Head of Cybersecurity Defense Centre

Job Description

The Head of Cybersecurity Defense Centre provides strategic leadership and operational governance for the Cybersecurity Defense Centre, ensuring the organization maintains an effective, resilient, and intelligence-led cyber defense capability. The role is accountable for leading multiple cybersecurity teams, driving operational excellence, developing people, optimizing cyber defense capabilities, and ensuring the protection of the company's network, digital services, customer information, and critical infrastructure.

Responsibilities

Strategic Leadership

• Define and execute the Cybersecurity Defense strategy aligned with business objectives.
• Develop multi-year roadmaps for cyber capability maturity, automation, and modernization.
• Establish KPIs, performance targets, and continuous improvement initiatives.

Cyber Defense Operations

• Lead end-to-end cyber defense functions, including SOC, Incident Response, Threat Intelligence, Threat Hunting, Digital Forensics, Security Engineering, Detection Engineering, Automation, and Vulnerability Management.
• Ensure cohesive operations, strong governance, and high service delivery standards across teams and partners.

Executive Incident Management

• Act as executive sponsor during major cyber incidents.
• Lead strategic response decisions, stakeholder coordination, and regulatory communication.
• Oversee post-incident reviews and continuous improvement actions.

Operational Governance

• Ensure effective security monitoring, incident response, and threat intelligence utilization.
• Oversee vulnerability remediation, technology optimization, and operational risk management.
• Drive SLA performance and operational excellence through data-driven insights.

Talent & Leadership

• Build and lead a high-performing cyber defense organization.
• Develop leaders through coaching, succession planning, and continuous learning.
• Drive employee engagement, capability building, and knowledge sharing.

Risk & Compliance

• Ensure adherence to regulatory requirements (e.g., INSG/MCMC), internal policies, and audit obligations.
• Oversee risk management, control effectiveness, and resilience assessments.
• Provide executive reporting on cyber risk posture and compliance status.

Stakeholder & Vendor Management

• Partner with IT, business units, risk, legal, audit, and executive leadership.
• Govern cybersecurity vendors and managed services, ensuring performance and value delivery.
• Represent cybersecurity in governance forums and external engagements.

Financial & Resource Management

• Manage budgets, resource planning, and investment prioritization.
• Optimize vendor engagements and ensure cost-effective service delivery.

Cyber Resilience

• Oversee cyber crisis readiness, simulations (red/purple team), and business continuity alignment.
• Strengthen organizational resilience against evolving cyber threats.

Accountabilities

• Cyber defense operational effectiveness and maturity
• Incident readiness and response leadership
• Talent development and organizational capability
• Budget management and strategic delivery
• Regulatory compliance and risk management
• Executive reporting and stakeholder confidence

Success Measures (KPIs)

• Improved MTTD/MTTR and SOC maturity
• Achievement of SLAs and operational KPIs
• Employee engagement, retention, and leadership pipeline
• Successful audits and timely risk remediation
• Increased automation and detection capability
• Strong stakeholder satisfaction and on-time delivery

Leadership Profile

• Strategic thinker with strong executive decision-making ability
• Proven leader in cyber defense and crisis management
• Strong stakeholder influence and communication skills
• Experienced in driving transformation and operational excellence
• Risk-based decision maker with financial acumen

Requirements

• 8-10 years leadership/senior role in cybersecurity
• Hands-on experience in cyber protection technologies (network/endpoint/data/identity security)
• Cyber threat, incident, offensive and security testing experience
• Degree in IT, Computer Science, or related field
• Professional certification (CISSP, CISM, GCIH, GCIA, GREM, OSCP, CREST, or equivalent)