Head of SOC - Financial Institution

Job description

​Role Introduction

We are seeking an accomplished cybersecurity operations leader that is currently working in a Financial Industry Firm to establish and lead a mission-critical defensive capability within a highly regulated, transaction-heavy environment. This opportunity is ideal for a seasoned practitioner with deep roots in financial services and firsthand experience building and architecting a SOC function from the ground up—both strategically and operationally.

This role calls for someone who thrives in high-stakes environments, understands regulatory demands, and can drive maturity across people, process, and technology in a cyber defense context.

What You’ll Be Responsible For

Establishing Operational Defense Capabilities

• Spearhead the design, development, and deployment of a fit-for-purpose Security Operations Centre (SOC)—including operating models, technical architecture, analyst playbooks, and threat workflows.

• Set up detection logic, response protocols, and team coverage models to support uninterrupted, real-time monitoring and threat response.

• Align SOC buildout with risk priorities, business process flows, and evolving threat scenarios specific to the financial sector.

Driving Threat Readiness

• Direct all frontline cyber operations—event triage, threat hunting, escalations, and containment actions.

• Regularly assess the effectiveness of deployed technologies (SIEM, SOAR, EDR, IDS/IPS) and fine-tune configurations to enhance coverage and reduce noise.

• Oversee integration of real-time threat intelligence and behavioral analytics to inform proactive defense strategies.

Responding with Authority

• Serve as incident commander during active threats—ranging from phishing campaigns and insider misuse to malware infiltration and external compromise.

• Coordinate across technology, legal, compliance, and communications teams to manage the lifecycle of a breach: detection, containment, eradication, and recovery.

• Produce detailed post-incident analyses to extract operational lessons, refine policies, and strengthen system resilience.

Building High-Performance Teams

• Recruit and develop a multidisciplinary SOC team—from tier-1 triage to advanced incident responders.

• Create a structured training path that fosters technical depth, threat landscape awareness, and incident readiness.

• Lead with clarity, urgency, and empathy—particularly during high-pressure periods and post-incident response.

Embedding Compliance & Control Discipline

• Ensure all operational activities align with regulatory frameworks such as MAS TRM, PCI DSS, ISO/IEC 27001, and internal audit mandates.

• Partner with compliance, governance, and legal functions to track evolving security obligations and ensure operational traceability.

• Lead readiness efforts for audits, penetration testing, red teaming, and simulated incident exercises.

Your Profile

• A degree in Computer Science, Cybersecurity, Engineering, or a related technical discipline.

• Current SOC Managerial experience in a Financial Industry Firm (such as banking, payments, fintech, or capital markets.)

• Experience building out SOC before - Prior experience designing or standing up a SOC from zero is required.

• Minimum 15 years’ experience in information security, with at least 7 years in hands-on cyber operations in a Financial Industry.

• Previous role(s) as a SOC analyst, incident handler, or threat responder is strongly preferred.

• Solid grasp of attacker methodologies (MITRE ATT&CK, TTPs), modern detection strategies, and forensic investigation practices.

• Relevant certifications such as CISSP, CISM, GCIH, GSOM, SSCP, CASP+ will be viewed favorably.

• Enjoy working in a highly fast paced and regulated environment

Please contact Sheralynn Tjioe at SheralynnT@charterhouse.com.sg for a confidential discussion.

EA License no:16S8066 | Reg no.:R1878306

Only successful candidates will be notified.