Director of Security at Birdeye in Gurugram, India - Apply now!

Job Description: Director of Security (Acting CISO / Head of Security)

Location: Gurgaon, India

Department: Security

Reports to: SVP Engineering

Role Overview

We are seeking a Director of Security (Acting CISO) to serve as the company’s top security leader, responsible for defining, implementing, and continuously improving our security, compliance, and risk management programs. This role blends executive-level responsibility with hands-on operational leadership, ideal for a high-calibre leader who can both set strategy and drive execution.

You will own the company’s end-to-end security posture—spanning SecOps, AppSec, Governance, Compliance, Privacy, and Enterprise Risk—ensuring our systems, products, and operations meet the highest standards of security and trust.

Why Birdeye?

Birdeye is the highest-rated reputation, social media, and customer experience platform for local businesses and brands. Over 150,000 businesses use Birdeye’s AI-powered platform to effortlessly manage online reputation, connect with prospects through social media and digital channels, and gain customer experience insights to grow sales and thrive.

At Birdeye, innovation isn't just a goal – it's our driving force. Our commitment to pushing boundaries and redefining industry standards has earned us accolades as one of the foremost providers of AI, Reputation Management, Social Media, and Customer Experience software by G2.

Founded in 2012 and headquartered in Palo Alto, Birdeye is led by a team of industry experts and innovators from Google, Amazon, Salesforce, and Yahoo. Birdeye is backed by the who’s who of Silicon Valley - Salesforce founder Marc Benioff, Yahoo co-founder Jerry Yang, Trinity Ventures, World Innovation Lab, and Accel-KKR.

Key Responsibilities:

• Strategic Security Leadership Establish and own the company-wide security vision, strategy, and multi-year roadmap.
• Engage directly with the executive leadership team to define risk tolerance, priorities, and investment needs.
• Present security posture, risks, and major initiatives to the Senior leadership and key external stakeholders.
• Develop the security organizational structure (team, roles, processes) as the company scales.

Security Operations (SecOps)

• Oversee detection and response programs, including SIEM, EDR, alerting pipelines, runbooks, and incident command.
• Lead incident response for major security events, including communications, containment, root cause analysis, and long-term remediation.
• Own vulnerability management across cloud infrastructure, endpoints, and applications.
• Partner closely with SRE/CloudOps to maintain secure configurations, patching SLAs, and infrastructure hardening standards.

Application Security (AppSec)

• Define and drive a secure SDLC, including code scanning, dependency management, CI/CD checks, and architecture reviews.
• Build and maintain a threat modeling program.
• Partner with Engineering leadership to integrate security automation and secure coding practices throughout the development lifecycle.
• Oversee internal and external penetration testing efforts.

Governance, Risk & Compliance (GRC)

• Own all security governance and policy lifecycle management.
• Lead the enterprise risk management program, including risk assessments, mitigation plans, and risk acceptance workflows.
• Manage compliance programs such as SOC 2, ISO 27001, HIPAA, PCI, and customer security assessments.
• Collaborate with Legal and Privacy teams to ensure alignment on data protection obligations and regulatory requirements.

Business Enablement & External Leadership

•  Serve as the company’s primary security spokesperson for customers, partners, and prospects.
• Participate in large customer security reviews, RFPs, and enterprise onboarding processes.
• Support commercial teams by articulating security posture, controls, and trust initiatives.
• Maintain relationships with auditors, assessors, and relevant security communities.

Team Leadership & Execution

• Build and lead a growing team across SecOps, AppSec, and GRC.
• Mentor and develop talent, fostering a culture of accountability, continuous improvement, and technical excellence.
• Establish KPIs and metrics to measure maturity, performance, and risk reduction.
• Manage the security budget, vendor portfolio, and technology selection.

Qualifications:

• 10–15+ years of progressive experience in cybersecurity, with at least 5+ years in a security leadership role.
• Proven experience owning both operational and strategic security functions in a cloud/SaaS environment.
• Strong technical background across cloud security, application security, threat detection, and modern security tooling.
• Demonstrated experience achieving and maintaining compliance frameworks (SOC 2, ISO, PCI, HIPAA, etc.).
• Exceptional communication skills with the ability to influence executives, collaborate across departments, and articulate complex security topics clearly.
• Experience presenting security posture and risk to senior leadership and/or a board.
• Industry certifications (e.g., CISSP, CISM, CCSP) are advantageous but not required.

Why You'll Join Us:

 Birdeye is where industry leadership meets next-generation innovation. Our platform is trusted by thousands of businesses of every size and industry, giving them the tools to win every customer interaction. With AI woven into everything we build — and into how we operate as a team — we’re not just keeping up with the future, we’re defining it.

Here, you’ll join a culture that moves fast, thinks big, and celebrates wins together. Whether your passion is building, selling, supporting, or scaling, you’ll be surrounded by top talent who know what it takes to thrive in a competitive market. If you want to see your ideas create impact at scale and accelerate your career with a company on the rise, Birdeye is the place to do it.

Benefits:

•  A hybrid work culture built on collaboration
• Monthly office events and quarterly team events/outings
• Paid maternity & paternity leave to support you at every stage of life
• Employee term life insurance, family medical cover + optional subsidized parental medical cover
• Flexi Benefits Plan for tax saving plus we offer Corporate NPS
• Employee Resource Groups where you’ll connect, belong, and thrive
• Be part of a fast-growing SaaS company redefining what’s possible with AI
• Work alongside top industry talent in an environment designed for learning, mentorship, and career acceleration