Director, Incident Response & Handling
Deloitte Shared Services India
Gurugram, Haryana, India · Full Time
Be the first to apply
- Experience
- 15+ yrs
- Salary
- —
- Openings
- 1
- Posted
- 6 days ago
- Work mode
- In office
- Education
- B.Tech / B.E. in any specialization
- Eligibility
- B.Tech / B.E. in any specialization. Preference for candidates with a bachelor's degree in information security, computer science, or a related discipline, plus an added advantage for those with a master's in cybersecurity or business management. Immediate joiners only. Location preference: Delhi,…
- Resume
- Required to apply
Where you'll work
Job description
About the Role
This leadership role is centered on incident response, forensic investigation, and client-facing delivery for cybersecurity engagements. The position also blends technical depth with business development, proposal support, and stakeholder management across domestic client opportunities.
Client Engagement & Incident Management
- Serve as the primary point of contact for client engagements focused on incident response and investigations, combining subject matter expertise with program management.
- Support incident scoping discussions and stay engaged from the initial kickoff through containment and remediation.
- Work closely with client CSIRT teams to handle ongoing as well as ad hoc requests related to incident response services.
Analysis, Forensics & Reporting
- Turn large and complex data sets into useful security insights for reporting, threat hunting, and anomaly detection.
- Perform DFIR work including forensic analysis, review of network logs and packet captures, malware triage, and other investigation tasks.
- Prepare clear, detailed reports and presentations tailored for both technical teams and senior business audiences.
- Recommend corrective actions and compensating controls based on post-incident findings.
- Assist in distributing cyber threat intelligence derived from incident response work.
Process Improvement & Leadership
- Strengthen the security incident response process so it better aligns with client expectations and operational needs.
- Supervise DFIR team members and contribute to performance reviews, coaching, and professional development.
- Evaluate and recommend hardware and software needed to support and expand DFIR capabilities.
- Improve existing investigation methods and contribute to the evolution of the DFIR practice.
Business Development & Pre-Sales
- Participate in business development efforts and support pre-sales teams in identifying and building new opportunities.
- Use prior sales or business development experience to grow domestic market opportunities.
- Assist with client management and the creation of business proposals.
Requirements
- Strong background in business development or sales is mandatory.
- Ability to expand business in the domestic market is essential.
- Experience handling clients and preparing business proposals is required.
- Minimum of 15+ years in information security, including at least 8+ years in incident response.
- Strong understanding of MITRE ATT&CK, the NIST cyber incident response framework, and the cyber kill chain.
- Knowledge of threat hunting and threat intelligence concepts and tools.
- Hands-on experience with leading forensic platforms such as EnCase, Axiom/IEF, Cellebrite/UFED, Nuix, and FTK.
- Exposure to enterprise cloud environments including AWS, Microsoft Azure, G Suite, and O365.
- Good working knowledge of major operating systems and file systems, including Windows, macOS, Linux, Android, iOS, ext3/4, NTFS, HFS+, APFS, and exFAT.
- Professional certifications such as CISSP, ECIH v2, GCFA, GCIH, EnCE, or equivalent DFIR credentials are preferred.
- A master’s degree in cybersecurity or business management is preferred.
Eligibility
Applicants should hold a B.Tech / B.E. in any specialization. Candidates with a bachelor’s degree in information security, computer science, or a related field are expected, while a master’s degree in cybersecurity or business management is an added advantage.
Important Notes
This opportunity is intended for candidates who can join immediately. Only professionals based in or willing to work from Delhi, Gurgaon, or Noida should apply. The role requires prior experience in business development or sales.