Job Title:  Assistant Manager | Incident Response & Handling | Mumbai | Cyber Defense & Resilience

Monitor and analyze alerts from SIEM, EDR, IDS/IPS, and other security tools to identify potential security incidents.

Perform incident triage, containment, eradication, and recovery following standard IR procedures.

Conduct root cause analysis and prepare detailed incident reports and lessons learned documentation.

Collaborate with SOC L1/L2 analysts and other IT teams for coordinated response and remediation.

Investigate phishing, malware infections, unauthorized access, data exfiltration, and insider threat scenarios.

Utilize threat intelligence to enrich incidents and improve detection capabilities.

Perform forensic analysis on compromised systems and correlate evidence using available tools.

Assist in developing and refining incident response playbooks and automation (SOAR workflows).

Participate in tabletop exercises and post-incident reviews to enhance overall readiness.

Recommend improvements in detection, alerting, and prevention mechanisms based on findings.