Head Cyber Defence Centre

Key Responsibilities

Cyber Defence & SOC Leadership

Lead and operate the Cyber Defence Center (CDC), including SOC monitoring, threat detection, and response operations for RIL and group companies.

Define CDC strategy, operating model, tooling, KPIs, and maturity roadmap

Ensure effective 24x7 security monitoring, alert triage, and incident handling.

Incident Response & Forensics

Own the Incident Response (IR) framework, playbooks, and escalation processes.

Lead high-severity cyber incidents, including coordination with IT, business, legal, and leadership teams.

Oversee digital forensics investigations, root cause analysis, and post-incident reporting.

Threat Intelligence & Threat Hunting

Build and operationalize Threat Intelligence capabilities to proactively identify emerging threats relevant to the groups business landscape.

Drive threat hunting programs to identify advanced and persistent threats not detected by traditional tools.

Data Security & DLP

Oversee the Data Security and Data Loss Prevention (DLP) initiatives and define controls for data protection across cloud, endpoints, networks, and SaaS platforms.

Work closely with privacy, compliance, and legal teams to ensure data protection requirements are met.

Technology & Tooling

Own security tooling stack including SIEM, SOAR, EDR/XDR, DLP, UEBA, and forensic tools.

Drive automation and orchestration to improve response times and reduce manual effort.

Evaluate new cyber defence technologies aligned with business risk.

Stakeholder & Business Engagement

Act as a trusted advisor to CIO, CISO, business leaders, and IT teams across multiple businesses.

Partner with all IRM teams (e.g. GRC, Architecture, VM etc.) to support internal and external audits.

Ensure cyber defence processes align with industry standards (ISO 27001, NIST, etc.) and regulatory expectations.

Present cyber risk posture, incident insights, and improvement plans to senior leadership.

Team Leadership & Capability Building

Build, mentor, and lead high-performing teams across CDC, IR, threat intelligence, forensics, and data security.

Define skill development plans and succession for critical cyber defence roles.

Manage internal teams and external partners/MSSPs where applicable.

Key Skills & Competencies

Technical & Domain Expertise

• Strong expertise in Cyber Defence Center / SOC operations
• Deep hands-on understanding of:
• Incident Response
• Threat Intelligence & Threat Hunting
• Digital Forensics
• Data Security & DLP
• SIEM / SOAR / EDR / XDR platforms

Experience securing hybrid IT environments (on-prem, cloud, SaaS)

Good knowledge of MITRE ATT&CK, Kill Chain, TTP mapping

Strong understanding of network security controls (FW, IPS, Proxy, WAF)

Experience with cloud security (CASB, CSPM)

Leadership & Behavioral Skills

Proven experience leading large, multi-disciplinary cyber security teams

Strong crisis management and decision-making abilities

Excellent stakeholder communication, especially during incidents

Ability to operate in a complex, multi-business conglomerate environment

Education & Certifications (Preferred)

BE/B.Tech/ME/M.Tech/MCA from a reputed/recognized institute - in Computer Science, Information Security, or related field

At least 12-15 years of experience into cyber defence operations or managing SOC for a large organizations or conglomerate

Preferred certifications:

o CISSP, CISM

o GCIA, GCIH, GCED

o Relevant cloud security certifications (AWS/Azure/GCP)