Assistant Manager – Incident Response - Deloitte Support Services India Private Limited
The Specialist – Incident Response reports to the Global Incident Response Manager. The role serves as the main incident responder performing technical services for cyber security incident investigations and assessing scope of incident damage.
As part of the Global Cybersecurity Incident Response Team, this role requires :
Strategic
· Assists in preparation of internal and external communications
· Maintains chain of custody of incident evidence
· Provides physical security of collected data and devices
· Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents
Operational
· Provides technical services needed for cyber incident response investigations including, containment, eradication, and remediation activities
· Assists in assessing scope of incident damage
· Assists in determination of incident severity
· Responsible for maintaining documentation throughout a cyber incident
· Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
· Perform digital forensic services including, but not limiting to, collection, documentation, preservation, and analysis of incident evidence
Relationship Management
· Maintains rotating on-call availability for a 24x7x365 coverage
· Establish and maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms
Qualifications – External
· 6 to 9 years of experience
· Bachelor’s Degree or Master of Science preferred
Work location: Hyderabad
Work timings: 11am-8pm
Education
· Bachelor’s degree: degree in a technology-related field, or equivalent education-related experience
Work experience
o Recommended minimum of 6 years of combined experience in the Information Security / Cybersecurity domain with a minimum of 3-4 years in cyber incident response.
o Demonstrable understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats
o Demonstrable understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation
o Proven track record and experience of the following in a highly complex and global organization
o Strong problem solving and troubleshooting skills with experience exercising mature judgement
o Excellent teamwork and interpersonal skills
Certification
· Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Information Systems Security Professional (CISSP), or other similar credentials
Skills/abilities
· Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
· Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts.
· Ability to adapt and operate in a high-tempo, dynamic and stressful environment.
· Sound knowledge of business management and an expert knowledge of information / cybersecurity strategy and governance
· Operational knowledge of preventive and detective security controls (e.g., firewalls), advanced endpoint solutions , Web Application Firewalls (WAF), Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM))
· Operational knowledge of general IT technologies and concepts (e.g., routers, switches, messaging systems, server operating systems (Windows, Linux, Unix), desktop and mobile operating systems (Windows, macOS, iOS, Android), cloud services and architecture, and vulnerability management.
· Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
· Experience recording and maintaining incident documentation within a ticketing system
· Understanding of incident response in a Cloud based environment and experience with cloud solutions
· Experience leading cyber security incident response during normal daily operations or against advanced persistence threats.
· Ability to quickly analyze large amounts of information and formulate action plans based on that analysis.
· Experience interpreting, searching, and manipulating data within enterprise logging solutions.
· Strong understanding of SIEM technologies
· Ability to travel as needed (0%)
How you’ll grow
At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team- based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.