Head of Cybersecurity Defense Centre

Job Description

The Head of Cybersecurity Defense Centre provides strategic leadership and operational governance for the Cybersecurity Defense Centre, ensuring the organization maintains an effective, resilient, and intelligence-led cyber defense capability. The role is accountable for leading multiple cybersecurity teams, driving operational excellence, developing people, optimizing cyber defense capabilities, and ensuring the protection of the company's network, digital services, customer information, and critical infrastructure.

Responsibilities

Strategic Leadership

• Define and execute the Cybersecurity Defense strategy aligned with business objectives.
• Develop multi-year roadmaps for cyber capability maturity, automation, and modernization.
• Establish KPIs, performance targets, and continuous improvement initiatives.
  
  

Cyber Defense Operations

• Lead end-to-end cyber defense functions, including SOC, Incident Response, Threat Intelligence, Threat Hunting, Digital Forensics, Security Engineering, Detection Engineering, Automation, and Vulnerability Management.
• Ensure cohesive operations, strong governance, and high service delivery standards across teams and partners.
  
  

Executive Incident Management

• Act as executive sponsor during major cyber incidents.
• Lead strategic response decisions, stakeholder coordination, and regulatory communication.
• Oversee post-incident reviews and continuous improvement actions.
  
  

Operational Governance

• Ensure effective security monitoring, incident response, and threat intelligence utilization.
• Oversee vulnerability remediation, technology optimization, and operational risk management.
• Drive SLA performance and operational excellence through data-driven insights.
  
  

Talent & Leadership

• Build and lead a high-performing cyber defense organization.
• Develop leaders through coaching, succession planning, and continuous learning.
• Drive employee engagement, capability building, and knowledge sharing.
  
  

Risk & Compliance

• Ensure adherence to regulatory requirements (e.g., INSG/MCMC), internal policies, and audit obligations.
• Oversee risk management, control effectiveness, and resilience assessments.
• Provide executive reporting on cyber risk posture and compliance status.
  
  

Stakeholder & Vendor Management

• Partner with IT, business units, risk, legal, audit, and executive leadership.
• Govern cybersecurity vendors and managed services, ensuring performance and value delivery.
• Represent cybersecurity in governance forums and external engagements.
  
  

Financial & Resource Management

• Manage budgets, resource planning, and investment prioritization.
• Optimize vendor engagements and ensure cost-effective service delivery.
  
  

Cyber Resilience

• Oversee cyber crisis readiness, simulations (red/purple team), and business continuity alignment.
• Strengthen organizational resilience against evolving cyber threats.
  
  

Accountabilities

• Cyber defense operational effectiveness and maturity
• Incident readiness and response leadership
• Talent development and organizational capability
• Budget management and strategic delivery
• Regulatory compliance and risk management
• Executive reporting and stakeholder confidence
  
  

Success Measures (KPIs)

• Improved MTTD/MTTR and SOC maturity
• Achievement of SLAs and operational KPIs
• Employee engagement, retention, and leadership pipeline
• Successful audits and timely risk remediation
• Increased automation and detection capability
• Strong stakeholder satisfaction and on-time delivery
  
  

Leadership Profile

• Strategic thinker with strong executive decision-making ability
• Proven leader in cyber defense and crisis management
• Strong stakeholder influence and communication skills
• Experienced in driving transformation and operational excellence
• Risk-based decision maker with financial acumen
  
  

Requirements

• 8-10 years leadership/senior role in cybersecurity
• Hands-on experience in cyber protection technologies (network/endpoint/data/identity security)
• Cyber threat, incident, offensive and security testing experience
• Degree in IT, Computer Science, or related field
• Professional certification (CISSP, CISM, GCIH, GCIA, GREM, OSCP, CREST, or equivalent)
  
  

Next Steps

Thank you for taking the first step towards joining our team at CelcomDigi! After submitting your application, our Talent Acquisition team will review your CV and reach out to shortlisted candidates to guide you through the next steps, including a pre-screening conversation, interviews and or assessments.

At CelcomDigi, we aspire to be Malaysia’s leading telco-tech company — the nation’s digital growth engine — powering transformation through 5G, AI, and innovation that impacts over 20 million customers. Here, your role goes beyond work. It’s about enabling businesses to thrive, connecting communities, and advancing society, as we build a brand rooted in trust, reliability and customer excellence. Aligned with our employer value proposition, Grow with Purpose. Build with Trust, you’ll have the opportunity to innovate responsibly and create digital solutions that truly make a difference. If you're driven, future focused, and ready to be part of something bigger, we want you on our team.

Let’s advance and inspire Malaysia together! #WeAreCelcomDigi

Follow CelcomDigi on LinkedIn and vote for us as Malaysia’s Most Preferred Employer at the GRADUAN Brand Awards.

CelcomDigi is an equal opportunity employer, and committed to promote employment practices that are transparent, objective and fair.