Head of Cyber Defense

We are seeking a seasoned cybersecurity leader to oversee our client's Security Operations Center (SOC) and Digital Forensics & Incident Response (DFIR) function. As the Head of SOC/DFIR, you will be responsible for shaping the threat detection, incident response, and digital forensics strategy, leading a high-performing team, and ensuring operational excellence across all security operations. This is a strategic leadership role that combines people management, operational oversight, and technical expertise to protect the organization from evolving cyber threats.


Key Responsibilities:

• Strategic Leadership: Define and execute the vision, roadmap, and strategy for SOC and DFIR operations, aligning with enterprise security and business objectives.
• SOC Management: Lead the SOC team in 24/7 monitoring, detection, and response to cyber threats across cloud, on-premises, and hybrid environments. Ensure processes are streamlined, automated, and scalable.
• DFIR Oversight: Direct digital forensics and incident response processes, ensuring rapid containment, root-cause analysis, and remediation of security incidents.
• Insourcing & Transformation: Lead the transition from outsourced to internal SOC/DFIR operations, establishing operational standards, workflows, KPIs, and reporting mechanisms.
• Threat Intelligence & Analytics: Integrate threat intelligence, analytics, and AI/automation to improve detection, reduce false positives, and enhance incident response efficiency.
• Governance & Compliance: Ensure SOC and DFIR operations adhere to relevant regulatory frameworks (e.g., MAS TRM, ISO 27001, SOC 2) and internal security policies. Prepare reports and briefings for executive leadership and board members.
• Team Development: Build, mentor, and retain a high-performing security team, fostering continuous learning, skill development, and knowledge sharing.
• Stakeholder Collaboration: Work closely with IT, cloud, risk, and business units to ensure security operations support business goals and digital transformation initiatives.

Requirements:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• 12+ years of experience in cybersecurity, with 5+ years in a senior leadership role managing SOC/DFIR teams.
• Strong expertise in incident response, digital forensics, threat hunting, SOC operations, and security monitoring tools (SIEM, EDR/XDR, SOAR).
• Hands-on experience with cloud security, network security, endpoint protection, and vulnerability management.
• Proven experience leading insourcing or transformation projects for SOC/DFIR functions.
• Knowledge of regulatory frameworks and compliance standards (e.g., ISO 27001, SOC 2, NIST, MAS TRM).
• Excellent leadership, communication, and stakeholder management skills.
• Ability to operate under high-pressure situations and make strategic, timely decisions.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi via LinkedIn or at [email protected] for a discussion. Due to the confidential nature of this search, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060