Cyber Security Incident Response - Assistant Manager
Gurugram, Haryana, India. Mumbai, Maharashtra, India
Cyber Security Incident Response - Assistant Manager
- 202603808
- Gurugram, Haryana, India
- Mumbai, Maharashtra, India
Description
About WTW:
WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 54,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part of our WTW DNA. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets, and ideas — the dynamic formula that drives business performance. Together, we unlock potential. We are located on the internet at wtwco.com
About the team:
The Information Security (ICS) team is responsible for protecting the organization's information, systems, and data from security threats. The team delivers security services that help identify, prevent, detect, and respond to cyber risks while supporting business and regulatory requirements.
Summary:
The Cyber Security Incident Response Manager will lead and oversee WTW’s global incident response capability. This role is responsible for managing high-impact cyber incidents, driving continuous improvement in response processes, and leading a team of analysts in a fast-paced, global environment.
The Role:
- Lead and manage high-severity security incidents, ensuring timely containment, eradication, and recovery
- Act as the primary escalation point for incident response across global teams
- Develop, enhance, and maintain incident response frameworks, playbooks, and workflows aligned to industry best practices
- Lead technical investigations across endpoints, networks, and cloud environments
- Manage and mentor a team of SOC and Incident Response analysts, driving performance and capability development
- Collaborate with SOC, Threat Intelligence, Threat Hunting, Insider Threat, and Vulnerability Management teams
- Work closely with MSSPs and third-party vendors to ensure effective incident detection and response
- Drive root cause analysis and post-incident reviews, ensuring lessons learned are implemented
- Ensure compliance with regulatory, audit, and internal security requirements
- Develop and track KPIs and metrics to measure incident response effectiveness
- Lead tabletop exercises and simulations to enhance organizational readiness
- Act as a liaison between technical teams and senior business stakeholders, including Legal, HR, and Compliance
The Requirements
- 8–12 years of experience in Cyber Security, with a strong focus on SOC and Incident Response
- Proven experience in leading and managing incident response teams
- Strong expertise in incident handling, digital forensics, and threat analysis
- Deep understanding of frameworks such as MITRE ATT&CK and Cyber Kill Chain
- Hands-on experience with SIEM/SOAR tools such as Sentinel, Splunk, Carbon Black, or similar
- Experience operating in multi-cloud environments (AWS, Azure, GCP) with exposure to cloud-native threats
- Experience working with global teams and MSSPs
- Strong stakeholder management skills with the ability to communicate with senior leadership
- Ability to operate effectively in high-pressure, high-impact situations
- Strong understanding of enterprise security domains including network, endpoint, identity, and cloud security
- Experience working in global, multi-location environments
- Strong analytical, decision-making, and problem-solving skills
Preferred / Desired Certifications: - CISSP
- CCSP
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- Certified Ethical Hacker (CEH)
Qualifications
Graduate in B.E/B.Tech/B.Sc or related fields in Computer science or Cybersecurity
The Application Process
- Stage 1: Online application and recruiter review
- Stage 2: Pre-recorded video interview
- Stage 3: Live video
-
Stage 4: Offer and onboarding
We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email candidatehelpdesk@wtwco.com.
其他人还看过
主动联系
任何未经请求主动通过我们的网站或韦莱韬悦员工的个人电子邮件帐户提交的简历/应聘者资料,均视为韦莱韬悦的财产,且无需支付代理费用。要成为韦莱韬悦的授权招聘机构/猎头公司,此类机构必须持有由韦莱韬悦授权招聘人员签署的正式书面协议,并与公司保持积极的工作关系。简历必须按照我们的应聘者提交流程进行提交,包括积极参与特定职位的搜索工作。同样,对于我们授权的招聘机构/猎头公司,如果未能遵守应聘者提交流程,韦莱韬悦将不支付任何代理费用。韦莱韬悦是提倡机会均等的雇主。如果您希望我们保存您的联系信息以便将来考虑,请发送电子邮件至:Agency.inquiries@willistowerswatson.com 。
我们的办事处
我们的员工为全球 140 多个国家和市场提供服务。这为我们所做的每一项工作注入了全球视野,同时也能够为您创造许多绝佳的合作机遇与成长空间。探索下面的地图,探索您的职业发展可能。