Cybersecurity Incident Responder
NTT Data
Cybersecurity Incident Responder
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a Cybersecurity Incident Responder to join our team in Fort Bragg, North Carolina (US-NC), United States (US).
The Cyber Incident Responder is responsible for detecting, analyzing, containing, eradicating, and recovering from cybersecurity incidents across enterprise, endpoint, network, and cloud environments. This role supports daily cyber defense operations by responding to malicious activity, suspicious events, policy violations, malware infections, spillages, and other reportable cyber incidents. The ideal candidate understands core incident response principles, follows established procedures, and coordinates effectively with system administrators, network teams, security leadership, and mission stakeholders throughout cyber events.
Key responsibilities include conducting investigations and responding to cybersecurity alerts and confirmed incidents across enterprise networks and cloud platforms such as AWS, Microsoft Azure, and Google Cloud. The responder executes containment actions on compromised systems or accounts, supports eradication and recovery efforts, and documents all response activities through incident closure. The role also involves analyzing malware infections and responding to indicators of ransomware, trojans, spyware, and unauthorized software, coordinating host containment and remediation actions such as antivirus or EDR scanning, reimaging, and evidence preservation when necessary.
Additionally, the position requires knowledge of DoD and federal incident categories, including handling or assisting with CAT 1, 2, 4, 7, and CAT 5 spillage events, and understanding appropriate escalation procedures and reporting timelines. The responder also manages spillage and data-loss events by containing and sanitizing affected systems, coordinating reporting and remediation, and supporting insider-threat or data-exfiltration investigations as required.
The role conducts continuous monitoring by reviewing SIEM alerts, logs, endpoint notifications, and user reports, utilizing tools such as Trellix ESS, Splunk ES, Splunk SOAR, MAR/HX, NSM, Varonis, IDS, Stealthwatch, Cylance, and ForeScout to correlate data and determine incident scope and impact. Strong documentation and reporting skills are essential, including creating accurate incident tickets, detailed timelines, after-action reports, maintaining evidence and chain-of-custody records, and briefing leadership or management as needed.
Basic Qualifications:
- Minimum 7 years' of professional experience
- Minimum 4 years' of experience in cybersecurity, help desk, system administration, SOC, or IR.
- Minimum 1 year of experience in Incident Response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned)
- Minimum 1 year of experience in Email phishing investigations
- Minimum 1 year of experience with one or more:
- Splunk and Elastic for Cloud
- Endpoint Detection & Response (EDR) tools
- Antivirus platforms
- Vulnerability scanners (ACAS)
- ServiceNow, Remedy or similar ticketing systems
- DoD 8570/8140 certification: CompTIA Security+ CE
- Top Secret Security Clearance, SCI eligible.
Preferred Qualifications:
- Malware basics
- Networking fundamentals (IP, DNS, ports, protocols)
- Experience supporting enterprise IT environment
- Certification in one of: CySA+, CASP+, GIAC (GCIH, GCFA, etc.)
$90k - $125k
...contract award and funding. Entarian is looking for a Senior Cybersecurity Incident Response Administrator (Information Assurance Engineer -... ...security standards and best practices Ability to review and respond to Army Cyber Tasking Orders (CTOs) Experience coordinating...SuggestedFull timeContract work$69.4k - $158k
...Job Number: R0243048 Cybersecurity Operations Center Analyst The Opportunity: Are you... ...the team to comprehend, mitigate, and respond to threats quickly, restoring operations... ...on experience in threat assessment and incident response. Join us as we protect clients...SuggestedFull timeContract workPart timeWork at officeLocal areaRemote work- ...Level: 4 Year Degree. Overview of Position FEDITC is seeking a Cybersecurity Systems Analyst, Intermediate, to work at Fort Bragg (... ...Chairman of the Joint Chiefs of Staff Manual (CJCSM) 65101.01, Incident Response and other IA policies). Education BA/BS Degree. Certifications...SuggestedFull timeFor contractorsInterim roleLocal area
$69.4k - $158k
...Cybersecurity Operations Center Analyst As a Cybersecurity Operations Center Analyst on our... ...the team to comprehend, mitigate, and respond to threats quickly, restoring operations... ...on experience in threat assessment and incident response. Responsibilities • Improve tier...SuggestedFull timePart timeCasual workWork at officeLocal areaRemote work- ...are associated with validation, approval, and sustainment of cybersecurity accreditation packages. Performs and analyze a range of Information... ...assessments, inspections, red/blue team activities, and incident response planning. Must meet position and certification...SuggestedFull timeContract workPart timeFor contractorsWork at office
- ...procedures, and best practices for vulnerability management. Participate in incident response efforts when vulnerabilities contribute to active threats. Requirements 7+ years of experience in cybersecurity, vulnerability management, or related fields. Hands-on experience with...Interim role
- ...updates, and security hardening procedures. Enforce DoD and Army cybersecurity policies. Ensure proper implementation of security controls,... ...in resolving user-reported network issues and escalating incidents when necessary. Develop and maintain network policies, procedures...Full timeLocal area
$99k - $225k
...Analyst, you're in the middle of the action, responding to and mitigating threats in real time.... ...limiting the impact. You'll analyze incidents to figure out just how many systems are... ...is a great opportunity to hone your cybersecurity skills with hands-on experience in threat...Full timeContract workPart timeWork at officeLocal areaRemote workShift work- ...teams, government stakeholders, and OEM partners to resolve incidents and improve service performance. Perform root-cause analysis... .... Coordinate activities with engineering teams, cybersecurity personnel, logistics support teams, and program management staff...Contract workRemote workWorldwideShift work
$160k - $165k
...pipelines, implementing Infrastructure-as-Code (IaC) solutions, integrating new software and hardware technologies, and enhancing cybersecurity posture across on-premises environments. The position will support system modernization efforts through automated testing,...Currently hiring$102.17k
...Security Analyst, where you will operate at the intersection of cybersecurity and DevSecOps to protect critical software systems that... ...to detect emerging threats. Lead response efforts for complex incidents (e.g., APTs, data breaches), including forensic analysis and...H1b- ...events Leverage AI and automation to enhance monitoring, incident detection, and response capabilities to optimize resource allocation... ...efficiency Deliver endpoint Security Administration and Cybersecurity Solutions engineering Services Provide oversight in...Full timeWork at officeLocal areaRemote work
$99k - $225k
...collaborate closely with subject matter experts, mission owners, cybersecurity teams, and platform engineers to translate strategic... ...Your work strengthens the DoW's ability to defend, detect, and respond across the full spectrum of operations while advancing longterm...Full timeContract workPart timeWork at officeLocal areaRemote work- ...directivesTEMPEST / physical security requirements where applicable Conduct self-inspections and prepare for command inspections. Incident Reporting Investigates and reports COMSEC incidents, security violations, compromises, or suspected compromises. Coordinates corrective...Local areaRemote work
- ...regulations, and post orders. The guard must maintain a high level of professionalism, situational awareness, and readiness to respond to security incidents or emergencies. Participate in Guard Mount while wearing the assigned uniform and carrying the issued weapon;...For contractorsFlexible hoursShift work
- ...after‑hours support activities as required. Requirements Bachelor's Degree (BA/BS) in Information Technology, Computer Science, Cybersecurity, Network Engineering, Electronics, Communications, or related field. Additional years of directly related experience may be substituted...Remote work
- ...ISR Enterprise Architecture and Design, Cybersecurity, IT Services, and ServiceNow Solutions.... ...personal to potential security incidents Research cyber security related emerging... ...trends, and make informed decisions May respond to computer security breaches and...Work experience placementLocal areaRemote work
$100k - $140k
...years' experience in automation and scripting with Python, Pearl, TCL, or Ansible Three or more years' experience supporting Cybersecurity patch management and Security Technical Implementation Guides (STIG), SRG, RMF, SCA-V, and Cyber Operational Readiness Assessments...Contract work$53.1k - $106.3k
...Cybersecurity Engineer CACI's Enterprise Network Services (ENS) Division supports the Department of Defense (DoD) in modernizing mission-critical communications and enterprise network infrastructures. Our team of network and cybersecurity professionals designs, implements...Contract workWork experience placementFor subcontractorImmediate startFlexible hours$77.5k - $176k
..., manipulate, and analyze data from enterprise databases. Ensure compliance with client data governance, classification, and cybersecurity standards. Provide analytical support for strategic initiatives, operational planning, and mission readiness assessments....Full timeContract workPart timeWork at officeLocal areaRemote work$17.25 per hour
...assessing and maintaining safe and secure standards throughout the store, including exterior property. ~ Respond to and accurately document security incidents in a timely manner. ~ Appropriately respond to guest issues to provide a safe and secure environment for...Hourly payLocal areaFlexible hoursShift workNight shiftDay shift- ...reporting, including maintaining records, logs, and documentation related to access control, security procedures, inspections, and incident reporting. Serve as the primary customer-facing security representative, clearly communicating security requirements, providing...Full timeContract workFor contractorsWork at officeLocal areaRelocation package
- ...security in cyber as a Senior Principal Cybersecurity Automation Engineer at GDIT. Here,... ...for various security functions including incident handling, incident response, intrusion... ...threat intelligence groups, and incident responders. Codify workflows into automated playbooks...Flexible hours
- ...communications networks. Modifies group membership, user profiles, utilizes SCCM and Active Directory to troubleshoot, resolve and track incidents using a ticketing system. Works with the CRM and SharePoint Developers to assist in resolving content management and permission...Temporary workWork at officeRemote workFlexible hours
- ...thrives on intellectual curiosity, cognitive diversity, nonconventional aptitude, and bringing your whole self to work. As a leading cybersecurity SDVOSB 8(a) company, we provide innovative systems, products and solutions to our customers worldwide. We are comprised of...Work at officeLocal areaRemote workWorldwideShift workDay shift
- ...on intellectual curiosity, cognitive diversity, nonconventional aptitude, and bringing your whole self to work. As a leading cybersecurity SDVOSB 8(a) company, we provide innovative systems, products and solutions to our customers worldwide. We are comprised of veteran...Temporary workWork at officeRemote workWorldwideShift workDay shift
- ...documentation for systems, processes, and procedures Assist with IT projects, upgrades, and system implementations Ensure compliance with cybersecurity best practices Qualifications Associate or Bachelor’s degree in IT, Computer Science, or related field 2+ years of IT support or...Full time
- ...Identification System (RAPIDS) sites. Specific duties may include, but are not limited to: Perform more complex tasks and respond to routine questions regarding policy and procedures, provide guidance to VO/ID Card Operators, and provide reports on time or...Full timeFor contractorsWork at office
- ...deter criminal activity - Patrol assigned areas and monitor access control points - Write clear and accurate incident and daily activity reports - Respond to alarms, emergencies, and disturbances - Enforce site-specific rules and regulations - Adapt quickly to...Hourly payFlexible hoursShift workNight shift
$35.88k
...groups to ensure that they understand the message. Listens and responds appropriately to messages from others. Communicates regarding... ...in order to make quick, sound decisions; recognizes critical incidents; initiates action based upon acquired information and knowledge...Full timePart timeFor contractorsShift workNight shiftRotating shiftWeekend work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cybersecurity Incident Responder. Be the first to apply!


