Director, Group Information Security – Cyber Fusion Centre (CFC)

Key Responsibilities

Threat Detection & Response Efficiency

• Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for critical incidents.
• Percentage of incidents contained within defined SLA timelines.
• Reduction in false positives through improved detection tuning and automation.

Threat Intelligence & Hunting Maturity

• Number of validated threat intelligence reports disseminated to stakeholders.
• Frequency and effectiveness of threat-hunting exercises conducted across markets.
• Integration rate of external threat feeds and intelligence platforms into operations.

Incident Management & Forensics

• Percentage of incidents with completed forensic investigations and root cause analysis.
• Timeliness of incident reporting and escalation across all markets.
• Quality and completeness of post-incident reports and lessons learned documentation.

Vulnerability & Penetration Testing Coverage

• Percentage of critical assets covered by regular vulnerability scans and penetration tests.
• Time to remediate high-risk vulnerabilities across business units.
• Reduction in recurring vulnerabilities through improved remediation tracking.

Security Operations & Monitoring

• Uptime and performance of SIEM, SOAR, and XDR platforms.
• Coverage of continuous monitoring across cloud, on-prem, and third-party environments.
• Number of anomalies detected and investigated per reporting cycle.

Data Protection & Insider Risk Metrics

• Number of insider risk alerts investigated and resolved.
• Coverage of data loss prevention (DLP) controls across sensitive data flows.
• Reduction in unauthorized access incidents and data handling violations.

Global Event & Risk Readiness

• Number of global threat scenarios simulated and tested annually.
• Timeliness and effectiveness of response to geopolitical or global cyber events.
• Engagement level of local teams in global cyber drills and tabletop exercises.

Stakeholder Engagement & Satisfaction

• Feedback score from internal stakeholders on Cyber Fusion Centre support and responsiveness.
• Number of cross-functional engagements and collaborative threat response initiatives.
• Quality of executive reporting and decision-making support provided.

Cyber Fusion Centre Maturity & Transformation

• Achievement of maturity milestones aligned with frameworks (e.g., MITRE ATT&CK, NIST CSF).
• Successful integration of Cyber Fusion capabilities into digital and cloud transformation programs.
• Increase in automation and orchestration coverage across incident response workflows.
• Implementation of secure-by-design principles in threat detection and response architecture.

External and Internal Contacts

• Group CISO
• Group CTOO
• Group CRO and 2LOD
• Market CTOs, CTOOs and CROs
• Market BISOs
• Group and Business Units Internal Audit
• External Auditors
• Vendors and/or Service Providers
• Group Head of Infrastructure & Cloud
• Group Head of Application
• Head of Enterprise Architecture
• Group Head of Shared Services – TIM, VTC, CTC
• Head of Application Delivery
• Head of IT Strategy

Qualification & Requirements

Qualifications / Experience

• Master or Degree from Information Technology, Engineering or equivalent discipline.
• More than 15 years’ experience in Information Technology, Information Security Engineering and/or Identity
• Demonstrated experience in leading multiple stakeholders focusing on critical problem resolution in pressured situations.
• Experience supporting cyber security incident management in a large corporation.
• Demonstrated people leadership and stakeholder management skills in a multi-cultural environment.
• Strong communication and presentation skills with ability to influence and negotiate with senior stakeholders across different markets and cultures to achieve desired outcome for the benefits of the organization.
• CISSP, CISM, CISA, CRISC or ISO27001 Certifications required.

Knowledge & Technical Skills

• Broad and comprehensive understanding of Financial Services industry (insurance in particular).
• Strong knowledge on Security Strategy, Architecture, Threat Analysis & Defence, Threat Intelligence & Detection, Cyber Forensics, Cyber Risk Management and Emerging Technology Synthesis.
• Prior experience in crowd strike, Splunk or equivalent SIEM/ EDR/XDR technologies and associated service providers.
• Strong verbal and written communication skills, including the ability to provide technical thought leadership on security incident investigation calls with other technology teams, and the ability to translate and simplify complex technical concepts for consumption by non-technical audiences.
• Demonstrated experience working globally and building multi-national teams is key, as well as the ability to lead through both organizational structures and positive influence.
• Comprehensive and relevant KRIs and metrics for Technology Assurance and Information Security Teams.

Competencies

• Leadership and coaching skills
• Senior Stakeholder Management skills
• Strategic Planning
• Change Management
• Business and Financial Acumen
• Strong and Effective Communication, Influencing and Negotiation skill
• Advisory and Consultative skills
• Global Mindset and Transdisciplinary Thinking
• Conflict management
• Negotiation Skills
• Strategic Problem Solving and Decision Making

Benefits

No information available.