Manager, Cyber Security (Operations)

Job Purpose

We are seeking a highly skilled and hands‑on Cybersecurity Operations Manager to lead and strengthen our organisation’s cybersecurity operations. This role is responsible for safeguarding the confidentiality, integrity, and availability of enterprise systems and data through effective security monitoring, incident response, and vulnerability management.

The Cybersecurity Operations Manager will oversee the management of security tools and platforms, support compliance requirements, and drive continuous improvement of cybersecurity capabilities. This role requires close collaboration with IT infrastructure, cloud, application, and business teams to enhance the organisation’s overall security posture and ensure robust operational governance

Responsibilities

• Manage day‑to‑day cybersecurity operations.
• Oversee security monitoring and threat detection activities.
• Ensure continuous monitoring of alerts, events, and incidents.
• Maintain cybersecurity procedures, standards, and documentation.
• Coordinate incident response with internal teams and external vendors.
• Conduct root cause analysis and prepare post‑incident reports.
• Manage threat intelligence and proactive threat hunting.
• Oversee vulnerability assessments and remediation efforts.
• Ensure timely patching and security hardening across systems and networks.
• Track and report cybersecurity risks and remediation progress.
• Drive exposure reduction and security posture improvements.
• Manage and optimise security tools (SIEM, EDR/XDR, email security, firewalls, IDS/IPS, vulnerability scanners, IAM).
• Ensure proper integration and performance of security platforms.
• Support compliance with ISO 27001, NIST, CIS, PDPA, and related standards.
• Ensure security controls are implemented and effective.
• Assist with audits and evidence collection.
• Maintain operational metrics and KRI reporting.
• Provide regular reports on security operations and risks to management.
• Communicate incidents, risks, and remediation status clearly.
• Collaborate with infrastructure, cloud, application, and business teams.
• Drive continuous improvement of cybersecurity capabilities.

Qualifications & Work Experience

• Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field.
• 5–8 years of experience in cybersecurity or IT security operations.
• Experience in SOC operations and incident response.
• Exposure to cloud security (Azure, AWS, or GCP) preferred.
• Strong knowledge of security operations, incident response, vulnerability, endpoint, network, IAM, and cloud security.
• Hands‑on experience with Microsoft Defender, SIEM, EDR/XDR, and vulnerability management tools.
• Familiarity with KQL, threat hunting, and security analytics is a plus.
• Strong analytical and problem‑solving skills.
• Effective communication and stakeholder management skills.
• Proven crisis and incident management capability.
• Ability to work under pressure and manage multiple priorities.
• Continuous improvement mindset.
• Relevant certifications (preferred): CISSP, CISM, CEH, Microsoft, ISO 27001.