T&T I Cyber-D&R I Consultant | Incident Response & Handling | Delhi, Hyderabad, Bangalore, Mumbai
On-site · Delhi, Delhi, India
Job Summary
T&T I Cyber-D&R I Consultant role at Deloitte Touche Tohmatsu India LLP (Delhi focus; multiple Indian cities listed) involves detecting, analyzing, investigating, and reporting qualified security incidents to clients, providing recommendations, and supporting incident response across governance-ready workflows. Key duties include investigating incidents from diverse sources (SIEM, EDR, logs), escalating to L3 when needed, delivering IR operations and simulations, performing root cause analysis on malware and behavior events, gathering forensic evidence, developing scalable incident response processes, and communicating outcomes to leadership. Required skills include 2-4 years in SIEM monitoring and cyber incident response, hands-on security tooling and OS/network knowledge, log analysis, cross-team collaboration, 24/7 shift readiness, and strong communication. Preferred certifications (ECIH v2, CHFI, GCIH, GCIA) and a Bachelor’s/Master’s degree are noted; experience with SIEM (QRadar, Sentinel), EDR (CrowdStrike, MS Defender, SentinelOne), and forensics tools (EnCase, FTK) is highlighted, along with MITRE ATT&CK knowledge and malware analysis capabilities.
Required Qualifications
- Bachelor’s/Master’s degree
- 2-4 years of experience in SIEM monitoring and Cyber security Incident response and Management
- Hands-on experience with security tools and devices, operating systems, and/or networking devices
- Proven skills and experience in log analysis, incident investigations
- Experience working across diverse teams to facilitate solutions
- Experience working with Security practitioners
- Willingness to work in a 24/7 environment in rotating shifts
- Ability to work in time-sensitive and stressful situations with professional communication
- Data acquisition (Disk, Memory, Mobile, Cloud, Enterprise Wide)
- Digital forensics (Windows, Mac OS, Linux/Unix)
- Understanding of MITRE ATT&CK framework
- Experience with SIEM tools (QRadar, Sentinel)
- Experience with EDR tools (CrowdStrike, MS Defender, SentinelOne)
- Forensic toolsets (EnCase, FTK)
- Experience reviewing raw logs and performing advanced data correlation and analysis
- Malware analysis and understanding attack techniques
- Industry certifications such as ECIH v2, CHFI, GCIH or GCIA (preferred)
- Bachelor’s/Master’s degree
- Certifications like ECIH v2, CHFI, GCIH or GCIA are preferred
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.