Deputy Manager – Cybersecurity Incident Response Job in Mumbai | Lead Security Operations & Threat Management – May 2025
Deputy Manager – Cybersecurity Incident Response Job in Mumbai | Join a Leading Cyber Defense Team (2025)
As organizations worldwide embrace digital transformation, the demand for skilled cybersecurity professionals has never been greater. In today’s threat landscape, quick and effective response to cyber incidents is crucial to protect business integrity, data privacy, and client trust. A prestigious opportunity is now open for the role of Deputy Manager – Cybersecurity Incident Response & Handling in Mumbai, offering experienced professionals a chance to lead the charge in defending critical digital assets against evolving cyber threats.
This role is ideal for a cybersecurity expert with a deep understanding of security operations, incident detection and response, and crisis management—someone who can think quickly, act decisively, and drive resolution during high-pressure situations.
Job Overview
-
Job Title: Deputy Manager – Cybersecurity Incident Response & Handling
-
Requisition ID: 78765
-
Location: Mumbai, India
-
Department: Cyber Defense & Response (T&T-Cyber-D&R)
-
Employment Type: Full-time
-
Date Posted: May 14, 2025
The successful candidate will play a critical role in identifying, managing, investigating, and resolving cybersecurity incidents, while also helping to strengthen the organization’s cyber resilience and response readiness.
Key Responsibilities
As the Deputy Manager of Incident Response, you will be entrusted with the responsibility of overseeing security incidents from detection through resolution. Your key responsibilities will include:
1. Incident Detection and Response
-
Monitor and analyze alerts from Security Information and Event Management (SIEM) systems, threat intelligence feeds, IDS/IPS, endpoint detection tools, and other monitoring platforms.
-
Triage, prioritize, and investigate security incidents involving malware infections, unauthorized access, data breaches, phishing, and other cyber threats.
-
Coordinate timely and efficient response to minimize business impact and prevent recurrence.
2. Incident Management and Resolution
-
Lead the end-to-end incident response lifecycle—containment, eradication, recovery, and root cause analysis (RCA).
-
Collaborate with internal stakeholders, system owners, and IT teams to isolate threats and restore affected systems.
-
Document incident timelines, actions taken, evidence collected, and final outcomes in a formal incident report.
3. Threat Hunting and Forensics
-
Proactively hunt for suspicious activity across networks, endpoints, and cloud environments.
-
Perform forensic analysis on affected systems to determine the extent of compromise and data exposure.
-
Utilize memory analysis, log correlation, and behavioral analytics to investigate advanced persistent threats (APTs).
4. Policy Enforcement and Compliance
-
Ensure adherence to internal security policies, regulatory compliance frameworks (e.g., ISO 27001, GDPR, RBI, PCI-DSS), and legal obligations during incident handling.
-
Participate in external and internal audits, regulatory inquiries, and cybersecurity risk assessments.
5. Continuous Improvement
-
Conduct post-incident reviews to identify process gaps and recommend enhancements.
-
Update incident response playbooks, escalation procedures, and threat models based on evolving tactics, techniques, and procedures (TTPs).
-
Contribute to red team/blue team exercises, tabletop simulations, and awareness campaigns to improve organizational readiness.
Required Skills & Expertise
To succeed in this position, the candidate must possess a strong foundation in cybersecurity operations and hands-on experience in managing real-world security incidents.
✅ Technical Skills
-
In-depth knowledge of incident detection, threat intelligence, network security, and endpoint protection.
-
Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight), EDR platforms (e.g., CrowdStrike, SentinelOne), and SOAR systems.
-
Familiarity with network protocols, TCP/IP, firewalls, proxies, and email gateways.
-
Expertise in malware analysis, log analysis, and digital forensics tools.
✅ Analytical & Problem-Solving
-
Strong investigative skills with the ability to correlate complex datasets and draw actionable conclusions.
-
Capable of recognizing abnormal behavior patterns, lateral movement, privilege escalation, and command-and-control communications.
✅ Communication & Leadership
-
Exceptional communication skills to articulate technical issues to non-technical stakeholders.
-
Proven experience in leading incident response teams under pressure and driving consensus across departments.
-
Ability to maintain calm during high-severity incidents and ensure a structured, professional response.
Educational & Professional Qualifications
-
Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related fields.
-
Advanced certifications preferred, such as:
-
GIAC Certified Incident Handler (GCIH)
-
Certified Ethical Hacker (CEH)
-
Certified Information Systems Security Professional (CISSP)
-
Certified Computer Security Incident Handler (CSIH)
-
Work Experience
-
Minimum 5+ years of experience in cybersecurity with a focus on incident response and security operations.
-
Demonstrated history of managing multiple critical security incidents from detection to resolution.
-
Experience working in Security Operations Centers (SOCs) or Computer Security Incident Response Teams (CSIRTs).
Preferred Experience
-
Exposure to cloud incident response within AWS, Azure, or GCP environments.
-
Experience with MITRE ATT&CK framework, threat intelligence platforms (TIPs), and use of threat-hunting platforms.
-
Familiarity with cyber insurance claims handling and coordination with law enforcement during critical incidents.
Tools & Technologies
Candidates are expected to be proficient with:
-
SIEM/EDR Platforms: Splunk, QRadar, CrowdStrike, Carbon Black, Microsoft Defender
-
Threat Intelligence Tools: Recorded Future, MISP, ThreatConnect
-
Forensics Tools: EnCase, FTK, Autopsy, Volatility
-
Ticketing Systems & Reporting: ServiceNow, Jira, Confluence
Why This Role Is Strategic
In a world where cyberattacks are no longer a matter of if but when, the role of an Incident Response leader is indispensable. As a Deputy Manager, you will be part of a team that serves as the last line of defense—responsible not only for mitigating threats but for driving long-term resilience across systems and processes.
This is your opportunity to:
-
Engage in high-impact cyber investigations that safeguard critical enterprise data.
-
Work closely with executive leadership and shape cybersecurity policy.
-
Gain exposure to global threat intelligence and cutting-edge incident handling frameworks.
-
Contribute to an evolving cybersecurity roadmap that aligns with business continuity and digital innovation.
Career Path & Growth Opportunities
This role opens multiple avenues for advancement, including:
-
Cybersecurity Manager – Threat Response & Recovery
-
Head of Security Operations
-
Director – Cyber Risk & Incident Management
-
Global CSIRT Lead
-
Cybersecurity Advisor for Regulatory Compliance
How to Apply
Interested candidates can apply using Requisition ID: 78765 on the official careers portal. Please ensure your resume reflects your incident response experience, certifications, and examples of high-severity incident resolutions you’ve led.
Shortlisted candidates will be invited for technical interviews, scenario-based assessments, and leadership interaction.
Conclusion
If you are a cybersecurity professional with a sharp instinct for threat detection, deep incident response knowledge, and the confidence to lead under pressure, this Deputy Manager – Incident Response & Handling role in Mumbai is the perfect opportunity for your next career move.
Step into a high-impact role where your actions will directly shape the organization’s security posture. Join a team that’s not just defending against cyber threats but actively outsmarting them.