Deputy General Manager - Global Information Security

Tata Communications Limited

Chennai, India

Fresher

Save

Posted 23 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Broad outline of the Role

We are looking for a highly experienced and strategic Deputy General Manager (DGM) to lead and drive enterprise-wide security initiatives across Application Security, Cloud Security, and AI/LLM Security. The role will be responsible for embedding security across the software development lifecycle, cloud transformation programs, and emerging AI/GenAI use cases.
The ideal candidate should possess a strong mix of technical depth, governance experience, stakeholder management, and program execution capability to drive initiatives such as Threat Modeling, DevSecOps, Integrated Security Assurance (ISA), Cloud Security using CSPM, and AI/LLM Security controls.

Minimum Qualifications & Experience

B Tech or relevant qualification with minimum 11-15 years of relevant experience

Other Knowledge & Skills

Experience with tools such as Checkmarx, Veracode, Fortify, SonarQube, Snyk, Prisma Cloud, Wiz, Orca, Microsoft Defender for Cloud, or equivalent
Experience in CNAPP / CWPP / CASB / SSPM
Exposure to Zero Trust and cloud-native security architectures
Experience in container security, Kubernetes security, and Infrastructure as Code (IaC) security
Familiarity with OWASP ASVS, OWASP Top 10, NIST, ISO 27001, CIS Benchmarks
Experience in BFSI / Enterprise / Global capability center environments
Knowledge of AI governance frameworks, model lifecycle controls, and responsible AI security practices
Relevant certifications such as:
- CISSP
- CCSP
- CSSLP
- AWS / Azure Security certifications
- Kubernetes / cloud security certifications

Key Responsibilities

1) Application Security Leadership
- Drive enterprise Application Security strategy, governance, and execution across SDLC.
- Lead secure design and Threat Modelling practices for business-critical applications and platforms.
- Institutionalize security-by-design principles across development teams.
- Oversee SAST, DAST, SCA, API Security, secrets management, and code security controls.
- Partner with engineering, architecture, QA, and product teams to embed security early in the lifecycle.
2) DevSecOps Enablement
- Drive DevSecOps transformation by integrating security controls into CI/CD pipelines.
- Define policies, standards, checkpoints, and automation for secure code release.
- Ensure vulnerability triage, remediation governance, and risk-based prioritization.
- Build measurable DevSecOps KPIs and security compliance dashboards.
3) Integrated Security Assurance (ISA)
- Lead the Integrated Security Assurance (ISA) process across applications, platforms, and cloud initiatives.
- Ensure security reviews, control validations, risk assessments, and closure tracking are governed effectively.
- Standardize onboarding, assurance workflows, reporting structures, and executive visibility.
- Collaborate with audit, compliance, and risk teams for control alignment.
4) Cloud Security Governance
- Drive Cloud Security posture management across AWS / Azure / GCP environments.
- Lead implementation and optimization of CSPM and cloud-native security controls.
- Govern cloud risk management covering IAM, misconfigurations, network exposure, data protection, workload security, and container/Kubernetes security.
- Partner with cloud engineering and platform teams to improve security maturity and resilience.
5) AI / LLM Security
- Establish security governance for AI/ML and LLM-based initiatives.
- Drive controls around secure usage of Generative AI, LLM applications, prompt/data security, model access, and AI risk governance.
- Work with business and engineering teams to ensure secure adoption of AI tools and platforms.
- Assess threats such as data leakage, insecure plugins, model misuse, prompt injection, access abuse, and insecure integrations.
6) Leadership & Stakeholder Management
- Engage with senior leadership, technology teams, architects, developers, cloud teams, and business stakeholders.
- Drive execution across multiple parallel security initiatives and transformation programs.
- Build operating rhythm, governance forums, reporting cadence, and leadership dashboards.
- Mentor teams and build high-performing security capabilities.

More Info

Job Type:

Permanent Job

Industry:

Telecom /ISP

Employment Type:

Full time

About Company

Tata Communications LimitedJob Source: jobs.tatacommunications.com

Tata Communications is a digital ecosystem enabler that powers today&#8217;s fast-growing digital economy. We enable the digital transformation of enterprises globally, including 300 of the Fortune 500. We carry around 30% of the world&#8217;s internet routes and connects businesses to 60% of the world&#8217;s cloud giants.
We have been a part of the rich heritage of the internet in India. Over the last 25 years, enterprise-enabled services have been essential to the adoption of digital services in the country. Connectivity is an essential fabric of sustenance for the economy. We are committed to enabling Industry leaders in this New World of Communications&#8482;, with our unique promise of delivering secure connected digital experiences.
In 2020, we announced the launch of &#8216;Secure Connected Digital Experience&#8217; (SCDx), a proposition intended to meet this growing, worldwide demand for new ways of operating, which includes far higher levels of working from home, rising security risks, a shift to digital commerce, and more contactless experiences. It will help companies currently relying on short-term fixes by providing holistic, secure, enterprise-level digital solutions that address current challenges and are fit for the long term.

Job ID: 146605733

Jobs by Skill - IT