Back to search

Head Cyber & IT

Mumbai Permanent View Job Description
The Head Cyber & IT will provide specialized cybersecurity, technology, and digital risk assurance expertise across multiple businesses within a large conglomerate. The role, based in Mumbai, ensures robust governance, risk management, and oversight of critical IT and cyber controls for high‑quality internal audits.
  • * Shape enterprise cyber resilience
  • * Drive group‑wide tech assurance

About Our Client

  • Our client is a large, diversified conglomerate with multiple business units and complex risk profiles. The organization places significant emphasis on strong governance, cyber resilience, and maintaining best‑in‑class technology controls across all operations.

Job Description

Key Responsibilities1. Benchmarking with Best Practices

  • Align cyber and technology assurance approaches with global standards and leading frameworks.
  • Translate framework requirements into practical audit and control testing procedures.
  • Continuously update playbooks and maturity models based on emerging practices



2. Enterprise Risk Coverage

  • Support business audit teams in scoping and testing IT processes and controls.
  • Use risk‑based sampling and evidence‑driven analysis to validate design and operating effectiveness



3. Cyber & IT Risk Governance / Assurance

  • Define audit priorities aligned with standards, board expectations, threat landscape, and technology evolution.
  • Build and refresh a risk‑based assurance plan using threat intelligence, criticality, control maturity, and past audit insights.
  • Ensure audit observations translate into clear ownership and risk acceptance decisions.



4. Capability Building

  • Develop tools, templates, training, and analytical mechanisms to enhance auditor and stakeholder capability.



5. Regulatory & Compliance Alignment

  • Ensure alignment with internal audit standards and regulatory/board mandates.
  • Map and test controls based on regulatory and contractual requirements.
  • Produce governance‑ready reporting for Board and Audit Committee review.



6. High‑Risk Coverage

  • Ensure focused coverage of critical cyber and technology risk areas across businesses.
  • Identify high‑risk domains based on exposure, criticality, history, and threat levels.
  • Validate remediation and perform closure verification.



The Successful Applicant

  • Candidates from Consulting and Big 4s are most preferred
  • BTech (IT/CS) plus MBA or master's in Cybersecurity, Computer Science, or Information Security.
  • Professional certifications such as CISA, CISSP, CISM, CRISC.
  • ~15+ years of experience in cybersecurity, ISMS audits, technology risk, or digital assurance.
  • Knowledge of regulatory frameworks such as GDPR, NIST, DPDP, CERT‑In, Zero Trust.

What's on Offer

  • A leadership opportunity driving cyber and technology assurance across a complex conglomerate.
  • Exposure to high‑impact technology domains and enterprise‑wide risk programs.
  • Collaborative culture with visibility to top leadership and governance bodies.
  • Role based in Mumbai with significant influence across group‑level technology risk practices.
Quote job ref
JN-022026-6947216

Job summary

Function
Information Technology
Sub Sector
Security
What is your area of specialisation?
Industrial / Manufacturing
Location
Mumbai
Job Type
Permanent
Job Reference
JN-022026-6947216

Diversity & Inclusion at Michael Page

We don't just accept difference - we celebrate it. We encourage applicants from all backgrounds to apply for this role and are committed to building inclusive, diverse workplaces where everyone can thrive. If you require any support or reasonable adjustments during the recruitment process, please let us know.