Head of Cyber Security

As the Security Operations Manager for a large telecom environment based in Gurgaon, your role is to own and elevate both day-to-day security operations and forward-looking security architecture. You will be responsible for running high-availability security programs such as SOC, EDR, AppSec, and VAPT with operational rigor, while designing next-gen controls for emerging platforms and threats like AI security, post-quantum cryptography, and cloud-native technologies. **Key Responsibilities:** - **Security Operations (Always-On)** - Oversight and strategic guidance for a 24x7 SOC with tiered response, playbooks, KPIs, and continuous tuning of SIEM/SOAR. - Drive endpoint protection, EDR, threat intel, incident handling, and post-incident RCA with measurable MTTA/MTTR improvements. - **Application & Product Security (Shift-Left + Runtime)** - Oversight and strategic guidance for a secure SDLC with SAST/DAST program involving dependency scanning and SBOM. - Build a pragmatic and "engineering-friendly" vulnerability remediation model; block high-risk releases by policy, not by surprise. - **Vulnerability & Exposure Management** - Pragmatic approach to vulnerability management across app, infra, and containers to reduce the likelihood of exploitation with minimal downtime. - Implement risk-based patching and virtual patching (IPS/WAF/EDR policy) to reduce exposure when downtime is constrained. - **Cloud & Platform Security** - Deliver CNAPP (CSPM/), OpenShift hardening, container scanning, and IaC guardrails. - **Architecture & Emerging Threats** - Define and deploy zero-trust reference architectures spanning IT, cloud, and edge. - Lead AI security initiatives such as model/data/agent protections, prompt/guardrail controls, model provenance, and red teaming. - Lead the quantum-risk roadmap focusing on crypto inventory, agility, and transition to PQC for long-lived data/links. **Qualifications:** - 10+ years in cybersecurity with deep experience across SecOps and security architecture; at least 5 years leading managers. - Telecom-scale background preferred, with proven delivery running SOC/EDR, VAPT, and AppSec in complex, hybrid environments. - Hands-on familiarity with AWS/GCP, OpenShift, service mesh, APIs, and modern data/ML stacks. - Certifications a plus: CISSP, CISM, CCSP/CCSK, GIAC (e.g., GCIA/GCED/GCSA), OSCPvalued but not a substitute for real outcomes. - Excellent written/spoken communication and the ability to influence senior engineering and business leaders. In this role, you will be expected to partner with engineering to reduce toil, align with product, legal, privacy, and network teams, maintain a rolling 1224 month security roadmap, build and mentor a high-caliber team, and provide clear communication to the board/CXO on threats, posture, and trade-offs. As the Security Operations Manager, we will look for operational depth, architectural judgment, leadership skills, and forward-thinking strategies during the interview process. As the Security Operations Manager for a large telecom environment based in Gurgaon, your role is to own and elevate both day-to-day security operations and forward-looking security architecture. You will be responsible for running high-availability security programs such as SOC, EDR, AppSec, and VAPT with operational rigor, while designing next-gen controls for emerging platforms and threats like AI security, post-quantum cryptography, and cloud-native technologies. **Key Responsibilities:** - **Security Operations (Always-On)** - Oversight and strategic guidance for a 24x7 SOC with tiered response, playbooks, KPIs, and continuous tuning of SIEM/SOAR. - Drive endpoint protection, EDR, threat intel, incident handling, and post-incident RCA with measurable MTTA/MTTR improvements. - **Application & Product Security (Shift-Left + Runtime)** - Oversight and strategic guidance for a secure SDLC with SAST/DAST program involving dependency scanning and SBOM. - Build a pragmatic and "engineering-friendly" vulnerability remediation model; block high-risk releases by policy, not by surprise. - **Vulnerability & Exposure Management** - Pragmatic approach to vulnerability management across app, infra, and containers to reduce the likelihood of exploitation with minimal downtime. - Implement risk-based patching and virtual patching (IPS/WAF/EDR policy) to reduce exposure when downtime is constrained. - **Cloud & Platform Security** - Deliver CNAPP (CSPM/), OpenShift hardening, container scanning, and IaC guardrails. - **Architecture & Emerging Threats** - Define and deploy zero-trust reference architectures spanning IT, cloud, and edge. - Lead AI security initiatives such as model/data/agent protections, prompt/guardrail controls, model provenance, and red teaming. - Lead the quantum-risk roadmap focusing on crypto inventory, agility, and transition to PQC for long-lived data/links. **Qualifications:** - 10+ years in cybersecu