george-bernard-consulting~1d ago
New
New
Head of Cyber Defense & Threat Intelligence
Sri Lanka·ColomboexecutiveOtherHead
0 views0 saves0 applied
Quick Summary
Overview
Define and maintain enterprise cyber threat detection and response strategy across all technology domains Ensure detection capabilities are aligned with threat intelligence and MITRE ATT&CK techniques relevant to the Bank Provide oversight of SOC operations including alert handling, escalation…
Requirements Summary
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field Postgraduate qualification is preferred Professional certifications such as CISSP, CISM, or GIAC (GCIA, GCIH, GCED, GNFA) are preferred…
Technical Tools
cybersecuritystakeholder-management
- Define and maintain enterprise cyber threat detection and response strategy across all technology domains
- Ensure detection capabilities are aligned with threat intelligence and MITRE ATT&CK techniques relevant to the Bank
- Provide oversight of SOC operations including alert handling, escalation processes, monitoring quality, and operational effectiveness
- Ensure SOC coverage across endpoints, networks, applications, identities, cloud environments, and third-party systems
- Lead detection engineering activities including design, tuning, validation, and improvement of detection use cases across SIEM, EDR/XDR, IAM, email, network, and cloud platforms
- Maintain a threat coverage matrix mapping detection capability against MITRE ATT&CK techniques and identify gaps in coverage
- Improve detection quality by reducing false positives and strengthening telemetry, correlation logic, and logging coverage
- Establish and operate a threat intelligence capability to monitor adversaries, attack campaigns, vulnerabilities, fraud-related threats, and industry trends
- Convert threat intelligence into actionable detections, hunting scenarios, executive alerts, and security improvements
- Own and govern the cyber incident response framework including severity classification, playbooks, escalation paths, and post-incident reviews
- Lead or coordinate response to major cyber incidents in collaboration with technical and business teams
- Ensure incident handling includes proper evidence collection, root cause analysis, and structured documentation
- Develop and maintain structured threat hunting programs driven by intelligence, hypotheses, and incident learnings
- Coordinate proactive hunting across critical systems and environments to identify hidden threats
- Lead cyber exercises including tabletop simulations, purple teaming, breach simulation, and detection validation exercises
- Ensure gaps identified through exercises are converted into remediation and control improvements
- Define direction for digital forensics readiness including evidence handling, chain of custody, and external forensic coordination
- Ensure forensic outputs support regulatory reporting, remediation, and continuous improvement
- Provide regular reporting on threat landscape, incident trends, detection performance, and cyber risk posture
- Support CISO reporting to senior management, ISC, and Board-level committees
- Track and ensure closure of remediation actions arising from incidents, exercises, and control assessments
- Drive continuous improvement in cyber defense maturity across people, process, and technology
Requirements
~1 min read- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field
- Postgraduate qualification is preferred
- Professional certifications such as CISSP, CISM, or GIAC (GCIA, GCIH, GCED, GNFA) are preferred
- Additional certifications in incident response or digital forensics are an advantage
- 15–20 years of experience in cybersecurity, SOC operations, threat intelligence, incident response, or cyber defense roles
- At least 8–10 years of experience in banking, financial services, or other high-security regulated environments
- Proven experience leading SOC operations, major incident response, or enterprise detection engineering programs
- Strong technical understanding of security operations tools, SIEM, EDR/XDR, cloud security, and network monitoring
- Strong knowledge of MITRE ATT&CK and familiarity with MITRE D3FEND concepts
- Strong analytical and problem-solving capability in high-pressure environments
- Strong leadership skills with ability to manage crisis situations calmly and effectively
- Strong communication skills to translate technical incidents into business and risk language
- Strong stakeholder management and ability to coordinate across IT, security, and business teams
- Strong continuous improvement mindset focused on strengthening cyber resilience
Location & Eligibility
Where is the job
Colombo, Sri Lanka
On-site at the office
Who can apply
LK
Listing Details
- First seen
- May 5, 2026
- Last seen
- May 6, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 51%
- Scored at
- May 6, 2026
Signal breakdown
freshnesssource trustcontent trustemployer trust
External application · ~5 min on george-bernard-consulting's site
Please let george-bernard-consulting know you found this job on Jobera.
4 other jobs at george-bernard-consulting
View all →Explore open roles at george-bernard-consulting.
Browse Similar Jobs
Newsletter
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
A
B
C
D
No spam. Unsubscribe at any time.