Senior Cybersecurity Leader

Overview

Strategic Leadership

• Define and lead the enterprise cybersecurity strategy and operating model.
• Advise executive leadership on cyber risk, compliance, and enterprise security posture.
• Establish and maintain security governance frameworks, policies, and standards.
• Build cybersecurity capabilities across people, processes, and technology.

Security Operations

• Oversee SOC, SIEM, SOAR, incident response, and threat management functions.
• Lead vulnerability management, penetration testing, and breach response activities.
• Ensure robust Identity & Access Management, Privileged Access Management, and cloud security controls.
• Drive maturity improvements using measurable KPIs, outcomes, and maturity models.

Risk & Compliance

• Own enterprise cyber risk assessments and maintain the cybersecurity risk register.
• Ensure compliance with ISO 27001, NIST CSF, CIS, SOC 2, GDPR, and regional regulations.
• Lead internal/external audits and third‑party risk management.

Architecture & Engineering

• Provide architecture oversight for cloud, hybrid, and on‑prem environments.
• Govern secure application, API, and DevSecOps practices.
• Embed zero‑trust and security‑by‑design principles across all technology initiatives.
• Security Intelligence, Research & Threat Hunting (Integrated Section)
• Build and lead an intelligence‑driven defense program aligned with SOC operations.
• Establish a formal Threat Intelligence capability to collect, analyze, and operationalize insights from internal telemetry, external feeds, ISACs, and strategic partners.
• Conduct security research into emerging threats, attacker techniques, vulnerabilities, and APT activity relevant to the organization’s technology stack.
• Lead and mature proactive threat hunting programs across cloud, identity, network, and endpoint environments to identify and neutralize hidden threats.
• Develop detection engineering practices to translate intelligence into high‑fidelity detections, automated response playbooks, and enriched SOC workflows.
• Deliver threat briefings, risk advisories, and intelligence reports for leadership decision‑making.
• Partner with SOC, DFIR, cloud security, and architecture teams to continuously harden defenses.
• Monitor adversary behaviors, MITRE ATT&CK techniques, malware trends, and exploit developments to adapt defenses in real time.

Stakeholder & Vendor Management

• Collaborate with IT, Engineering, Legal, Compliance, and Business stakeholders.
• Manage relationships with vendors, MSSPs, threat intelligence providers, and consultants.
• Support customer and partner security assurance requests.

Team Leadership

• Build and develop a high‑performing cybersecurity team.
• Define and execute capability development and succession plans.
• Drive adoption of a strong security culture across the enterprise.

Qualifications & Experience

• 10+ years of progressive cybersecurity experience in leadership and hands‑on roles.
• Background in global enterprise or Fortune‑scale organisations.
• Proven ability to lead strategy, operations, and intelligence‑driven security functions.

Technical Expertise

• Deep knowledge of cloud security (AWS, Azure, GCP).
• Strong understanding of network, application, and endpoint security controls.
• Proficiency in IAM/PAM, Zero Trust, SOC/SIEM, threat intelligence platforms, and IR.
• Familiarity with DevSecOps and modern security engineering.

Leadership & Business Skills

• Strong communication skills for executive and non‑technical audiences.
• Risk‑based decision-making and strategic thinking.
• Ability to lead enterprise-wide initiatives and manage cross-functional programs.

Preferred Certifications

• CISSP, CISM, CISA, CCSP, CDPSE.
• Cloud‑security or threat‑intelligence‑related certifications are a plus.

Personal Attributes

• Strategic mindset with strong execution discipline.
• Comfortable operating in dynamic, complex, high‑stakes environments.
• High integrity, ownership, and accountability.
• Strong analytical and problem‑solving capabilities.