Security Operations Lead

Add expected salary to your profile for insights

The Security Operations Lead is a pivotal leadership role responsible for overseeing and directing all aspects of the bank IT security operational posture. This role ensures the continuous effectiveness, compliance, and strategic evolution of security controls and systems that safeguard Hong Leong Bank Berhad critical IT infrastructure and data assets. The incumbent will lead a dedicated team to manage security operations, drive continuous improvement, and align security capabilities with evolving business and regulatory requirements.

Key Responsibilities:

Security Operations Management:

Lead and manage the daily operations of all security appliances and equipment, including but not limited to Firewalls (across all tiers/segments), Web Application Firewalls (WAF), Endpoint Detection and Response (EDR) solutions (e.g., FireEye), Intrusion Prevention Systems (IPS), and Network Access Control (NAC) systems.

Ensure optimal performance, availability, and configuration of all managed security components.

Compliance and Maintenance:

Responsible for all compliance-related matters pertaining to security operations, ensuring adherence to internal policies, industry best practices, and regulatory guidelines (e.g., Bank Negara Malaysia & RMiT).

Oversee and ensure timely execution of patching, firmware upgrades, and vulnerability remediation across all security infrastructure.

Strategic Planning and Design:

Lead the planning and execution of security technology refresh initiatives, ensuring systems remain current, secure, and performant.

Drive the design and architecture of new security solutions and enhancements to existing controls.

Technology Innovation and Proposal:

Actively research, evaluate, and propose the adoption of new and emerging security technologies to enhance the bank's security posture.

Prepare comprehensive technical and business proposals for new security initiatives.

Cross-Functional Collaboration:

Collaborate closely with respective IT teams (e.g., Network, Database, Application, IT Risk) and business units to proactively identify and address security concerns and operational challenges.

Act as a key liaison between Security Operations and other IT departments.

Change Validation and Quality Assurance:

Responsible for rigorously validating all security-related changes and configurations before their implementation in production environments, ensuring minimal risk and adherence to change management policies.

Security Monitoring and Incident Response:

Ensure that alerts generated from security components are promptly triaged, investigated, and acted upon, aligning with incident response procedures.

Contribute to the continuous improvement of security monitoring and alerting capabilities.

Manage the operational expenditure (OPEX) and capital expenditure (CAPEX) budgets for Security Operations, ensuring optimal resource allocation and cost-efficiency.

People Management and Development:

Lead, mentor, and develop a high-performing team of security operations professionals.

Foster a culture of continuous learning, professional growth, and security awareness within the team.

Conduct performance reviews and manage career development plans for team members.

Reporting and Communication:

Prepare and present regular performance reports, dashboards, and strategic updates on security operations to senior management, including the Head of Infrastructure, Operations & Services, and Head of Security.

Ensure clear and concise communication of security posture, risks, and achievements.

Service Improvement:

Drive continuous service improvement initiatives within Security Operations, enhancing efficiency, effectiveness, and responsiveness.

Implement automation and orchestration where feasible to streamline security processes.

Jobholder Requirements:

Qualifications & Experience:

Bachelor Degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master & degree is a plus.

Relevant professional certifications such as CISSP, CISM, GSEC, CCNP Security, Fortinet NSE 4+, Palo Alto PCNSE, or equivalent are highly desirable.

Minimum of 10-12 years of progressive experience in IT infrastructure and security roles, with at least 5-7 years in a dedicated security operations management capacity, preferably within the financial services industry.

Proven hands-on experience and in-depth knowledge of managing and operating a wide range of security technologies and appliances (e.g., Firewalls, WAF, IPS/IDS, Endpoint Security, NAC, SIEM integration).

Strong understanding of network protocols, operating systems (Linux/Unix, Windows), and cloud security principles.

Demonstrable experience in security architecture, design, and technology refresh planning.

Solid understanding of IT governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, BNM RMiT, PCI DSS).

Experience in managing OPEX/CAPEX budgets.

Skills & Attributes:

Exceptional leadership and people management skills, with the ability to motivate and develop a diverse team.

Strong analytical and problem-solving abilities, capable of dissecting complex security issues.

Excellent communication, presentation, and interpersonal skills, with the ability to articulate

complex technical concepts to both technical and non-technical stakeholders (including senior

management).

Proactive, results-oriented, and able to thrive in a fast-paced, high-pressure environment.

High level of integrity and a strong sense of accountability.

Ability to work collaboratively across multiple departments and with external vendors.

What’s next:

Once you’ve applied online, our team will carefully review your application. Due to a high volume of applications, we appreciate your patience to allow for a fair and timely review process.

Should you be shortlisted for the role, we will send you an invitation via email for an interview. You can also check on your application status by logging into your candidate account.

Salary match Number of applicants Skills match

Your application will include the following questions:

Which of the following statements best describes your right to work in Malaysia? What's your expected monthly basic salary? Which of the following types of qualifications do you have? How many years' experience do you have as a Security Operations Role? Have you completed a Certified Information Systems Security Professional (CISSP) certification?

Banking & Financial Services More than 10,000 employees

We are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China.

We seek to strike a balance between diversity, inclusion and merit to achieve our mission of infusing diversity in thinking and skillsets into our organisation. Candidates are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. Expanding on our “Digital at the Core” ethos, we are progressively digitising the employee journey and experience to provide a strong foundation for our people to drive life-long learning, achieve their career aspirations and grow talent from within our organisation.

Realise your full potential at Hong Leong Bank by applying now.

HONG LEONG GROUP PERSONAL DATA POLICY

Hong Leong Group use personal data in accordance with the Hong Leong Group Privacy Notice (New Applicants) which can be found at http://www.hongleong.com/download/HLG_Privacy_Notice_New_Applicants.pdf

By providing to us your personal data, you hereby consent to the processing of your personal data with the said Privacy Notice.

We are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China.

We seek to strike a balance between diversity, inclusion and merit to achieve our mission of infusing diversity in thinking and skillsets into our organisation. Candidates are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. Expanding on our “Digital at the Core” ethos, we are progressively digitising the employee journey and experience to provide a strong foundation for our people to drive life-long learning, achieve their career aspirations and grow talent from within our organisation.

Realise your full potential at Hong Leong Bank by applying now.

HONG LEONG GROUP PERSONAL DATA POLICY

Hong Leong Group use personal data in accordance with the Hong Leong Group Privacy Notice (New Applicants) which can be found at http://www.hongleong.com/download/HLG_Privacy_Notice_New_Applicants.pdf

By providing to us your personal data, you hereby consent to the processing of your personal data with the said Privacy Notice.

To help fast track investigation, please include here any other relevant details that prompted you to report this job ad as fraudulent / misleading / discriminatory.

Researching careers? Find all the information and tips you need on career advice.