Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.
Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.
Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.Director of Counter Adversary Operations
About the role
The Director of Cyber Counter Adversary Operations (DCAO) is responsible for establishing, directing, and maturing the organisation’s proactive defences against sophisticated cyber threats from Advanced Persistent Threat and Organised Crime Groups. The role is focused on anticipating, detecting, disrupting and neutralising adversarial activity within the organisation by combining threat intelligence, elite threat hunting capabilities and major incident response strategies. The primary goal is to shift security posture from reactive defence to proactive, adversary-centric operations.
ResponsibilitiesLeads a proactive threat intelligence program that collects, processes, analyses and disseminates timely and relevant threat information. This includes intelligence related to external and internal threat actors, vulnerabilities, campaigns and TTPs (Tactics, Techniques, and Procedures).Defines and owns a proactive, CTI led threat hunting program, to search for undetected malicious activity within the organisation’s IT and OT environments. Executes the program, developing hypotheses, methodologies and tooling to proactively search for indicators of compromise (IOCs) and indicators of attack (IOAs) that evade automated defences.Delivers a structured, ethics-driven adversarial program to simulate realistic, multi-layered attacks against the organisation’s people, processes and technology, thereby rigorously testing the effectiveness of SecOps and IR. Delivers the program using a global ‘Red’ team.Detects and neutralises advanced threats in the early stages of the kill chain, minimising breach impact and improving overall organisational resilience.Leads the technical investigation of all major incidents, directing cyber incident responders in the Cyber Incident Response Team.Creates, owns and maintains a 3-year strategic roadmap of counter adversary operations; driving tactical and strategic improvements as per the defined roadmap
Impact and Influence Maintains contact with incident response, business continuity and crisis management functions across all areas of the company, exercising regularly with them. Serves as the primary technical liaison between the CIRT and Divisional / Executive Management Teams. Ensures that the company has an industry leading response capability for major cyber security incidents and can react rapidly to a crisis anywhere in the world. Establishes and maintains relationships with other Senior professionals in the cyber security world to facilitate the flow of information.
Stakeholder Engagement Represents the organization at industry events and contributes to information sharing partnerships. Establishes and maintains relationships with other investigation and remediation teams within the company, working closely with them to address the full spectrum of security issues. Requires excellent communication, negotiation, and relationship-building skills.Qualifications and Skills
Business Expertise:Deep understanding of the cybersecurity landscape, including industry-specific threats and compliance requirements. Strategic knowledge of the business environment, regulatory landscape, and competitor capabilities. Ability to align cybersecurity initiatives with business objectives and risk management strategies.
Problem Solving:Tackles complex, evolving cybersecurity challenges requiring innovation and adaptability. Makes high-stakes decisions under pressure, balancing rapid response with thorough investigation. Navigates regulatory requirements, emerging technologies, and human factors in cybersecurity.
Preferred Qualifications:Vast experience in Cybersecurity with demonstrable experience of responding to significant cyber incidents involving Organised Crime and Nations State threat actorsExperience working across international manufacturing / supply chainsPreferred Certifications: CISSP, GCIA, GCDA, GSOC, GCIH, GDAT Job Posting End Date2026-02-03Equal OpportunitiesHaleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.
During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees.
The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.Adjustment or Accommodations RequestIf you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence. Note to candidatesThe Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.
Read Less
