Global Head of Cyber Defence in London

Reporting to the Group Chief Information Security Officer, the Global Head Cyber Defence helps build, manage and mature our cybersecurity posture. This is a key role that is accountable for our 24X7x365 global security operations center, improving our incident detection, incident response and incident management capabilities, and ensuring we have the appropriate people, processes and technologies to detect, prevent and respond to the ever-changing cyber threat landscape.

The Global Head of Cyber Defence is accountable for leading and continuously strengthening Apex Group’s cyber defence capabilities across all regions and entities. This role provides strategic direction and operational oversight for threat detection, incident response, security monitoring, and cyber resilience, ensuring Apex can proactively predict, prevent, detect, respond to, recover and govern from cyber threats and risks in a complex and evolving threat landscape.

The role partners closely with Security Engineering, IT Risk, Governance, Technology, Risk, Legal, Compliance, and the business to protect Apex’s information assets, client data, and critical services, while enabling secure growth and transformation.

• Cyber Defence Strategy & Leadership
  • Deliver the Group CISO Cyber Strategy and Target Operating Model.
  • Define and execute Apex’s global cyber defence strategy, aligned to the Group’s risk appetite, regulatory obligations, and business priorities.
  • Provide clear leadership and direction to regional cyber defence teams, fostering a strong security culture and consistent operating model across all entities.
  • Act as a senior cyber security leader and trusted advisor to executive management and governance forums.
  • Serve as a point of escalation for the L1, L2, L3 SOC Analysts, Head of SOC, MSSP, and other vendors, lead and coordinate response efforts with other groups and stakeholders.
  • Stay current with evolving threats, vulnerabilities, tools, technologies and threat actor TTPs to help improve detection and response capabilities.
  • Develop and refine standard operating procedures in the form of run books and playbooks for incident response and threat detection.
  • Provide oversight and guidance on the technical analysis, log reviews, and assessments of cybersecurity incidents throughout the incident management lifecycle.
  • Identify opportunities of improvement with the processes, procedures, and our detection capabilities including detection use cases within our SIEM for our expanding estate using appropriate scripting languages.
  • Assist with additional ad hoc projects as required.
  • Perform all duties requested by the Group CISO to deliver the Target Operating Model and Cyber Security Strategy.
• Build and oversee global security operations
  • Ensure effective detection of advanced threats across on-premise, cloud, and third-party environments.
  • Drive continuous improvement in tooling, automation, and data-driven security analytics.
• Incident Response & Crisis Management
  • Own Apex’s cyber incident response capability, ensuring preparedness, tested playbooks, and rapid, coordinated response to cyber events.
  • Lead response to major cyber incidents, working closely with Legal, Communications, Risk, and senior leadership.
  • Ensure post-incident reviews are conducted and lessons learned are embedded to improve resilience.
  • Run and coordinate annual cybersecurity tabletop exercises, that spread across both technical and non-technical areas and testing.
• Cyber Resilience & Assurance
  • Strengthen cyber resilience through effective vulnerability management, attack surface reduction, and defensive controls.
  • Partner with Technology Assurance, Risk, and Audit teams to ensure cyber defence controls are robust, tested, and aligned to regulatory expectations.
  • Provide clear reporting on cyber threats, incidents, and control effectiveness to senior stakeholders.
• Third-Party & Emerging Technology Risk
  • Ensure cyber defence considerations are embedded into third-party risk management, including cloud providers, managed service providers, and offshore service models.
  • Address emerging risks such as AI-enabled threats, complex cloud architectures, and evolving attacker techniques.
• Stakeholder Engagement & Governance
  • Engage with regulators, clients, and external partners as required on cyber defence matters.
  • Support regulatory examinations and client assurance activities relating to cyber security and operational resilience.
  • Provide clear, concise, and actionable reporting to executive and board-level forums.
• People & Capability Development
  • Build and maintain a high-performing global cyber defence team with strong technical depth and leadership capability.
  • Drive succession planning, skills development, and talent retention across the cyber defence function.
  • Promote collaboration across regions and with broader Technology and Risk teams.
• Leadership & People Management
  • Lead and develop global cyber Technical and Operational Services, advisory and service delivery teams.
  • Build a strong delivery culture focused on accountability, quality, and continuous improvement.
  • Manage strategic cyber security vendors and service providers.
  • Support talent development in line with Apex’s growth and acquisition strategy.

• Minimum of 10 years of extensive cybersecurity experience, with at least 7 years in a senior leadership role and a proven track record in leading a global cyber defence/SOC functions.
• Extensive experience leading cyber defence, security operations, or incident response functions in a global, regulated environment.
• Deep technical knowledge of cyber threats, security monitoring, incident response, and defensive technologies.
• Knowledge of current and upcoming methodologies and trends in the cybersecurity landscape, including a deep knowledge of cyber threats, attack techniques, and cybersecurity frameworks/standards.
• Deep knowledge of threat detection and response; digital forensics and malware analysis; cloud security across the various cloud hosting platforms; endpoint detection and response; SIEM platforms and working knowledge of managed security service providers.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences at various hierarchical levels, ranging from senior leadership to technical specialists.
• Business acumen to understand enterprise operations, risk tolerance, and industry dynamics.
• Analytical skills to conduct technical assessments, prioritize vulnerabilities, and develop risk treatment plans.
• Strong understanding of cloud security, third-party risk, and modern technology environments.
• Proven ability to operate at executive level, influencing senior stakeholders and decision-makers.
• Experience with regulatory and client-facing security assurance in financial services or similar sectors.
• Strong leadership, crisis management, and communication skills.
• Passion for continuous learning to stay current on advancing threats and security best practices.
• Ability to maintain a calm structured mindset even when under pressure.

• Degree in Information Security, Computer Science, or a related field (or equivalent experience).
• Relevant industry certifications (e.g. CISSP, CISM, GIAC) preferred.