Information and communication technologies (ICT) play an important role in almost any business sector and in all aspects of modern society. Data centres are used to host ICT systems and, therefore, are also targets of cyberattacks. ICT security measures are necessary to protect information from unauthorized access. The Human-in-the-Loop approach states that cybersecurity specialists should be continuously involved in automated intrusion detection activities and should be supported by suitable tools to evaluate them. This paper proposes an overall design of the intelligent intrusion detection system with a focus on big data analysis, machine learning, knowledge management, and supporting cybersecurity specialists. The use cases and typical users of a cybersecurity system are defined to specify the requirements of such a system. The architectural design is presented that includes components and technologies supporting implementation of the system. Active learning and learning from evaluation are selected to fulfil the requirements of the Human-in-the-Loop approach.