Skills

Communication Leadership Incident Response Malware Analysis Cloud Security Forensics Monitoring Training Team Leadership Analytics

Job Specifications

HEAD OF CYBER DEFENCE

HYBRID WORKING - LONDON (LIKELY 3-4 DAYS PER WEEK ON-SITE)

SALARY NEGOTIABLE UP TO £130K

We are seeking an experienced Cyber Defence Manager to lead and mature our global cyber defence and security operations capabilities.

Reporting to the CISO, this role is responsible for the day-to-day leadership and development of the Security Operations Centre (SOC), strengthening our ability to detect, investigate, and respond to cyber threats across a complex and evolving technology estate.

This is a hands-on leadership role suited to someone currently operating as a SOC Manager or Senior Incident Response professional who is ready to take the next step into a broader cyber defence leadership position.

The successful candidate will oversee SOC operations, incident response, threat detection, and security monitoring, ensuring the right people, processes, and technologies are in place to protect critical systems and data. The role works closely with security engineering, technology teams, risk, and compliance to continually improve detection capabilities and operational resilience.

Key Responsibilities

SOC Leadership & Cyber Defence Operations

Lead the 24x7 security operations capability, overseeing SOC analysts and security monitoring activities.
Provide operational leadership across incident detection, investigation, and response.
Act as the primary escalation point for L1, L2 and L3 SOC analysts and coordinate response activities across internal teams and external partners.
Develop and maintain SOC runbooks, playbooks, and operational procedures.
Drive improvements in SOC maturity, processes, and operational efficiency.

Threat Detection & Monitoring

Oversee security monitoring across on-premise, cloud, and hybrid environments.
Enhance SIEM detection use cases, analytics, and alerting capabilities.
Work with threat intelligence to identify emerging threats and improve detection coverage.
Drive automation and tooling improvements within the SOC.

Incident Response

Coordinate and lead responses to cybersecurity incidents and investigations.
Ensure incidents are managed through a structured lifecycle from detection to recovery.
Conduct post-incident reviews and lessons-learned exercises to strengthen controls and detection.
Support cyber crisis response when major incidents occur.

Continuous Improvement

Identify gaps in monitoring, logging, and response capabilities.
Work with security engineering teams to improve EDR, SIEM, and security tooling.
Support development of detection engineering and proactive threat hunting capabilities.

Stakeholder Engagement

Work closely with technology, infrastructure, risk, and compliance teams to improve security operations.
Provide clear reporting on security events, trends, and operational performance.
Support regulatory, audit, and client assurance activities where required.

Team Leadership & Development

Mentor and develop SOC analysts and security operations staff.
Build a strong operational culture focused on collaboration, accountability, and continuous improvement.
Help grow internal cyber capability through training and knowledge sharing.

Key Skills & Experience

Strong experience in security operations, cyber defence, or incident response environments.
Proven background working in or managing SOC teams.
Hands-on experience with:
SIEM platforms
Endpoint Detection & Response (EDR)
Threat detection and response
Security monitoring and log analysis
Strong understanding of cyber threat actors, attack techniques, and detection strategies.
Experience managing or coordinating major security incidents.
Familiarity with cloud security environments and modern infrastructure.
Ability to improve and develop detection use cases and SOC processes.
Excellent communication skills with the ability to engage both technical teams and senior stakeholders.
Ability to stay calm and structured when responding to high-pressure incidents.

Preferred Experience

Experience working in financial services or other regulated environments.
Exposure to managed security service providers (MSSPs).
Knowledge of threat intelligence, malware analysis, or digital forensics.
Experience supporting security audits or regulatory requirements.

Qualifications

Degree in Information Security, Computer Science, or a related field, or equivalent experience.
Relevant industry certifications such as:
CISSP
CISM
GIAC
GCIA / GCIH (or similar operational security certifications)

About the Company

At Sectech Solutions, we don't just fill roles, we provide trusted, quality-driven people solutions to strengthen your organization's cybersecurity capabilities. Our focus is on helping businesses find, hire, and retain the best cybersecurity talent in the world. Experience: With over 1,000 successful placements, we have a proven track record of delivering results. We ensure 100% of the roles we take on receive new CVs from fully qualified candidates, demonstrating our commitment to filling every position. Speed: Ou... Know more