Global Head of Threat Intelligence

We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. As part of a business wide transformation, we have an exciting opening for a new role of Global Head of Threat Intelligence.

As part of the Cyber Defence and Security Operations department, you will be a senior leader managing the Threat Intelligence service ensuring WTW can prevent and better understand cyber-attacks against our environment.

You will need to have a good technical aptitude, excellent communicative skills to technical and non-technical audiences, and a solid business acumen to deal with other senior stakeholders across the business.

This role would suit those with an extensive history TI for global enterprise organisations or have led MSSP services and are used to working in a high-pressure environment and managing geographically dispersed teams across different time-zones.

The Role

As the Global Head of Incident Response, your primary responsibilities will be:

• Manage and develop a global team of Cyber Threat Intelligence analysts, providing expert assistance during a cyber incident and for routine investigations escalated by the SOC.
• Manage a team of analysts spread out cross the globe and recruit new team members as required
• Develop working processes linking Threat Intelligence to Threat Hunting to enhance our Threat-led approach to cyber security.
• Develop our internal and 3rd party threat intelligence capabilities, focusing on sectors and geographies WTW operate in, to ensure relevant stakeholders understand and become accountable for the threats we face.
• Maintain a Threat Intelligence gathering and briefing system within WTW to ensure technology teams are aware of threats and become accountable for addressing them within the technologies they manage.
• Integrate Threat Intelligence to the vulnerability management program to ensure new vulnerabilities are remediated
• Provide senior stakeholder and board level briefings.
• Overall, bring Threat Intelligence to the top of all processes to ensure WTW is a threat lead organisation

Your teams’ key responsibilities:

• Monitoring darkweb and other locations for information relevant to WTW
• Monitoring our key clients and suppliers for issues that may impact WTW
• Staying up-to-date with emerging and known attacks, TTP’s and KEV’s and proactively ensure WTW can detect cyber-attacks utilising them
• Other relevant tasks as designated by the Global Director of Cyber Defence

Overarching Business Tasks

To ensure all parts of WTW are monitored by our Threat Services with robust processes in place to disseminate information and perform threat related investigations to prevent cyber incidents occurring or to reduce their impact.

Communications and Relationships

Internal:

• Close working relationships will be needed with other team members around the globe
• You will need to work with technical contacts throughout the business and with multiple third parties
• You will need to brief the security leadership team, board member and other internal business units on threat related criteria

The Requirements

What you will need:

• It is essential that you have extensive experience as a senior leader within a financial Services enterprise organisation(s) managing threat intelligence teams and related services
• A strong track record of dealing with cyber incidents within a TI capacity
• A solid understanding of cyber risk and how cyber-attacks are conducted across endpoints, cloud and on-premise networks

Beneficial:

• Experience within a Global SOC, either within an MSSP function or an internal enterprise level SOC
• Experience working with Sentinel and Defender for “X”
• Great verbal and written communication skills, and the ability to write reports, processes and procedures in a structured manner
• Previous exposure to a variety of compliance and regulatory requirements such as FCA, PCI, ISO27001, GDPR and other global regulations
• Experience running a global team sitting in different time zones

At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.

We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email [email protected]