Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Information Security Incident Response Analyst

NTT Data

Information Security Incident Response Analyst

Make an impact with NTT DATA. Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Job Description Summary

The Information Security Incident Response Analyst supports clients during security incidents by performing technical investigations, analyzing digital forensic evidence, and assisting with containment and remediation activities. This role focuses on identifying indicators of compromise, reconstructing attacker activity, and communicating clear, actionable findings.

The analyst works as part of a global DFIR team, handling a variety of incident types across diverse environments. They contribute to process improvements, maintain strong client communication, and continue building advanced DFIR skills through hands-on investigations and internal project work.

Key Responsibilities
  • Investigates security incidents by performing host, disk, memory, network, and cloud forensic analysis under established processes and guidance.
  • Analyzes artifacts across Windows, Linux, and macOS systems, helping reconstruct timelines and determine root cause.
  • Supports clients through containment and recovery efforts by providing technical recommendations and clear communication.
  • Participates in the team's on-call rotation for urgent incident response needs.
  • Completes internal and client tasks such as tabletop exercises, IR readiness assessments, basic forensic reviews, and environment hardening support.
  • Identifies observable gaps and risks within client environments and recommends improvements to strengthen security posture.
  • Produces accurate documentation—including investigation notes, status updates, and final reports.
  • Collaborates with global DFIR and other teams and stays current on threats, attacker techniques, and emerging forensic tools.
Knowledge and Attributes
  • Solid understanding of digital forensics fundamentals, including host-based analysis across major operating systems.
  • Working knowledge of network forensics, cloud log analysis (e.g., Azure, AWS, GCP), and common forensic tools.
  • Ability to clearly communicate technical findings to both technical and non-technical audiences.
  • Strong analytical and problem-solving skills, especially during time-sensitive investigations.
  • Motivated to continuously learn deeper DFIR techniques and methodologies.
Required Experience
  • Proven experience in incident response and digital forensics, with capability in host-based, image, and log analysis.
  • Experience using SIEM, EDR, IDS/IPS, and other security tools to triage, investigate, and respond to incidents.
  • Ability to perform network analysis using tools such as Wireshark, tcpdump, and other tools.
  • Experience in cybersecurity operations, consulting, DFIR services, or related technical security roles.
Academic Qualifications, Certifications
  • Bachelor's degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred).
  • Relevant cybersecurity certifications such as:
    • SANS GIAC Security Essentials (GSEC) or equivalent preferred.
    • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
    • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
  • Additional DFIR-related certifications are considered a plus.
Additional UK-Specific Role Requirements
  • Active UK Security Clearance is required to deliver services within sensitive or regulated client environments.
Operational Technology (OT) Incident Response & Digital Forensics
  • Background and hands-on experience in OT environments.
  • Experience investigating ICS/SCADA systems and industrial sectors such as manufacturing, energy, utilities, or critical infrastructure.
  • Ability to collect and analyze OT forensic artifacts, interpret OT protocols and system behavior, and assess the impact of cyber incidents on physical processes.
Certifications
  • SANS OT/ICS certifications such as GICSP or GRID, IEC 62443 or equivalent required.

Workplace type: Remote Working

About NTT DATA. NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.

Equal Opportunity Employer. NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Third parties fraudulently posing as NTT DATA recruiters. NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.

Vacancy posted 6 days ago
Similar jobs that could be interesting for youBased on the Information Security Incident Response Analyst in United States vacancy
  • ## Job Description# Incident Response Analyst - FULLY REMOTE* Review current configurations of production information systems and networks against compliance standards.* Prepare for the prevention and resolution of security breaches and ensure incident response processes... 
    Suggested
    Remote work

    Apex Systems

    United States
    5 days ago
  • As a SOC Analyst (m/f/d), you will strengthen our clients’ information security through your expertise and passion for IT security...  ...analyzing security-critical incidents but also helping to further develop...  .... With a sense of personal responsibility and team spirit, you will be... 
    Suggested
    Work from home
    Flexible hours

    Possehl Secure

    New Bremen, OH
    3 days ago
  • FLVS is seeking an Information Security Analyst for the Scholars Operations Center, based in Florida. This role provides essential...  ...dynamic challenges in a fast-paced environment. With responsibilities including incident response and security monitoring, the ideal... 
    Suggested
    Remote job

    FLVS

    Florida, NY
    5 days ago
  • $75k - $100k

     ...located in California is seeking an investigator to join their Information Security team. This role focuses on analyzing security telemetry...  ...experience, along with at least 2 years in a SOC or Incident Response role. The position offers a salary range of $75,000 to $1... 
    Suggested

    (ISC)2 East Bay Chapter

    San Francisco, CA
    1 day ago
  •  ...professional to manage and enhance the security of data and systems. This role...  ...overseeing threat monitoring, coordinating responses to incidents, and collaborating with various teams...  ..., and a strong background in information security. Exceptional leadership and... 
    Suggested

    Kaiser Permanente

    Renton, WA
    1 day ago
  • $70k - $95k

    The Rawlings Group is seeking a candidate for an Information Security role focused on incident response and vulnerability management. This position requires a foundational understanding of security concepts and offers opportunities for growth in a collaborative team. Eligible... 
    Remote job

    The Rawlings Group

    La Grange, KY
    2 days ago
  • CoServ is seeking an Information Security Analyst III to enhance security operations. This senior role involves...  ...information security and a relevant degree. Responsibilities include developing security procedures, performing incident response, and ensuring compliance with... 

    Coserv

    Denton, TX
    3 days ago
  • $120k - $145k

    Cape Fox Corporation is looking for an experienced Information Security Analyst (SME) to join their team in Washington, DC. The ideal candidate...  ...over 4 years of experience in security analysis and incident response. Responsibilities include maintaining threat awareness,... 

    Cape Fox Corporation

    Washington DC
    1 day ago
  •  ...Incident Response Analyst Salisbury, NC (Remote) 90% Remote: must be within driving distance of...  ...incident response experience ~ MS Security Tools Suite Experience (Defender) ~...  ...for managing threats, disseminating information, and handling, responding to, and investigating... 
    Contract work
    Work experience placement
    Remote work

    My3Tech Inc

    United States
    1 day ago
  •  ...Incident Response Analyst (AI Training) We're looking for experienced incident response professionals to help train and evaluate cutting-edge AI systems designed for security operations. Your real-world expertise will directly shape how AI interprets security events... 
    Hourly pay
    Ongoing contract
    Contract work
    Freelance
    Remote work
    Flexible hours

    Alignerr

    United States
    1 day ago
  • $30 - $60 per hour

     ...Incident Response Analyst $30-60/hr Remote Freelance CODING About the Role We're partnering with leading AI research labs to build the next generation of AI-powered security tools — and we need experienced incident responders to help make them real. As an Incident... 
    Hourly pay
    Ongoing contract
    Contract work
    Freelance
    Remote work
    Flexible hours

    Alignerr

    United States
    5 days ago
  •  ...Incident Response Analyst We're looking for experienced incident response and security operations professionals to help train and evaluate AI systems built for modern digital investigations. Your real-world expertise will directly shape how AI understands, analyzes,... 
    Hourly pay
    Ongoing contract
    Contract work
    Freelance
    Remote work
    Flexible hours

    Alignerr

    United States
    3 days ago
  •  ...Trace3 is seeking a SOC Analyst to monitor, detect, analyze, and respond to cybersecurity incidents in Fargo, North Dakota. The ideal candidate will...  ...2 years of experience in a SOC or IT security operations role. Responsibilities include monitoring security alerts, documenting... 

    Trace3

    Fargo, ND
    3 days ago
  •  ...DeKalb Health is seeking a dedicated SOC Analyst to oversee security operations in Henderson, Nevada. This role includes monitoring alarm systems and coordinating incident responses while ensuring compliance with security procedures. The ideal candidate will possess a... 

    DeKalb Health

    Henderson, NV
    5 days ago
  •  ...solutions provider is seeking a Remote SOC Analyst to join their team in Atlanta, Georgia....  ...cybersecurity operations and hold relevant security certifications. Responsibilities include investigating alerts, conducting incident response, and correlating data to identify... 
    Remote work

    Global Channel Management

    Atlanta, GA
    1 day ago
  •  ...DeKalb Health is looking for an SOC Analyst in Sterling, VA. This role focuses on centralizing physical security operations, including monitoring alarms and incident response. The ideal candidate will have a high school diploma and experience in security environments.... 

    DeKalb Health

    Sterling, VA
    18 hours ago
  •  ...breaches, and we’ve redefined modern security with the world’s most advanced AI‑native...  ...for a highly motivated, self‑driven Incident Response Analyst to support the Incident Response...  ...State labor laws. For more employer information regarding DoD SkillBridge/CSP, please... 
    Full time
    Temporary work
    Internship
    Local area
    Remote work

    CrowdStrike

    New York, NY
    2 days ago
  • # Incident Response AnalystApply**Job#: 3039295****Job Description:**Incident Response Analyst**Location:** Eagan, Minnesota (Hybrid)Role OverviewThis position is for an Associate...  ...origin, ancestry, citizenship, genetic information, registered domestic partner status,... 
    Hourly pay
    Contract work
    Monday to Friday
    Shift work
    Weekend work
    2 days per week

    Apex Systems

    Eagan, MN
    5 days ago
  •  ...Ernst & Young Oman in Saint Paul, Minnesota, is seeking a Cyber Triage and Forensics Incident Analyst. The successful candidate will focus on security incident response, digital forensic analysis, and malware analysis. They will work as an escalation point for security... 

    Ernst & Young Oman

    Saint Paul, MN
    4 days ago
  • $30 - $48 per hour

     ...Overview Job Title: ITSM Incident Response Analyst Location: Remote Type: Independent Contract - Corp to Corp/1099 Start...  ...Bachelor's degree or technical training in Computer Science, Information Systems Management preferred ITIL and Service Now certifications... 
    Contract work
    For contractors
    Work experience placement
    Local area
    Immediate start
    Remote work

    Cayuse Holdings

    Albany, NY
    7 days ago
  •  ...Cayuse Holdings is seeking an ITSM Incident Response Analyst for a remote independent contract role. The position involves supporting incidents and managing communication with technical teams to ensure service restoration. The ideal candidate has 3-5 years of experience... 
    Contract work
    Remote work

    Cayuse Holdings

    Bismarck, ND
    3 days ago
  • $87.7k - $164k

     ...Oman is seeking a Cyber Triage and Forensics Incident Analyst in Salem, Oregon. The role involves responding to security incidents, conducting forensic analysis, and collaborating...  ...field and 5+ years of experience in incident response and digital forensics. This position offers a... 

    Ernst & Young Oman

    Salem, OR
    3 days ago
  • $87.7k - $164k

     ...is seeking a Cyber Triage and Forensics (CTF) Incident Analyst in Honolulu, Hawaii. The role involves responding to security incidents, conducting digital forensic...  ...and at least 5 years of experience in incident response. A competitive salary range of $87,700 to $16... 

    Ernst & Young Oman

    Honolulu, HI
    3 days ago
  •  ...Senior Incident Responder Lead cradle-to-grave incident response actions for declared incidents impacting...  ...root cause, identify security gaps, and provide...  ...GIAC Certified Forensic Analyst – GCFA GIAC Certified...  ...Examiner- GCFE Certified Information Systems Security... 

    Smurfit Westrock plc

    New York, NY
    4 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a skilled Cyber Triage and Forensics Analyst to manage security incident responses. This role requires strong problem-solving skills and proficiency in digital forensics and incident management. You will investigate incidents, analyze systems... 

    Ernst & Young Oman

    San Francisco, CA
    3 days ago
  •  ...We are seeking a highly skilled Senior Incident Response Analyst to lead advanced threat detection, investigation, and remediation efforts within our Security Operations program. This role is responsible for handling complex security incidents, guiding junior analysts,... 

    Dun & Bradstreet

    Center Valley, PA
    5 days ago
  •  ...Description Sentar is hiring a Tier 3 Incident Response Senior Analyst who will be responsible for incident...  ...cyberspace operations and Cyber Security Service Provider (CSSP) functions. Additionally...  ...to disrupt, exploit and attack the information technology (IT) services provided to... 
    Contract work
    Temporary work
    Work experience placement
    Remote work
    Flexible hours
    Weekend work

    Sentar

    Quantico, VA
    3 days ago
  • $30 - $39 per hour

     ...Cayuse Holdings is seeking an ITSM Incident Response Analyst to support and respond to incidents remotely. The role involves overseeing incident documentation, restoring failed IT applications, and managing critical events alongside technical support teams. With a contract... 
    Contract work
    Immediate start
    Remote work

    Cayuse Holdings

    Richmond, VA
    3 days ago
  • $87.7k - $164k

     ...looking for a Cyber Triage and Forensics Incident Analyst to join its team in Carson City,...  ...This senior role involves responding to security incidents, performing digital forensic...  ...hunt for threats. The candidate will be responsible for investigating incidents,... 
    Flexible hours

    Ernst & Young Oman

    Carson City, NV
    3 days ago
  •  ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst to be a key member of the security incident response team. The role involves handling security incidents, performing forensic analysis, and coordinating remediation efforts. Ideal candidates should... 

    Ernst & Young Oman

    Boston, MA
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Information Security Incident Response Analyst. Be the first to apply!