Job Title:  Director | Governance and Policy Development | Delhi | Cyber Strategy & Transformation

Your potential, unleashed.

India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond.

At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters.

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks

Your work profile

As a Director in the Cyber team, you will build and nurture strong relationships with clients and internal stakeholders to consistently exceed expectations. You will drive business growth, lead client engagements, and deliver large-scale cyber transformation programs, while scaling a market-leading cyber advisory practice.

Key Responsibilities:

As a part of our Cyber strategy team, you will build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.

1. Revenue Ownership & Business Growth

·      Own and deliver annual revenue targets (minimum ₹10 Cr revenue and ₹15 Cr sales target) independently.

·      Originate and close large, complex cyber deals, demonstrating strong hunting capabilities.

·      Build, manage, and convert a robust sales pipeline across Cyber Strategy and GRC offerings.

·      Lead end-to-end pursuits including large RFPs, proposals, and client presentations.

·      Drive account expansion through structured upsell and cross-sell strategies.

2. Client Leadership & Market Development

·      Build and maintain strong relationships with CISO, CIO, CRO, and CXO-level stakeholders.

·      Act as a trusted advisor on cyber risk, compliance, and enterprise transformation.

·      Establish a strong market presence and contribute to brand building in the cyber domain.

·      Develop tailored cybersecurity and risk management solutions aligned with client business objectives, regulatory requirements, and evolving threat landscapes.

·      Collaborate with internal stakeholders to strengthen the Cyber GRC practice, market positioning, and revenue growth.

3. Engagement Delivery & Transformation Leadership

• Lead and oversee enterprise-wide cyber transformation programs.
• Deliver high-impact strategic engagements, including:
• Managed IT Governance Services
• CISO-as-a-Service
• Cyber maturity assessments
• Target Operating Model (TOM) design and implementation
• Cyber roadmap and investment planning
• Regulatory compliance and alignment (CERT-In, RBI, ISO 27001, PCI-DSS, etc.)
• Ensure delivery excellence, quality assurance, and client satisfaction across engagements.

4. Financial & Commercial Management

• Oversee engagement commercials, including pricing strategy, margins, and profitability.
• Manage billing, revenue recognition, and collections across engagements.
• Ensure optimal utilization and financial performance of delivery teams.

5. Practice Building & Go-To-Market (GTM)

• Build and scale Cyber GRC and Strategy service offerings.
• Define and execute go-to-market (GTM) strategies aligned with priority sectors.
• Develop reusable solution assets such as TOM frameworks, risk frameworks, and GRC toolkits.
• Drive thought leadership through whitepapers, client workshops, and industry forums.

6. Leadership & Talent Development

• Lead, mentor, and develop Senior Managers, Managers, and high-potential talent.
• Drive hiring strategy to build a strong and scalable cyber practice.
• Oversee performance management, coaching, and leadership development initiatives.
• Build a strong leadership pipeline and succession plan within the practice.

Desired qualifications

·      Bachelor’s degree in Engineering or Technology (B.E./B.Tech) from a reputed institution (Tier 1/2 preferred) or Master’s degree in Information Security, Computer Science, or related discipline.

·      15+ years of experience in cybersecurity consulting, cyber risk management, governance, and regulatory compliance, preferably within consulting or professional services environments.

·      Professional certifications such as CISSP, CISA, CISM, CRISC, ISO/IEC 27001 Lead Auditor / ISO/IEC 27001 Lead Implementer, ISO 31000 Lead Auditor, ISO 22301 Lead Auditor, ITIL, or PCI Qualified Security Assessor are strongly preferred.

·      Strong expertise in cybersecurity frameworks, governance models, and risk management standards, including NIST Cybersecurity Framework, ISO/IEC 27001, and COBIT.

·      Proven experience in leading large-scale cybersecurity consulting engagements, managing cross-functional teams, and advising senior stakeholders including CIOs, CISOs, and CXO-level executives.

·      Strong analytical, communication, and stakeholder management skills, with the ability to translate complex cybersecurity risks into business-aligned strategies.

·      Demonstrated ability to drive business development, manage client relationships, and lead strategic cybersecurity initiatives in complex enterprise environments.

·      Professional certifications such as CISSP, CISA, CISM, CRISC, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, ISO 42001, ITIL or PCI QSA are preferred.

·      15+ years of relevant experience in cybersecurity consulting, risk management, and compliance.

·      In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT).

·      Strong analytical, communication, and stakeholder management skills

Location and way of working

·      Base location: Gurgaon

·      Professional is required to work from office.

Your role in team

1. Strategic Advisory & Subject-Matter Expertise

·      Act as a trusted advisor to CXOs and senior stakeholders on cyber risk, governance, compliance, and security strategy.

·      Provide guidance across multiple security domains, including IT, OT, application, cloud, and data security.

·      Leverage industry frameworks and standards such as ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, NIST CSF, and others to define client security programs.

·      Oversee risk governance frameworks, facilitating risk identification, evaluation, mitigation, and continuous monitoring.

1. Program Design & Delivery Oversight

·      Lead the design, development, and roll-out of enterprise-wide security programs, including IT risk management, compliance programs, vulnerability management, and secure development lifecycles.

·      Provide oversight for IT and OT security audits, ITGC testing, and cybersecurity maturity assessments, ensuring actionable insights and roadmap delivery.

·      Advise on secure cloud architectures (AWS, Azure, Google Cloud) and validate IT/OT architectures for compliance and security integration.

·      Define project scope, objectives, and deliverables, and guide delivery teams to ensure high-quality execution aligned with client expectations.

1. Third-Party & Regulatory Compliance Leadership

·      Lead third-party risk assessments and vendor security governance initiatives.

·      Ensure client compliance with regulatory frameworks including RBI, SEBI, IRDA, PCI DSS, ISO standards, and other applicable laws.

·      Translate cyber risk assessments and threat intelligence into tactical and strategic recommendations to mitigate risks across the enterprise.

1. Practice Leadership & Team Development

·      Mentor and guide managers and senior consultants, building team capability in Cyber GRC consulting.

·      Drive business development initiatives, client relationship management, and pre-sales engagements for the Cyber GRC practice.

·      Provide thought leadership in defining strategic roadmaps for clients’ cybersecurity posture, including secure SDLC implementation and continuous improvement programs.

How you’ll grow

Connect for impact

Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report.

Empower to lead

You can be a leader irrespective of your career level. Our colleagues are characterized by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership.

Inclusion for all

At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters.

Drive your career

At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte.

Everyone’s welcome… entrust your happiness to us                                                                                                                                                                          

Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you.