Associate Director - Cyber Incident Response

As the Incident Response Manager, your role involves engaging with clients under incident response retainership, building and maintaining strong client relationships, and providing advice on threat hunting and response strategies. You will lead and coordinate major cyber incident investigations such as ransomware attacks and data breaches, overseeing forensic analysis and ensuring timely containment and recovery during incidents. Your technical expertise will be crucial as you guide on advanced detection and response techniques, collaborate with various teams, and stay updated on emerging threats and regulatory requirements. Key Responsibilities: - Act as the primary point of contact for clients under incident response retainership. - Build and maintain strong client relationships, ensuring high satisfaction and trust. - Advise clients on proactive threat hunting, readiness assessments, and response strategies. - Lead and coordinate major cyber incident investigations (e.g., ransomware, data breaches, insider threats). - Oversee forensic analysis, malware reverse engineering, and evidence preservation. - Ensure timely containment, eradication, and recovery during incidents. - Provide guidance on advanced detection and response techniques. - Collaborate with SOC, threat intelligence, and vulnerability management teams. - Stay updated on emerging threats, TTPs (Tactics, Techniques, Procedures), and regulatory requirements. - Mentor and manage a team of incident responders and forensic analysts. - Drive knowledge sharing and continuous improvement within the team. - Support pre-sales activities, proposal development, and client presentations. - Identify opportunities to expand incident response and cybersecurity services. Qualifications Required: - Bachelor's degree in Computer Science, Information Security, or related field. - Advanced certifications preferred: GCFA, GCIH, OSCP, GCIA, CISSP, CISM, CCIR. - 9 - 12 years of experience in cybersecurity with at least 5 years in incident response leadership roles. - Strong knowledge of DFIR (Digital Forensics & Incident Response) methodologies. - Expertise in SIEM, EDR tools (e.g., CrowdStrike, Carbon Black), and forensic tools (EnCase, FTK). - Excellent communication and stakeholder management skills. - Ability to work under pressure and manage multiple engagements simultaneously. In addition to the qualifications required, preferred attributes include experience in a Big 4 or top-tier consulting environment and familiarity with Indian regulatory frameworks such as CERT-In, RBI, and SEBI guidelines. As the Incident Response Manager, your role involves engaging with clients under incident response retainership, building and maintaining strong client relationships, and providing advice on threat hunting and response strategies. You will lead and coordinate major cyber incident investigations such as ransomware attacks and data breaches, overseeing forensic analysis and ensuring timely containment and recovery during incidents. Your technical expertise will be crucial as you guide on advanced detection and response techniques, collaborate with various teams, and stay updated on emerging threats and regulatory requirements. Key Responsibilities: - Act as the primary point of contact for clients under incident response retainership. - Build and maintain strong client relationships, ensuring high satisfaction and trust. - Advise clients on proactive threat hunting, readiness assessments, and response strategies. - Lead and coordinate major cyber incident investigations (e.g., ransomware, data breaches, insider threats). - Oversee forensic analysis, malware reverse engineering, and evidence preservation. - Ensure timely containment, eradication, and recovery during incidents. - Provide guidance on advanced detection and response techniques. - Collaborate with SOC, threat intelligence, and vulnerability management teams. - Stay updated on emerging threats, TTPs (Tactics, Techniques, Procedures), and regulatory requirements. - Mentor and manage a team of incident responders and forensic analysts. - Drive knowledge sharing and continuous improvement within the team. - Support pre-sales activities, proposal development, and client presentations. - Identify opportunities to expand incident response and cybersecurity services. Qualifications Required: - Bachelor's degree in Computer Science, Information Security, or related field. - Advanced certifications preferred: GCFA, GCIH, OSCP, GCIA, CISSP, CISM, CCIR. - 9 - 12 years of experience in cybersecurity with at least 5 years in incident response leadership roles. - Strong knowledge of DFIR (Digital Forensics & Incident Response) methodologies. - Expertise in SIEM, EDR tools (e.g., CrowdStrike, Carbon Black), and forensic tools (EnCase, FTK). - Excellent communication and stakeholder management skills. - Ability to work under pressure and manage multiple engagements simultaneously. In addition to the qualifications requi