Head of Cybersecurity and Product Security

Job Title:

Location:

Client:

Position Type:

Required Certifications

• CISSP

  – Certified Information Systems Security Professional (by ISC²)

• CISM

  – Certified Information Security Manager (by ISACA)

• CCSP

  – Certified Cloud Security Professional (by ISC²)

• AWS Certified Security – Specialty

  (by AWS)

Preferred/Additional Certifications

• CISA

  – Certified Information Systems Auditor

• OSCP

  – Offensive Security Certified Professional

• CSSLP

  – Certified Secure Software Lifecycle Professional

• ISO/IEC 27001 Lead Implementer or Auditor

About the Role

Head of Cybersecurity and Product Security

Key Responsibilities

Cybersecurity Leadership

• Develop and implement the overall

  cybersecurity strategy

  in alignment with global information security policies.
• Oversee security operations, threat detection, incident response, risk management, and vulnerability remediation.
• Ensure

  compliance with ISO 27001, SOC2, GDPR, NIST, and other relevant standards

  .
• Lead periodic security assessments, penetration testing, and red/blue team exercises.

Product Security Governance

• Establish secure-by-design principles across

  SDLC, DevOps, and CI/CD pipelines

  .
• Conduct security architecture reviews of applications, platforms, APIs, and microservices.
• Collaborate with engineering leads to implement

  SAST, DAST, SCA

  , and runtime protection tools.
• Champion

  privacy-by-design

  and

  zero-trust architecture

  adoption across product suites.

Risk Management & Compliance

• Own the India-specific security posture and risk register.
• Collaborate with internal audit, legal, and privacy teams to ensure

  risk mitigation and control implementation

  .
• Drive

  vendor risk assessments

  , third-party integrations, and secure cloud usage (AWS/Azure/GCP).

People & Stakeholder Management

• Lead a team of cybersecurity and product security professionals across India.
• Engage regularly with global CISOs, engineering leaders, and external regulators.
• Present security roadmaps, KPIs, and board-level metrics to executive stakeholders.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Systems, or related fields.

• 12+ years of experience

  in cybersecurity, with at least 5 years in a

  leadership role

  .
• Strong experience in both

  enterprise security (SOC, IAM, endpoint, cloud)

  and

  product/application security (DevSecOps, threat modeling, secure coding)

  .
• Proven track record of managing

  security frameworks, governance models, and regulatory compliance

  .
• Hands-on understanding of tools like

  Splunk, Sentinel, CrowdStrike, Nessus, Fortinet, Veracode

  , etc.

Preferred Experience

• Experience working in

  Fortune 500 or large global matrix organizations

  .
• Exposure to

  IoT security, embedded security, or industrial cybersecurity

  is a plus.
• Strong interpersonal and cross-cultural communication skills.