3,601 Incident Response jobs in India

**Job Requisition ID #**
25WD91176
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).

**Job Requisition ID #**
25WD91177
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).

**Position Overview:**
Ralliant is seeking a skilled **Security Operations Lead** based in India to lead international response operations and SOC mission. This role combines **incident command, response coaching** , and **technical depth** across detection and response, with a strong focus on MSSP oversight and continuous improvement. The ideal candidate brings deep experience in incident command, advanced triage/investigation skills, and the ability to communicate and report with clarity and impact.
**Key Responsibilities:**
+ Serve as **global incident commander** , driving incident response lifecycle activities including triage, containment, forensics, recovery, and lessons learned.
+ Lead and coordinate efforts across **multiple MSSP structures** :
+ A **managed defend and respond partner** delivering 24x7 coverage
+ A **staff augmentation-based MSSP** providing tiered security analyst resources.
+ Act as the **chief coach** for analysts across both in-house and partner-sourced teams-guiding investigation depth, alert tuning, and incident retrospectives.
+ Manage and report on **SOC performance metrics, SLAs, and KPIs** -focusing on mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat detection coverage.
+ Drive accountability and continuous improvement through **regular reporting** , operational dashboards, and escalation reviews to security leadership.
+ Leverage deep knowledge of **CrowdStrike Falcon** (EDR, Identity, Forensics) to validate detection effectiveness and lead incident investigations.
+ Support integration, optimization, and effective use of **CrowdStrike SIEM/LogScale** for advanced log correlation, threat hunting, and alert fidelity.
+ Ensure high-quality documentation and communication during incidents-including executive summaries, impact analysis, and regulatory reporting alignment (e.g., SOX, NIST 800-171).
+ Maintain and evolve incident playbooks and threat detection use cases in alignment with MITRE ATT&CK and emerging threat intelligence.
+ Actively participate in global cybersecurity strategy sessions and coordinate with peers across IT, GRC, and engineering to ensure defense-in-depth posture.
**Qualifications:**
+ 8+ years in security operations, incident response, or threat detection roles.
+ 3+ years managing or coordinating workstreams from MSSPs or staff augmentation models.
+ Strong experience in global incident command with a focus on collaboration, triage efficiency, and structured decision-making.
+ Hands-on expertise with **CrowdStrike Falcon** suite and familiarity with **CrowdStrike LogScale/SIEM** highly desirable.
+ Demonstrated ability to develop and track SOC **performance metrics** and drive data-informed decisions.
+ Deep investigative skillset including root cause analysis, endpoint/network forensics, and adversary behavior tracking.
+ Excellent written and verbal communication skills, especially for incident documentation and stakeholder briefings.
+ Familiarity with security frameworks (NIST, MITRE ATT&CK) and compliance domains (SOX, ITAR, NIST 800-171).
**Preferred Certifications:**
+ **CISSP, GCIH, GCFA, GCIA** , or similar relevant credentials.
+ Practical experience with log correlation platforms and case management tools (e.g., ServiceNow, Jira).
**Ralliant Overview**
Every day, engineers transform scientific potential into real-world impact, reshaping how we live and work. At this pivotal moment in technology, Fortive is creating a focused, standalone company poised to capitalize on powerful long-term trends with mission critical technologies advancing an electrified and digital future. Our team of scientists, engineers, and technologists is joining forces to pioneer solutions that will shape the future of industry.
Introducing Ralliant Corporation, a global technology company uniting trusted brands solving tough challenges to speed breakthroughs at leading companies, research institutions, and governments, across the semiconductor/communications/diversified electronics, industrial manufacturing, utilities, and aero, defense, and space industries.
Ralliant is fueled by a global team of changemakers, committed to continuous improvement and a strong culture rooted in disciplined execution. For more information please visit: Corporation Overview**
Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life - faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we're building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world.
**Bonus or Equity**
This position is also eligible for bonus and equity as part of the total compensation package.

Job Summary

The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures, and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process.

Key Responsibilities

• The Incident Response Analyst fulfills the following tasks:

  • Responds to computer security incidents according to the computer security incident response policy and procedures.
  • Provides technical guidance to first responders for handling cybersecurity incidents.
  • Provides timely and relevant updates to appropriate stakeholders and decision makers.
  • Communicates investigation findings to relevant business units to help improve the cybersecurity posture.
  • Validates and maintains incident response plans and processes to address potential threats.
  • Compiles and analyzes data for management reporting and metrics.
  • Analyzes potential impact of new threats and communicates risks back to detection engineering functions.
  • Performs root-cause analysis to document findings and participate in root-cause elimination activities as required.
  • Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents.
  • Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases.

Management Responsibilities

Individual Contributor

Preferred Qualifications

A successful Incident Response Analyst candidate will have the expertise and skills described below.

Education, Training and Past Experience

Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above.

• BE/BTech, BS or MA in computer science, information security or a related field.

  Bachelor's Degree (in Business, Technology, Computer Science or related field), preferred or equivalent experience.

• Candidate must have 5 years of experience in incident response.
• Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK.
• Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial.
• Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial.

Minimum Qualifications

Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:

• Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
• Understands organizational mission, values, goals, and consistent application of this knowledge.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to effectively influence others to modify their opinions, plans, or behaviors.
• A team-focused mentality, with the proven ability to work effectively with diverse stakeholders.
• Strong problem-solving and troubleshooting skills.

All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

#LI-IB2

Certifications

Contact Compensation

Work Environment/Physical Demands

Typical office environment

Competencies

Salary Plan

ITS: Information Technology Service

Job Grade

004

BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy. We offer professionals an array of health and welfare benefits that vary based on their geographic region and employment status. This may include health, life accident and disability insurances, paid time off, financial programs and more. Professionals may also be eligible for a performance-based bonus program.

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

• Splunk experience
• EDR: Crowdstrike or Carbon Black
• Scripting or basic programming (Java, HTML, Powershell, bash)
• Entry-level certifications or higher

Position Overview

The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.

Responsibilities
 

Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions

Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings

Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents

Help create and maintain process tools and documentation

Perform all stage of incident response from detection to postmortem

Collaborate with stakeholders in building and improving our Security Orchestration Platform

Clearly document notes for incidents in our case management solution

Perform basic forensics and malware analysis based on our playbooks and procedures

Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement

Maintain a high level of confidentiality and Integrity

Minimum Qualifications
 

BS in Computer Science, Information Security, or equivalent professional experience

2+ years of cyber security experience in incident response

Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics

Strong understanding of Security Operations and Incident Response process and practices

Experience performing security monitoring, response capabilities, log analysis and forensic tools

Strong understanding of operating systems including Windows, Linux and OSX

Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools

Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team

Excellent verbal and written communication skills

Ability to design playbooks for responding to security incidents

Ability to support off-hours, weekends, and holidays if needed in support of incident response

Preferred Qualifications
 

Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization

One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired

#LI-PJ1

Learn More

About Autodesk

Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.

We take great pride in our culture here at Autodesk – it’s at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.

When you’re an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!

Salary transparency

Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.

Diversity & Belonging
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here:

Are you an existing contractor or consultant with Autodesk?

Please search for open jobs and apply internally (not on this external site).

ANZEN Technologies Pvt. Ltd. is a one stop solution for industry-leading services, solutions and products in the Cyber Security, IT Governance, Risk Management, and Compliance space. We provide End to End security services & consultancy to sectors, ranging from Critical Infrastructure Installations to BFSI, eCommerce, IT/ITES, Pharmaceuticals and many more. We are strongly positioned to understand your needs and deliver the right panacea to your security and compliance requirements. We have established Information Security Management Framework for clients from a wide gamut of industries.

**Below is the JD -**

Quickly identify an attack, minimize its effects, contain damage, and
remediate the cause to reduce the risk of future incidents.

Contact Person
- Arpita

Contact Number
- +91-XXX

**Job Type**: Internship

Schedule:

- Rotational shift

Ability to commute/relocate:

- Vashi, Navi Mumbai - 4, Maharashtra: Reliably commute or planning to relocate before starting work (required)

**Education**:

- Bachelor's (preferred)

**Experience**:

- total work: 1 year (preferred)

**Speak with the employer**
+91
+91-XXX