Job Description

We are a global ESG leader with operations in 130+ countries, trusted by institutional investors and clients worldwide. With rapid growth through M&A and organic expansion, safeguarding data, platforms, and client trust is mission-critical.

The Opportunity

We are seeking a

Director of Cybersecurity

to design, build, and lead the firm's cybersecurity function. The successful candidate will scale a currently lean team, oversee outsourced SOC/NOC operations, and progressively build internal capability. This role blends

strategic leadership

with

hands-on execution

across governance, risk, compliance, and advanced threat management.

Key Responsibilities

Strategy & Governance

+ Define and execute a multi-year cybersecurity roadmap aligned with ESG and enterprise priorities.
+ Establish KPIs, reporting metrics, and a cyber maturity framework to measure progress.

Operational Oversight (Outsourced SOC/NOC)

+ Govern third-party SOC/NOC providers to ensure 24x7 monitoring, rapid detection, and incident response.
+ Manage vendor SLAs, escalation processes, and security event workflows.
+ Lead incident response playbooks, coordinating across internal teams and external partners.

Risk, Compliance & Trust

+ Ensure compliance with GDPR, ISO 27001, SOC 2, and emerging regulations such as DORA and Cyber Essentials Plus.
+ Partner with Compliance and Legal teams to align policies with ESG transparency requirements.

Innovation & Technology

+ Deploy and optimize advanced platforms: XDR, SIEM, IAM, and Zero Trust frameworks.
+ Introduce automation and AI to accelerate threat detection and response.
+ Evaluate and manage third-party/vendor risk across the supply chain.

Team Growth & Leadership

+ Build and scale an in-house cybersecurity team (analysts, engineers, architects) across key global regions.
+ Mentor and develop staff, while fostering a security-first culture across the business.
+ Lead employee awareness and training initiatives to raise overall cyber resilience.

Candidate Profile

12+ years in IT security, including 5+ in senior leadership roles. Experience

building teams from the ground up

and managing outsourced SOC/NOC partnerships. Expertise in cloud security (Azure/AWS), endpoint protection (EDR/XDR), SIEM, and IAM solutions. Strong understanding of regulatory frameworks: GDPR, ISO 27001, SOC 2; familiarity with ESG and financial services compliance is a plus. Demonstrated ability to scale cybersecurity functions in global, complex environments. Excellent communicator with proven ability to engage stakeholders across technology, operations, and compliance.

Success Measures

Uplift in cyber maturity index within 12-18 months. Reduced mean time to detect/respond (MTTD/MTTR) through SOC governance. Effective first-line oversight of outsourced SOC/NOC providers. Growth of internal cybersecurity capability from baseline to scalable team. Demonstrable reduction in organizational cyber risk profile.

Why This Role Matters

This is a

build-and-scale leadership mandate

. The Director of Cybersecurity will establish the firm's global cyber capability, balancing outsourced expertise with in-house team growth, while enabling sustainable business expansion and protecting client trust.