About Hytech Hytech is a leading management consulting firm headquartered in Australia and Singapore, specialising in digital transformation for fintech and financial services organisations. We deliver end-to-end consulting services and provide robust middle- and back-office solutions that enable our clients to optimise operations, enhance efficiency, and stay ahead in a fast-evolving digital landscape. With more than 2,000 professionals worldwide, Hytech has a strong and growing international presence, with offices across Australia, Singapore, Malaysia, Taiwan, the Philippines, Thailand, Morocco, Cyprus, Dubai, and beyond. About the Role: As a SOC Team Lead, you will be responsible for leading a team of security analysts and engineers, overseeing the daily operations of the Security Operations Center (SOC). You will play a crucial role in maturing our security incident response process, managing security infrastructure strategy, and acting as the primary escalation point for complex security threats. This role requires a blend of deep technical expertise, people management skills, and the ability to translate technical risks into business impact. Job Responsibilities: Team Leadership & Mentorship: Lead, mentor, and develop a team of SOC engineers/analysts, conducting performance reviews, identifying training needs, and fostering a culture of continuous learning. Incident Management: Oversee the end-to-end incident response process, acting as the primary decision-maker and coordinator during high-severity security incidents. Operational Excellence: Manage the daily operations of the SOC, ensuring SLAs are met, backlogs are managed, and processes are running efficiently. Process Maturation: Own the creation, review, and enhancement of the full suite of cybersecurity SOPs and playbooks, ensuring they remain effective and current. Tooling & Strategy: Lead the evaluation, implementation, and optimization of security technologies (SIEM, XDR, SOAR, etc.), including managing POCs for new security products and driving automation initiatives. Threat Intelligence & Hunting: Guide the team's threat intelligence efforts and proactive threat hunting exercises to identify and mitigate emerging risks before they become incidents. Stakeholder Communication: Report on SOC metrics, incident trends, and security posture to management and stakeholders, translating technical findings into clear, actionable insights. Use Case Management: Oversee the creation and tuning of security use cases to reduce false positives and improve detection capabilities. Job Requirements: Experience: Minimum 3-5 years of experience in a SOC environment, with at least 1-2 years in a team lead or senior supervisory role. Leadership: Proven experience leading, training, and developing technical security teams. Incident Response: Deep expertise in leading complex incident response investigations, root cause analysis, and digital forensics. Technical Breadth: Advanced knowledge of SIEM, XDR, EDR, Anti-Malware, and Email Security technologies. Strong understanding of networking (Firewalls, IDS/IPS, VPN, WAF) and core infrastructure (Active Directory, Databases, Cloud). Proficiency in log analysis and correlation across diverse data sources. Process Oriented: Experience developing and refining SOC processes, runbooks, and playbooks. Communication: Excellent verbal and written communication skills, with the ability to convey technical risks to non-technical leadership. Mindset: Proactive, strategic thinker who is passionate about staying ahead of the threat landscape. Good to Have: Automation & Scripting: Experience leading automation efforts using Python, PowerShell, or Bash to streamline SOC workflows. Cloud Security: Hands-on experience with cloud security monitoring (AWS, Azure, or GCP) and related services (e.g., GuardDuty, CloudTrail). Frameworks & Standards: Strong working knowledge of industry frameworks such as MITRE ATT&CK, NIST Cybersecurity Framework, ISO 27001, and PCI DSS. Advanced Certifications: Possession of advanced security certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GMON), or equivalent. SOAR Experience: Experience with Security Orchestration, Automation, and Response (SOAR) platforms. What We Offer Easy access to public transportation (LRT & KTM). Transportation allowance. Corporate insurance coverage, including dental, optical, and outpatient claims. Gym and fitness claims. Ongoing training and development opportunities. Exposure to exciting projects that support career growth and professional development.
