Head of Cyber Fusion Centre

Job Type:

Permanent

Build a brilliant future with Hiscox
 

Position: Head of Cyber Fusion Centre

Reporting to: Chief Information Security Officer (CISO)

Location: London or York (preferable), UK

Type: Permanent

Band: III

Company description

Hiscox is a diversified international insurance group with a powerful brand, strong balance sheet and plenty of room to grow. Listed on the London Stock Exchange and headquartered in Bermuda (with the bulk of group leadership sitting in London), Hiscox has over 3,000 staff across 14 countries and 34 offices.

Structured by geography and product, Hiscox’s long-held business strategy has helped them grow from a niche Lloyd’s underwriter to an international insurance group with a powerful and trusted consumer brand. Hiscox is comprised of the following business units: 
 

• London Market
• Reinsurance & Insurance Linked Securities (ILS)
  • Hiscox Retail USA 
  • Hiscox Retail UK 
  • Hiscox Retail Europe 
     

For the financial year 2023, GWP grew to $4,598m with net premiums earned of $3,555m, returning a record pre-tax profit of £625.9M. At Hiscox, our corporate values are considered crucial to our success. They are: 
 

• Courage; dare to take a risk 
• Human; clear, fair, and inclusive 
• Ownership; passionate, commercial, and accountable 
• Integrity; do the right thing, however hard 
• Connected; together, build something better 

The Role

The role of Head of Cyber Fusion Centre is to oversee our global cyber operations capability. You will lead a team responsible for proactively identifying cyber threats, responding to these threats and protecting our business from harm – 24 hours a day, 7 days per week, 365 days per year. It’s an exciting time to be taking on the role, as we begin our transition from a conventional Security Operations Centre (SOC) to a Fusion Centre operating model. You will be there at the start to shape the future of security operations for our business, and build a capability that we can all always depend on to safeguard our people and our business from cyber threats.

The role leads the largest proportion of the Cybersecurity function at Hiscox, and needs a leader who can motivate and inspire their team to achieve technical excellence and never settle for average. You will be responsible for leading a multidisciplinary team consisting of Red Team, Blue Team, Security Engineers and Service Delivery leads. Technical knowledge and experience of both Red and Blue Team activities is essential to the success of this role. You will need to work closely with the Cyber Delivery Lead to ensure requirements and roadmap capabilities are clearly defined and planned. You will also be responsible for managing third party service providers in our partner ecosystem. The Head of Cyber Fusion Centre will report directly to the CISO and is a member of the Cyber Leadership Team (CLT). The role is based in London or York (UK) and is a permanent position.
 

Key Responsibilities
 

• Responsible for the end-to-end delivery of cybersecurity operations for the business.
• Build, develop and maintain a roadmap of operational security capabilities for the Fusion Centre, based on agile and continuous improvement processes.
• Develop, implement, test and maintain our cyber incident response processes and procedures - including the timely triage, analysis, containment, eradication and recovery from an incident.
• Lead our initial response to security incidents, and escalate accordingly.
• Communicate with executives on active incidents, and be able to clearly articulate complex technical details to audiences of varying technical understanding.
• Provide technical leadership to a multidisciplinary team of security analysts (Red and Blue), engineers and service delivery managers.
• Design, deliver and manage cyber related exercises such as table tops and cyber ranges.
• Measure the effectiveness and performance of operational security controls through KRI and KPI metrics – ensuring operational readiness and resilience are maintained to acceptable levels.
• Identify methods to continuously enhance our security operations and incident response processes and capabilities.
• Acquire, train and retain cyber talent, with a focus on continuous professional development.
• Train and mentor Fusion Centre personnel, and build an environment that promotes knowledge sharing with other business teams.
• Manage third party service providers in accordance with agreed SLAs, and associated quality and budget expectations.
• Build and develop our relationships with industry partners.
• Help to build and develop our 24/7 security operations mindset.
   

Candidate Profile

• Minimum of 8 years experience in cybersecurity operations, with at least 3 years in a leadership role.
• Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, CIS, etc.).
• Excellent knowledge of penetration testing tools, and practices for ethical hacking.
• Excellent knowledge of Security Information and Event Management technologies and processes.
• Excellent knowledge of Threat and Vulnerability Management technologies and processes.
• Strong knowledge of Threat Intelligence systems and processes.
• Strong knowledge of security engineering practices and procedures.
• Strong knowledge of security technologies, tools, and methodologies (e.g., firewalls, encryption, penetration testing, etc.).
• Familiar with financial services (preferably insurance) security standards and regulatory requirements.
• Previous experience leading and managing a Security Operations Centre (preferably a next generation Cyber Fusion Centre), or a global Cyber Incident Response Team (CIRT).
• Excellent communication and stakeholder management skills.
• Ability to design, plan, coordinate and deliver operational security capability roadmaps.
• Good leadership and team management skills, with the ability to motivate and develop staff and foster a culture of collaboration and technical excellence.
• Certified Information Systems Security Professional (CISSP), or equivalent certification is desirable.
• Industry recognised qualifications and experience in penetration testing (preferably CREST certified) and incident response handling is desirable.

Diversity & Benefits

At Hiscox we care about our people. We hire the best people for the job and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success.

Working life doesn’t always have to be in the office, so we have introduced hybrid working to encourage a healthy work life balance. This hybrid working model is set by the team rather than the business to enable you to manage your own personal work-life balance.

We see it as the best of both worlds; structure and sociability on one hand, and independence and flexibility on the other.

Our benefits package includes a bonus, contributory pension, 25 days annual leave plus 2 Hiscox days and a 4 week paid sabbatical with every 5 years’ worth of service, private medical for all the family and much more. 

#LI-EB1 #LI-HBRID

Work with amazing people and be part of a unique culture