Head of Cyber Security

About SKF

SKF started its operations in India in 1923. Today, SKF provides industry leading automotive and industrial engineered solutions through its five technology-centric platforms: bearings and units, seals, mechatronics, lubrication solutions and services. Over the years the company has evolved from being a pioneer ball bearing manufacturing company to a knowledge-driven engineering company helping customers achieve sustainable and competitive business excellence.

SKF's solutions provide sustainable ways for companies across the industrial sectors to achieve breakthroughs in friction reduction, energy efficiency, and equipment longevity and reliability. With a strong commitment to research-based innovation, SKF India offers customized value-added solutions that integrate all its five technology platforms.

To know more, please visit: www.skf.com/in

SKF Purpose Statement

 Together, we re-imagine rotation for a better tomorrow.

 By creating intelligent and clean solutions for people and the planet 

JOB DESCRIPTION

Job Title:     Head Of Cyber Security

Reports To: Head of Global IT & OT Infrastructure, SIAM and Securities

Role Type:   People management

Location:      Pune

Role Purpose:

The Head of Cyber Security will provide vision and strategic direction to enterprise-wide initiatives that ensure the security, reliability, and cyber-resiliency of IT Infrastructure, Platforms, Applications and Data. This role is critical in devising the cybersecurity strategy and roadmap in alignment with business requirements of all SKF Industrial Business Areas and Regions.

We are seeking an experienced Security Leader to strengthen our Governance, Risk & Compliance (GRC) posture across IT & OT Systems and conduct Risk Management for all Infra platforms, Applications, Data and devices.

This role will be accountable for maintaining compliance documentation standards, supporting certification and audit readiness for the organization, leading security control assessments, and driving consistent governance practices across technology and business environments.

Key Responsibilities

• • Promote a strong cyber culture and promote Security and Compliance awareness across SKF Industrial organization.
  • Ensure that the company's IT systems hosting applications, data and Infrastructure Platforms are fully compliant with all applicable regulatory requirements and privacy laws.
  • Act as a key point of contact with Business and IT Leaders across the globe for cybersecurity-related communications and critical updates
  • Coach and develop cybersecurity analysts, acting as a mentor to the SKF and partner Cyber-Security organizations.
  • Oversee the implementation and maintenance of cybersecurity policies, frameworks, and controls.
  • Collaborate with BCIOs and Regional Security Teams to sensitize critical initiatives that will control security incidents, monitor threats, reduce vulnerabilities, and improve security incident response.
  • Ensure compliance with regulatory and industry standards (e.g., NIST, NIS 2.0, ITAR, IEC 62443, ISO 27001, GDPR).

Strategic Planning & Execution

• • Partner with functional leads to develop and execute strategic roadmaps for cybersecurity and infrastructure aligned with enterprise transformation goals.
  • Help SKF improve Continuous Delivery practices aligned with Cyber-Security roadmap.
  • Partner with architecture and procurement functions to ensure that Cyber Strategy and roadmap is in alignment with emerging Technology vision and roadmap.
  • Monitor KPIs and SLAs to ensure service excellence and continuous improvement.

Team Leadership & Development

• • Build and mentor a high-performing team of Cyber professionals providing coverage across all IT functions.
  • Advocate the IT and Business functions within SKF to uplift Platform Engineering capabilities in alignment with Cyber Security standards.
  • Foster a culture of innovation, automation, accountability, and collaboration.
  • Craft the cyber-vision in a manner that promotes AI-related initiatives across business functions and regions boosting digital transformation efforts.

The Essentials

• • Bachelor's degree in computer science, software engineering, management information systems, or related
  • Experience supporting modern software architectures in both development and production environments.
  • Experience implementing cybersecurity capabilities including GRC, Network Security, EDR, WAF, SIEM/SOAR, TLS, PKI, BC/DR, and Risk Management.
  • Experience in Identity and Access Management systems including IGA, PAM, SSO, MFA, and AD with important standards (i.e. OAuth, OpenIDC, SAML, SCIM, FIDO, etc.)
  • Experience or familiarity with key frameworks and certifications including NIST CSF, NIST SP 800-53, SOC2, ISO 27001, and IEC 62443
  • Proven experience managing large-scale IT operations and security programs.
  • Strong knowledge of cloud platforms (Azure, AWS), enterprise networking, and security technologies.
  • Excellent soft skills , stakeholder management, and strategic acumen.
  • Thought leadership, development, and coaching experience and capabilities including functional and team goals & objectives, conflict resolution, and performance management.
  • Partner with multiple stakeholders and influence project decisions.

IT Focused Qualifications:

• • European Union: Cyber Resilience Act (CRA), NIS2, EU Machinery Regulation (MR 2023/1230), RED Directive 2014/53/EU
  • United States: CIRCIA (2022), NIST CSF 2.0, TSA Pipeline Security Directives
  • China: Cybersecurity Law (2017), Data Security Law (2021), CII Regulations
  • Australia: SOCI Act (2021 + 2023 Amendments)
  • APAC & Global: Malaysia CRA Bill, India Digital Security Bill DPDPA.

OT Focus Qualifications:

• • EU: Connected products, machinery with embedded software, industrial networks
  • US: Critical infrastructure resilience & incident reporting
  • China: Data sovereignty & industrial control systems
  • Australia: Critical Infrastructure and Incident Response Obligations
  • APAC & Global: Localization of EU-style compliance requirements

• • Primary Skills:
    • • Deep expertise in cybersecurity strategy, risk management, and regulatory compliance.
      • Strong leadership and decision-making abilities to align security initiatives with business goals.
      • Prepare Cyber Roadmap, Cyber Insure, Cyber Investment and RoI.

• • Secondary Skills:
    • • Excellent communication and stakeholder management skills.
      • Knowledge of emerging technologies, threat intelligence, and incident response best practices.

Candidate Profile:

• • 18+ years of experience in IT Security, Cyber Risk, or GRC roles.
  • Hands-on experience with IT and Cloud Risk Management programs.
  • Strong understanding of security controls, risk management principles, and cloud security (AWS, Azure).
  • Professional Certifications in CISSP, CISM, CRISC, PMP.
  • Experience building strategic technology plans and roadmaps
  • Excellent understanding of business complexity and project interdependencies and the ability to question thought partners across functional areas
  • Familiarity with ISO 27001, NIST CSF, NIS 2.0, ITAR and related security frameworks.
  • Excellent analytical, documentation, CxO Communication & presentation skills.