FS - RISK CONSULTING - TPRM - Senior - Cyber Resilience And Incident Response

Digital Risk- Cyber Resilience & Incident Response – Senior

Job purpose:

Senior in the Risk Advisory team to work on Incident Response, Cyber Resilience, and Crisis Management engagements for global clients.

You will be responsible for supporting incident response operations, resilience assessments, and recovery preparedness activities in alignment with EY quality standards. You will work closely with client SOC and security teams to enhance detection, response, and recovery capabilities.

You will leverage scenario-based adversarial simulations (Glasswing-aligned approach) to assess breach readiness and validate incident response effectiveness against real-world attack scenarios.

You will play a key role in strengthening organizational resilience through improved response frameworks, scenario testing, and preparedness exercises.

Your client responsibilities:

• Support incident response activities including triage, investigation, containment, and recovery
• Perform incident response readiness assessments and gap analysis
• Conduct breach simulations and tabletop exercises using real-world attack scenarios (Glasswing-aligned approach)
• Validate response effectiveness and identify improvement areas
• Support development and testing of Business Continuity and Disaster Recovery plans
• Work with SOC teams to enhance detection and response capabilities
• Develop incident response playbooks and escalation procedures
• Support crisis management and resilience program development
• Facilitate workshops and awareness sessions for client teams
• Perform root cause analysis and document lessons learned
• Assist in proposal development and capability building initiatives
• Provide regular status updates to stakeholders

Your people responsibilities:

• Demonstrate teamwork and ownership across engagements
• Mentor junior members on incident response and resilience frameworks
• Contribute to internal frameworks and capability development
• Participate in knowledge sharing and organizational initiatives 

Mandatory skills: 

• Strong experience in Incident Response (L2/L3 exposure preferred)
• Knowledge of SOC operations and threat detection mechanisms
• Experience handling cybersecurity incidents and investigations
• Strong understanding of cyber resilience, BCP, and DR frameworks
• Experience in conducting tabletop exercises and simulations
• Familiarity with adversarial simulation approaches (Glasswing-aligned)
• Knowledge of SIEM, EDR, SOAR tools
• Understanding of MITRE ATT&CK framework
• Experience in log analysis and forensic basics
• Certifications such as CEH, GCIH, GCIA, CISSP preferred
• BE/BTech/MCA with 4–8 years of relevant experience 

Preferred skills: 

• Experience in financial services or regulated industries
• Exposure to cloud incident response
• Strong stakeholder management and communication skills