Key Responsibilities

Cyber Defence & SOC Leadership

· Lead and operate the Cyber Defence Center (CDC), including SOC monitoring, threat detection, and response operations for RIL and group companies.

· Define CDC strategy, operating model, tooling, KPIs, and maturity roadmap

· Ensure effective 24x7 security monitoring, alert triage, and incident handling.

Incident Response & Forensics

· Own the Incident Response (IR) framework, playbooks, and escalation processes.

· Lead high-severity cyber incidents, including coordination with IT, business, legal, and leadership teams.

· Oversee digital forensics investigations, root cause analysis, and post-incident reporting.

Threat Intelligence & Threat Hunting

· Build and operationalize Threat Intelligence capabilities to proactively identify emerging threats relevant to the group’s business landscape.

· Drive threat hunting programs to identify advanced and persistent threats not detected by traditional tools.

Data Security & DLP

· Oversee the Data Security and Data Loss Prevention (DLP) initiatives and define controls for data protection across cloud, endpoints, networks, and SaaS platforms.

· Work closely with privacy, compliance, and legal teams to ensure data protection requirements are met.

Technology & Tooling

· Own security tooling stack including SIEM, SOAR, EDR/XDR, DLP, UEBA, and forensic tools.

· Drive automation and orchestration to improve response times and reduce manual effort.

· Evaluate new cyber defence technologies aligned with business risk.

Stakeholder & Business Engagement

· Act as a trusted advisor to CIO, CISO, business leaders, and IT teams across multiple businesses.

· Partner with all IRM teams (e.G. GRC, Architecture, VM etc.) to support internal and external audits.

· Ensure cyber defence processes align with industry standards (ISO 27001, NIST, etc.) and regulatory expectations.

· Present cyber risk posture, incident insights, and improvement plans to senior leadership.

Team Leadership & Capability Building

· Build, mentor, and lead high-performing teams across CDC, IR, threat intelligence, forensics, and data security.

· Define skill development plans and succession for critical cyber defence roles.

· Manage internal teams and external partners/MSSPs where applicable.

Key Skills & Competencies

Technical & Domain Expertise

• Strong expertise in Cyber Defence Center / SOC operations
• Deep hands-on understanding of:
• Incident Response
• Threat Intelligence & Threat Hunting
• Digital Forensics
• Data Security & DLP
• SIEM / SOAR / EDR / XDR platforms

· Experience securing hybrid IT environments (on-prem, cloud, SaaS)

· Good knowledge of MITRE ATT&CK, Kill Chain, TTP mapping

· Strong understanding of network security controls (FW, IPS, Proxy, WAF)

· Experience with cloud security (CASB, CSPM)

Leadership & Behavioral Skills

· Proven experience leading large, multi-disciplinary cyber security teams

· Strong crisis management and decision-making abilities

· Excellent stakeholder communication, especially during incidents

· Ability to operate in a complex, multi-business conglomerate environment

Education & Certifications (Preferred)

· BE/B.Tech/ME/M.Tech/MCA from a reputed/recognized institute - in Computer Science, Information Security, or related field

· At least 12-15 years of experience into cyber defence operations or managing SOC for a large organizations or conglomerate

· Preferred certifications:

o CISSP, CISM

o GCIA, GCIH, GCED

o Relevant cloud security certifications (AWS/Azure/GCP)