Job Title:  Associate Director | Incident Response & Handling | Delhi | Cyber Defense & Resilience

• Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements
• Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation.
• Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection.
• Recommend and document specific countermeasures and mitigating controls with post incident analysis findings
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations
• Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals
• Mature the Security Incident Response process to ensure it meets the needs of the Clients
• Interact with Client’s CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services

·       Possess the experience, credibility and integrity to perform as an expert witness.

·       Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunities

• Assist with research and distribute cyber threat intelligence developed from Incident Response activities
• Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice.

10+ years of overall experience with at least 7 years of relevant experience in maintaining, tuning, monitoring and managing all aspects of Security, Analytics and SOC. Must have experience in managing at least 3 projects for large, enterprise scale Clients.

• Shall be responsible for deploying, maintaining, tuning, monitoring and managing all aspects of SMAC. Security products and technologies; Tools like Security Incident Event Management, Perimeter Security, Anti-APT, Security Analytics, Web gateway, UEBA, Endpoint Security, IPS, BIG Data, OS/DB’s etc., network protocols and data center, security analysis and investigation.

Incident management, change management, problem management and ability to work 24x7 during crisis.

• Must have experience of managing TIP and Security Analytics

platforms.

• Knowledge of processes and methodologies involved with keeping

information confidential, available, and assuring its integrity.