Cybersecurity Operations & Engineering Lead - Bukit Batok

This role leads a multidisciplinary team to strengthen the organization’s threat detection and response capabilities, secure critical business and IT projects, and engineer resilient and scalable security technologies across enterprise environments.

The ideal candidate is an experienced security leader who thrives in fast-paced environments, with deep technical expertise, cross-functional communication skills, and a proactive mindset toward cybersecurity risk management.

Key Responsibilities:

• Lead and coordinate SOC Level 2 activities, including triage, incident escalation, and analysis.
• Serve as the escalation point for complex security incidents and alerts.
• Review and improve detection rules, triage workflows, SOPs, and runbooks.
• Mentor and train SOC analysts, ensuring 24/7 coverage and effective shift handovers.
• Collaborate with threat intelligence, incident response, and engineering teams to optimize threat visibility and alert fidelity.
• Monitor SOC performance metrics and ensure timely, accurate incident documentation and post-incident reviews.

• Act as the principal cybersecurity advisor for enterprise and IT projects from initiation through implementation.
• Conduct risk assessments, security impact analyses, and architecture reviews to identify and mitigate risks.
• Define and communicate security requirements aligned with internal policies and regulatory standards (e.g., PDPA, NIST, ISO 27001).
• Embed secure-by-design principles into application, infrastructure, and cloud environments.
• Provide guidance on data protection, identity and access management, application security, and cloud security.
• Track project security risks, exceptions, and remediation activities and report status to leadership and stakeholders.

• Oversee the engineering, deployment, integration, and lifecycle management of security platforms (e.g., SIEM, SOAR, EDR, NDR, VM, DLP, CASB, firewalls).
• Lead a team of security engineers in maintaining and optimizing security tooling for operational effectiveness and scale.
• Champion automation and orchestration initiatives to improve efficiency and reduce alert fatigue.
• Ensure integration of tools with enterprise systems (e.g., ticketing, identity platforms, cloud environments).
• Manage tool health, upgrades, patching, and compliance with industry frameworks (e.g., MITRE ATT&CK, NIST CSF, GDPR).
• Drive the evaluation and PoC of new security technologies and maintain up-to-date documentation.

Job Requirements:

Education & Experience:

• Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
• 8–10+ years of progressive experience in cybersecurity roles, including:
• 4–6 years in SOC operations or incident response (with at least 2 years in a lead capacity).
• 2–3 years in a security advisory or project-facing role.
• 3+ years leading cybersecurity engineering or tooling teams.

Technical Skills:

• Deep expertise in SIEM (e.g., Splunk, Sentinel), SOAR, EDR, vulnerability management, and threat detection platforms.
• Strong understanding of network, endpoint, application, and cloud security (AWS, Azure).
• Experience with risk assessments, security architecture reviews, and secure SDLC.
• Knowledge of compliance and security frameworks (ISO 27001, NIST CSF, CIS Controls).
• Scripting and automation skills (Python, PowerShell, Bash).
• Familiarity with MITRE ATT&CK, threat hunting, malware analysis, and forensics.

Certifications (Preferred):

• CISSP, GCIH, GCIA, GMON, CCSP, CRISC, CEH, AWS/Azure Security Certifications, or equivalent.

Soft Skills:

• Strong leadership and team management capabilities.
• Excellent verbal and written communication skills, including reporting and stakeholder engagement.
• Ability to influence technical and business teams on cybersecurity priorities.
• Strong problem-solving and decision-making skills under pressure.
• Exceptional time management, with the ability to manage parallel projects and incident escalations.
• High level of integrity, accountability, and a proactive security-first mindset.