Cybersecurity Director

Cybersecurity Director Remote 6.30PM IST -3.30AM IST Role Summary The Cybersecurity Director is responsible for the strategic vision and scaling of the cybersecurity practice to serve external clients. This leader will ensure robust security governance, risk management, and compliance across operations, with a specific emphasis on U.S. customer accounts and regulatory requirements (HIPAA, PCI-DSS, SOC 2, etc.). They will also act as the lead principal consultant for major client engagements. Key Responsibilities Strategic Leadership & Practice Building: Define, lead, and execute the information security strategy aligned with business objectives and regulatory requirements. Establish, develop, and launch new cybersecurity and compliance service offerings tailored for an IT services provider model. Serve as the subject matter expert (SME) and primary interface for key clients, assessing their infrastructure, identifying vulnerabilities, and consulting on best practices implementation. Provide strategic guidance to executive leadership and clients, regularly presenting risk posture updates and translating complex technical issues into understandable business risks. Governance, Risk, and Compliance (GRC): Oversee cybersecurity governance, risk, and compliance (GRC) frameworks for all internal operations and U.S. customer accounts. Lead all security audits, risk assessments, and compliance checks (e.g., HIPAA, PCI-DSS, SOC 2, GDPR, CCPA). Develop and enforce security policies, standards, and best practices across all internal and client technology functions. Lead the initiatives to achieve and maintain critical compliance certifications, starting with SOC 2 Type I and Type II. Security Operations & Technology: Manage threat intelligence, vulnerability management, and incident response programs. Monitor emerging threats and ensure timely adoption of next-gen security technologies (Zero Trust, AI/ML-based detection, cloud security, etc.). Partner with cross-functional teams to embed security-by-design into new products, platforms, and initiatives. Team Management & Collaboration: Build and mentor a high-performing cybersecurity team in India, supporting both regional and global operations. Collaborate with U.S.-based IT, legal, compliance, and executive teams to ensure seamless integration of security operations and client strategy. Qualifications & Experience Education: Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. Experience: 15+ years of progressive experience in cybersecurity leadership, with at least 3-5 years in a senior management role. Global Exposure: Proven experience supporting global enterprises or U.S.-based clients is mandatory. Expertise: Strong knowledge of risk management, governance frameworks, compliance regulations, and security standards (especially SOC 2). Technical Acumen: Hands-on expertise in cloud security (AWS, Azure, GCP), network security, data protection, and endpoint security. Familiarity with DevSecOps, AI-driven security, and Zero Trust architecture. Knowledge of tools like ServiceNow GRC, MetricStream, RSA Archer, Okta, MS Entra, Cyberark, BeyondTrust PAM, Palo Alto Prisma, Zscaler, Everbridge, Palo Alto Cortex XSOAR, Google Siemplify SOAR, Splunk SOAR Leadership: Exceptional leadership, communication, and stakeholder management skills; proven ability to build a team and a professional services practice from the ground up. Preferred Certifications CISSP – Certified Information Systems Security Professional CISM – Certified Information Security Manager CCISO – Certified Chief Information Security Officer CISA, CRISC, CEH or equivalent certifications a plus.