Band: 9

Experience: 7+ Years (Senior Leadership)

Team Size: 100+ Security Professionals (L1-L4)

Role Summary:

The Head of the Cyber Defense Center (CDC) is a high-impact senior leadership position responsible for the strategic governance, delivery, and technological transformation of global security operations. You will lead a multi-disciplinary organization of over 100 specialists across SOC, Incident Response, Threat Hunting, and Security Engineering. Your primary mission is to evolve traditional security operations into a high-velocity, "self-driving" CDC by integrating GenAI and autonomous agents. As the single point of accountability, you will ensure operational resilience, strict SLA adherence, and strategic alignment with the client's cybersecurity risk profile.

Responsibilities:

- Define and execute the long-term CDC vision and operating model, driving a multi-year roadmap focused on transitioning to an AI-augmented, autonomous SOC.

- Lead executive governance forums with client CISOs and Risk Officers, ensuring security operations align with evolving regulatory frameworks and business objectives.

- Own the global CDC performance framework, governing critical KPIs including Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), false-positive reduction, and automation ROI.

- Oversee 24x7 mission-critical operations across specialized towers: SOC, Incident Response, Threat Intelligence, and Vulnerability Management.

- Direct the response to major security incidents, providing senior leadership during crisis management, Root Cause Analysis (RCA), and post-incident remediation.

- Lead and scale a multi-tier talent ecosystem (L1-L4), including Analysts, Engineers, SMEs, and dedicated GenAI/Automation Engineers.

- Drive the technological optimization of the Microsoft Security stack, specifically Microsoft Sentinel, Defender XDR, Azure Logic Apps, and Security Copilot.

- Oversee the development and tuning of detection content to ensure maximum telemetry coverage and efficacy across SIEM, SOAR, EDR, and DLP ecosystems.

- Manage high-level stakeholder engagement with IT Operations, Infrastructure leaders, and Client Executive Leadership to synchronize security efforts with broader IT delivery.

- Preside over Monthly and Quarterly Business Reviews (MBRs/QBRs), delivering deep insights into the global threat landscape, operational maturity, and transformation progress.

- Foster a culture of continuous service improvement (CSI), utilizing data-driven insights to refine security engineering and incident management workflows.

- Lead talent development initiatives, including cross-skilling programs and the cultivation of a leadership pipeline to ensure long-term organizational stability.

Technical Requirements:

- Proven experience (7+ years in senior leadership) managing large-scale (100+) security operations teams within an enterprise or MSSP environment.

- Deep technical command of the Microsoft Security ecosystem: Sentinel (SIEM), Defender (XDR), and Security Copilot (GenAI).

- Expert knowledge of SOC automation strategies using SOAR platforms (e.g., Azure Logic Apps) and agentic AI for autonomous response.

- Strong understanding of Incident Response frameworks (NIST, SANS) and Threat Hunting methodologies (MITRE ATT&CK).

- Proficiency in governing Vulnerability Management, AppSec, DevSecOps, and Data Protection (DLP/IAM) service lines.

- Expertise in defining and reporting on security metrics that correlate technical performance with business risk.

- Familiarity with regulatory compliance standards such as GDPR, ISO 27001, SOC2, and industry-specific mandates.

Preferred Skills:

- Advanced security certifications such as CISSP, CISM, or GSLC.

- Experience in leading large-scale "Digital Transformation" projects specifically within a Cyber Defense context.

- Hands-on experience with AI/ML applications in cybersecurity, including the deployment of Large Language Models (LLMs) for security analysis.

- Exceptional negotiation and conflict-resolution skills, with the ability to manage high-pressure escalations across global stakeholders.

- Background in financial management, including budgeting for security tools, headcount, and infrastructure.

- Strong public speaking and presentation skills for executive-level reporting.