Threat Monitoring Team Lead

You will be leading a front line of our Security Operations Center analysts performing 24/7 threat monitoring and stepping in when it's necessary. Your main responsibility will be the Continuous Monitoring & Analysis process, its constant development and quality control in close cooperation with SOC Senior Analysts and the Engineering Team. You will be leading your team and developing your team members’ hard and soft skills, being a role model for them. You will be reporting directly to the Security Operations Center Manager.

The role is based in our office in Kuala Lumpur, Malaysia. In case of relocation, we offer full relocation support for you and your family to make your move smooth and worry-free.

• Manage your team members, develop their hard and soft skills serving, being a role model for them. Constantly provide feedback and maintain their motivation level.
• Co‑owner of SOC Continuous Monitoring and Analysis process, the main process we use to detect threats. Take ownership for the process, assess and control its quality, and improve its efficiency. Be ready to step‑in and replace your team members in 24/7 monitoring when it's necessary.
• Actively participate in incident response activities, support your team members and senior analysts in complex investigations. Provide feedback in order to improve the Incident Response process.
• Analyse the company infrastructure to find useful event sources for threat detection. Develop and tune detection rules to minimise false positives and maintain high threat coverage.
• Leverage threat intelligence to improve detection quality and awareness of the current threat landscape.

• Industry certifications like OSCP, PACES, OSDA, eCPTX are a big plus.
• Azure/AWS/GCP/K8s security or administration certifications are a big plus.
• 3+ years of experience in Information Security
• 3+ years of experience as SOC Analyst
• Leadership experience of SOC Analysts (L1/L2) is mandatory
• Incident response experience is mandatory
• Hands‑on experience with Sysman, Auditbeat/OSquery, Cloud platform, Elastic Stack/Splunk (at least two)
  • Understanding of:
    • Endpoint detection and response (EDR) principles and limitations.
    • OS security mechanisms and internals (Windows/Linux/macOS).
    • Kubernetes and containerization technologies.
    • Cloud security concepts and telemetry (Azure, AWS, GCP).
    • Network security, main protocols, and attack detection approaches.
  • MITRE ATTACK TTPs and the current threat landscape
• People management experience is mandatory
• Be organized and able to organise others
• Ability to think wider, analyse processes and to find points for their improvements
• Good communication and interpersonal skills
• Ability to advocate for one’s point of view and negotiate effectively
• Informal leadership and influencing skills
• Ability to solve complex tasks under guidance and in cooperation with other security and business teams
• Ability to work with some level of autonomy while meeting deadlines
• Proficiency in English (Upper‑Intermediate or higher)
• Collaborate closely with other Security and IT teams.
• Share knowledge and support junior SOC analysts.
• Provide feedback to improve your teammates
• Work cross‑functionally with other security and business units

• Competitive salary and annual performance bonus
• Full relocation support for you and your family — flights, housing, visas, and legal assistance included
• Top‑tier health insurance with full family coverage — medical, dental, vision, mental health — plus life insurance for peace of mind
• Unlimited learning opportunities: external courses, English lessons, career and leadership development
• Education allowance covering school and kindergarten fees
• 21 working days of annual leave, plus public holidays and fully paid sick, maternity, and paternity leave
• Employee appreciation program: branded gifts, birthday day‑offs, celebration budgets for weddings, newborns, and milestones
• “Get to know Team” trips — meet colleagues across our global hubs, along with company‑wide offsites that raise the bar
• Employee share scheme — grow with us
• Meal and transport allowance
• Free gym membership and monthly wellness allowance for your sport or fitness of choice
• Holiday flight and accommodation coverage after 1 year of service

• TA interview (30 minutes)
• Interview with Hiring Manager (1 hour)
• Test Case

Please use your exness work email for internal applications and ensure to disclose any existing Conflict of Interest you may have.