Security Operations Analyst- APAC Blue Team Leader

Role Summary

The APAC Blue Team Leader at NXP will be tasked with leading our day-to-day defensive information security operations, ensuring the security of IT, Operational Technology (OT), and R&D environments. This role is responsible for overseeing threat detection, incident response, and exposure management.

As the APAC leader of our Blue Team, you will develop and implement security strategies to protect against evolving cyber threats across diverse environments. You will collaborate with security architects, red teams, product teams, and engineering groups to strengthen our organization’s overall security posture. This role is pivotal leader for our regional security operations center team members, to ensure the continuity of information security operations.

The ideal candidate will be passionate about information security operations center, incident response, and leading a diverse team of global operators. The ideal candidate also has a foundational knowledge and experience in working in an Operational Technology (OT) manufacturing environments.

Your Opportunity

NXP is a global player in Semiconductor industry, and security is an essential and integral part of our business. Security Operations & Threat Defense

Job Responsibility

Operational Mentality and Vision:

• Lead a regional team of cybersecurity professionals focused on threat detection, monitoring, and incident response for IT, OT, and R&D environments.
• Develop and enhance Security Operations Center (SOC) processes, including playbooks, automation, and alert triage.
  
  

Incident Response

• Lead and coordinate regional cyber incident response efforts, ensuring timely containment, eradication, and recovery.
  
  

OT & R&D Security Strategy

• Limited experience in security controls and frameworks tailored for ICS/SCADA, industrial IoT (IIoT), and embedded systems in OT environments.
• Ability to work closely with regional engineering and R&D teams to integrate security into product development lifecycles.
• Ensure compliance with industry regulations and frameworks such as NIST CSF, IEC 62443, and MITRE ATT&CK for ICS.
  
  

Vulnerability Management & Hardening

• Oversee regional vulnerability assessments and risk management programs across IT, OT, and R&D.
• Guide patch management and compensating controls for systems where direct patching is not feasible.
• Work with asset owners to implement segmentation, access controls, and Zero Trust strategies.
  
  

Risk Management and Ethical Considerations

• Work closely with regional security and risk leaders to foresee and mitigate risks, ensuring ethical operations and compliance with upcoming regulations.
  
  

Team Leadership & Collaboration

• Build, mentor, and develop a high-performing regional information security operations team.
• Foster cross-functional collaboration between regional IT, OT, R&D, and security engineering teams.
• Provide executive-level briefings on regional information security risks, incidents, and program improvements.
• Partner with risk management, compliance, and legal teams to align cybersecurity with business objectives.
  
  

Job Qualification

Required Qualifications & Experience:

• 6+ years of experience in cybersecurity with a focus on blue teaming, security operations, and cyber defense.
• Foundational expertise in both IT and OT security, with knowledge of ICS, SCADA, and industrial cyber threats.
• Experience securing R&D environments, including embedded systems, proprietary technologies, and intellectual property.
• Hands-on experience with SIEM, EDR, NDR, threat intelligence platforms, and security automation.
• Knowledge of MITRE ATT&CK (Enterprise & ICS), NIST 800-82, IEC 62443, and Zero Trust principles.
• Experience leading a team of cybersecurity professionals and developing operational security teams.
• Fundamental understanding of cloud security (AWS, Azure, GCP) and hybrid security architectures.
  
  

Desired Certifications

• GIAC Associate Certified Incident Handler
• GIAC Associate Security Operations Certified
• Associate Certified Cloud Security Professional (CCSP)
• AWS Certified Security
• Microsoft SC - 200
  
  

More information about NXP in Malaysia...