Manager, IT Security Operations

The Security Operations Manager plans and oversees monitoring and maintenance of security operations and provides direction and leadership to internal resources. He/She provides expertise on security technologies and innovative security concepts and works toward enhancing the resilience of security operations.

He coordinates ongoing reviews of existing security programs, protocols and planned upgrades. He establishes escalation processes for security incidents and develops contingency plans and disaster recovery procedures. He focuses on policy implementation and control.

He is familiar with cyber security standards, protocols and frameworks, and ensures the organisation's compliance with the Cyber Security Act 2018. He is knowledgeable in using various cyber security monitoring and testing tools and techniques.

The Security Operations Manager is diligent and watchful in monitoring security operations, systems and activities. He is also a confident leader who develops plans and solutions to address security incidents and also one who has a passion for engaging and developing others in his team.

Key Responsibilities:

Implement Cybersecurity Strategy

• Align security operations functions with the organisation's overall business objectives.
• Ensure compliance and adopt best practices with cyber security regulations and other relevant standards (e.g. MAS TRM, PDPA, Health Information Bill, ISO27001).
• Ensure the effectiveness of critical security controls and platforms (e.g., DDoS, DLP, IAM, PAM, SIEM, EDR, etc.).
• Develop and maintain security operations and incident management standard Operating procedures, playbooks, and escalation processes.
• Provide technical and operational oversight for security tool deployment and implementation.

Monitor Cybersecurity Systems

• Develop plans for monitoring security systems and responding to cyber security incidents.
• Oversee the identification and measurement of critical cyber security operations metrics.
• Develop cyber threat detection and incident alert rules and implement regulations.
• Manage the use, performance tuning and enhancement of security monitoring and detection tools, ensuring full visibility across on-premises, cloud, and hybrid IT environments.
• Monitor levels of service of the cyber security operations.
• Present periodic cyber security status reports to management

Maintain Cybersecurity Operations

• Oversee planning and coordination of 24 x 7 security operations coverage.
• Coordinate ongoing reviews of existing security programs, protocols and planned upgrades.
• Monitor compliance to security policies, regulations, rules and norms.
• Drive continuous improvement of security operations.
• Oversee end-to-end daily cybersecurity operations, encompassing security operations and incident response, threat intelligence, management of security service providers, identity and access management, infrastructure/application security, and vulnerability and patch management.
• Conduct threat hunting and leverage threat intelligence to proactively identify emerging risks and potential attack vectors.

Manage Response to Cyber Security Incidents

• Formulate internal guidelines for processing and escalation of cyber security incidents.
• Review reports on incidents and breaches of cyber security.
• Oversee prioritisation of alerts and resources for incident responses.
• Present final incident reports on cyber security incidents to senior management for approval.
• Lead and manage security incident triage, response and escalation processes, ensuring swift detection, containment, and recovery.
• Conduct post-incident evaluation, identify gaps and implement improvements to prevent recurrence.
• Recommend systems and procedures for the prevention, detection, containment and correction of cyber security breaches.

Manage People and Organisation

• Review operational strategies, policies and targets across teams and projects.
• Develop strategies for resource planning and utilisation.
• Review the utilisation of resources.
• Oversee the development of learning roadmaps for teams and functions
• Establish performance indicators to benchmark effectiveness of learning and development programs against best practices.
• Implement succession planning initiatives for key management positions

Requirements:

• Bachelor's degree in Computer Science, Engineering, or related discipline.
• 3-7 years of relevant experience in infrastructure operations, implementation, and/or support within enterprise or regulated environments.
• Strong working knowledge in: networking, servers, cloud, identity, Microsoft 365, backup/DR, monitoring, and security controls.
• Experience with Microsoft Azure and compliance‑driven environments is preferred.
• Certifications are a plus: CCNA, CompTIA Network+/Security+, ITIL Foundation, Microsoft Azure certifications, security certifications (CCSP/GSEC).
• Strong documentation, problem-solving, and stakeholder communication skills.