Associate Director | Vulnerability Assessment & Penetration Testing (VAPT) | Delhi | Cyber Defense &

Role expectation/Job Description:

Deloitte is seeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation of cyber professionals.

Key Responsibilities:

• Lead delivery of Cyber Defense projects across vulnerability management, DevSecOps integration, penetration testing, and secure SDLC.
• Lead and guide advanced penetration testing – covering internal/external networks, web/mobile applications and cloud environments – with actionable reporting.
• Design and implement enterprise-wide vulnerability management programs, establish metrics, and advise clients on remediation strategy.
• Oversee advanced security assessments, including application security (SAST/DAST), network penetration testing, and infrastructure assessments.
• Embed security into CI/CD pipelines, driving automation across development and deployment.
• Support testing strategy and execution across on-premise, cloud and converged infrastructure.
• Serve as a strategic advisor to clients, presenting findings, driving executive communications, and aligning solutions to business goals.
• Mentor diverse cybersecurity teams and contribute to the growth of Deloitte’s security offerings.

Qualifications:

• Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
• Experience: 15+ years of relevant experience, with 5+ years in leadership roles across cyber domains.
• Certifications: CISSP, OSCP, CISM, CEH, GPEN, or equivalent expert-level certification(s).
• Deep hands-on expertise in threat & vulnerability management, security testing tools/methodologies, and secure application development practices.
• Strong communication, client management, and team leadership skills.

Preferred Skills:

• Knowledge of cloud security frameworks and risk regulations (NIST, ISO 27001, PCI DSS, etc).
• Experience managing large-scale consulting engagements or security programs