Global Cybersecurity Operation Lead
- Kuala Lumpur
- Permanent
- Full-time
The Global Security Lead is a senior cybersecurity role responsible for overseeing global threat detection, incident response, and escalation management. This position serves as the primary point of contact for managing external Security Operations Center (SOC) and Identity Governance and Administration (IGA) vendors.
Key operational responsibilities include Data Loss Prevention (DLP) and Cloud Security. Reporting to the Head of IT Cybersecurity & Operations, the Lead is critical to strengthening Nexperia's cyber defense capabilities and ensuring the effective resolution of security incidents.What you will doWhat you will doOversee Global Security Operations: Direct the 24/7 monitoring, threat detection, and incident response activities across Nexperia's global IT infrastructure.Manage Vendor Relationships & Performance: Serve as the primary point of contact for security vendors; manage contracts, service level agreements (SLAs), and performance reviews to ensure value and effectiveness.Lead Incident Escalation & Response: Manage the end-to-end incident response process, ensuring timely escalation, effective resolution, and thorough post-incident analysis.Administer Identity & Access Governance: Oversee the operations of Identity Access Management (IAM), Privileged Access Management (PAM), and ensure compliance with governance policies.Operate Data Loss Prevention (DLP) Program: Manage the DLP platform, including policy configuration, monitoring alerts, and investigating potential data exfiltration events.Manage Cloud Security Posture: Oversee security operations for cloud environments (e.g., SaaS, IaaS, PaaS), implementing and managing controls to protect cloud-based assets and data.Drive Continuous Improvement: Analyze security incidents and operational metrics to identify trends, implement process improvements, and enhance the overall security posture.Report on Security Posture: Develop and deliver regular reports on key performance indicators (KPIs), incident metrics, and the overall effectiveness of security controls to leadership.Develop & Refine Processes: Create and update operational procedures, playbooks, and runbooks to ensure a consistent and effective response to security threats.What you will needBachelor’s degree in computer science, Information Security, or a related field. Relevant industry certifications (e.g., CISSP, CISM, GCIH) are highly preferred.8-10 years of progressive experience in cybersecurity, with at least 3-5 years in a leadership role overseeing security operations (SOC), IGA, incident response, or a similar function.Must have hands-on experience managing core security technologies, including SIEM, EDR, DLP, and cloud security platforms (e.g. CRISC, CISM, CEH, ITIL v4, Microsoft SC 300, etc)Proven track record of successfully managing and holding external vendors and Managed Security Service Providers (MSSPs) accountable against SLAs.Demonstrated ability to communicate complex security concepts clearly and effectively to technical teams, senior management, and business stakeholders.Proven ability to use key security tools to detect, analyze, and manage the response to cybersecurity threats and incidentsProven experience implementing and managing security controls in major cloud platforms (AWS, Azure, GCP) and operating enterprise Data Loss Prevention (DLP) tools.Strong knowledge of IAM, PAM, and identity governance principles and technologies (e.g., SailPoint, CyberArk, Okta).Demonstrated ability to manage third-party vendors and Managed Security ServiceProviders (MSSPs), including negotiating SLAs and holding providers accountable for performance.Experience leading technical responses to major security incidents under pressure, making critical decisions and managing stakeholder communication.Ability to translate operational data into strategic insights, prioritize initiatives based on risk and contribute to the broader cybersecurity roadmap.Excellent verbal and written communication skills, with the ability to clearly articulate complex security risks and incidents to both technical teams and senior management.Strong analytical skills to investigate complex security events, identify root causes, and develop effective, long-term solutions.Talent acquisition based on Nexperia vacancies is not appreciated. Nexperia job adverts are Nexperia copyright © material and the word Nexperia® is a registered trademark.D&I StatementAs an equal-opportunity employer, Nexperia values diversity not just because it is the right thing to do but because diverse teams perform better. We are dedicated to being inclusive, and a proof point of this dedication is that we were the main partner of the very first Dutch Paralympic Team NL House during the Paris 2024 Paralympic Games. Our recruitment process is inclusive and accessible to all, and we consider all applicants fairly, as well as providing a safe work environment and reasonable adjustments where requested.In addition, we offer our colleagues the possibility to join employee resource groups such as the Pride Network Group or global and local Women's groups. Nexperia is committed to increasing women in management positions to 30% by 2030.