Director of Information and Cyber Security

Location: Ernākulam

Job Title:

Director of Information & Cyber Security

Location:

Kochi, India (Onsite)
Permanent - Full Time

About Us
Cyncly is a global technology powerhouse with 2,400+ employees and 70,000+ customers across 100+ countries. Cyncly transforms the way customizable products and spaces are imagined, designed, sold, managed and made. Our end-to-end software solutions connect professional designers, retailers and manufacturers to the world's largest repository of product content. Today, our business spans across the Kitchen & Bath, Furniture, Window, Glass & Door, and Flooring industries with operations in North & South America, Europe, Asia Pacific and Africa.

Cyncly brings over 30 years of experience to deliver more value for our customers through an expanded portfolio of end-to-end solutions. Our global presence allows us to provide world-class support and sales with a local touch, providing the best possible customer experience.

Cyncly is now embarking on an exciting journey as we continue to expand through strong organic growth and complementary acquisitions, backed by leading growth private equity firms specializing in technology.

Build Your Career with Cyncly in Kochi
Kochi is Cyncly's newest hub, opening doors to exciting career opportunities across diverse functions. Here, you'll collaborate with global experts, engage in innovative projects, and grow in a culture that values innovation, flexibility, and continuous learning. With access to top mentors, excellent learning resources, and a flexible and autonomous working environment, you'll have everything you need to thrive.

About the Role:

Cyncly is strengthening its global cybersecurity posture and seeking a Director of Information & Cyber Security to lead this transformation. Reporting to the VP of IT & Cybersecurity, this role provides strategic leadership across product, cloud, corporate, and M&A security. You will shape our global security program, partner with engineering and executive teams, and build a high performing security & compliance organization that enables Cyncly's SaaS modernization and supports our customers worldwide.

Key Position

Responsibilities Include:

Security Strategy & Leadership
Drive global security strategy across SaaS, on prem, cloud, and corporate environments.
Act as strategic advisor to senior leadership team.
Build and lead a high performing security and compliance organization.

Application & Infrastructure Security
Establish and enforce secure software development lifecycle (SSDLC) practices, including threat modeling, secure code reviews, vulnerability management, and penetration testing.
Drive cloud and infrastructure security across environments (e.g., Azure/AWS/Rack Space).
Ensure strong IAM, network segmentation, and platform level controls.
Oversee centralized logging, monitoring, and incident visibility.
Partner closely with engineering and IT teams to design secure architectures and remediate security findings efficiently.

Compliance & Risk Management (SOC 2 and beyond)
Accountable for successful SOC 2 readiness and audits, including scope definition, and working with internal teams to execute control ownership.
Produce regular compliance reports to identify control risks and remediation needs.
Automate audit and compliance testing and evidence collection through use of a GRC platform (Vanta)
Develop and manage security policies, standards, risk assessments, and third-party risk management processes.
Support additional compliance and regulatory requirements as needed (e.g., ISO 27001, GDPR, customer-specific frameworks).

Customer Assurance
Serve as the primary point of contact for customer and prospect security inquiries.
Own and respond to security questionnaires, RFP security sections, and due diligence requests with accuracy, clarity, and confidence.
Participate in customer calls to explain security controls, architecture, and risk posture, helping to unblock sales cycles and build customer trust.

Incident Response & Security Operations
Own the security incident response program, including preparation, tabletop exercises, incident handling, communications, and post-incident reviews.
Ensure a mature vulnerability management program, along with robust security monitoring, and alerting capabilities.
Partner with IT, engineering, and customer-facing teams to continuously improve detection and response capabilities.

Mergers & Acquisitions (M&A)
Lead security due diligence for acquisitions, assessing application, infrastructure, data, and operational risks.
Provide clear risk assessments and remediation recommendations to executive leadership.
Drive post-acquisition security integration, including control alignment, tooling consolidation, and risk reduction plans.

Required

Skills and Qualifications :
15+ years' experience in information security, with at least 10 years in a senior leadership role.
Exceptional experience with Microsoft's security stack related to Azure, on-prem infrastructure and end point devices.
Demonstrated experience in SaaS or…