Information Security Operations Lead

Brooks is a leading provider of automation solutions with over 40 years of experience in the semiconductor industry, offering precision robotics, integrated automation systems, and contamination control solutions that empower chip manufacturers worldwide. Our product portfolio includes a range of automation solutions, including robots, vacuum systems, and atmospheric robots for semiconductor manufacturing (www.brooks.com).

Are you looking for a place where you can be part of a transformation? Join us at Brooks Automation and be a part of a dynamic organization that is shaping the future of technology.

Information Security Operations Lead

Job Description
About the role:

Brooks Automation is a rapidly growing technology leader in automation solutions, serving the dynamic and expanding Semiconductor and Laboratory Automation markets. At Brooks, we thrive on innovative ideas, technologies, and innovative thinking that drive our future. Our customer-focused culture encourages employees to embrace innovation and collaborate to achieve new heights.

In line with our innovative culture, we are committed to harnessing cutting-edge cloud technologies to drive innovation and deliver exceptional solutions. We are currently seeking a highly skilled and motivated Information Security Operations Lead with expertise in on premise and cloud security technology stacks, as well as a deep understanding of information security, networking, traditional infrastructure, and general cloud.

Join our dynamic and collaborative team and play a pivotal role in shaping our core infrastructure and services moving forward.

As an Information Security Operations Lead, you will make sure our security controls actually work via a hands-on approach — not just that tools are deployed.

This role ensures the daily effectiveness of our main security platforms for endpoints, identity, data, network, and email. You’ll respond to real alerts, run investigations, improve signal‑to‑noise, and help build the processes that make security operational at scale.

This is not a policy role and not an architecture‑only role. You will be in the tools.

Work Location: Onsite - JOHOR (OR) PENANG.

Key Responsibilities:

Own Security Tool Effectiveness

• Be accountable for the health, configuration, and outcomes of:
• CrowdStrike Falcon
• Microsoft Intune, Entra ID, Conditional Access Security Modules
• DLP and Code42
• Sumo Logic (logging, detection, alerting)
• Palo Alto firewalls
• Cisco Email Security, DMARC/DKIM/SPF
• Cisco Umbrella (DNS security)
• HP Aruba Clearpass
• Tune detections, reduce alert fatigue, and ensure alerts map to real risk.
• Validate controls continuously — not once at deployment.
  
  

Security Operations & Incident Response

• Respond to and investigate security alerts across endpoint, identity, network, email, and cloud.
• Perform root cause analysis, evidence collection, and impact assessment.
• Lead or support containment and remediation efforts.
• Produce clear, actionable incident write‑ups — what happened, why, and what changes.
  
  

Network & Email Security

• Design, implement, and maintain network security controls, including Palo Alto firewall policy and segmentation.
• Own email security posture, phishing protection, and DMARC enforcement.
• Improve DNS‑layer visibility and control with Cisco Umbrella.
  
  

Build Operational Maturity

• Create and maintain runbooks, playbooks, and escalation paths.
• Help standardize how security events are handled globally.
• Partner with infrastructure, endpoint, and identity teams to embed security into real designs — not bolt‑ons.
• Mentor junior engineers and raise the bar on execution
• Any other duties or projects as assigned
  
  

Required Qualifications & Competencies:

• At Least 7-10 years in security engineering, network engineering, or SecOps, with real hands‑on responsibility.
• Proven experience operating and troubleshooting security tools — not just implementing them.
• Strong understanding of:
• Endpoint and identity security
• Enterprise networking and firewalls
• Email and DNS security
• Logging, detection, and investigation workflows
• Comfortable working incidents end‑to‑end and driving them to closure.
• Clear communicator who can explain technical risk without drama.
  
  

Nice to Have:

• Cloud experience (Azure, AWS, OCI)
• Scripting or automation (PowerShell, Python)
• Security or network certifications (CISSP, Palo Alto, Cisco, Microsoft)
  
  

Work Location & Flexibility

At Brooks, we aim to foster a collaborative and engaging environment while offering flexibility where possible. Work arrangements may include a mix of in-office and remote work, depending on the nature of the role and business needs. Specific expectations will be shared during the interview process.

Brooks is committed to fostering a diverse and inclusive workplace and proudly serves as an equal-opportunity employer. We welcome all qualified applicants regardless of race, color, religion, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other legally protected characteristics.

Diversity enhances our innovative capabilities and strengthens our ability to serve our customers and communities effectively. At Brooks Automation, we celebrate the unique experiences and perspectives each individual brings, believing they are essential to our collective success. Join us in building a workplace where every team member is valued and can thrive.

For applicants with disabilities requiring accommodations, don't hesitate to get in touch with [email protected] or call +1 (978) 262-2400 to discuss your needs.

Review EEO Law & EEO Statement.