Information Security Incident Response Analyst
NTT Data
Information Security Incident Response Analyst
Make an impact with NTT DATA. Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.
Job Description Summary
The Information Security Incident Response Analyst supports clients during security incidents by performing technical investigations, analyzing digital forensic evidence, and assisting with containment and remediation activities. This role focuses on identifying indicators of compromise, reconstructing attacker activity, and communicating clear, actionable findings.
The analyst works as part of a global DFIR team, handling a variety of incident types across diverse environments. They contribute to process improvements, maintain strong client communication, and continue building advanced DFIR skills through hands-on investigations and internal project work.
Key Responsibilities
- Investigates security incidents by performing host, disk, memory, network, and cloud forensic analysis under established processes and guidance.
- Analyzes artifacts across Windows, Linux, and macOS systems, helping reconstruct timelines and determine root cause.
- Supports clients through containment and recovery efforts by providing technical recommendations and clear communication.
- Participates in the team's on-call rotation for urgent incident response needs.
- Completes internal and client tasks such as tabletop exercises, IR readiness assessments, basic forensic reviews, and environment hardening support.
- Identifies observable gaps and risks within client environments and recommends improvements to strengthen security posture.
- Produces accurate documentation—including investigation notes, status updates, and final reports.
- Collaborates with global DFIR and other teams and stays current on threats, attacker techniques, and emerging forensic tools.
Knowledge and Attributes
- Solid understanding of digital forensics fundamentals, including host-based analysis across major operating systems.
- Working knowledge of network forensics, cloud log analysis (e.g., Azure, AWS, GCP), and common forensic tools.
- Ability to clearly communicate technical findings to both technical and non-technical audiences.
- Strong analytical and problem-solving skills, especially during time-sensitive investigations.
- Motivated to continuously learn deeper DFIR techniques and methodologies.
Required Experience
- Proven experience in incident response and digital forensics, with capability in host-based, image, and log analysis.
- Experience using SIEM, EDR, IDS/IPS, and other security tools to triage, investigate, and respond to incidents.
- Ability to perform network analysis using tools such as Wireshark, tcpdump, and other tools.
- Experience in cybersecurity operations, consulting, DFIR services, or related technical security roles.
Academic Qualifications, Certifications
- Bachelor's degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred).
- Relevant cybersecurity certifications such as:
- SANS GIAC Security Essentials (GSEC) or equivalent preferred.
- SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
- SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
- Additional DFIR-related certifications are considered a plus.
Additional UK-Specific Role Requirements
- Active UK Security Clearance is required to deliver services within sensitive or regulated client environments.
Operational Technology (OT) Incident Response & Digital Forensics
- Background and hands-on experience in OT environments.
- Experience investigating ICS/SCADA systems and industrial sectors such as manufacturing, energy, utilities, or critical infrastructure.
- Ability to collect and analyze OT forensic artifacts, interpret OT protocols and system behavior, and assess the impact of cyber incidents on physical processes.
Certifications
- SANS OT/ICS certifications such as GICSP or GRID, IEC 62443 or equivalent required.
Workplace type: Remote Working
About NTT DATA. NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
Equal Opportunity Employer. NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters. NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.
- ## Job Description# Incident Response Analyst - FULLY REMOTE* Review current configurations of production information systems and networks against compliance standards.* Prepare for the prevention and resolution of security breaches and ensure incident response processes...SuggestedRemote work
- As a SOC Analyst (m/f/d), you will strengthen our clients’ information security through your expertise and passion for IT security... ...analyzing security-critical incidents but also helping to further develop... .... With a sense of personal responsibility and team spirit, you will be...SuggestedWork from homeFlexible hours
- FLVS is seeking an Information Security Analyst for the Scholars Operations Center, based in Florida. This role provides essential... ...dynamic challenges in a fast-paced environment. With responsibilities including incident response and security monitoring, the ideal...SuggestedRemote job
$75k - $100k
...located in California is seeking an investigator to join their Information Security team. This role focuses on analyzing security telemetry... ...experience, along with at least 2 years in a SOC or Incident Response role. The position offers a salary range of $75,000 to $1...Suggested- ...professional to manage and enhance the security of data and systems. This role... ...overseeing threat monitoring, coordinating responses to incidents, and collaborating with various teams... ..., and a strong background in information security. Exceptional leadership and...Suggested
$70k - $95k
The Rawlings Group is seeking a candidate for an Information Security role focused on incident response and vulnerability management. This position requires a foundational understanding of security concepts and offers opportunities for growth in a collaborative team. Eligible...Remote job- CoServ is seeking an Information Security Analyst III to enhance security operations. This senior role involves... ...information security and a relevant degree. Responsibilities include developing security procedures, performing incident response, and ensuring compliance with...
$120k - $145k
Cape Fox Corporation is looking for an experienced Information Security Analyst (SME) to join their team in Washington, DC. The ideal candidate... ...over 4 years of experience in security analysis and incident response. Responsibilities include maintaining threat awareness,...- ...Incident Response Analyst Salisbury, NC (Remote) 90% Remote: must be within driving distance of... ...incident response experience ~ MS Security Tools Suite Experience (Defender) ~... ...for managing threats, disseminating information, and handling, responding to, and investigating...Contract workWork experience placementRemote work
- ...Incident Response Analyst (AI Training) We're looking for experienced incident response professionals to help train and evaluate cutting-edge AI systems designed for security operations. Your real-world expertise will directly shape how AI interprets security events...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours
$30 - $60 per hour
...Incident Response Analyst $30-60/hr Remote Freelance CODING About the Role We're partnering with leading AI research labs to build the next generation of AI-powered security tools — and we need experienced incident responders to help make them real. As an Incident...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours- ...Incident Response Analyst We're looking for experienced incident response and security operations professionals to help train and evaluate AI systems built for modern digital investigations. Your real-world expertise will directly shape how AI understands, analyzes,...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours
- ...Trace3 is seeking a SOC Analyst to monitor, detect, analyze, and respond to cybersecurity incidents in Fargo, North Dakota. The ideal candidate will... ...2 years of experience in a SOC or IT security operations role. Responsibilities include monitoring security alerts, documenting...
- ...DeKalb Health is seeking a dedicated SOC Analyst to oversee security operations in Henderson, Nevada. This role includes monitoring alarm systems and coordinating incident responses while ensuring compliance with security procedures. The ideal candidate will possess a...
- ...solutions provider is seeking a Remote SOC Analyst to join their team in Atlanta, Georgia.... ...cybersecurity operations and hold relevant security certifications. Responsibilities include investigating alerts, conducting incident response, and correlating data to identify...Remote work
- ...DeKalb Health is looking for an SOC Analyst in Sterling, VA. This role focuses on centralizing physical security operations, including monitoring alarms and incident response. The ideal candidate will have a high school diploma and experience in security environments....
- ...breaches, and we’ve redefined modern security with the world’s most advanced AI‑native... ...for a highly motivated, self‑driven Incident Response Analyst to support the Incident Response... ...State labor laws. For more employer information regarding DoD SkillBridge/CSP, please...Full timeTemporary workInternshipLocal areaRemote work
- # Incident Response AnalystApply**Job#: 3039295****Job Description:**Incident Response Analyst**Location:** Eagan, Minnesota (Hybrid)Role OverviewThis position is for an Associate... ...origin, ancestry, citizenship, genetic information, registered domestic partner status,...Hourly payContract workMonday to FridayShift workWeekend work2 days per week
- ...Ernst & Young Oman in Saint Paul, Minnesota, is seeking a Cyber Triage and Forensics Incident Analyst. The successful candidate will focus on security incident response, digital forensic analysis, and malware analysis. They will work as an escalation point for security...
$30 - $48 per hour
...Overview Job Title: ITSM Incident Response Analyst Location: Remote Type: Independent Contract - Corp to Corp/1099 Start... ...Bachelor's degree or technical training in Computer Science, Information Systems Management preferred ITIL and Service Now certifications...Contract workFor contractorsWork experience placementLocal areaImmediate startRemote work- ...Cayuse Holdings is seeking an ITSM Incident Response Analyst for a remote independent contract role. The position involves supporting incidents and managing communication with technical teams to ensure service restoration. The ideal candidate has 3-5 years of experience...Contract workRemote work
$87.7k - $164k
...Oman is seeking a Cyber Triage and Forensics Incident Analyst in Salem, Oregon. The role involves responding to security incidents, conducting forensic analysis, and collaborating... ...field and 5+ years of experience in incident response and digital forensics. This position offers a...$87.7k - $164k
...is seeking a Cyber Triage and Forensics (CTF) Incident Analyst in Honolulu, Hawaii. The role involves responding to security incidents, conducting digital forensic... ...and at least 5 years of experience in incident response. A competitive salary range of $87,700 to $16...- ...Senior Incident Responder Lead cradle-to-grave incident response actions for declared incidents impacting... ...root cause, identify security gaps, and provide... ...GIAC Certified Forensic Analyst – GCFA GIAC Certified... ...Examiner- GCFE Certified Information Systems Security...
$87.7k - $164k
...Ernst & Young Oman is seeking a skilled Cyber Triage and Forensics Analyst to manage security incident responses. This role requires strong problem-solving skills and proficiency in digital forensics and incident management. You will investigate incidents, analyze systems...- ...We are seeking a highly skilled Senior Incident Response Analyst to lead advanced threat detection, investigation, and remediation efforts within our Security Operations program. This role is responsible for handling complex security incidents, guiding junior analysts,...
- ...Description Sentar is hiring a Tier 3 Incident Response Senior Analyst who will be responsible for incident... ...cyberspace operations and Cyber Security Service Provider (CSSP) functions. Additionally... ...to disrupt, exploit and attack the information technology (IT) services provided to...Contract workTemporary workWork experience placementRemote workFlexible hoursWeekend work
$30 - $39 per hour
...Cayuse Holdings is seeking an ITSM Incident Response Analyst to support and respond to incidents remotely. The role involves overseeing incident documentation, restoring failed IT applications, and managing critical events alongside technical support teams. With a contract...Contract workImmediate startRemote work$87.7k - $164k
...looking for a Cyber Triage and Forensics Incident Analyst to join its team in Carson City,... ...This senior role involves responding to security incidents, performing digital forensic... ...hunt for threats. The candidate will be responsible for investigating incidents,...Flexible hours- ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst to be a key member of the security incident response team. The role involves handling security incidents, performing forensic analysis, and coordinating remediation efforts. Ideal candidates should...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Security Incident Response Analyst. Be the first to apply!
- data protection analyst United States
- business information analyst United States
- data analyst - r python sql United States
- logistics data analyst United States
- data analyst bank United States
- certified health data analyst United States
- data analyst United States
- credit data analyst United States
- data center analyst United States
- oracle data analyst United States

