Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

EY TC-CS-Cyber Detection Response-Incident Response-Manager 
India, Karnataka, Bengaluru 
623384930

29.08.2024



Key Responsibilities:

  • Leadership and Strategy:
    • Lead and manage the incident response team, including Tier 3 analysts and other cybersecurity personnel, in responding to security incidents.
    • Develop and implement incident response strategies, policies, and procedures in alignment with organizational objectives and industry best practices.
    • Coordinate with the Cyber Defense lead to ensure a cohesive and comprehensive approach to cybersecurity defense.
  • Incident Response Execution:
    • Oversee the execution of Tier 3 security incident response services, addressing application, network, and infrastructure security alert events.
    • Assign containment, eradication, and recovery tasks to the appropriate resource teams, ensuring swift and effective action.
    • Direct response actions on managed hosts where the Security Operations Center (SOC) team has requisite access and permissions, including isolating compromised or infected hosts.
  • Cyberattack Disruption and Mitigation:
    • Lead efforts to disrupt cyberattacks, including the isolation of compromised hosts and implementation of pre-approved containment actions.
    • Ensure that all actions taken are in accordance with documented procedures and permissions.
  • Incident Communication and Clarification:
    • Provide clear communication of incident details, containment, eradication, and recovery recommendations to the cyber defense team and other relevant stakeholders.
    • Participate in cyber defense calls, providing updates and strategic guidance on cybersecurity incidents and defense activities.
  • Quality Assurance and Continuous Improvement:
    • Conduct periodic peer reviews of Tier 2 analyst work to identify trends, assess effectiveness, and recommend areas for improvement.
    • Promote a culture of continuous improvement within the incident response team by fostering knowledge sharing, training, and professional development.
  • Escalation and Reporting:
    • Manage the escalation of critical incidents to senior leadership and other relevant parties, ensuring timely and accurate reporting.
    • Develop and deliver incident reports and presentations to executive management, highlighting incident impact, response actions, and lessons learned.
  • Collaboration and Stakeholder Engagement:
    • Collaborate with cross-functional teams, including IT, legal, compliance, and external partners, to coordinate incident response efforts.
    • Engage with external stakeholders, such as law enforcement and third-party vendors, as necessary during incident investigations.
  • Risk Management and Compliance:
    • Ensure that incident response activities comply with legal, regulatory, and organizational requirements.
    • Lead the assessment and management of risks associated with cybersecurity incidents, developing strategies to mitigate future threats.

Qualifications:

  • Extensive experience in cybersecurity, particularly in incident response and threat management, with a strong background in leading teams.
  • In-depth knowledge of application, network, and infrastructure security.
  • Proven ability to manage complex security incidents, including advanced threat detection, containment, and remediation.
  • Strong leadership and communication skills, with experience presenting to executive management and external stakeholders.
  • Proficiency in security technologies, including SIEM systems, IDS/IPS, EDR, and other monitoring and response tools.
  • Familiarity with regulatory requirements and compliance standards related to cybersecurity.
  • Ability to work under pressure and manage multiple high-priority incidents simultaneously.



EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.