Deputy Head of Cybersecurity

We are seeking a highly experienced and hands-on Deputy Head of Cybersecurity to lead and manage day-to-day security operations while driving initiatives across security engineering, architecture, and governance, risk, and compliance (GRC). This is a senior leadership position focused on building operational maturity, ensuring secure design and implementation of systems (particularly cloud-native environments), and enforcing cybersecurity standards across the enterprise.

You will serve as a trusted deputy to the Head of Cybersecurity, directly managing a team of 7-9 cybersecurity professionals covering Security Operations Center (SOC), cloud security, GRC, and engineering domains. This role is instrumental in elevating security posture across both IT and cloud-native infrastructure in a fast-paced, high-growth environment.

Security Operations (Day 2):

• Lead and optimize daily security operations including monitoring, detection, incident response, and threat hunting.
• Own SOC performance and maturity, including tuning of SIEM/SOAR, alert triage processes, and playbook development.
• Oversee vulnerability management, threat intelligence integration, and coordination with MSSP partners (if applicable).
• Coordinate post-incident reviews and drive continuous improvement from lessons learned.

Security Engineering & Architecture:

• Drive the secure design, implementation, and maintenance of cloud and enterprise security controls (esp. in AWS/Azure/GCP).
• Collaborate with IT, DevOps, and cloud teams to embed security into CI/CD pipelines, infrastructure-as-code, and containerized environments.
• Evaluate and deploy security technologies and tools across endpoint, network, cloud, and application layers.
• Guide red/purple teaming initiatives and integrate findings into security control improvements.

Governance, Risk & Compliance (GRC):

• Ensure compliance with regulatory requirements and internal policies.
• Maintain cybersecurity policies, standards, and frameworks in line with best practices.
• Support audit and regulatory assessments, coordinate responses, and track remediation efforts.
• Lead risk assessments for projects, third-party vendors, and system changes.

Leadership & Team Management:

• Directly manage and mentor a team of 7-9 cybersecurity professionals, including hiring, development, and performance management.
• Serve as acting head in the absence of the Head of Cybersecurity.
• Build a culture of accountability, continuous learning, and innovation.
• Collaborate closely with business and technology stakeholders to align security initiatives with business goals.

Requirements:

• 10+ years of experience in cybersecurity roles with at least 3 years in leadership capacity.
• Proven experience leading security operations and incident response teams.
• Strong hands-on knowledge of cloud security architecture and tools
• Deep understanding of security frameworks and standards (e.g., NIST, ISO 27001, CIS Benchmarks).
• Track record of implementing and maturing enterprise security programs across operations, architecture, and compliance domains.
• Familiarity with Zero Trust architecture, DevSecOps practices, and modern identity security (IAM/PAM).
• Experience managing MSSPs or hybrid SOC environments.

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060