The Head of Security Operations is a pivotal leadership role responsible for overseeing and directing all aspects of the bank's IT security operational posture. This role ensures the continuous effectiveness, compliance, and strategic evolution of security controls and systems that safeguard Hong Leong Bank Berhad's cri0cal IT infrastructure and data assets. The incumbent will lead a dedicated team to manage security operations, drive continuous improvement, and align security capabilities with evolving business and regulatory requirements.
·
Security Operations Management:o Lead and manage the daily operations of all security appliances and equipment, including but not limited to Firewalls (across all tiers/segments), Web Application Firewalls (WAF), Endpoint Detection and Response (EDR) solutions (e.g., FireEye), Intrusion Prevention Systems (IPS), and Network Access Control (NAC) systems.
o Ensure optimal performance, availability, and conï¬guration of all managed security components.
·
Compliance and Maintenance:o Responsible for all compliance-related maWers pertaining to security operations, ensuring adherence to internal policies, industry best practices, and regulatory guidelines (e.g., Bank Negara Malaysia's RMiT).
o Oversee and ensure 0mely execution of patching, ï¬rmware upgrades, and vulnerability remedia0on across all security infrastructure.
·
Strategic Planning and Design:o Lead the planning and execution of security technology refresh initiatives, ensuring systems remain current, secure, and performant.
o Drive the design and architecture of new security solutions and enhancements to existing controls.
·
Technology Innova2on and Proposal:o Actively research, evaluate, and propose the adoption of new and emerging security technologies to enhance the bank's security posture.
o Prepare comprehensive technical and business proposals for new security initiatives.
·
Cross-Func2onal Collabora2on:o Collaborate closely with respective IT teams (e.g., Network, Database, Application, IT Risk) and business units to proactively identify and address security concerns and operational challenges.
o Act as a key liaison between Security Operations and other IT departments.
·
Change Valida2on and Quality Assurance:o Responsible for rigorously validating all security-related changes and conï¬gurations before their implementation in production environments, ensuring minimal risk and adherence to change management policies.
·
Security Monitoring and Incident Response:o Ensure that alerts generated from security components are promptly triaged, investigated, and acted upon, aligning with incident response procedures.
o Contribute to the continuous improvement of security monitoring and alerting capabilities.
·
Financial Management:o Manage the operational expenditure (OPEX) and capital expenditure (CAPEX) budgets for Security Operations, ensuring optimal resource allocation and cost-efficiency.
·
People Management and Development:o Lead, mentor, and develop a high-performing team of security operations professionals.
o Foster a culture of continuous learning, professional growth, and security awareness within the team.
o Conduct performance reviews and manage career development plans for team members.
·
Repor2ng and Communica2on:o Prepare and present regular performance reports, dashboards, and strategic updates on security operations to senior management, including the Head of Infrastructure, Opera0ons & Services, and Head of Security.
o Ensure clear and concise communication of security posture, risks, and achievements.
·
Service Improvement:o Drive continuous service improvement initiatives within Security Operations, enhancing efficiency, effectiveness, and responsiveness.
o Implement automation and orchestration where feasible to streamline security processes.
· Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related ï¬eld. Master's degree is a plus.
· Relevant professional certiï¬cations such as CISSP, CISM, GSEC, CCNP Security, For0net NSE 4+, Palo Alto PCNSE, or equivalent are highly desirable.
· Minimum of 10-12 years of progressive experience in IT infrastructure and security roles, with at least 5-7 years in a dedicated security operations management capacity, preferably within the ï¬nancial services industry.
· Proven hands-on experience and in-depth knowledge of managing and operating a wide range of security technologies and appliances (e.g., Firewalls, WAF, IPS/IDS, Endpoint Security, NAC, SIEM integra0on).
· Strong understanding of network protocols, operating systems (Linux/Unix, Windows), and cloud security principles.
· Demonstrable experience in security architecture, design, and technology refresh planning.
· Solid understanding of IT governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, BNM RMiT, PCI DSS).
· Experience in managing OPEX/CAPEX budgets.
· Exceptional leadership and people management skills, with the ability to motivate and develop a diverse team.
· Strong analytical and problem-solving abilities, capable of dissecting complex security issues.
· Excellent communication, presentation, and interpersonal skills, with the ability to articulate complex technical concepts to both technical and non-technical stakeholders (including senior management).
· Proactive, results-oriented, and able to thrive in a fast-paced, high-pressure environment.
· High level of integrity and a strong sense of accountability.
· Ability to work collaboratively across multiple departments and with external vendors.
Job Type: Full-time
Pay: RM10,000.00 - RM17,000.00 per month
Schedule:
- Day shift
Experience:
- IT infrastructure and Security: 10 years (Required)
- Security Operations Management: 5 years (Required)
Language:
- English (Required)
Work Location: In person
Salary
USD 142,969 - 181,030 /yearly
Yearly based
Location
M14 , Malaysia Kuala Lumpur, M14, Malaysia
M14 , Malaysia Kuala Lumpur, M14, Malaysia
