Head of Information Security
TAC Security
Job Description
About TAC Security
TAC Security is a global cybersecurity company specializing in Vulnerability Management, Attack Surface Management, Application Security, Compliance, and Managed Security Services. We help enterprises secure their digital assets through advanced cybersecurity solutions and expert-led security assessments.
Position Overview
The Head of Information Security – VAPT Services will lead and scale TAC Security's Vulnerability Assessment and Penetration Testing (VAPT) practice globally. The role is responsible for managing offensive security services, leading technical teams, ensuring quality delivery, driving innovation, and building strong customer relationships across enterprise and government sectors.
This is a strategic leadership role requiring deep technical expertise in penetration testing, application security, cloud security, and security consulting along with strong business acumen and team management capabilities.
Key Responsibilities
Leadership & Strategy
- Define and execute the VAPT services strategy and roadmap.
- Build and lead high-performing offensive security teams across regions.
- Establish service delivery standards, methodologies, and quality frameworks.
- Drive innovation in penetration testing methodologies and automation.
- Develop service offerings aligned with evolving cybersecurity threats.
VAPT Service Delivery
- Lead end-to-end delivery of:
- Web Application Penetration Testing
- Mobile Application Security Testing
- API Security Testing
- Network and Infrastructure VAPT
- Cloud Security Assessments
- Red Team Exercises
- Wireless and IoT Security Assessments
- Secure Configuration Reviews
- Oversee project planning, scoping, execution, reporting, and remediation validation.
- Ensure all assessments comply with OWASP, PTES, NIST, and industry best practices.
Technical Leadership
- Mentor and develop penetration testers and security consultants.
- Review technical reports and ensure high-quality deliverables.
- Guide teams on advanced exploitation techniques and threat simulations.
- Lead research on emerging vulnerabilities, exploit techniques, and attack trends.
- Drive the adoption of AI and automation within VAPT services.
Customer Engagement
- Act as a trusted cybersecurity advisor to enterprise customers.
- Participate in client meetings, pre-sales engagements, and technical presentations.
- Define project scope, effort estimation, and pricing models.
- Support RFPs, proposals, and security consulting initiatives.
Governance & Compliance
- Ensure adherence to regulatory requirements and industry standards:
- PCI DSS
- ISO 27001
- SOC 2
- CERT-In Guidelines
- RBI and Government Security Standards
- Develop and monitor KPIs and SLAs for service delivery and customer satisfaction.
Required Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field.
- Master's degree preferred.
- 12+ years of cybersecurity experience with at least 5 years in leading VAPT or offensive security teams.
- Strong consulting and customer-facing experience.
- Experience managing large-scale enterprise and government security engagements.
Technical Skills
- Web, Mobile, API, Network, and Cloud Penetration Testing
- Secure SDLC and Application Security
- Vulnerability Management Programs
- Threat Modeling and Red Teaming
- Security Architecture Reviews
- DevSecOps and CI/CD Security
- AWS, Azure, and GCP Security
- Container and Kubernetes Security
Tools & Technologies
- Burp Suite Pro
- Nessus
- Qualys
- Nmap
- Metasploit
- Acunetix
- OWASP ZAP
- SAST, DAST, and SCA Tools
- Kali Linux and offensive security toolsets.
Preferred Certifications
- OSCP
- OSCE
- OSWE
- CEH
- CISSP
- CISM
- CRTP
- GPEN
- eWPT
- ISO 27001 Lead Auditor
Leadership Competencies
- Strategic thinking and business acumen.
- Strong communication and stakeholder management.
- Team leadership and mentoring capabilities.
- Excellent presentation and consulting skills.
- Ability to manage multiple global engagements.
Key Performance Indicators (KPIs)
- Customer Satisfaction (CSAT) Score
- Project Delivery and SLA Adherence
- Revenue Growth of VAPT Practice
- Team Utilization and Capability Development
- Quality and Accuracy of Assessment Reports
- Client Retention and Repeat Business
- Innovation and Service Expansion Metrics
Required Skills
Similar Jobs
View all →
Oracle cloud Infrastructure Engineer
ValueLabs
Cyber Security Engineer (Job 1354)
DLH Corporation
Cybersecurity Platform Engineer
HGS
Senior DevOps Engineer
Oxford Dynamics
Senior Full Stack Developer
INNOFarms.AI
Share
Quick Apply
Upload your resume to apply for this position