MAIN PURPOSE
• Ensuring effective threat detection, incident response, and compliance across the enterprise, while maintaining strong governance and operational alignment with external security service providers.
• Oversee the organization’s cybersecurity posture and manage the performance of the Global Security Operations Centre (GSOC) vendor.
KEY RESPONSIBILITIES
Security Operations Oversight
• Ensure timely escalation, investigation, and resolution of security incidents.
• Monitor and validate threat intelligence, alerts, and incident reports generated by the GSOC.
• Lead and coordinate daily security operations in partnership with the GSOC vendor.
GSOC Vendor Management
• Serve as the primary point of contact for GSOC vendor relationship and performance.
• Conduct regular service reviews, performance audits, and continuous improvement initiatives.
• Define and enforce SLAs, KPIs, and incident response protocols.
• Ensure GSOC services align with organizational security policies and business requirements.
Threat Detection & Response
• Oversee the configuration and tuning of SIEM platforms (e.g., Microsoft Sentinel, Splunk).
• Coordinate incident response efforts, including containment, eradication, and recovery.
• Validate use cases, correlation rules, and threat hunting activities.
Security Governance & Compliance
• Support internal and external audits and manage remediation of findings.
• Develop and maintain security policies, standards, and procedures.
• Ensure compliance with regulatory frameworks such as Shiseido Security Framework, ISO 27001, NIST, GDPR, and PDPA.
Vulnerability & Risk Management
• Collaborate with IT and application teams to remediate identified risks.
• Maintain a risk register and report on risk posture to senior leadership.
• Oversee vulnerability scanning, patch management, and risk assessments.
Security Awareness & Training
• Provide guidance to business units on secure practices and data protection.
• Promote a culture of security awareness through training programs and phishing simulations.
Reporting & Documentation
• Maintain documentation for incident response plans, playbooks, and escalation procedures.
• Prepare regular reports on security metrics, incident trends, and GSOC performance.
Security Innovation & Trends
• Recommend strategic investments in security innovation.
• Monitor emerging threats and technologies.
Ad hoc Support
• Additional information security- related tasks given by the supervisor or management team.
