Assistant Manager Incident Response - Deloitte Support Services India Private Limited
The Specialist Incident Response reports to the Global Incident Response Manager. The role serves as the main incident responder performing technical services for cyber security incident investigations and assessing scope of incident damage.
As part of the Global Cybersecurity Incident Response Team, this role requires :
Strategic
Assists in preparation of internal and external communications
Maintains chain of custody of incident evidence
Provides physical security of collected data and devices
Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents
Operational
Provides technical services needed for cyber incident response investigations including, containment, eradication, and remediation activities
Assists in assessing scope of incident damage
Assists in determination of incident severity
Responsible for maintaining documentation throughout a cyber incident
Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
Perform digital forensic services including, but not limiting to, collection, documentation, preservation, and analysis of incident evidence
Relationship Management
Maintains rotating on-call availability for a 24x7x365 coverage
Establish and maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms
Qualifications External
6 to 9 years of experience
Bachelors Degree or Master of Science preferred
Work location: Hyderabad
Work timings: 11am-8pm
Education
Bachelors degree: degree in a technology-related field, or equivalent education-related experience
Work experience
o Recommended minimum of 6 years of combined experience in the Information Security / Cybersecurity domain with a minimum of 3-4 years in cyber incident response.
o Demonstrable understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats
o Demonstrable understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation
o Proven track record and experience of the following in a highly complex and global organization
o Strong problem solving and troubleshooting skills with experience exercising mature judgement
o Excellent teamwork and interpersonal skills
Certification
Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Information Systems Security Professional (CISSP), or other similar credentials
Skills/abilities
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts.
Ability to adapt and operate in a high-tempo, dynamic and stressful environment.
Sound knowledge of business management and an expert knowledge of information / cybersecurity strategy and governance
Operational knowledge of preventive and detective security controls (e.g., firewalls), advanced endpoint solutions , Web Application Firewalls (WAF), Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM))
Operational knowledge of general IT technologies and concepts (e.g., routers, switches, messaging systems, server operating systems (Windows, Linux, Unix), desktop and mobile operating systems (Windows, macOS, iOS, Android), cloud services and architecture, and vulnerability management.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
Experience recording and maintaining incident documentation within a ticketing system
Understanding of incident response in a Cloud based environment and experience with cloud solutions
Experience leading cyber security incident response during normal daily operations or against advanced persistence threats.
Ability to quickly analyze large amounts of information and formulate action plans based on that analysis.
Experience interpreting, searching, and manipulating data within enterprise logging solutions.
Strong understanding of SIEM technologies
Ability to travel as needed (0%)
How youll grow
At Deloitte, weve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunitiesincluding exposure to leaders, sponsors, coaches, and challenging assignmentsto help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team- based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our peoples growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloittes culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloittes impact on the world.
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (DTTL), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the Deloitte name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.