EXL has adopted a cloud-first strategy and maintains a low tolerance for risk. The VP of Cloud Security (Engineering & Operations) must bring deep technical expertise and a mature risk-management philosophy. Role must bring proven expertise in building and running a world-class Cyber Defense Center (CDC), a sophisticated understanding of the modern threat landscape, and the executive judgment to make high-stakes decisions during active security incidents.

This role demands a leader who can balance innovation velocity with industry leading security standards, embed security into every stage of the cloud lifecycle, drive a culture of shared accountability for cloud risk. and equally important, the executive presence to influence stakeholders, regulatory bodies, and cross-functional technology teams alike.

This is a truly a hands-on role and requires a strong technical acumen with strong stakeholder management skills capable of planning and executing to meet core Information Security objectives.

Cloud Leadership & Governance

• Maturity Model and Roadmap Development to safeguard Data and AI Solutions orchestrated on Multi-Cloud Environments through a.) Policies and Procedures
  b.) Technologies, Automation and Toolset Evangelisation and Awareness d.) Contneous Monitoring and Assurance
• Develop and enforce cloud security policies, standards, and guardrails across AWS, Azure, GCP and OCI, including acceptable-use policies, data classification standards, and cloud service consumption rules.

Multi-Cloud Security Architecture & Engineering

• Design and maintain a unified, defense-in-depth security architecture across AWS, Azure, OCI and GCP, including network segmentation, identity federation, and workload protection.
• Lead the fine tuning, and optimization of established Cloud-Native Application Protection Platforms (CNAPP) - Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP) and Cloud Infrastructure Entitlement Management (CIEM).
• Oversee container and Kubernetes security, including image scanning, runtime protection, admission controllers, pod security policies, and secrets management.

Incident Response & Threat Operations

• Develop, maintain, and regularly test comprehensive incident response playbooks covering the full spectrum of attack scenarios: ransomware, business email compromise (BEC), supply chain compromise, insider threats, DDoS, APT intrusions, and data breaches
• Build and lead a cloud-specialized incident response capability, including cloud-native forensics, automated containment playbooks, and threat hunting across multi-cloud telemetry.
• Integrate cloud security event logs (CloudTrail, Azure Monitor, GCP Cloud Audit Logs) into the enterprise SIEM/SOAR platform for unified threat detection and response.
• Conduct tabletop exercises and red/purple team engagements focused on cloud attack scenarios (e.g., credential compromise, lateral movement across cloud accounts, data exfiltration).

Risk Management, Audit and Compliance

• Ensure cloud environments comply with SOC 2 Type II, ISO 27001/27017/27018, PCI DSS, HIPAA, GDPR, NIST CSF, NIST 800-53, CIS Benchmarks, and industry-specific regulatory requirements.
• Lead cloud-focused internal audit readiness, external audit coordination, and regulatory examination responses.
• Manage third-party cloud vendor and SaaS security risk assessments, enforce contractual security obligations, and maintain an approved cloud services catalog.
• Maintain cloud-specific Business Continuity and Disaster Recovery (BCDR) security controls, ensuring RTO/RPO objectives are met without compromising security posture.
  

Identity, Access & Data Protection

• Own the cloud IAM strategy, including federation with enterprise identity providers (Okta, Azure AD/Entra ID), SSO, MFA enforcement, and privileged access management (PAM).
• Implement and govern data protection controls including encryption key management (AWS KMS, Azure Key Vault, GCP Cloud KMS), data loss prevention (DLP), tokenization, and data residency enforcement.

• Ensure all cloud access follows the principle of least privilege with automated entitlement reviews and just-in-time / just-enough access provisioning.

  Team Leadership & Organizational Development

Develop and retain a high-performing cloud sec team across architecture, engineering and operations functions.

Engineering degree (Preferred ) or Bachelor’s Degree in computer science, Cybersecurity, Information Technology, or a related technical discipline.

Master's degree (MBA, MS in Cybersecurity, or MS in Information Systems) strongly preferred

At least one cloud provider security specialty: AWS Certified Security - Specialty, Azure Security Engineer Associate (AZ-500), or Google Professional Cloud Security Engineer

Cyber Certification – Strongly preferred - CISSP / CCSP, ISO Lead Auditor etc,

Technicals Skills :

Expert-level knowledge of AWS, Azure, and GCP security services, architectures, and shared-responsibility models.

• Deep proficiency with CSPM, CWPP, CIEM, CNAPP, and CASB platforms (e.g., Prisma Cloud, Orca, Netskope, Zscaler, Wiz).
• Demonstrated experience securing multi-cloud environments (AWS + Azure + GCP) in a cloud-first enterprise with 5,000+ employees or equivalent complexity
• Experience in managing / working of 24x7 Cyber Security Operations Center, preferably for internal customers
• Experience in managing 20+ members team which may include vendor teams
• Excellent understanding of information security concepts, protocols, tools, industry best practices and strategies
• Intimate knowledge of the Cyber Kill Chain, MITRE ATT&CK, or other relevant cybersecurity defense and intelligence frameworks like NIST, DoD etc
• Technical working knowledge, understanding of SIEM technology, various other security technology (EDR, WAF, IDS, IPS, Firewall, Networking) etc