Head, Infrastructure Security

The Head of Infrastructure Security leads the organization’s threat prevention, detection, response, and recovery capabilities. This role owns the Security Operations Centre (SOC), incident response, threat intelligence, and security engineering functions.

Role Qualification:

Academic/Professional:

• Education: Bachelor’s degree in computer science, Information Security, or related; A master’s is an added advantage and any certifications strongly preferred: CISSP, CISM, GIAC (GCIA/GCIH/GCTI/GNFA), CCSK/CCSP, AZ-500, AWS Security Specialty.

Work Experience:

• 10+ years in Tech generally
• Minimum of 5 years in cybersecurity, with 3+ years leading SOC/IR or Cyber Defence functions at scale.
• Deep hands-on knowledge of SIEM/SOAR, EDR/XDR, NDR, cloud security (AWS/Azure/GCP), and forensics.
• Proven leadership in major incident management and executive-level communication.

Key Responsibilities:

• Define and execute the Cyber Defence Strategy, aligned with enterprise risk appetite and regulatory requirements.
• Align controls with frameworks (e.g., NIST CSF, MITRE ATT&CK, ISO 27001, CIS Controls), and audit readiness.
• Lead SOC operations: monitoring, triage, investigation, containment, and recovery.
• Manage Major Incident Response end-to-end (root cause analysis, lessons learned, and executive post-incident reports).
• Build/consume Threat Intelligence (strategic, operational, and tactical) to drive detection and control tuning.
• Coordinate Red/Purple Team exercises, breach simulations, and validate control effectiveness against real-world TTPs
• Drive automation (SOAR) for repetitive tasks, reducing MTTD/MTTR and false positives.
• Partner with IT/Cloud/Network teams to embed secure configurations, segmentation, and zero-trust principles.

Required Skills and Competencies:

• Background and technical knowledge and skills in information technology, information security and cyber security with a clear understanding of security controls design and implementation and information security trends.
• Working knowledge of information security management; Governance, Policy & Standards, Information Security Strategy, Information Security Awareness and Training, Innovation & Business Improvement, Legal & Regulatory Environment and Third-Party Management.