Job title-Practice Manager - Cloud, DevOps & Cybersecurity
Department-Managed IT Services
Proposed practice-GreenCloud & CyberOps
Recommended reporting line-Business Head - IT Infrastructure, with a dotted line to Business Head - Software and Management
Location-Noida, Uttar Pradesh; client travel as required
Employment type-Full-time
Experience guideline-8-12 years overall, including at least 3 years in team, delivery or practice leadership
Team responsibility-Cloud/DevOps engineers, security analysts, GRC resources and partner specialists as the practice scales
Primary objective-Build a credible, repeatable and commercially viable service line spanning cloud, DevOps/DevSecOps and cybersecurity
Key Responsibilities
E. Cybersecurity and Governance
· Establish a risk-based security operating model covering governance, asset visibility, protection, detection, incident response and recovery.
· Oversee cloud security, identity and access management, privileged access, vulnerability management, logging, endpoint and email controls, network security, backup integrity and incident readiness.
· Embed security into software delivery through code, dependency, secrets, container and infrastructure scanning, with clear remediation ownership and risk-based release gates.
· Support customer readiness for contractual or compliance requirements while ensuring Green Call does not make unsupported certification, audit or compliance guarantees.
· Coordinate independent penetration testing, formal audits and specialised security work through appropriately qualified resources or partners when required.
· Maintain security, privacy, access and evidence requirements within contracts, project plans and managed-service runbooks.
F. Internal Technology Transformation
· Use Green Call's own website, cloud accounts and software products as the first reference environment for the new practice.
· Establish an internal baseline covering asset inventory, access control, secure deployment, logging, backup, vulnerability management, incident response and recovery testing.
· Implement a repeatable DevSecOps model for at least one Green Call product and convert the results into a customer case study.
· Coordinate with the software, infrastructure and BPO teams so the new practice strengthens existing services rather than operating as a silo.
G. Team and Capability Leadership
· Design the initial organisation structure and workforce plan; recruit, onboard and manage cloud, DevOps, security and GRC resources.
· Set role expectations, goals, review rhythms, training plans, on-call responsibilities and succession coverage.
· Create reusable templates, standards, playbooks, reference architectures, checklists and knowledge repositories.
· Build a culture of ownership, documentation, collaboration, secure engineering and continuous learning.
· Manage specialist vendors and contractors with the same delivery, security and documentation standards as internal team members.
H. Stakeholder Reporting
· Provide management dashboards covering pipeline, revenue, margin, utilisation, delivery health, service levels, customer satisfaction, cloud cost and security risk.
· Run regular customer service reviews and internal practice reviews with clear actions, owners and due dates.
· Communicate technical risk in business language and recommend proportionate decisions.
Recommended decision rights
Within approved budgets and delegation, the manager should be able to set technical standards, approve solution designs, allocate practice resources, recommend tools and partners, and stop or escalate a change that creates unacceptable security, availability or contractual risk.
First 180-Day Priorities
Period-Expected outcomes
Evidence of completion
Days 1-30
Assess Green Call's current skills, customers, internal environment and service gaps. Confirm the priority market, initial offers, partner needs and practice economics.
Approved practice charter, capability matrix, risk baseline and 90-day action plan.
Days 31-60
Finalise the service catalogue, assessment methodology, pricing guardrails, proposal templates, operating procedures and initial partner/tool stack.
Publishable service catalogue, standard SOWs, reference architecture and partner shortlist.
Days 61-90
Launch the first packaged assessments. Start the internal DevSecOps and cloud-security reference implementation. Support at least two qualified customer opportunities.
Two assessment engagements or pilots, one internal implementation underway, active sales pipeline.
Months 4-6
Convert suitable pilots to recurring services, recruit or assign the core team, implement service dashboards and publish the first approved case study.
Recurring contracts, operational dashboard, trained team, service review process and customer reference material.
Performance Scorecard
Area-Core measures
Illustrative expectation
Commercial
Qualified pipeline, bookings, revenue, gross margin, recurring revenue, proposal win rate and renewals.
Targets agreed quarterly with management; no growth at the expense of unsafe or unprofitable delivery.
Delivery
- On-time and on-budget completion, milestone acceptance, SLA achievement, backlog ageing and customer satisfaction.
- Predictable delivery with early escalation and documented corrective action.
Security
- Asset/control coverage, critical finding closure, access reviews, vulnerability ageing, incident response readiness and recovery-test completion.
- Risk reduction demonstrated through trend reporting, not activity counts alone.
Cloud & DevOps
- Availability, cloud cost variance/savings, automation coverage, deployment lead time/frequency, failed-change recovery and release quality.
- Measurable improvement for services where these indicators are relevant.
Customers
- Service-review quality, escalations, references, renewals and cross-sell.
- Trusted-adviser relationship and clear business outcomes.
People
- Hiring, utilisation, retention, capability coverage, training completion, documentation and succession readiness.
- A scalable team that does not depend on one individual.
Recommended Operating Rhythm
· Weekly: pipeline and presales review; delivery risk review; high-priority security and operational actions.
· Monthly: practice P&L, utilisation, service performance, cloud cost, security posture, customer health and hiring review.
· Quarterly: service catalogue and pricing review; partner review; capability plan; customer roadmap and business plan update.
Candidate Requirements
Essential Experience
· 8-12 years of relevant experience across cloud infrastructure, DevOps/platform engineering, cybersecurity, managed services or technology consulting.
· At least 3 years leading teams, technical delivery, a service line, a centre of excellence or a comparable cross-functional function.
· Demonstrated experience taking customer requirements from discovery through solution design, proposal, implementation and ongoing service.
· Hands-on technical depth in at least two of the following: cloud architecture/operations, DevOps/DevSecOps, cybersecurity architecture/operations.
· Working knowledge of the third domain and the judgement to lead specialists, challenge designs and manage risk.
· Experience with estimates, statements of work, project economics, vendors, service levels, executive reporting and customer escalations.
· Strong written and spoken English; ability to explain complex technical issues to business and technical stakeholders.
Education
· Bachelor's degree in Computer Science, Information Technology, Engineering or a related field; equivalent relevant experience may be considered.
· Postgraduate qualification in technology, cybersecurity or business management is advantageous but not essential.
Preferred Certifications
One or more current certifications are preferred. Certification should support - not replace - evidence of successful delivery and leadership.
· Security leadership or cloud security: CISSP, CISM or CCSP.
· Cloud architecture/engineering: AWS Solutions Architect or DevOps Engineer; Microsoft Azure Administrator, Developer or DevOps Engineer; equivalent Google Cloud certification.
· Cloud-native engineering: Kubernetes administrator or security certification.
· Governance and assurance: ISO/IEC 27001 Lead Implementer or Lead Auditor; relevant risk, privacy or service-management certification.
Technical Capability Areas
Cloud
· AWS, Microsoft Azure or Google Cloud.
· Identity, networking, compute, storage, databases and landing zones.
· Monitoring, backup, recovery, availability and cost governance.
DevOps / Platform
· Git-based delivery, CI/CD and release automation.
· Terraform/Bicep/CloudFormation or comparable IaC.
· Containers, Kubernetes and observability.
Cybersecurity
· IAM/PAM, vulnerability management, logging and incident readiness.
· Cloud, network, endpoint, email, application and data security.
· Security assessment, remediation and compliance readiness.
Business & Delivery
· Presales, architecture, estimation and commercial judgement.
· Project and managed-service governance.
· P&L, utilisation, customer management and team leadership.
Behavioural Competencies
· Builder mindset: comfortable creating a new practice, not only maintaining an established team.
· Commercial judgement: understands revenue, margin, scope control and customer value.
· Risk judgement: can distinguish urgent security risks from lower-priority technical improvements.
· Executive communication: concise, credible and able to present options with implications.
· Customer ownership: takes responsibility for outcomes while setting realistic expectations.
· Collaboration: works across software, infrastructure, support, BPO, sales and management teams.
· Operational discipline: values documentation, repeatability, measurement and follow-through.
· Integrity: avoids exaggerated capability claims and escalates material risk early.
Public Job Posting Copy
Practice Manager - Cloud, DevOps & Cybersecurity
Green Call Technology Pvt. Ltd. is seeking a manager to build and lead its Cloud, DevOps and Cybersecurity practice from Noida. This role will bring together Green Call's software-development and managed-IT capabilities to deliver secure cloud transformation, DevOps/DevSecOps automation and managed cybersecurity services for customers.
The successful candidate will own the service roadmap, presales, solution design, delivery governance, team development, customer relationships and agreed commercial outcomes. This is suited to a hands-on practice builder who can combine technical credibility with business and people leadership.
What you will lead
· Cloud consulting, migration, managed operations, resilience and cost optimisation.
· CI/CD, Infrastructure as Code, platform engineering and DevSecOps implementation.
· Security assessments, cloud security, IAM, vulnerability management, monitoring, incident readiness and compliance-readiness support.
· Presales, proposals, project delivery, recurring managed services and customer reviews.
· Recruitment, mentoring, operating standards, partner management and practice performance.
What we are looking for
· 8-12 years of relevant experience, including at least 3 years in leadership.
· Strong technical depth in at least two of cloud, DevOps and cybersecurity, with the ability to govern the third.
· Experience in customer discovery, architecture, estimates, proposals, delivery and managed services.
· Strong stakeholder communication, commercial judgement and team-building capability.
· Relevant professional certifications are preferred.
Before publishing
HR should confirm the reporting line, salary range, application email, work-mode policy, notice-period preference and travel expectations. Replace the placeholder application line below.
Application: Please send your CV to [INSERT RECRUITMENT EMAIL] with the subject line "Practice Manager - Cloud, DevOps & Cybersecurity".
Internal HR Screening Scorecard
Criterion
Weight
Evidence to seek
Practice-building and commercial ownership
20%
Launched or scaled services; revenue/margin ownership; packaged offers; cross-sell; renewals.
Cloud architecture and operations
20%
Production architecture, migrations, landing zones, IAM, resilience, monitoring and cost governance.
DevOps / DevSecOps
15%
CI/CD, IaC, containers, release governance, secure SDLC and delivery-performance improvement.
Cybersecurity leadership
20%
Risk-based controls, vulnerability, IAM, monitoring, incident readiness, cloud/application security and governance.
Client solutioning and delivery
15%
Discovery, proposals, SOWs, estimates, delivery governance, escalations and service reviews.
People leadership and communication
10%
Hiring, coaching, performance management, executive communication and cross-functional collaboration.
Suggested First-Round Questions
1. Describe a cloud, DevOps or security service that you built or materially improved. What was the commercial model, team structure and measurable result?
2. A customer asks Green Call to guarantee that its environment is fully secure and compliant. How would you respond and structure the engagement?
3. How would you prioritise the first 90 days of launching this practice with a limited budget and an existing customer base?
4. Describe a production incident or serious security finding that you managed. What did you decide, communicate and change afterward?
5. How do you prevent presales commitments from becoming unprofitable or operationally unsafe?
6. Which two of cloud, DevOps and cybersecurity are your strongest domains? How would you govern the third?
7. What metrics would you report monthly to Green Call management and why?
8. Provide an example of developing an engineer or team lead into a larger role.
Red Flags
· Claims deep expertise in every tool but cannot explain customer outcomes, trade-offs or failures.
· Treats cybersecurity as a product purchase rather than governance, engineering and operations.
· Has no experience with proposals, scope, estimates, margin or customer escalation.
· Promises guaranteed compliance or absolute security.
· Relies on individual heroics and cannot describe documentation, delegation or repeatable delivery.
· Cannot distinguish between a manager's accountability and a specialist engineer's role.
Recommended final selection standard
Hire only when the candidate demonstrates credible technical depth, commercial discipline and the ability to build a team. A candidate who is strong only in sales, only in operations or only in one narrow technical tool is unlikely to succeed in this launch role.