Senior Manager - IT (Cybersecurity - IT Operation)

Select how often (in days) to receive an alert:

POSITION GENERAL SUMMARY

• To lead and manage the organization's cybersecurity operations, ensuring proactive monitoring, detection, and response to threats through the CSOC, while overseeing Identity & Access Management and cloud security to safeguard the on-premise and cloud critical systems and data. This role is crucial in maintaining cyber resilience across both IT and OT environments in accordance with industry best practices and aviation regulatory requirements..

ESSENTIAL POSITION FUNCTIONS

Cybersecurity Operations Center (CSOC)

• Lead 24/7 CSOC operations including monitoring, detection, triage, and incident response.
• Develop and enforce standard operating procedures (SOPs), escalation workflows, and incident playbooks.
• Manage performance of outsourced CSOC partners including SLA adherence and threat reporting quality.
• Review threat intelligence feeds and use cases to improve visibility and threat detection capability.
• Ensure timely investigation and resolution of cybersecurity incidents with proper root cause analysis and reporting.
• Plan and conduct periodic cyber drills to validate operational readiness and response.

Identity & Access Management (IAM)

• Oversee the design, implementation, and enforcement of IAM policies and governance.
• Ensure role-based access control (RBAC), privileged access management (PAM), and user lifecycle management are in place and effective.
• Collaborate with IT and business units to regularly review and certify access rights.
• Drive automation and continuous improvement of IAM tools and processes to enhance security and user experience.
• Monitor IAM-related risks and ensure compliance with internal controls, regulatory requirements, and cybersecurity standards.

Cloud Security Management

• Oversee secure cloud architecture designs for IaaS, PaaS, and SaaS deployments
• Ensure alignment of cloud security initiatives with overall cybersecurity and business goals.
• Maintain compliance with industry standards and regulations (e.g., ISO 27001, NIST, GDPR, PCI-DSS).

Operational Security Governance

• Develop and maintain operational cybersecurity metrics, dashboards, and compliance reports.
• Ensure cybersecurity controls are consistently applied across IT and OT systems.
• Support audits and ensure the closure of all operational findings from internal and external reviews.
• Continuously improve security operations by assessing new technologies, tools, and processes.
• Manage a team of cybersecurity professionals and vendors responsible for CSOC and IAM.
• Provide mentorship, training, and performance evaluations to ensure skill growth and operational excellence.
• Coordinate with vendors and service providers to optimize security technologies and support models.
• To ensure understanding and involvement from all level of management and employees
• To get top management commitment in compliance activities
• To get all staff and management to adhere to policies, procedures and internal control

• Deep understanding of security monitoring, incident handling, and SOC architecture
• Ability to manage external SOC vendors, ensure SLA adherence, and translate technical insights into governance action.
• Hands-on experience with SIEM, SOAR, EDR/XDR, and threat intelligence platforms
• Strong knowledge of IAM concepts, tools, and governance frameworks
• Experience managing outsourced security operations and contract SLAs
• Excellent problem-solving, communication, and crisis management skills
• Strong leadership and stakeholder engagement across technical and non-technical teams
• In-depth knowledge of both Information Technology (IT) and Operational Technology (OT) cybersecurity risks, with practical experience addressing threats in airport or aviation operations.
• Strong leadership, analytical, and problem-solving skills.
• In-depth understanding of cybersecurity frameworks, threat landscapes, and compliance environments.
• Excellent communication skills for engaging with regulators, internal stakeholders, and executive management.

External

• Degree preferably with specialization in computer science related discipline and equivalent work experience required. Industry certification such as CISM, CISSP, GCIH and or any other industry certification preferred.
• CISSP, CISM, GIAC, GCIA, GCIH, or equivalent
• Certifications in IAM technologies (e.g., SailPoint, CyberArk, Okta) are a plus
• ITIL or equivalent operational process framework certifications

External

• Minimum 10 years of experience, with at least 5 years in cybersecurity governance, compliance, or risk, and 2+ years in SOC or operational oversight deally within the aviation or critical infrastructure sector.

Open for Malaysian citizens only.

Please be reminded that only online applications will be entertained.

Applications should reach us by 28 January 2026.

Only the shortlisted candidate will be notified.

Job Segment: Compliance, Computer Science, User Experience, Cyber Security, Legal, Technology, Security, Aviation