We are seeking an experienced Director of Cyber Defense to lead and enhance ourorganization’s cybersecurity capabilities. This role is responsible for overseeing the SecurityOperations Centre (SOC), Attack Surface Management, Incident Response and CrisisManagement, and Dark Web Monitoring. The ideal candidate must have solid CyberDefense practitioner experience and a proven track record of 15+ years in Cyber Security,with 5+ years leading cybersecurity teams and driving strategic security initiatives.
Key Responsibilities
Lead and mature the 24/7 Security Operations Centre (SOC) to detect, analyze, andrespond to cyber threats in real-time. Establish playbooks, escalation procedures, and cross-functional coordination forhandling critical security incidents. Dive deep into technical aspects of escalated incidents, in partnership with otherCyber Defense leads and cross functional peers Direct Incident Response (IR) and Crisis Management efforts, ensuring rapidcontainment, mitigation, and recovery from cyber incidents. Lead forensic investigations and post-incident reviews to improve security postureand prevent recurrence. Oversee Attack Surface Management to continuously assess, monitor, and reducethe organization’s exposure to cyber risks. Oversee Dark Web Monitoring initiatives to identify and assess leaked credentials,insider threats, and external attack indicators. Collaborate with Threat Intelligence teams to track adversary tactics, techniques, andprocedures (TTPs). Develop and execute a Cyber Defense strategy, aligning security operations withbusiness objectives. Manage, mentor, and grow a team of cybersecurity professionals across SOC andCyber Defense functions. Partner with IT, Risk, Legal, and Compliance teams to ensure alignment with securityframeworks and regulations. Present key cyber risk metrics, threat trends, and program updates to executiveleadership.
Qualifications & Experience 15+ years of overall experience including 5+ years leading cybersecurity teams inSOC and/or Cyber Defense Strong leadership and crisis management skills with experience handling majorsecurity incidents and executive-level communications. Deep expertise in MITRE ATT&CK, threat intelligence frameworks, adversaryemulation, and digital forensics. Proficiency working with cloud service providers such as AWS, Azure, GCP and mustbe able to demonstrate ability to effectively conduct IR on incidents within thesecloud environments Proficiency in SIEM, SOAR, EDR/XDR Experience implementing cyber defense strategies in large-scale enterpriseenvironments. Familiarity with regulatory requirements and compliance frameworks (NIST, CIS, ISO27001, GDPR, etc.). Strong knowledge of offensive security techniques and how to defend against them.
Preferred Certifications CISSP, CISM, GIAC (GCTI, GCIH, GCFA, GNFA, GDAT), CCSP, or equivalent. AWS/Azure/GCP Security certifications are a plus
