Head of Cybersecurity Operations

The Head of Cybersecurity is responsible for improving the organizationcybersecurity posture and safeguarding internal systems, data, andoperations against evolving threats.

Reportingto the CISO, this role oversees cybersecurity operations,vulnerability assessment and penetration testing (VAPT), red teaming,external attack surface management, and the implementation and reviewof security controls. The position ensures compliance, mitigatesrisks, and fosters a proactive security culture across theorganization.

Roles& Responsibilities

StrategicLeadership

Partnerwith the CIO team to assess execution of security policies andvalidation of necessary controls in line with defined systems andprocesses across the organization

Ownsecurity incident preparedness, mitigation, response and recoveryplans

Driveinitiatives to mitigate risks, reduce vulnerabilities, andstrengthen defences against internal and external threats.

Activelyreview and approve application security architecture to ensurecompliance with security requirements with active inputs from keyCIO and other CISO teams

Ensureadherence to regulatory requirements and industry standards (e.g.,ISO 27001, GDPR, HIPAA, NIST)

CybersecurityOperations

Managethe SOC team operating 24x7. Ensure efficient usage of SOC tools andtechnologies

Leadand manage VAPT programs to identify and address vulnerabilitiesacross applications, systems, and networks.

Overseered team exercises to assess and enhance the organizationsdetection and response capabilities.

Monitorand manage the external attack surface, ensuring timelyidentification and remediation of risks.

Conductperiodic reviews of security controls to ensure their effectivenessand alignment with industry best practices.

Coordinateincident response efforts to minimize business impact and ensureswift recovery.

Incidentmanagement

Identifyexternal attacks, third-party risks, potential exposure and othervulnerabilities within the IT environment, test resilience

Drivecontinuous deployment of proactive threat management measures acrossgroup and businesses to prevent incidents and support a culture ofsecurity across all IT projects and assets

Establisha process to monitor the enterprise for anomalies based on attackpatterns.

Respondto cyber events, manage and lead effective resolution of securityincidents and breaches basis group incident response and recoveryplan guidelines

Collaboratewith key stakeholders according to response plans, drive educationof team personnel on their roles and order of operations

Mitigateand document newly identified vulnerabilities as accepted risks

Institutionalizemonthly reporting of cybersecurity quality and cyber-attacks &incidents as well as a culture of reporting events with establishedcriteria

Leadforensic investigations on suspicious events to arrive at inputs tosupport incident prevention and management

Investigatenotifications from detection systems, perform forensics, understandimpact of the incident, and categorize incidents consistently withresponse plans

TeamLeadership

Promotecross-functional collaboration with IT, business, and developmentteams to embed security in all processes.

Drivea performance driven culture - set goals, review performance, andprovide feedback to ensure a motivated and committed team

Fosteran environment of learning, excellence, and innovation within theteam and across teams

Technologyand Innovation

Evaluate,implement, and manage cutting-edge tools for threat detection,vulnerability management, and incident response.

Drivethe adoption of advanced security frameworks such as Zero Trust andcloud-native security solutions.

OtherResponsibilities

Establisha process to collect and analyse business and security operationsdata over a period of time to develop and identify patterns

Providemonthly incident summary and service health review reporting forexecutive stakeholders

Useproblem management to drive continuous improvement in incidentprocesses and identify/share best practices across the incidentresponse community

Collaboratewith third-party vendors to assess and secure their environments andservices.

Requirements