Head - Cyber Defence & Command Center

Description:

Role Context

- Technology Diversity: Securing a mix of legacy systems, modern IT, OT, cloud, and IoT, each with distinct vulnerabilities.

- Regulatory Complexity: Navigating conflicting and rapidly changing cybersecurity and data privacy regulations across countries.

- Consistent Security Posture: Ensuring uniform threat management and response across locations with varying cybersecurity maturity.

- Talent & Coordination: Attracting, retaining, and upskilling cyber talent while maintaining seamless 24/7 global operations.

- Business Alignment: Aligning security initiatives with diverse business needs and risk profiles without disrupting operations.

Key Result Areas: Supporting Actions

CDCC & VM Strategy:

- Define and execute the strategic vision for the CDCC and Vulnerability Management Center of Excellence, aligning with business and ESG goals.

- Develop and maintain a multi-year roadmap for cyber defence capabilities, including automation, AI/ML integration, and proactive vulnerability management.

- Ensure the continuous evolution of CDCC operations to address emerging threats and regulatory requirements.

- Foster a culture of innovation, continuous improvement, and knowledge sharing within the CDCC and VM teams.

- Collaborate with manufacturing, IT, and business leaders to ensure cybersecurity strategies are aligned with operational excellence and sustainability objectives.

Threat Management & Intelligence:

- Oversee real-time monitoring and analysis of security events across all the locations and endpoints.

- Direct the deployment and enhancement of AI/ML models for detecting insider threats and advanced persistent attacks through behavioral analytics.

- Lead global threat intelligence initiatives, including federated threat correlation and integration of dark-web feeds.

- Supervise expert threat hunting activities to proactively identify and mitigate sophisticated threats.

- Ensure timely dissemination of actionable threat intelligence to relevant stakeholders and business units.

Incident Response & SOAR Automation:

- Manage end-to-end incident response processes, ensuring rapid detection, containment, and eradication of cyber threats.

- Oversee the development and refinement of SOAR (Security Orchestration, Automation, and Response) playbooks, enabling self-healing automation and auto-containment of threats.

- Ensure incident response actions minimize disruption to manufacturing and production environments.

- Conduct post-incident reviews and drive root-cause analysis to strengthen cyber resilience.

- Maintain readiness for major cyber incidents, including regular drills, tabletop exercises, and scenario planning.

Vulnerability Management & Ethical Hacking:

- Establish and lead the Vulnerability Management Center of Excellence, driving proactive identification and remediation of vulnerabilities.

- Oversee regular vulnerability assessments, penetration testing, and ethical hacking exercises across digital landscape.

- Prioritize remediation of vulnerabilities affecting crown jewels and critical assets, ensuring minimal risk exposure.

- Collaborate with IT and OT teams to ensure timely patching and mitigation of discovered vulnerabilities.

- Report on vulnerability trends, remediation progress, and risk posture to senior management.

AI, Automation, and Engineering Excellence:

- Champion the integration of AI/ML-driven analytics and automation within CDCC operations.

- Drive the development and deployment of self-healing automation solutions to enhance cyber defence capabilities.

- Collaborate with manufacturing and engineering teams to embed cybersecurity into production processes and OT environments.

- Ensure robust engineering standards and best practices in the design, implementation, and maintenance of cybersecurity solutions.

- Evaluate emerging technologies and tools for continuous advancement of CDCC capabilities.

CDCC Governance, Compliance, and ESG Alignment:

- Ensure CDCC and VM operations comply with global cybersecurity regulations, standards, and internal policies.

- Align CDCC with sustainability and ESG objectives, preventing cyber-induced incidents that could impact business continuity and reputation.

- Develop and maintain comprehensive CDCC metrics, dashboards, and reporting mechanisms for executive oversight.

- Lead regular audits, compliance assessments, and risk reviews across the CDCC landscape.

Experience: - 15 to 20 years in Cyber Security domain

Location: - Mumbai