CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Information Security Incident Response Analyst

United Kingdom, London · Job Posted March 26, 2026
Apply Position
Job Link Share

Job Description

The Information Security Incident Response Analyst supports clients during security incidents by performing technical investigations, analyzing digital forensic evidence, and assisting with containment and remediation activities. This role focuses on identifying indicators of compromise, reconstructing attacker activity, and communicating clear, actionable findings. The analyst works as part of a global DFIR team, handling a variety of incident types across diverse environments. They contribute to process improvements, maintain strong client communication, and continue building advanced DFIR skills through hands‑on investigations and internal project work.

Job Responsibility

  • Investigates security incidents by performing host, disk, memory, network, and cloud forensic analysis under established processes and guidance
  • Analyzes artifacts across Windows, Linux, and macOS systems, helping reconstruct timelines and determine root cause
  • Supports clients through containment and recovery efforts by providing technical recommendations and clear communication
  • Participates in the team’s on‑call rotation for urgent incident response needs
  • Completes internal and client tasks such as tabletop exercises, IR readiness assessments, basic forensic reviews, and environment hardening support
  • Identifies observable gaps and risks within client environments and recommends improvements to strengthen security posture
  • Produces accurate documentation—including investigation notes, status updates, and final reports
  • Collaborates with global DFIR and other teams and stays current on threats, attacker techniques, and emerging forensic tools

Requirements

  • Proven experience in incident response and digital forensics, with capability in host‑based, image, and log analysis
  • Experience using SIEM, EDR, IDS/IPS, and other security tools to triage, investigate, and respond to incidents
  • Ability to perform network analysis using tools such as Wireshark, tcpdump, and other tools
  • Experience in cybersecurity operations, consulting, DFIR services, or related technical security roles
  • Bachelor’s degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant cybersecurity certifications such as SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Additional DFIR‑related certifications are considered a plus
  • Active UK Security Clearance is required
  • Background and hands‑on experience in OT environments
  • Experience investigating ICS/SCADA systems and industrial sectors such as manufacturing, energy, utilities, or critical infrastructure
  • Ability to collect and analyze OT forensic artifacts, interpret OT protocols and system behavior, and assess the impact of cyber incidents on physical processes
  • SANS OT/ICS certifications such as GICSP or GRID, IEC 62443 or equivalent required
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Incident Response Analyst

8 matching positions

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Incident Response Team Analyst (Law Enforcement-Physical Security), EMEA

This is a short-term employee (STE) position with an anticipated duration of [15...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a relevant field (e.g., Criminal Justice, Political Science, or related discipline) or equivalent experience (4 years)
  • Proven ability to make important decisions independently and prioritize competing urgent tasks based on impact, imminence, and stakeholder needs, respond quickly to changing situations in complex environments while maintaining accuracy and adherence to established protocols
  • Demonstrated ability to work independently and manage tasks with minimal supervision
  • 2+ years of experience in analyzing information to assess imminent risk and threats to life
  • Ability to adapt communication style to suit different stakeholders like cross-functional teams and law enforcement
  • Ability to work with potentially graphic and objectionable content
  • Experience with social media, analytical tools and online research
Job Responsibility
Job Responsibility
  • Bring operational depth to a team that evaluates threat, risk and user privacy in an environment centered around time-critical emergency escalations
  • Review and assess inbound emergency escalations
  • make immediate decisions based on a variety of complex factors that will include imminence, sensitive issues and graphic content and coordinate with a number of internal and external partners including law enforcement in an attempt to ensure user’s safety and mitigate real-world harm
  • Convey clear and concise responses to questions from law enforcement, government agencies, and internal teams regarding Incident Response policy and process
  • Work with cross-functional teams to drive improvements to policies and processes across teams
  • Available for weekend work on a rotational basis regularly
  • This role may involve exposure to potentially graphic and/or objectionable content including but not limited to graphic images, videos, audio and posts, offensive or derogatory language, and other potentially objectionable material, i.e. child exploitation, graphic violence, self-injury, and other content which may be considered offensive or disturbing
What we offer
What we offer
  • competitive base compensation and benefits
Read More
Arrow Right

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Sr Incident Response Analyst

We have a 3 month contract with opportunity to extend or convert for a seasoned ...
Location
Location
United States
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and Requires 4 – 6 years of related experience
  • 5+ years of Security Operations, Incident Response, and/or Digital Forensics Experience
  • Prior Incident Response Experience in a hybrid enterprise environment
  • Experienced with utilizing security tooling such as: Splunk, EDR, Tanium, etc
  • Strong understanding of cloud environments
  • SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent required
  • Must be located in CST or EST
Job Responsibility
Job Responsibility
  • Reviews current configurations of the production information systems and networks against compliance standards
  • Prepares the prevention and resolution of security breaches and ensure incident and response management processes are initiated
  • Implements and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls
  • Designs of automated scripts, contingency plans, and other programmed responses which are launched when an attack against the company’s systems has been detected
  • Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders
  • Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications
  • Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems
  • Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users
  • Performs other duties as assigned
  • Complies with all policies and standards
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Information Security Analyst

As an Information Security Analyst, you will play a key role in strengthening th...
Location
Location
United Kingdom , Cheltenham
Salary
Salary:
40000.00 - 45000.00 GBP / Year
polo.works Logo
PoloWorks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in the Security Sector (Essential)
  • Strong aptitude for staying up to date with Information Security standards and technologies
  • Self‑motivated with a flexible, proactive approach
  • Experience with data classification and cryptography
  • Knowledge of: Information Security processes
  • NIST CSF and technical controls
  • ISO 27001 framework
  • Data Protection
  • Security assessments
  • Risk management
Job Responsibility
Job Responsibility
  • Risk identification and assessment
  • Information Security policy maintenance and updates
  • Compliance monitoring
  • Incident response support and planning
  • Security awareness & training (monitoring and delivery)
  • Project and new business risk assessments
  • KRI/KPI monitoring and reporting
  • General security guidance across the Group
What we offer
What we offer
  • Great Place to Work certified
  • Listed among Best Workplaces in Financial Services & Insurance
  • Positive culture
  • Commitment to people
  • Inclusive culture
  • Support for ongoing development
  • Opportunities to grow expertise
  • Fulltime
Read More
Arrow Right

Managed Services Information Security Analyst

The Managed Services Information Security Analyst is a seasoned subject matter e...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Seasoned knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts
  • Seasoned knowledge on security architecture, worked across different security technologies
  • Seasoned knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised
  • Displays excellent customer service orientation and pro-active thinking
  • Displays problem solving abilities and is highly driven and self-organized
  • Excellent attention to detail
  • Excellent analytical and logical thinking
  • Excellent spoken and written communication abilities
  • Team player with the ability to work well with others and in group with colleagues and stakeholders
  • Ability to remain calm in pressurized situations
Job Responsibility
Job Responsibility
  • Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
  • Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
  • Monitors security tools to review and analyze security logs from client environments
  • Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
  • Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
  • Utilizes and documents best practices and amends existing documentation as required
  • Identifies opportunities to make automations which will help the clients and security delivery teams
  • Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
  • Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S's, and general security infrastructure
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required
Read More
Arrow Right