Lead Consultant, IT Security

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As the Practice Manager within a Managed Security Services Provider (MSSP) – Detect & Response, you will lead the end-to-end operation and strategic development of the Security Operations Center (SOC).  You are responsible for delivering high-quality, 24x7 threat detection and incident response services to multiple clients across different industries. You will oversee the design, execution, and continuous improvement of SOC capabilities, while managing a team of analysts, engineers, and threat hunters. Your role is both technical and client-facing — ensuring operational excellence, regulatory compliance, and client satisfaction.

What will you do?

SOC Practice Leadership & Development

• Lead and mentor SOC analysts (L1–L3), engineers, and threat hunters.
• Develop and maintain shift coverage for 24x7 or follow-the-sun SOC operations.
• Oversee training, certifications (e.g., GCIA, GCIH, OSCP), and career progression.
• Evaluate and implement next-gen SOC technologies (SIEM, SOAR, EDR, XDR, UEBA, etc.).

Talent Development and Shift Management

• Mentor SOC analysts and engineers, developing career paths and skill matrices.
• Ensure adequate staffing, training, and cross-coverage for critical operations.
• Oversee training, certifications (e.g., GCIA, GCIH, OSCP), and career progression.
• Develop and maintain shift coverage for 24x7 or follow-the-sun SOC operations.

Client Facing Security Operations & Incident Response

• Oversee onboarding of new MSSP clients — log ingestion, use case development, tuning, integration.
• Ensure timely detection, triage, escalation, and resolution of security incidents.
• Maintain and improve SOPs, runbooks, and incident response workflows.
• Act as escalation point for major incidents, threat trends, or client concerns.
• Participate in client briefings, security reviews, compliance audits, and incident post-mortems.

Service Excellence & Metrics

• Track and report SOC KPIs: MTTD, MTTR, alert volumes, false positive rates, SLA adherence.
• Maintain SOC documentation, incident response processes, and audit-readiness (e.g., ISO 27001, PCI-DSS, SOC 2).
• Support compliance needs of clients (e.g., MAS TRM, HIPAA, GDPR).

Client / Stakeholder Engagement

• Interface with clients, senior executives, or business units to communicate SOC effectiveness, threat posture, and incident handling.
• Support onboarding of new customers, including use cases and rules tuning.
• Participate in audits, tabletop exercises, and post-incident reviews.

The ideal candidate should possess:

• Bachelor’s degree in Cybersecurity, Computer Science, or related field.
• Minimum 10 years of cybersecurity experience, including at least 3 years of leading SOC teams or MSS operations.
• Expertise with SIEM/SOAR platforms (e.g., Splunk, QRadar, Google SecOps, Sentinel, XSOAR).
• Hands-on understanding of network forensics, endpoint detection, cloud security, and TTPs.
• Strong knowledge of network security, endpoint defense, malware analysis, and TTPs.
• Familiar with frameworks such as MITRE ATT&CK, NIST CSF, ISO 27001.
• Proven ability to manage clients across various industries with different risk profiles.
• Certifications preferred: CISSP, GCIH, GCIA, GMON, OSCP, CISM.
• Experience running SOCs in MSSP or hybrid environments (cloud/on-prem).
• Experience in project management
• Ability to translate technical alerts into business risk language.
• Familiarity with cloud-native security (AWS/Azure/Google), log pipelines, and automation.
• Passion for mentoring and upskilling SOC staff.
• Business acumen and ability to align cyber strategy to business goals.
• Experience working in regulated industries (finance, healthcare, government).
• Experience working with MSSPs, vendors, or global teams.

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future. 

Together, we make the extraordinary happen. 

Learn more about us at ncs.co and visit our LinkedIn career site.