Reporting to the Chief Information Officer (CIO) as the Head of Cyber Defence, you will be responsible for enhancing the organisations cyber resilience to ensure information assets and business operations are safeguarded against modern threats. You will work with senior leaders across the business, and relevant third parties, in order to assess and communicate risk as well as directing the security effort. The role should focus on elevating the security capability and awareness across people, process and technology, acting as a champion for the cyber security programme.
Role & Responsibilities
- Develop and implement an effective security strategy that focuses on cyber resilience.
- Build a cyber defence operations function and a team of skilled security professionals, both direct and in the business, that are proficient in security detection and response, as well as implementing key security controls.
- Ensure security is embedded in the business with ownership and accountability clearly defined
- Be the primary point of contact for threat response and ensuring the company is able to respond
- Implement security controls related to threat protection, detection, response and simulation.
- Champion the cyber security programme and foster a security-aware culture.
- Develop cyber security training strategies to enhance knowledge across all departments.
- Ensure continuous security improvement through research and development, as well as attending conferences, webinars and collaborating with external partners.
- Oversee and implement both offensive and defensive operations to ensure the organisation has the necessary capabilities in place to prevail against cyber-attacks.
- Prepare threat intelligence briefings and monitor the external environment to ensure relevant stakeholders are informed on required courses of action to protect the business.
- Partner with QARA to ensure governance, risk, compliance and regulatory standards are met.
- Ensure a baseline level of security proficiency and policy adherence across relevant departments.
Skills & Qualifications
- 10+ Years' experience working in the information security industry.
- In-depth knowledge of Microsoft Azure
- Knowledge and proficiency in both offensive and defensive security operations.
- Experience in driving strategy and improvement across the enterprise.
- Deep technical knowledge of adversarial tactics, techniques and procedures as well as required countermeasures to protect the business and communicate risk effectively.
- Relevant degree and/or certifications desired.