Associate Director | Incident Response & Handling | Delhi | Cyber Defense & Resilience

Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the point person for client engagementsAssist with client incident scoping call and participate in the incident from kick-off through full containment and remediation.Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection.Recommend and document specific countermeasures and mitigating controls with post incident analysis findingsDevelop comprehensive and accurate reports and presentations for both technical and executive audiencesConduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigationsSupervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionalsMature the Security Incident Response process to ensure it meets the needs of the Clients Interact with Clients CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response servicesPossess the experience, credibility and integrity to perform as an expert witness.Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunitiesAssist with research and distribute cyber threat intelligence developed from Incident Response activitiesResearch, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice. 10+ years of overall experience with at least 7 years of relevant experience in maintaining, tuning, monitoring and managing all aspects of Security, Analytics and SOC. Must have experience in managing at least 3 projects for large, enterprise scale Clients. Shall be responsible for deploying, maintaining, tuning, monitoring and managing all aspects of SMAC. Security products and technologies; Tools like Security Incident Event Management, Perimeter Security, Anti-APT, Security Analytics, Web gateway, UEBA, Endpoint Security, IPS, BIG Data, OS/DBs etc., network protocols and data center, security analysis and investigation.Incident management, change management, problem management and ability to work 24x7 during crisis. Must have experience of managing TIP and Security Analyticsplatforms. Knowledge of processes and methodologies involved with keepinginformation confidential, available, and assuring its integrity.