Cyber Operations Director

Responsibilities

Lead and evolve the enterprise Cyber Threat Intelligence (CTI) program, delivering strategic, operational, and tactical intelligence to proactively identify, assess, and mitigate threats targeting the organisation and the broader financial services sector.

• Direct and develop a global team of threat intelligence analysts, setting priorities, allocating resources, and leveraging advanced technologies, including AI and LLM capabilities, to maximize intelligence collection, effectiveness and operational efficiency
• Oversee threat research and analysis, including threat actor profiling, indicators of compromise (IOCs), tactics, techniques and procedures (TTPs), and emerging threat trends, to support threat hunting, detection engineering, vulnerability management, and incident response activities
• Partner with CSOC, Incident Response, CISO functions and broader Intelligence functions to provide actionable intelligence during cyber incidents, enhance defensive controls, and improve organisational cyber resilience
• Maintain operational intelligence‑sharing relationships with FS‑ISAC, industry peers, government agencies, and trusted external partners to strengthen situational awareness; intelligence collection capabilities and supporting broader external Cyber engagement and partnerships
• Translate complex intelligence assessments into executive‑level briefings, strategic risk insights, and actionable recommendations for senior leadership, business stakeholders, and board‑level audiences
• Mature and implement threat intelligence operating model, frameworks, processes, and intelligence requirements, ensuring alignment with business objectives, risk management priorities, and the evolving threat landscape

• Deep expertise in Cyber Threat Intelligence, cybersecurity operations, incident response, and risk management, with extensive knowledge of threat actor methodologies, MITRE ATT&CK, cyber kill chain frameworks, and threats relevant to the financial services sector
• Proven leadership experience building, scaling, and managing enterprise threat intelligence functions within large, complex organisations, including people leadership, capability development, performance management, and strategic resource allocation
• Demonstrated success designing and enhancing threat intelligence programs, platforms, and processes, including the deployment and optimisation of Threat Intelligence Platforms (TIPs), OSINT capabilities, intelligence automation, and integration with security operations
• Strong technical background in threat intelligence analysis, threat actor tracking, campaign analysis, security research, threat hunting, detection engineering, and the development of scalable cybersecurity solutions supporting detection, response, and vulnerability management
• Experience leveraging and integrating security technologies, including SIEM and SOAR platforms (e.g., Splunk), to ope rationalise intelligence, automate workflows, and improve the effectiveness of security controls and incident response capabilities
• Exceptional communication, presentation, and stakeholder management skills, with a proven ability to translate complex cyber threats into actionable business insights and deliver intelligence briefings to executive leadership, board members, and non‑technical audiences
• Proven track record within financial services, banking, or other highly regulated environments, combining strong critical thinking, project management, and strategic planning capabilities to align threat intelligence initiatives with business objectives and risk priorities

To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber‑attacks and respond to threats.

• Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage
• Identification of emerging cyber security threats, attack techniques and technologies to…