Security Operation Center Team Lead

Job Description

Empowering You – to break new ground!

As part of the global NTT DATA Group, one of the top 5 IT service providers worldwide, we specialize in value-added SAP solutions. At NTT DATA Business Solutions, our focus is SAP Consulting, SAP Development, Managed Cloud Services, and Application Management Services (AMS) & Technology. Across the globe, we support customers in their digital transformation from start to finish.

OUR RECIPE FOR SUCCESS : DIVERSITY, OPENNESS, RESPECT, AND TOGETHERNESS.

With more than 13,000 employees from 64 nations in over 29 countries, our diverse workforce reflects our values. People are and will always be vital to our mission, playing a decisive role in everything we do.

ARE YOU READY TO BREAK NEW GROUND?

Location : Malaysia

What makes us special :

Team-oriented corporate culture, collaboration as equals and steady knowledge transfer

Family-friendliness (e.g. Childcare Center, paternity and maternity leave)

Diversity & Inclusion (e.g., various initiatives & communities)

Flexible working hours – depends on team and department

Inhouse Academy with a variety of professional technical training, soft skills training, SAP Learning Hub, and certification opportunities

Company health benefits (e.g. Medical Insurance for family member, Health Insurance, Optical and Dental Benefits, parking)

Do you love challenges?

Security Operation Center Team Lead is responsible for leading and managing the Security Operations Center at NTT Business Data Solutions to ensure effective monitoring, detection, and response to cybersecurity threats and incidents. Additionally, the Head of Security Operation oversees the organization’s vulnerability management and penetration testing programs, ensuring the proactive identification and mitigation of security risks.

This role involves overseeing a team of security analysts, developing, and maintaining SOC processes, and ensuring the organization’s security posture aligns with industry standards and best practices. Furthermore, this role requires strategic oversight, technical expertise, and leadership to align security operations with business goals.

With more than 16 employees organized in Cyberjaya office, Malaysia, the SOC Team operate 24 / 7 to monitor and respond to cybersecurity threat for more than 17,000 client endpoints (notebooks) and more than 14,000 servers (on premise and cloud) organized in 6 global data centers.

Key Responsibilities :

• Leadership and Team Management :
• Supervise Teams : Lead SOC analysts, vulnerability management, and penetration testing teams, ensuring high performance, accountability, and professional growth.
• Staff Development : Provide mentorship and training programs to upskill team members in SOC operations, vulnerability management, and penetration testing.
• Team Collaboration : Foster collaboration within the security teams and with other IT and business units.
• Shift Management : Ensure adequate staffing and shift rotations for 24 / 7 SOC operations.
• People Topics : Manage discipline and motivate the team by fostering collaboration, trust, and open communication while addressing conflicts constructively. Promote work-life balance and adaptability to drive team satisfaction and productivity.
• SOC Operations Management :
• Real-Time Monitoring : Oversee 24 / 7 monitoring of security events using tools like SIEM, XDR, and other detection technologies.
• Incident Response : Manage the incident response lifecycle, ensuring timely detection, investigation, containment, and remediation of security incidents.
• Threat Analysis : Continuously assess and improve SOC capabilities to address emerging threats and vulnerabilities.
• SOC Playbooks : Develop, implement, and maintain comprehensive playbooks for effective incident response and threat handling.
• Performance Metrics : Measure and improve SOC effectiveness using metrics such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Incident Response Management :
• Incident Commander : Serve as the Incident Response Commander and act as Level 3 during critical security incidents, leading the incident response lifecycle.
• Coordination : Coordinate with internal teams, business team, Data Center stakeholders, and third-party vendors to resolve incidents effectively.
• Response Planning : Develop, maintain, and test incident response plans to ensure preparedness for various attack scenarios.
• Incident Handling : Oversee the detection, containment, eradication, and recovery phases of incident management.
• Post-Incident Review : Lead post-incident reviews, ensuring root cause analysis and lessons learned are documented and integrated into security operations.
• Communication : Provide timely updates to senior management and stakeholders during incidents, including clear and concise situational reports.
• Technology and Tools Management :
• Tool Administration : Manage security tools and platforms, including XDR, SIEM, vulnerability scanners, penetration testing tools, and threat intelligence platforms.
• Optimization : Ensure tools are optimally configured, updated, and integrated with other systems for efficient operation.
• Evaluation : Continuously evaluate emerging technologies to enhance SOC capabilities.
• Automation : Drive automation initiatives to streamline monitoring, detection, and response activities.
• Strategic Responsibilities, Compliance & Audit Support :
• Risk Management : Proactively identify, evaluate, and mitigate risks through SOC operations, vulnerability assessments, and penetration testing.
• Threat Intelligence Integration : Leverage threat intelligence to enhance proactive threat detection and prevention measures.
• Policy Development : Contribute to the development and enforcement of cybersecurity policies and procedures.
• Alignment with Business Goals : Ensure security operations align with organizational objectives and risk appetite.
• Regulatory Alignment : Ensure SOC operations, vulnerability management, and penetration testing comply with relevant regulations and frameworks (e.g., ISO 27001, GDPR, NIST).
• Audit Support : Provide documentation, evidence, and reports to support internal and external audits.
• Governance : Maintain governance over security operations to ensure alignment with industry best practices.
• Vulnerability Management :
• Vulnerability Scanning : Oversee the regular scanning of infrastructure, applications, and systems to identify security vulnerabilities.
• Prioritization : Analyze and prioritize vulnerabilities based on severity, risk, and business impact.
• Remediation Coordination : Collaborate with IT teams to remediate vulnerabilities within defined SLA timelines.
• Policy Enforcement : Establish and enforce policies for continuous vulnerability assessment and management.
• Reporting : Provide detailed reports on vulnerabilities, trends, and remediation progress to stakeholders.
• Communication and Reporting :
• Stakeholder Updates : Regularly communicate SOC, vulnerability, and penetration testing performance to Head of IT & DC Security and stakeholders.
• Incident Briefings : Provide detailed post-incident reports, including root cause analysis and remediation steps.
• Dashboards : Develop dashboards to present real-time SOC performance, incident status, and vulnerability results.

Convince us with your potential!

Key Competencies :

Do you have questions?

We look forward to receiving your complete application documents stating your earliest start date.

Get empowered by NTT DATA Business Solutions!

Norshafina Zainuddin

Tel. :

E-Mail : sol-my-bu-hr-talentmgmt@bs.nttdata.com

We transform. SAP® solutions into Value

Apply

Listen to the story of Employee Voice

Gorkem Ozdener

Consulting Manager

Turkey

Read more

Vinay Godugu

Practice Manager

India

Read more

Agata Maruszewska

HR Business Partner

Poland

Read more

Apply Back to search results