| Job Title | Associate Director – Incident Response & Handling |
| Requisition ID | 101805 |
| Company | Deloitte Touche Tohmatsu India LLP |
| Location | Delhi |
| Designation | Associate Director |
| Domain | Cyber Security – Detect & Respond (D&R) |
| Experience Required | 10–14 Years in Information Security |
| Incident Response Experience | Minimum 5 Years |
| Qualification | BE / B.Tech / MCA / MBA |
| Primary Responsibility | Lead Incident Response & Digital Forensics engagements for clients |
| Client Engagement | Manage client engagements, incident scoping, containment, remediation, reporting, and stakeholder communication |
| Security Analytics | Threat hunting, anomaly detection, reporting, and analysis of large datasets |
| DFIR Activities | Digital Forensics, Incident Response, Network Log Analysis, PCAP Analysis, Malware Triage, Investigation Activities |
| Framework Knowledge | MITRE ATT&CK, NIST Incident Response Framework, Cyber Kill Chain |
| Threat Intelligence | Threat Hunting and Threat Intelligence concepts and technologies |
| Security Technologies | SIEM, IDS/IPS, EDR, Vulnerability Management, Malware Analysis, Forensics Tools |
| Operating Systems | Windows, macOS, Linux, Android, iOS |
| File Systems | NTFS, HFS+, APFS, exFAT, ext3/ext4 |
| Forensics Tools | EnCase, Axiom/IEF, Cellebrite/UFED, Nuix, FTK |
| Cloud Platforms | AWS, Microsoft Azure, Google Workspace (G Suite), Microsoft 365 |
| Malware Analysis | Malware investigation, attack techniques, and threat actor analysis |
| Team Management | Supervise DFIR analysts, mentorship, performance reviews |
| Process Improvement | Mature and improve Incident Response processes and methodologies |
| Client Interaction | Work with CSIRT teams and manage continuous/ad-hoc incident response requests |
| Reporting | Technical and executive-level reports and presentations |
| Business Development | Pre-sales support, identify and develop new business opportunities |
| Expert Witness Capability | Ability to perform as an expert witness during investigations |
| Certifications Preferred | CISSP, ECIH v2, GCFA, GCIH, EnCE, or equivalent DFIR certifications |
| Soft Skills | Strong communication, leadership, interpersonal, project management, and stakeholder management skills |
| Career Level | Senior Leadership Role |
| Ideal Candidate | Experienced DFIR/Cyber Incident Response professional with strong leadership, forensics, threat hunting, cloud security, and client-facing experience |
