Director of AI-Driven Security Operations Center (SOC)

About the role

We are seeking a visionary and operationally strong Director to lead our Security Operations Center (SOC) transformation, leveraging artificial intelligence, automation and advanced analytics to deliver next‑generation cyber defence.

Key responsibilities

• Develop and execute an enterprise AI‑enabled SOC strategy and roadmap, driving the shift to an AI‑augmented/autonomous operating model.
• Implement AI and machine‑learning capabilities for threat detection, behavioral analytics, anomaly detection, predictive risk scoring, automated triage and intelligent alert correlation.
• Lead 24/7 SOC operations, overseeing analysts, threat hunters, detection engineers, incident responders and automation engineers.
• Direct major cyber incident response activities, including ransomware, APTs, insider threats, cloud compromises and AI‑enabled attacks, using AI‑assisted response workflows and SOAR orchestration.
• Develop defenses against AI‑generated phishing, deepfake social engineering, LLM abuse, adversarial AI threats and model manipulation.
• Oversee AI‑integrated security technologies such as SIEM, SOAR, UEBA, EDR/XDR and threat‑intelligence platforms, and drive cloud‑native security analytics.
• Lead SOC automation initiatives to reduce manual effort, improve operational efficiency and continuously optimise detection engineering and telemetry.
• Guide AI‑assisted threat hunting and proactive cyber defence operations.

Required profile

• Visionary leader with proven experience managing enterprise‑wide SOC operations and incident response.
• Strong background in integrating AI, machine learning and automation into security workflows.
• Demonstrated ability to drive large‑scale transformation projects and adopt emerging cybersecurity technologies.

Required skills

• Artificial Intelligence (AI) and Machine Learning (ML) for security
• Generative AI (GenAI) security copilots
• Security Information and Event Management (SIEM)
• Security Orchestration, Automation and Response (SOAR)
• User and Entity Behaviour Analytics (UEBA)
• Endpoint Detection and Response / Extended Detection and Response (EDR/XDR)
• Threat intelligence platforms
• Cloud‑native security analytics
• Automation and orchestration engineering
• Detection engineering and telemetry optimisation