Job Title:  T&T | Cyber CST | Director | CISSP GRC | Delhi

The  team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks: Learn more about Cyber | Deloitte

Your work profile

• As a Director in the Cyber team, you will build and nurture strong relationships with clients and internal stakeholders to consistently exceed expectations. You will drive business growth, lead client engagements, and deliver large-scale cyber transformation programs, while scaling a market-leading cyber advisory practice.
• Strategic Advisory & Subject-Matter Expertise-  Act as a trusted advisor to CXOs and senior stakeholders on cyber risk, governance, compliance, and security strategy, provide guidance across multiple security domains, including IT, OT, application, cloud, and data security, leverage industry frameworks and standards such as ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, NIST CSF, and others to define client security programs and oversee risk governance frameworks, facilitating risk identification, evaluation, mitigation, and continuous monitoring.
• Program Design & Delivery Oversight -  Lead the design, development, and roll-out of enterprise-wide security programs, including IT risk management, compliance programs, vulnerability management, and secure development lifecycles,  Provide oversight for IT and OT security audits, ITGC testing, and cybersecurity maturity assessments, ensuring actionable insights and roadmap delivery, Advise on secure cloud architectures (AWS, Azure, Google Cloud) and validate IT/OT architectures for compliance and security integration and define project scope, objectives, and deliverables, and guide delivery teams to ensure high-quality execution aligned with client expectations.
• Third-Party & Regulatory Compliance Leadership - Lead third-party risk assessments and vendor security governance initiatives, ensure client compliance with regulatory frameworks including RBI, SEBI, IRDA, PCI DSS, ISO standards, and other applicable laws and translate cyber risk assessments and threat intelligence into tactical and strategic recommendations to mitigate risks across the enterprise.
• Practice Leadership & Team Development- Mentor and guide managers and senior consultants, building team capability in Cyber GRC consulting, drive business development initiatives, client relationship management, and pre-sales engagements for the Cyber GRC practice and provide thought leadership in defining strategic roadmaps for clients’ cybersecurity posture, including secure SDLC implementation and continuous improvement programs.
• Revenue Ownership & Business Growth - Own and deliver annual revenue targets (minimum ₹10 Cr revenue and ₹15 Cr sales target) independently , originate and close large, complex cyber deals, demonstrating strong hunting capabilities, build, manage, and convert a robust sales pipeline across Cyber Strategy and GRC offerings, lead end-to-end pursuits including large RFPs, proposals, and client presentations and drive account expansion through structured upsell and cross-sell strategies.
•  Client Leadership & Market Development - build and maintain strong relationships with CISO, CIO, CRO, and CXO-level stakeholders, act as a trusted advisor on cyber risk, compliance, and enterprise transformation, establish a strong market presence and contribute to brand building in the cyber domain, develop tailored cybersecurity and risk management solutions aligned with client business objectives, regulatory requirements, and evolving threat landscapes and Collaborate with internal stakeholders to strengthen the Cyber GRC practice, market positioning, and revenue growth.
•  Engagement Delivery & Transformation Leadership-lead and oversee enterprise-wide cyber transformation programs, deliver high-impact strategic engagements, including: managed IT Governance Services, CISO-as-a-Service, Cyber maturity assessments, target Operating Model (TOM) design and implementation, cyber roadmap and investment planning, regulatory compliance and alignment (CERT-In, RBI, ISO 27001, PCI-DSS, etc.) and ensure delivery excellence, quality assurance, and client satisfaction across engagements.
• Financial & Commercial Management - oversee engagement commercials, including pricing strategy, margins, and profitability, manage billing, revenue recognition, and collections across engagements and ensure optimal utilization and financial performance of delivery teams.
•  Practice Building & Go-To-Market (GTM)-build and scale Cyber GRC and Strategy service offerings, define and execute go-to-market (GTM) strategies aligned with priority sectors, develop reusable solution assets such as TOM frameworks, risk frameworks, and GRC toolkits and drive thought leadership through whitepapers, client workshops, and industry forums.
•  Leadership & Talent Development- lead, mentor, and develop Senior Managers, Managers, and high-potential talent, drive hiring strategy to build a strong and scalable cyber practice, oversee performance management, coaching, and leadership development initiatives and build a strong leadership pipeline and succession plan within the practice.

Key Skill Required 

• Education: Any Garduate , Bachelor’s degree in information security, Computer Science, or a related field. A master’s degree in Cybersecurity or Business Management is preferred.             
• 15 + years of relevant experience in cybersecurity consulting, cyber risk management, governance, and regulatory compliance, preferably within consulting or professional services environments.. 
• Professional certifications such as CISSP, CISA, CISM, CRISC, ISO/IEC 27001 Lead Auditor / ISO/IEC 27001 Lead Implementer, ISO 31000 Lead Auditor, ISO 22301 Lead Auditor, ITIL, or PCI Qualified Security Assessor are strongly preferred.
•  Strong expertise in cybersecurity frameworks, governance models, and risk management standards, including NIST Cybersecurity Framework, ISO/IEC 27001, and COBIT.
•  Proven experience in leading large-scale cybersecurity consulting engagements, managing cross-functional teams, and advising senior stakeholders including CIOs, CISOs, and CXO-level executives.
• In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT) 
• Strong analytical, communication, and stakeholder management skills,with the ability to translate complex cybersecurity risks into business-aligned strategies.
•  Demonstrated ability to drive business development, manage client relationships, and lead strategic cybersecurity initiatives in complex enterprise environments.