Proactive Threat Defence, Senior Mgr

About the role

You'll lead Arm's Proactive Threat Defence function, defining and delivering a proactive assurance and threat-hunting programme that continuously tests and strengthens Arm's cyber defences and sharpens its threat-informed edge!

This hands-on leadership role involves guiding a small, high-performing team, providing both technical direction and people leadership. The position partners closely with Detect & Respond, Vulnerability Management, Security Architecture, and internal customers to define and deliver a proactive defence roadmap. You will be setting strategy and remaining deeply engaged in technical design, execution, and iterative improvement.

Responsibilities

• Design and lead red & purple team exercises
• Lead the strategy and delivery of red/purple team engagements aligned to real-world adversarial behaviour.
• Drive iterative improvement of detection, response, and resilience through defender collaboration.
• Ensure findings are prioritised, tracked, and remediated with clear understanding of risk and business impact.
• Penetration testing program (manual & autonomous)
• Define strategy and methodology across key technologies, platforms, and services. Embed testing into delivery lifecycles with platform owners and document risk with Governance, Risk & Compliance.
• Lead hypothesis-informed threat hunting
• Design and deliver structured hunting campaigns focused on high-value assets, emerging TTPs, and priority threat actors. Define metrics and report on coverage, effectiveness, and impact on improved detection capability.
• Leadership
• Line-manage and develop a specialist team. Foster a high-performance, psychologically safe culture.
• Shape the Cyber Defence Operations roadmap, aligning proactive capabilities to strategic risks and business priorities.
• Define and report critical metrics, reporting progress and risk to senior business leaders.
• Previous experience in proactive defence is a priority, however, the role will also lead development of Arm's threat intelligence capability, so any additional experience or desire to mature a threat intelligence program is favourable.

Personal attributes & experience

• Leading proactive security functions (red teaming, pen testing, offensive engineering, intelligence). Solid understanding of modern threat actor TTPs and how to emulate them safely.
• Hands-on technical offensive security background (red teaming, penetration testing, exploit development, adversary emulation) with the credibility to act as a technical SME.
• Ability to translate technical outcomes into business-relevant risk and drive remediation at scale. Strong partnership focus, influencing at senior levels across technical and non-technical teams.

Qualifications

• BSc or higher in a relevant field (e.g., Computer Science, Cyber Security, Digital Forensics, Information Security) or equivalent professional experience.
• Offensive security / threat hunting / incident response certifications advantageous (e.g., CREST, GIAC/GX, GCTI, GCFA, GCIH, GREM, GPEN, OSCP).

Accommodations at Arm

At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.