Cybersecurity Incident Response & Investigation Lead

Job Description

Cybersecurity Incident Manager is responsible for managing and mitigating enterprise-level cybersecurity incidents leading the coordination and communication of incident response efforts. The main priorities are ensuring timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Key Responsibilities Monitor, detect, and respond to security incidents using various security tools and technologies. Execute containment, eradication, and recovery procedures during incidents to minimize impact and restore normal operations. Develop and maintain incident response playbooks and escalation procedures to ensure a consistent and efficient response to incidents. Collaborate with other IT and security teams to remediate vulnerabilities and improve the overall security posture. Prepare detailed and accurate incident reports and documentation for internal use and for external stakeholders, if necessary. Stay current with the latest threats, vulnerabilities, and security technologies to ensure effective detection and response capabilities. Serve as the primary coordinator during cybersecurity incidents, aligning efforts across technical and business teams. Conduct real-time analysis and correlation of security events from multiple sources including SIEM, IDS/IPS, firewalls, and endpoint security solutions. Perform in-depth investigation and analysis of security incidents, including malware analysis, forensic investigations, and reverse engineering. Participate in threat hunting activities to proactively identify and mitigate potential security risks. Stay informed about new threats and trends in cybersecurity to enhance response skills. Ensure compliance with the organization's incident response framework and regulatory requirements. Coordinate with Enterprise Risk Management, SOC, Legal, IT, Data Privacy, and other functions for a unified response. Collaborate with third-party vendors and MSSPs as needed. Act as the primary contact for incident updates to executive leadership and stakeholders. Generate comprehensive reports during and after incidents, including root cause analysis and mitigation strategies. Supervise the creation of post-incident reports and ensure that lessons learned are integrated into future planning strategies. Propose security improvements to prevent the reoccurrence of incidents. Perform regular tabletop exercises and simulations to train and prepare teams. Qualifications Bachelors degree in Computer Science, Information Security, or a related field, or equivalent work experience. At least 12+8 years of experience in a SOC or similar security-focused environment. Experience in managing large-scale cybersecurity incidents. Understanding of regulatory requirements and industry standards (e.g. GDPR, HIPAA, PCI-DSS). Proficient written and verbal communication skills. Strong hands-on experience with SIEM platforms (e.g. Palo Alto XSIAM, Splunk, QRadar), IDS/IPS systems, firewalls, endpoint security tools and service management tools (e.g. ServiceNow) Proficiency in conducting forensic investigations and malware analysis. Experience with scripting and automation tools (e.g., Python, PowerShell) to streamline incident response tasks. Deep understanding of network protocols, operating systems, and common attack vectors. Relevant certifications such as CISSP, CISA, CISM, CEH, or GIAC are highly desirable. Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.