CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Software Development

Senior Information Security Incident Response Analyst

India, Hyderabad · Job Posted March 03, 2026
Apply Position
Job Link Share

Job Description

The Senior Information Security Incident Response Analyst leads complex incident investigations and digital forensic analysis for clients across diverse environments. This role focuses on determining root cause and impact, guiding clients through containment and remediation, and clearly communicating technical findings to both technical and executive stakeholders. The analyst serves as a senior escalation point, mentors and trains junior responders, and contributes to maturing team processes, workflows, and response capabilities. They collaborate with internal teams and external partners while maintaining strong, professional client engagement throughout each incident.

Job Responsibility

  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies

Requirements

  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
  • Capable of mentoring junior responders and supporting continuous improvement of DFIR capabilities

Nice to have

Additional DFIR‑related certifications are considered a plus

NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Information Security Incident Response Analyst

8 matching positions

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Incident Handler - Security Incident Response Team

As an Expert Security Analyst – Incident Coordinator, you will take a leadership...
Location
Location
Netherlands , Veldhoven
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field
  • 7+ years experience in advanced cybersecurity roles
  • Experience working with stakeholders in a complex organization
  • Proven record of influencing upper management towards security best practices
  • Expertise in Security Monitoring, Log Analysis, and Threat Hunting
  • Deep knowledge of Endpoint, Network, OT, Information and Cloud Security
  • Certifications – CISSP, GCIH, GCFA, CISM preferred
Job Responsibility
Job Responsibility
  • Security Monitoring – monitor security alerts for malicious activity or anomalies, ensuring swift response
  • Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs)
  • Threat Hunting – Proactively search for hidden threats and improve detection capabilities
  • Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns
  • Detection & Response Optimization – Develop advanced detection techniques and security automation strategies
  • Technology Leadership – Act as an SME for SecOps tools and threat domains
  • Mentorship & Training – Provide guidance and mentorship to analysts at all levels
  • Fulltime
Read More
Arrow Right

Dlp Senior Information Security Analyst

Wells Fargo is seeking a Senior Information Security Analyst to be a part of the...
Location
Location
United States , Charlotte; Chandler; Irving
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 09, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Demonstrated experience analyzing and responding to security incidents
  • 3+ years of Data Loss Prevention Operations experience including event triage and response, assessing and quantifying emerging risks, etc.
  • 3+ years working in an Agile-based environment leveraging Jira or other industry-standard tools
  • 3+ years of Security Operations Center/Cyber Threat Fusion Center experience
  • 3+ years working with Symantec DLP or other DLP solutions
  • 2+ years of Splunk or other SIEM tool experience
  • 1+ year of Security Orchestration Automation and Response (SOAR) experience
  • CISSP, CCSP or other applicable InfoSec certification
Job Responsibility
Job Responsibility
  • Perform triage, remediation and escalation of DLP incidents, compile ad hoc data and reporting to support information security risk management
  • Assist with quality assurance routines ensuring consistent, timely execution and documentation of DLP events and incidents
  • Provide internal customer support to enable the business
  • Update and maintain processes and procedures
  • Assist with inquiries from risk partners, Internal Audit and regulatory bodies on EDLP controls and procedures
  • Provide information security consultation to improve awareness and compliance with Enterprise Information Security policy, processes and standards
  • Perform remediation of security assessment review issues, complex ad hoc data, and reporting to support information security risk management
  • Provide guidance and direction in reviewing assessment findings and mitigating controls to optimize information security
  • Identify and direct information asset portfolio reconciliations and certifications
  • Provide advanced data aggregation and data of information security risk exposure
What we offer
What we offer
  • Ability to work early morning, evening and overnight hours Sunday through Thursday
  • Ability to work weekends and holidays as needed
  • This position is not eligible for Visa sponsorship
  • This position offers a hybrid work schedule
  • Fulltime
Read More
Arrow Right

Senior Incident Response Analyst

Wrike is seeking an experienced Senior Incident Response Analyst to help safegua...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
klaxoon.com Logo
Klaxoon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 5 years of experience in a Senior Incident Response Analyst/SOC/Cybersecurity or similar security-focused role in a software product company
  • Deep understanding of network fundamentals and a wide range of security threats
  • Exceptional analytical and problem-solving skills, with the ability to think critically under pressure
  • Outstanding communication skills, both written and verbal, with the ability to convey complex concepts to technical and non-technical audiences
  • Hands-on experience with leading security information event management (SIEM) and extended detection and response (XDR) platforms (e.g., Rapid7, Splunk, Wazuh, Microsoft Defender for Endpoint, Crowdstrike)
  • Strong experience in log analysis, event correlation, and incident response
Job Responsibility
Job Responsibility
  • Lead the monitoring, analysis, and triage of complex security alerts and events, providing expert guidance to junior team members
  • Assess risk and impact of potential incidents, recommending and overseeing appropriate remediation actions
  • Employ a broad range of advanced security tools and technologies to proactively detect and investigate sophisticated cyber threats
  • Collaborate with and mentor other teams, including incident responders, to ensure timely and accurate escalation and resolution of high-priority cases
  • Oversee documentation and reporting of security incidents, ensuring accuracy, clarity, and timely delivery to relevant stakeholders
  • Drive the ongoing development and enhancement of security monitoring and detection capabilities, introducing best practices and automation where appropriate
  • Stay ahead of the latest security trends, emerging vulnerabilities, and best practices, sharing knowledge and recommendations within the team and across the organization
  • Demonstrated experience functioning at an L3 level, serving as the final escalation point for resolving complex security incidents and issues
  • Mentorship of junior/mid senior analysts, ability to share knowledge
What we offer
What we offer
  • 18 calendar days of paid vacation (12 days of National & Festival holidays (10 fixed, 2 flexible))
  • Sick Leave Compensation (5 Paid Uncertified Sick Days)
  • Menstrual Leave: Twelve (12) days per calendar year. Women employees are eligible for up to 1 day of menstrual leave per month.
  • Parental Leave: 26 Weeks Maternity / 4 Week Paternity
  • 2 Volunteer Days
  • Group Medical Insurance (Employees + Dependents)
  • Term Life Insurance (Rs 50,00,000)
  • Personal Accident Insurance (Rs 50,00,000)
  • Monthly Broadband / Internet Reimbursement (INR 1500)
  • Hybrid Working Model + Complimentary Lunch & Snacks
  • Fulltime
Read More
Arrow Right

Incident Response Senior Analyst

We are seeking a highly skilled and detail-oriented Cybersecurity Incident Respo...
Location
Location
United States , Salt Lake City
Salary
Salary:
Not provided
alterdomus.com Logo
Alter Domus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, information security, or related professional experience
  • Minimum of 1 to 3 years of experience in incident response, Security operation, threat management
  • Strong knowledge of SIEM, and SOAR environment
  • Hands-on experience with IDS/IPS, and endpoint protection platforms
  • Working knowledge of Azure Defender and AWS security suite (GuardDuty, Security Hub)
  • Knowledge of network device configurations and standards (Firewalls, Switches, NSGs)
  • Knowledge of common operating systems MacOS, Linux and Windows OS
  • Familiarity with malware analysis, reverse engineering, and forensic tools
  • Strong cross functional communication skills and the ability to work closely with internal teams & lead cyber incident remediation efforts
  • Familiarity with common security frameworks and standards, such as NIST
Job Responsibility
Job Responsibility
  • Respond to security incidents
  • Lead and manage alerts, investigate, contain, and eradicate the cyber threats
  • Conduct forensic investigations to identify the root cause of security breaches and recommend preventive measures
  • Participate in post-incident reviews to identify lessons learned
  • Coordinate with internal teams and external partners during incident containment, eradication, and recovery efforts
  • Monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other tools for suspicious activity
  • Investigate and assess potential threats, vulnerabilities, and attack vectors
  • Create detailed incident reports, document findings, remediation steps, and lessons learned
  • Maintain and update incident response playbooks and processes
  • Participate in Tabletop exercise and incident response trainings for other stakeholders
What we offer
What we offer
  • Support for professional accreditations
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Plus additional local benefits depending on your location
Read More
Arrow Right

Senior Associate Information Security Analyst

As a Security Managed Services Engineer (L2) at NTT DATA, your role will be to e...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with managed services handling security infrastructure and working knowledge of ticketing tools, preferably ServiceNow
  • Proficiency in active listening, with techniques like paraphrasing and probing for further information
  • Excellent planning skills, able to anticipate and adjust to changing circumstances
  • Strong ability to communicate and engage across different cultures and social groups
  • Adaptability to changing conditions and flexibility in approach
  • Client-focused mindset, always putting their needs and positive experience first
  • A positive outlook and the ability to work well under pressure
  • Willingness to put in longer hours when necessary
  • Bachelor's degree or equivalent qualification in IT/Computing, or relevant work experience
Job Responsibility
Job Responsibility
  • Monitor, identify, investigate, and resolve technical incidents and problems
  • Handle client requests or tickets with technical expertise
  • Manage work queues, perform operational tasks, and update tickets with resolution actions
  • Log incidents promptly and provide second-level support
  • Execute changes responsibly, flagging risks and mitigation plans
  • Work closely with automation teams to optimize efforts and automate routine tasks
  • Audit incident and request tickets for quality
  • Contribute to trend analysis reports to identify automation opportunities
  • Assist L1 Security Engineers with triage and troubleshooting
  • Support project work when required
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right