Job Description

At Sun Pharma, we commit to helping you “Create your own sunshine” — by fostering an environment where you grow at every step, take charge of your journey and thrive in a supportive community.

Are You Ready to Create Your Own Sunshine?

As you enter the Sun Pharma world, you’ll find yourself becoming ‘Better every day’ through continuous progress. Exhibit self-drive as you ‘Take charge’ and lead with confidence. Additionally, demonstrate a collaborative spirit, knowing that we ‘Thrive together’ and support each other’s journeys.”

Key Responsibilities:

The Deputy General Manager (DGM) of IT Security Engineering will serve as a key leader, responsible for setting the strategic direction and overseeing the design, implementation, and ongoing enhancement of the organization’s enterprise-wide IT security architecture and engineering functions. This position requires a seasoned cybersecurity professional with a strong technical foundation, proven leadership skills, and a forward-thinking approach to developing resilient and scalable security solutions. The DGM will lead a team of security engineers, foster innovation in security technologies, and ensure that security is seamlessly integrated across all facets of the IT environment.

Strategic Leadership & Architecture:

  • Formulate and advocate for a long-term IT security engineering strategy and roadmap that aligns with the organization’s business objectives and risk tolerance.
  • Lead the architectural design and deployment of enterprise-level security solutions to address evolving threats across on-premises, cloud (AWS, Azure, GCP), and hybrid infrastructures.
  • Assess, select, and recommend advanced security technologies, tools, and methodologies to strengthen the organization's security posture and operational efficiency.
  • Provide strategic counsel to senior management and key stakeholders on security best practices, emerging threats, and evolving industry trends.
  • Ensure the integration of security-by-design principles throughout the software development lifecycle (SDLC) and infrastructure deployment processes.

    • Security Engineering & Implementation Oversight:

  • Direct the engineering, configuration, and ongoing maintenance of the organization’s critical security infrastructure and controls
  • Lead the automation of security engineering processes, encompassing the deployment of security tools, configuration management, and compliance validation.
  • Ensure seamless integration and interoperability of security technologies to establish a cohesive and efficient security infrastructure.

    • Vulnerability Management & Remediation Governance:

  • Establish and advance a comprehensive vulnerability management program, encompassing systematic processes for asset discovery, scanning, risk analysis, prioritization, and remediation across the organization’s technology landscape.
  • Collaborate closely with development and operations teams to promote proactive security practices, including timely patch management and configuration hardening.

    • Compliance, Governance & Documentation:

  • Ensure that security engineering solutions and processes adhere to internal policies, industry standards (such as ISO , NIST, CIS Controls), and applicable regulatory requirements (including RBI guidelines, IT Act, GDPR, CCPA).
  • Develop, maintain, and enforce comprehensive security engineering standards, guidelines, and documentation.

    • Qualifications: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field is required, with a Master’s degree being highly desirable.

    Experience:

  • A minimum of 10 to 12 years of progressively responsible experience in IT security, including at least 3 to 5 years in a senior security engineering leadership or lead architecture role.
  • Proven track record in the design, implementation, and management of complex security solutions across large-scale enterprise environments, encompassing both on-premises and cloud infrastructures.
  • Demonstrated ability to lead and manage high-performing teams of security engineers
  • Extensive, hands-on expertise with a wide array of security technologies, tools, and platforms.
  • Prior experience within regulated industries such as Financial Services, Manufacturing, Pharmaceuticals, Telecommunications etc. in the Indian market is highly desirable.

    • Certifications (Highly Desirable):

  • CISSP (Certified Information Systems Security Professional).
  • CISM (Certified Information Security Manager).
  • CCSP (Certified Cloud Security Professional).
  • CEH (Certified Ethical Hacker)
  • Cloud platform certifications, such as AWS Certified Security – Specialty, Azure Security Engineer Associate, and GCP Professional Cloud Security Engineer.
  • Relevant vendor-specific certifications, including but not limited to Palo Alto PCNSE, Fortinet NSE 7, and Splunk Certified Architect or Administrator.
  • TOGAF or equivalent enterprise architecture certifications, particularly beneficial for roles involving security architecture.

    • Technical Expertise:

  • Comprehensive knowledge of security architecture principles and industry frameworks.
  • Expertise across network security, application security, cloud security, data protection, and identity and access management.
  • Proficiency in scripting languages such as Python and PowerShell to facilitate security automation.
  • In-depth understanding of multiple operating systems (Windows, Linux), database management, and virtualization technologies.
  • Familiarity with container security technologies (e.g., Docker, Kubernetes) and serverless computing architectures.
  • Knowledge of Continuous Integration/Continuous Deployment (CI/CD) pipelines and DevSecOps methodologies.
  • Strong understanding of encryption methods and secure communication protocols.

    • Apply for this Position

    Ready to join ? Click the button below to submit your application.

    Submit Application