Lead Cyber Security

Department: Digital

Work Mode: On-Site

Location: Gurugram

Job Summary:

Looking for Cybersecurity Operations Lead to oversee and manage enterprise-level security operations, threat management, and technology governance. The ideal candidate will have deep expertise in SSE (Security Service Edge), Threat Intelligence platforms, EDR solutions like CrowdStrike or SentinelOne, Vulnerability Management, and cloud-native security tools across AWS, Azure, or GCP. This role demands strong leadership, cross-functional coordination, and hands-on technical acumen.

Key Responsibilities:

• Lead and manage day-to-day operations of the Security Operations and incident response teams.
• Own and drive the implementation and optimization of SSE (e.g., Zscaler, Netskope) solutions, ensuring secure access and data protection across the enterprise.
• Manage EDR platforms (CrowdStrike, SentinelOne) for endpoint detection, threat hunting, and containment activities.
• Drive the organization's Threat Intelligence lifecycle, integrating threat feeds, analyzing IOCs, and enhancing detection logic.
• Oversee the Vulnerability Management program, including scan scheduling, remediation tracking, and coordination with IT and other teams.
• Integrate and operationalize cloud-native security tools like Azure Defender, Okta, AWS Security Hub, or GCP Security Command Center to protect cloud workloads and services.
• Coordinate with internal and external stakeholders for compliance, audits, and regulatory reporting (ISO 27001, NIST, etc.).
• Provide mentorship and technical leadership to analysts and cybersecurity engineers.
• Contribute to the development of cybersecurity playbooks, IR procedures, and strategic roadmaps.

Required Skills & Experience:

• 10–13 years of overall experience in cybersecurity, with at least 3–5 years in an operational leadership role.
• Proven hands-on expertise with SSE solutions (Zscaler, Netskope, etc.).
• Deep understanding of EDR/XDR platforms like CrowdStrike, SentinelOne, or similar.
• Strong experience managing enterprise vulnerability management tools (Qualys, Tenable, Rapid7).
• Understanding and operational understanding of Breach Attack Simulation tool like Cymulate, Picus etc. 
• Knowledge of Threat Intelligence platforms (CloudSEK, ThreatConnect, MISP) and CTI frameworks.
• Proficiency in cloud security architecture and native tools (Azure Security Center, AWS GuardDuty, etc.).
• Familiarity with MITRE ATT&CK, NIST CSF, and cyber kill chain.
• Strong documentation, reporting, and communication skills.
• Ability to manage crisis and high-severity security incidents efficiently.

Preferred Certifications:

• CISSP, CISM, or GIAC (GCIA, GCFA, GCIH)
• Microsoft SC-200, AZ-500, or AWS Certified Security – Specialty
• Certified Threat Intelligence Analyst (CTIA)