Director, Cyber Defense Center

Job Description

Maximize Your Impact with TP

Welcome to TP, a global hub of innovation and empowerment, where we redefine the future. With a remarkable 10 billion annual revenue and a global team of 500,000 employees serving 170 countries in over 300 languages, we lead in intelligent, digital-first solutions.

As a globally certified Great Place to Work in 72 countries, our culture thrives on diversity, equity, and inclusion. We value your unique perspective and believe that your talent is the missing piece that completes our vision for a brighter, digitally driven tomorrow.

The Opportunity

The Director of the Cyber Defense Center (CDC) is a strategic and operational leader responsible for overseeing the organization's regional Security Operations Center (SOC), EDR, SIEM Engineering. This role ensures robust cyber defense capabilities through proactive threat detection, rapid incident response, and continuous monitoring of the enterprise environment. The Director will lead a high-performing team, drive innovation in security operations, and align SOC initiatives with the broader cybersecurity and business strategy. The role also requires deep expertise in cybersecurity standards, playbook design, and compliance with international frameworks such as ISO 31000, ISO 27005, ISO 20000, PCI-DSS, and others to ensure a resilient and compliant security posture.

The Responsibilities

- Define and execute the vision, strategy, and roadmap for the Cyber Defense Center in alignment with enterprise security and risk management goals.
- Lead 24x7 SOC operations, ensuring effective monitoring, detection, triage, investigation, and response to cyber threats and incidents.
- Integrate threat intelligence into SOC workflows and lead proactive threat hunting to identify and mitigate advanced threats.
- Oversee the end-to-end incident response lifecycle, including containment, eradication, recovery, and post-incident reviews.
- Develop & maintain incident response playbooks & workflows, leveraging SOAR platforms to automate tasks and improve response times.
- Drive the adoption and optimization of advanced security technologies such as SIEM, SOAR, EDR, XDR, and threat intelligence platforms.
- Ensure SOC operations comply with international standards and regulatory frameworks including ISO 31000 (Risk Management), ISO 27005 (Information Security Risk Management), ISO 20000 (IT Service Management), PCI-DSS, etc.
- Define and track SOC KPIs, threat trends, and operational metrics; deliver regular reports and briefings to executive leadership and stakeholders.
-
- Partner with IT, Risk, Compliance, and Business Units to ensure seamless integration of SOC capabilities across the organization.
- Lead maturity assessments, red/blue/purple team exercises, and lessons-learned initiatives to enhance SOC effectiveness and resilience.
- Build, mentor, and retain a diverse and skilled team of cybersecurity professionals, fostering a culture of innovation, accountability, and excellence.

The Qualifications

- Course: B.E. / B. Tech / MCA / M. Tech / BCA degree or equivalent.
- Minimum 12 years in information security or cybersecurity
- CISSP, GCIA, GCIH, GCFE.would be an added advantage.
- SIEM & SOAR platforms
- Endpoint Detection & Response (EDR)
- Threat Intelligence Platforms (TIP)
- MITRE ATT&CK Framework
- Threat hunting methodologies
- Incident response lifecycle and playbook development
- Blue, and purple team exercises
- Security event correlation and log analysis
- Cloud security
- Playbook design and orchestration
- Scripting languages (e.g., Python, PowerShell, Bash) for automation
- Cross-functional team coordination
- Cybersecurity awareness and training programs
- Executive-level reporting and communication
- Proven experience in leading and managing cybersecurity operations, preferably in a SOC environment.
- In-depth knowledge of cybersecurity frameworks, compliance standards, and best practices.
- Expertise in SIEM, EDR, and other cybersecurity technologies.
- Strong understanding of incident response methodologies and experience leading incident response teams.
- Excellent communication skills to convey complex cybersecurity concepts to both technical and non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, or equivalent.
- Bachelor's or advanced degree in Cybersecurity, Information Technology, or a related field

Pre-Employment Screenings

By TP policy, employment in this position will be contingent on your successful completion and passage of a comprehensive background check, including global sanctions and watch list screening.

Important | Policy on Unsolicited Third-Party Candidate Submissions

TP does not accept candidate submissions from unsolicited third parties, including recruiters or headhunters. Applications will not be considered, and no contractual association will be established through such submissions.

Diversity, Equity & Inclusion

At TP, we are committed to fostering a diverse, equitable, and inclusive workplace. We welcome individuals from all backgrounds and lifestyles and do not discriminate based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or other differences.