Associate Director IT Security (Technical Role)

COMPANY OVERVIEW

BDx is Asia's fastest-growing data center platform, delivering colocation, build-to-suit, managed services, and interconnection solutions for hyperscalers, large enterprises, and AI customers. Operating across high-growth markets—including Indonesia, Hong Kong, Singapore, and Taiwan—BDx currently boasts 110+ MW of contracted capacity, with a land bank scalable up to 750 MW.

What sets BDx apart is our integration of AI-optimized infrastructure, energy-efficient design, and sovereign-grade compliance—enabling future-ready, sustainable operations. We go beyond traditional data centers by offering tailored solutions powered by renewable resources.

BDx is a portfolio company of I Squared Capital, a leading global infrastructure investor with a focus on digital infrastructure, energy, utilities, and transportation.

Learn more: www.bdxworld.com

Please note this is a strictly technical role requiring hands-on firewall experience and relevant skills as per the JD. Candidates without this experience are requested not to apply.

Role Summary

The Associate Director IT Security will provide security incident response and readiness as part of a 24x7 Security Operations Centre within and in support of the IT and OT Security Infrastructure for the organization. Support global vulnerability management processes including OS and infrastructure patching, hardening and testing efforts. Operatesecurity related tools (HIDS, NIDS, IPS, Analysers, Scanners, etc.) to identify activethreats, attacks, vulnerabilities, exposures, etc., and prioritize for activity within the team. Assist in speedy identification of mitigation/remediation solutions for IT and OT platform.

Duties & Responsibilities

Security Incident Response:

• Provide timely and effective security response within a 24x7 SOC environment.
• Lead operation teams to effectively maintain the lifecycle of both on-premises and cloud-based security solutions.
• Manage response to security and operational incidents, and on-going security requests.
• Coordinate and manage security incidents to ensure swift identification, containment, and remediation.
• Develop and maintain incident response playbooks and procedures.
• Participate and contribute to industry cyber forums, both formal and informal.
• Support all audits and reviews requests.
• Monitor developments in the information security industry and communicate on the potential impact or applicability to the organization

Vulnerability Management:

• Support global vulnerability management processes including operating system (OS) and infrastructure patching, hardening, and testing efforts.
• Conduct regular vulnerability assessments (VAPT) and prioritize remediation activities.
• Collaborate with IT teams to implement and validate security patches and updates.

Security Tools Operation:

• Hands-on experience on traditional and next generation NGF firewalls.
• Manage the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials.
• Operate and manage various security tools including Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), Intrusion Prevention Systems (IPS), analysers, scanners, and more.
• Continuously monitor and analyze security tools to identify active threats, attacks, vulnerabilities, and exposures.
• Prioritize identified threats and vulnerabilities for remediation activities within the team.

Threat and Vulnerability Identification:

• Assist in the identification and evaluation of security threats and vulnerabilities.
• Conduct in-depth analysis of security events to determine the root cause and potential impact.
• Provide recommendations for mitigation and remediation solutions to address identified security issues.

Qualification & Experience

Proven track record for managing technical resources to deliver technology lifecycle

Have relevant information security experience working with or for a global exchange or a global financial firm. Other IT operational experience will also be considered.

Solid knowledge and experience in cloud technologies, and familiar with cloud security architecture, design and operations.

Relevant experience with SecDevOps principles, Security Automation and Orchestration.

Must have relevant experience with industry best-practice approaches to the design, implementation, operation and management of IT systems (e.g.Agile, Waterfall, ITIL, COBIT)

Must have relevant experience with information security (e.g. CISSP, CCSP).

Must have strong information security technology knowledge/concept and can effectively communicate with senior management and a broad range of technical/non-technical audiences. Strong written communication skills, experienced with writing board-level papers and verbal presentations to senior management.

Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience