Global Head of Cyber Detections

We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. As part of a business wide transformation, we have an exciting opening for a new role of Global Head of Cyber Detections.

As part of the Cyber Defence and Security Operations department, you will manage the SOC and other cyber-attack detection services within WTW to ensure a world-leading and comprehensive monitoring capability is delivered to all parts of the business.

You will need to have excellent communicative skills to technical and non-technical audiences, and a solid business acumen to deal with multiple types of stakeholders across the business.

This role would suit those with an extensive history delivering SOC based services for global organisations and are used to working in a high-pressure environment with geographically dispersed teams across different time-zones.

The Role

• To detect and investigate all cyber security related incidents across WTW and escalate cases to relevant Incident Response teams
• Manage a geographically dispersed team supporting SOC based detection services on a 24/7/365 basis around the globe.
• Ensure shift coverage is adequate to meet business needs
• Design and implement new detection capabilities across the business whilst maintaining continuous improvements in the current capabilities
• Manage the case manager to ensure suitability for SOC services and request improvements from various support teams when required
• Integrate with the SOC Operations team to ensure detection rules are correct and have associated SOC playbooks
• Ensure playbooks and operating procedures within the SOC are adequate and effectively identify, triage and investigate cyber threats and attacks in a timely manner
• Integrate the detection services with the response teams and threat teams to ensure an efficient incident lifecycle is maintained
• Implement KPI and SLA’s and monitor adherence to targets
• Maintain a membership list and call out details of the Cyber Security Incident Group ensuing incidents are raised to the correct resolver groups when appropriate
• Implement regular Table Top Exercises to test SOC processes and procedures
• Conduct Quality Assurance reviews of SOC services and incidents ensuring lessons learned and improvements are implemented

The Requirements

• Experience in SOC Management for Enterprise Organisations (Essential)
• Strong experience in investigating and managing cyber security incidents to closure (Essential)
• Experiences managing shift based teams on a 24/7/265 basis and teams in different time-zones
• Strong communication skills, able to engage technical and non-technical audiences.
• Able to conduct data analysis, trend identification, and root cause analysis.
• Experience in undergoing audits, inspections, and evidence collection.
• Team player with excellent communication and coordination skills.
• Innovative problem-solver, people-focused, with a professional demeanour.
• Ability to cultivate a positive, security-aware culture within a fast-paced environment.

At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.

We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email candidate.helpdesk@willistowerswatson.com.