Project Manager Cybersecurity

About the job

HCLTech is a global technology company, home to more than 218,000 people across 59 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending September 2024 totaled $13.7 billion.

The Cybersecurity Project Manager is responsible for the successful initiation, planning, design, execution, monitoring, controlling, and closure of cybersecurity‑focused projects. This role operates within a highly matrixed organization and partners closely with Security Engineering, Identity, Infrastructure, Compliance, and Enterprise Architecture teams. The Cybersecurity Project Manager ensures delivery within scope, schedule, and budget while adhering to cybersecurity frameworks, secure‑by‑design principles, and corporate security policies.

Projects may include enterprise security technology deployments, vulnerability management programs, identity & access management initiatives, risk mitigation efforts, regulatory compliance work, and the rollout of security controls across IT and business environments.

The Cybersecurity Project Manager must bring strong program delivery skills, a solid understanding of cybersecurity technologies and terminology, and the ability to translate cyber requirements into actionable project plans.

Essential Duties and Responsibilities

Project Delivery & Execution

• Coordinate internal cybersecurity teams, external security vendors, contractors, and third parties for the flawless execution of security initiatives.
• Deliver all projects on time, within approved budgets, and aligned to defined scope.
• Lead execution of projects that implement or enhance security technologies such as IAM, PAM, SIEM, EDR/XDR, vulnerability management, network security, cloud security, and data protection tools.
• Apply secure project delivery practices aligned with cybersecurity frameworks (NIST CSF, CIS Controls, ISO 27001, SOC2, Zero Trust).
• Ensure all project deliverables adhere to the required security, risk, compliance, and privacy expectations.

Planning, Risk & Change Management

• Develop detailed project scopes, objectives, work breakdown structures, and timelines—ensuring technical feasibility with security engineering teams.
• Identify cybersecurity risks, threats, and control gaps; lead risk mitigation planning and escalate when needed.
• Use structured change‑control processes to manage modifications in scope, schedule, or cost—reflecting cybersecurity impacts.
• Facilitate security tollgates, architecture reviews, compliance checkpoints, and control validation stages.
• Proactively manage risks to project timeline, scope, and budget, keeping project sponors informed on potential impacts and mitigation plans.
• Updating project financials, including monthly forecasts and run rates.

Performance Management & Reporting

• Track and report project KPIs, including security readiness metrics, risk remediation status, dependency risk, and control adoption.
• Provide clear and concise updates to senior Security and IT leadership, including CISO staff.
• Partner with finance to manage and forecast cybersecurity project budgets, contract burn‑rates, vendor SOWs, and capital/operational spending.

Cross‑Team Engagement & Communication

• Work with Product Delivery Leads, security architects, system owners, and business stakeholders to align security requirements and success criteria.
• Communicate project status, impacts, and risks effectively to both technical and non‑technical audiences.
• Coordinate security awareness or operational transition activities as part of project rollout.

Quality Management & Accountability

• Manage defect resolution, security testing, penetration test findings, and control validation of remediation cycles.
• Ensure lessons learned are captured and fed into ongoing security program improvements.
• Maintain project artifacts required for audit, regulatory, or compliance review.

Required Qualifications

Experience

• Minimum
  7 years of IT Project Management
  experience, preferably with at least
  3–5 years delivering cybersecurity initiatives
  .
• Proven experience applying project management methodologies (Agile, Kanban, Lean, Waterfall, SDLC) to large, mission‑critical cybersecurity programs.
• Demonstrated experience managing cybersecurity technology implementations (e.g., identity platforms, endpoint security, cloud security tooling, network segmentation, data protection).
• Experience establishing, tracking, and reporting project and security metrics.
• Experience with project financials, budgeting, forecasting, vendor management, and contract execution.
• Excellent communication, influence, negotiation, and collaboration skills across an enterprise.

Education

• Bachelor's Degree in Cybersecurity, Information Technology, Business, Engineering, or related field; or equivalent work experience.

Certifications/Training (Preferred)

• PMP, Scrum Master, or similar PM certifications.
• Security certifications desired: CISSP, CISM, Security+, CCSP, GIAC.
• Experience with PPM tools such as MS Project Online, Project Professional, Jira, or

Preferred Qualifications

• Experience managing technical integrations related to mergers & acquisitions, including secure onboarding infrastructure and security tools.
• Strong familiarity with cybersecurity frameworks: NIST CSF, ISO 27001, CIS Top 18, MITRE ATT&CK, Zero Trust principles.
• Knowledge of enterprise infrastructure (networking, servers, cloud, hardware) and general IT architecture.
• Understanding secure configuration management, vulnerability remediation, and SOC or IR operational processes.
• Experience working with DevSecOps teams or secure SDLC practices.

Work Environment & Relationships

• Remote role
  —expected to perform responsibilities in a home‑based environment.
• Internal stakeholders:
  Security Engineering, Identity, Architecture, Infrastructure, Enterprise PMO, Compliance, Legal, Risk, and business unit leaders.
• External relationships:
  cybersecurity vendors, MSSPs, consultants, penetration testers, cloud service providers.

We offer a competitive package that includes

• Life insurance
• Major Medical Expenses Insurance
• Minor Medical Expense Insurance
• Savings Fund 13%
• Food vouchers 10%
• 30 days as Christmas Bonus
• 12 days of vacation in the first year, increasing 2 days as dictated by law.
• Additionally, we provide continuous training and development opportunities to help our employees achieve their professional goals.

We need Fluent English