Head of Cyber Defence Centre

The Role

We are seeking an experienced and strategic Head of Cyber Defence Centre to lead our in-house Cyber Defence Team. This critical role will be responsible for building, managing, and continuously enhancing our internal Cyber Defence Centre (CDC), with a strong focus on securing cloud infrastructure, applications, and payment flows. 

The ideal candidate will possess a strong background in managing and maturing a Cyber Defence Team, coupled with demonstrable expertise in detection engineering, threat intelligence, threat hunting, and security incident management. In addition to the technical skills, this role requires exceptional leadership and people skills, the ability to foster a collaborative environment, and a proven track record of managing multi-level teams and effectively engaging with both technical and non-technical stakeholders.

What you will do…

• Cyber Defence Operations:
• Oversee the effectiveness and maturity of the entirely in-house Cyber Defence function, ensuring the teams responsible for identification, analysis, and response to security threats operate efficiently.
• Drive the development and implementation of the strategic roadmap for our internal cyber defence capabilities.
• Ensure the continuous improvement and optimization of CDC processes and workflows within our self-managed environment, leveraging your deep understanding of underlying disciplines.
• Detection Engineering:
• Provide strategic direction and oversight for the design, implementation, and continuous improvement of detection capabilities across our diverse technology landscape.
• Ensure the teams responsible for detection engineering are developing and refining effective detection rules, analytics, and methodologies to identify known and emerging threats.
• Oversee the selection and effective utilisation of security technologies (SIEM, EDR, NDR, etc.) by the operational teams to ensure optimal threat detection and response.
• Automation and AI:
• Champion the identification and strategic implementation of automation and Artificial Intelligence (AI) / Machine Learning (ML) capabilities within cyber defence operations.
• Lead initiatives to integrate automation (e.g., SOAR - Security Orchestration, Automation and Response) and AI/ML to enhance the speed, efficiency, and accuracy of threat detection, analysis, and response.
• Stay abreast of emerging trends and technologies in AI, ML, and automation for cyber security, and assess their applicability to the organization's defence posture.
• Foster a culture of innovation within the team to explore and adopt new tools and techniques that leverage automation and advanced analytics.
• Threat Intelligence:
• Oversee the threat intelligence program, ensuring the team effectively collects, analyzes, and disseminates actionable intelligence to inform defensive strategies and operational activities.
• Guide the team in leveraging threat intelligence to proactively inform defensive strategies, detection mechanisms, and threat hunting activities.
• Ensure the Cyber Defence function stays abreast of the evolving threat landscape, including new TTPs (Tactics, Techniques, and Procedures) and threat actors, and that this knowledge is embedded in operations.
• Threat Hunting:
• Set the strategy and direction for proactive threat hunting missions conducted by the specialist team, guiding them to identify and neutralize advanced threats that may evade traditional security controls.
• Champion a hypothesis-driven approach to threat hunting, ensuring the team effectively leverages security data, intelligence, and business context.
• Ensure that findings from threat hunting activities are effectively translated into improved detection, prevention, and response capabilities managed by the respective teams.
• Security Incident Management:
• Provide senior leadership and strategic guidance during major security incidents, acting as an escalation point for the incident response team.
• Oversee the development, maintenance, and testing of incident response plans and playbooks, ensuring the team is well-prepared.
• Ensure thorough post-incident reviews are conducted to identify lessons learned, and drive continuous improvement in incident response processes and overall security posture.
• Stakeholder Management & Communication:
• Effectively communicate complex security issues, risks, and incidents to both technical and non-technical audiences, including executive leadership.
• Collaborate with IT, engineering, legal, and other business units to ensure a cohesive approach to cyber security.
• Build and maintain strong relationships with internal stakeholders and external partners.
• Strategy & Continuous Improvement:
• Develop and report on key performance indicators (KPIs) and metrics to measure the effectiveness of the Cyber Defence function.
• Drive a culture of continuous improvement within the Cyber Defence team, leveraging industry best practices and emerging technologies.
• Contribute to the development and execution of the overall cyber security strategy.
• Leadership & Team Management:
• Lead, mentor, and develop a multi-layered Cyber Defence team, fostering a culture of high performance, continuous learning, and collaboration.
• Manage team resources, including recruitment, training, performance management, and professional development across various skill levels.
• Champion a positive and inclusive team environment that values diverse perspectives and experiences.

What you will bring...

• Proven experience in a senior cyber security leadership role, specifically managing a Cyber Defence team or Security Operations Centre (SOC).
• Demonstrable experience in developing and implementing strategies for detection engineering, including hands-on experience with relevant tools and techniques.
• In-depth knowledge and practical application of threat intelligence concepts, lifecycle management, and utilisation for defensive purposes.
• Proven experience in establishing and leading proactive threat hunting programs and methodologies.
• Extensive experience in security incident management, including leading response efforts for significant incidents.
• Strong understanding of common cyber security frameworks (e.g., NIST CSF, MITRE ATT&CK, ISO 27001).
• Excellent people management skills with a track record of building, mentoring, and motivating high-performing, diverse teams of varying experience levels.
• Exceptional communication, interpersonal, and presentation skills, with the ability to articulate complex technical topics to both technical and non-technical audiences.
• Ability to work effectively under pressure and make sound decisions in critical situations.
• Relevant industry certifications (e.g., CISSP, CISM, GIAC certifications such as GCIH, GCFA, GREM) are highly desirable

Personal Attributes:

• Strategic thinker with strong analytical and problem-solving skills.
• A collaborative leader who can inspire and motivate a team.
• Proactive, resilient, and adaptable in a fast-paced and evolving threat landscape.
• High level of integrity and professionalism.
• Committed to continuous learning and development for themselves and their team.
• Able to prioritise multiple projects and aims for the team to ensure they align with the greater company and team goals