Job Title

Role summary: Own and elevate both day-to-day security operations and forward-looking security architecture for a large telecom environment. Run high-availability security programs (e.g., SOC, EDR, AppSec, VAPT) with operational rigor, while designing next-gen controls for emerging platforms and threats (e.g., AI security, post-quantum cryptography, cloud-native).A. Technical Accountabilities Security Operations (Always-On) 1.aOversightandstrategic guidancefor a 24×7SOCwith tiered response, playbooks, KPIs, and continuous tuning of SIEM/SOAR. 1.b Driveendpoint protectionandEDR , threat intel,incident handling , and post-incident RCA with measurableMTTA/MTTRimprovements. Application & Product Security (Shift-Left + Runtime) 2.a Oversight and strategic guidance for a secure SDLC with SAST/DAST program involving dependency scanning, and SBOM. 2.b Build a pragmatic and “ engineering-friendly ” vulnerabilityremediation model ; block high-risk releases by policy, not by surprise. Vulnerability & Exposure Management 3.aPragmatic approachtovulnerability managementacross app, infra and containers, with the end goal of reducing likelihood of exploitation along with minimal downtime. 3.b Implementrisk-based patchingand virtual patching (IPS/WAF/EDR policy) to cut exposure when downtime is constrained. Cloud & Platform Security 4.aDeliver CNAPP(CSPM/ CWPP ), OpenShift hardening, container scanning, and IaC guardrails. Architecture & Emerging Threats 5.a Define and deployzero-trustreference architectures spanning IT, cloud, and edge. 5.b LeadAI security : model/data/agent protections, prompt/guardrail controls, model provenance, and red teaming. 5.c Lead thequantum-riskroadmap: crypto inventory, agility, and transition to PQC for long-lived data/links.B. Non-Technical & Leadership Accountabilities Stakeholder Management 2.a Partner with engineering to reduce toil (e.g., virtual patching, safe defaults, golden paths). 2.b Align with product, legal, privacy, and network teams; translate risk into business terms. Strategy & Roadmapping 3.a Maintain a rolling 12–24 month security roadmap covering ops, architecture. People & Culture 4.a Build and mentor a high-caliber team; succession planning for critical roles. 4.b Raise the bar on “secure by default” through enablement, docs, and incentives. Communication & Executive Presence 6.a Clear narrative for the board/CXO on threats, posture, and trade-offs. 6.b Calm crisis leadership during incidents; crisp, timely updates.Qualifications 15+ years in cybersecurity with deep experience across SecOps and security architecture; at least 5 years leading managers. Telecom-scale background preferred (high-throughput networks, 5G core, OSS/BSS, large consumer base). Proven delivery running SOC/EDR, VAPT, and AppSec in complex, hybrid environments. Hands-on familiarity with AWS/GCP, OpenShift, service mesh, APIs, and modern data/ML stacks. Certifications a plus: CISSP, CISM, CCSP/CCSK, GIAC (e.g., GCIA/GCED/GCSA), OSCP—valued but not a substitute for real outcomes. Excellent written/spoken communication; ability to influence senior engineering and business leaders.Interview Signals We’ll Look For Operational depth:concrete stories improving SOC signal-to-noise, stopping real incidents, reducing toil. Architectural judgment:intelligent trade-offs in security vs agility. Leadership:building teams, influencing peers, running tough programs without heroics. Forward-thinking:practical plans for AI security and quantum risk that