Director of Cybersecurity

We are a global ESG leader with operations in 130+ countries, trusted by institutional investors and clients worldwide. With rapid growth through M&A and organic expansion, safeguarding data, platforms, and client trust is mission-critical.

The Opportunity
We are seeking a Director of Cybersecurity to design, build, and lead the firm’s cybersecurity function. The successful candidate will scale a currently lean team, oversee outsourced SOC/NOC operations, and progressively build internal capability. This role blends strategic leadership with hands-on execution across governance, risk, compliance, and advanced threat management.

Key Responsibilities

• Strategy & Governance
• Define and execute a multi-year cybersecurity roadmap aligned with ESG and enterprise priorities.
• Establish KPIs, reporting metrics, and a cyber maturity framework to measure progress.
• Operational Oversight (Outsourced SOC/NOC)
• Govern third-party SOC/NOC providers to ensure 24×7 monitoring, rapid detection, and incident response.
• Manage vendor SLAs, escalation processes, and security event workflows.
• Lead incident response playbooks, coordinating across internal teams and external partners.
• Risk, Compliance & Trust
• Ensure compliance with GDPR, ISO 27001, SOC 2, and emerging regulations such as DORA and Cyber Essentials Plus.
• Partner with Compliance and Legal teams to align policies with ESG transparency requirements.
• Innovation & Technology
• Deploy and optimize advanced platforms: XDR, SIEM, IAM, and Zero Trust frameworks.
• Introduce automation and AI to accelerate threat detection and response.
• Evaluate and manage third-party/vendor risk across the supply chain.
• Team Growth & Leadership
• Build and scale an in-house cybersecurity team (analysts, engineers, architects) across key global regions.
• Mentor and develop staff, while fostering a security-first culture across the business.
• Lead employee awareness and training initiatives to raise overall cyber resilience.

Candidate Profile

• 12+ years in IT security, including 5+ in senior leadership roles.
• Experience building teams from the ground up and managing outsourced SOC/NOC partnerships.
• Expertise in cloud security (Azure/AWS), endpoint protection (EDR/XDR), SIEM, and IAM solutions.
• Strong understanding of regulatory frameworks: GDPR, ISO 27001, SOC 2; familiarity with ESG and financial services compliance is a plus.
• Demonstrated ability to scale cybersecurity functions in global, complex environments.
• Excellent communicator with proven ability to engage stakeholders across technology, operations, and compliance.

Success Measures

• Uplift in cyber maturity index within 12–18 months.
• Reduced mean time to detect/respond (MTTD/MTTR) through SOC governance.
• Effective first-line oversight of outsourced SOC/NOC providers.
• Growth of internal cybersecurity capability from baseline to scalable team.
• Demonstrable reduction in organizational cyber risk profile.

Why This Role Matters
This is a build-and-scale leadership mandate. The Director of Cybersecurity will establish the firm’s global cyber capability, balancing outsourced expertise with in-house team growth, while enabling sustainable business expansion and protecting client trust.

We are an equal opportunities employer and welcome applications from all qualified candidates. We are committed to a policy of equal employment opportunity for all employees and applicants.