Director - Cybersecurity and Devops ( DevSecOps,)

Seeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation of cyber professionals.

Key Responsibilities:

Lead delivery of Cyber Defense projects across vulnerability management, DevSecOps integration, penetration testing, and secure SDLC.

Lead and guide advanced penetration testing – covering internal/external networks, web/mobile applications and cloud environments – with actionable reporting.

Design and implement enterprise-wide vulnerability management programs, establish metrics, and advise clients on remediation strategy.

Oversee advanced security assessments, including application security (SAST/DAST), network penetration testing, and infrastructure assessments.

Embed security into CI/CD pipelines, driving automation across development and deployment.

Support testing strategy and execution across on-premise, cloud and converged infrastructure.

Serve as a strategic advisor to clients, presenting findings, driving executive communications, and aligning solutions to business goals.

Mentor diverse cybersecurity teams and contribute to the growth of Deloitte’s security offerings.

Qualifications:

Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.

Experience: 15+ years of relevant experience, with 5+ years in leadership roles across cyber domains.

Certifications: CISSP, OSCP, CISM, CEH, GPEN, or equivalent expert-level certification(s).

Deep hands-on expertise in threat & vulnerability management, security testing tools/methodologies, and secure application development practices.

Strong communication, client management, and team leadership skills.

Preferred Skills:

Knowledge of cloud security frameworks and risk regulations (NIST, ISO 27001, PCI DSS, etc).

Experience managing large-scale consulting engagements or security programs.