logo

Cyber Incident Management

  • Company

    Deloitte

  • Location

    Bengaluru Eco space

  • Employment Type

    Full-Time

  • Functional Category

    Technology & Data

  • Experience

    8 - 9 years

About Deloitte

Deloitte drives progress. Our firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger so are we. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”) its global network of member firms and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. The content on this page contains general information only and none of Deloitte Touche Tohmatsu Limited its member firms or their related entities (collectively the “Deloitte Network”) is by means of this publication rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on content from this page.

Overview of the Role

As Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.

Job Description

• Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements
• Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation.
• Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection.
• Recommend and document specific countermeasures and mitigating controls with post incident analysis findings
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations
• Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals
• Mature the Security Incident Response process to ensure it meets the needs of the Clients
• Interact with Client’s CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services
• Possess the experience, credibility and integrity to perform as an expert witness.
• Assist with research and distribute cyber threat intelligence developed from Incident Response activities
• Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice.
• Recommend and document specific countermeasures and mitigating controls with post incident analysis findings
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.

Required & Preferred Qualifications

Skill

• Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain.
• Understanding of Threat Hunting and threat Intelligence concepts and technologies
• Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis.
• Deep experience with most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems (ext3.4, NTFS, HFS+, APFS, exFAT etc)
• Proficiency with industry-standard forensic toolsets (i.e. EnCase, Axiom/IEF, Cellebrite/UFED, Nuix and FTK)
• Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc..
• Experience of malware analysis and understanding attack techniques.
• Ability to work in time-sensitive and complex situations with ease and professionalism, possess an efficient and versatile communication style
• Good verbal and written communication skill, excellent interpersonal skills

Education

B.Tech/M.Tech/ Bachelors - Full time Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST"

Experience

8+ years Information Security experience with at least 6 year of Incident Response experience.