Head of Cyber Defence in London

Ingenico is the global leader in payments acceptance solutions. As the trusted technology partner for merchants, banks, acquirers, ISVs, payment aggregators and fintech customers, our world‑class terminals, solutions and services enable the global ecosystem of payments acceptance. With 40 years of experience, innovation is integral to Ingenico’s approach and culture, inspiring our large and diverse community of experts who anticipate and help shape the evolution of commerce worldwide. At Ingenico, trust and sustainability are at the heart of everything we do.

The Head of Cyber Defense is accountable for protecting the organisation from cyber threats by leading the strategy, governance, and operational execution of all defensive security capabilities. Reporting directly to the Chief Information Security Officer (CISO), the role provides leadership across threat detection, incident response, vulnerability management, application security, cloud and platform security, and identity security.

The organisation operates a Managed Security Service Provider (MSSP/MSP) model for Security Operations. The Head of Cyber Defense owns the relationship, performance oversight, and strategic direction of the MSP to ensure high quality, risk aligned security operations. The role leads five specialist domains through the following direct reports: Lead – SecOps Incident Management & Response, Lead – Application Security & Vulnerabilities, Lead – Cloud & Platform Security, Lead – IAM/PAM, and Lead – Incident Response and Cyber Resilience.

Key Results Areas

• Strategic Leadership & Cyber Defense Architecture: Define and execute the organisation's Cyber Defense Strategy, ensuring alignment with business objectives and the wider security strategy set by the CISO. Own the end‑to‑end cyber defense operating model across Enterprise and Tech Ops BAU, ensuring consistent protection and response. Develop and maintain a cohesive defense architecture across detection, response, identity, cloud, and application security. Ensure alignment between internal teams, Tech Ops, and third‑party providers (MSSP, platform teams). Drive continuous improvement and maturity uplift across all defensive capabilities. Ensure cyber defense strategy, architecture and control priorities are informed by current threat intelligence, attacker techniques and incident trends.
• Security Engineering & Platforms: Own cybersecurity engineering across endpoint protection (EDR/XDR), network security, email and collaboration security, and cloud and platform security (including Azure, AWS, GCP). Drive secure‑by‑design implementation for security tooling, platforms, and integrations. Ensure scalability, resilience, and operational effectiveness of all security controls.
• Security Operations Oversight (MSP-Delivered): Act as the senior owner of the MSP relationship for Security Operations. Set performance expectations, SLAs, KPIs, and quality standards for SOC services. Ensure effective threat detection, triage, escalation, and incident response processes. Own the quality, coverage and continuous improvement of security detection use cases, including validation, tuning and effectiveness of detections delivered by internal platforms and the MSP. Ensure clear escalation paths, governance, and continuous improvement of MSSP services. Lead service reviews, challenge performance, and ensure the MSP delivers measurable risk reduction.
• Security Incident Response, Crisis & Tabletop Exercises: Provide executive oversight of major cyber incidents, ensuring coordinated response across internal teams, MSP, and external partners. Serve as the senior escalation point for high‑severity incidents. Ensure effective coordination during major incidents with Legal, Data Protection, Communications and senior management, including regulatory and customer impact assessment where required. Ensure post‑incident reviews, root‑cause analysis, and remediation plans are completed and embedded. Lead crisis management, preparedness, incident tabletop exercises and crisis simulations across Enterprise IT, and coordinate with Technology security/operations where required. Ensure lessons learned are captured and translated into improved controls and processes. Ensure cyber resilience and technical recovery readiness are embedded into incident response, including coordination with IT disaster recovery and business continuity teams from a cyber perspective.
• Vulnerability, Application, and Platform Security: Oversee the organisation's vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks. Ensure cloud and platform security controls are effectively designed, implemented, and monitored to support proactive vulnerability management. Define prioritisation, risk‑based remediation expectations, and escalation for unaddressed vulnerabilities and weaknesses. Ensure effective coordination between teams, including MSP, Product Security, and Technology Ops.
• Identity, Access, and Privileged Access Management: Provide strategic direction for IAM and PAM capabilities, ensuring robust identity governance, access control, and privileged account security. Own global IAM and PAM security from a cyber defense perspective, including technical security architecture, monitoring and detection of identity‑based threats, and privileged access controls and abuse detection. Oversee the adoption of Zero Trust principles across identity and access.
• Governance, Risk & Compliance: Ensure all cyber defense activities align with regulatory, legal and policy requirements. Contribute to enterprise risk assessments and provide expert input on cyber risk posture. Support the Head of Security Risk Management with evidence and material for audits, risk assessments and customer assurance. Produce clear reporting for the CISO, senior leadership, and governance committees.
• Leadership & People Management: Lead, mentor, and develop a team of senior security specialists and domain leads. Foster a culture of accountability, innovation, and continuous improvement. Build strong relationships with technology, risk, compliance, and business stakeholders.

Candidate Requirements

Skills & Experience – Essential:

• Proven leadership experience in cyber defense, security operations, or incident response at scale.
• Strong understanding of modern security architectures, cloud security, identity security, and application security.
• Experience managing or governing MSP/MSSP‑delivered security services.
• Demonstrated ability to lead during high‑pressure cyber incidents.
• Strong stakeholder management and communication skills, including reporting to senior executives.
• Deep knowledge of threat landscapes, attacker techniques, and defensive controls.

Skills & Experience – Desirable:

• Experience in regulated industries.
• Certifications such as CISSP, CISM, CCSP, GIAC, or equivalent.
• Experience implementing Zero Trust, DevSecOps, or advanced detection engineering.

As part of our values, we embrace diversity and inclusion at Ingenico. We are an equal opportunity employer and do not discriminate on the basis of an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status or any other protected characteristic under applicable law, whether actual or perceived. Ingenico welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. We want to adapt our processes and create a safe work environment that welcomes everyone.