Sunil Varkey has been appointed as EVP & Chief Information Security Officer (CISO) at Hexaware Technologies.
In this role, he will lead the company’s global cybersecurity strategy, cyber resilience programs, risk management framework, security governance, compliance initiatives, and enterprise-wide security transformation efforts to support Hexaware’s continued growth and digital innovation agenda.
Prior to this, he served as Cyber Security Consultant/Advisor at TAHAKOM, where he worked closely with the CISO to enhance cybersecurity posture, resilience, and strategic security capabilities.
Earlier, he was VP & Chief Technology Officer, EMEA & APJ at Forescout Technologies Inc., leading IT/OT security strategy, customer advocacy, market positioning, strategic consulting, and cybersecurity transformation initiatives across multiple regions.
Before that, he served as MD & Global Head of Cyber Security Assessments & Testing at HSBC, where he led a global team of more than 300 professionals responsible for penetration testing, threat modelling, vulnerability management, digital footprint analysis, and third-party security assessments.
He also held the position of CTO & Security Strategist – Middle East, Africa & Eastern Europe at Symantec, driving cybersecurity strategy, threat intelligence initiatives, security consulting, and resilience programs for enterprise, government, and financial sector organizations.
Earlier, he spent nearly six years with Wipro Limited, serving as Global Chief Information Security Officer and Fellow, Distinguished Member of Technical Staff (DMTS). During this period, he led global enterprise information security for a 200,000-employee organization and was recognized among Wipro’s most distinguished technology leaders.
Before that, he served as Head – Information Security & Privacy at Idea Cellular Ltd, overseeing information security, privacy, risk management, business continuity, security operations, and governance programs for one of India’s largest telecom operators.
His earlier leadership experience includes roles at Barclays, GE, GENPACT LLC, Genpact (Formerly Gecis – GE Capital International), Paramount Computer Systems – Saudi Arabia, and The Saudi British Bank, where he built deep expertise across security operations, incident response, risk management, security engineering, consulting, and enterprise cybersecurity leadership.
With over three decades of experience spanning cybersecurity, IT risk, governance, security operations, cyber resilience, threat management, and digital transformation, he brings deep expertise in building secure, scalable, and future-ready security organizations.