring, incident response, threat hunting, vulnerability management, technology hardening and security control assurance.
This role ensures that Tranglo meets ISO 27001:2022, BNM RMiT, BCM, and technology audit requirements, while driving continuous improvement of detection and response capabilities.
Key Responsibilities
- Lead 24x7 operations including security monitoring, alert triage, and escalation.
- Manage and optimize SIEM, EDR, DLP, VA, and related security tools to ensure full production monitoring coverage.
- Coordinate internal vulnerability assessment and external VAPT
- Lead incident response end to end, including containment, recovery, documentation and post incident review.
- Maintain and improve incident response playbooks, SOC procedures, escalation and documentation.
- Integrate and oversee secure development checks within CI/CD pipelines.
- Operationalize threat intelligence, track IOCs, and perform proactive threat hunting across systems and environments.
- Oversee vulnerability lifecycle management, remediation tracking and configuration hardening compliance.
- Deliver SOC dashboards, monthly security reports, and audit evidence.
- Collaborate with Infrastructure and Engineering teams to embed security controls and resolve findings.
- Mentor SOC analyst, lead security exercise, and support team capability development and hiring.
Required Skills & Qualification
- Bachelor's degree in Information Security, Computer Science, or equivalent experience.
- 4+ years in security operations, with at least 1 year as a senior analyst.
- Experience in SIEM (Log360/Splunk), EDR (Defender/CrowdStrike/Sophos), IDS/IPS and SOAR (implementation and utilization)
- Strong knowledge of incident response lifecycle, threat hunting and detection engineering.
- Hands on experience with vulnerability management (Tenable, Nessus)
- Familiarity with ISO 27001:2022, BNM RMiT, technology resilience and monitoring requirements.
- Experience working with Infrastructure and Engineering teams on security hardening and secure development practices.
- Understanding of BCP/DR concept and recovery testing methods.
- Strong analytical skills, communication and leadership capability.
Preferred Certification
- GCIH, GCFA, CISSP, CISM, CEH and ISO 27001 Lead implementor/Auditor.
- Experience in fintech or Money Services Business (MSB).
- Cloud security monitoring (AWS/Azure/Alibaba)
