3,556 Incident Response jobs in India
Security Incident Response Analyst
Posted today
Job Viewed
Job Description
- Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include:
- Improving incident response times
- Reducing false positives and other extraneous alerts
- Enhancing threat detection capabilities
- Oversee your staff's activities and ensure they focus on the right priorities
- Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators
- Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible
- Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team
- Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences
- Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies.
- Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents.
- Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that’s happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals.
Security Incident Response Analyst
Posted today
Job Viewed
Job Description
ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE.
Location: Pune
ISA is a premier technology solution provider for the Aviation industry. We are a subsidiary of Air Arabia Airlines. We have proven our expertise and proficiency over the years and have attracted scores of prestigious clients around the world. We are headquartered in Sharjah – UAE, while the Research and Development center is located in Colombo, Sri Lanka. We are a 100% owned subsidiary of Air Arabia
- Monitor security events and alerts from various security tools such as SIEM (Security Information and Event Management), IDS/IPS, firewalls, and endpoint protection systems.
- Defending the organization’s IT infrastructure, networks, and data from cyber threats.
- Identifying and analyzing potential security incidents, investigating alerts, providing incident response, and escalating complex threats to senior security professionals.
- Investigate security incidents, analyze the root cause, and respond to incidents in accordance with defined protocols.
- Document security incidents, security breaches, and actions taken, ensuring compliance with internal procedures and industry standards.
- Identify potential security breaches and take necessary actions to prevent them.
- Collaborate with other IT teams to ensure that all systems are running smoothly and to resolve cross-functional issues.
- Continuously assess and enhance monitoring, detection, and incident response processe
- 3 years of experience in a Security Operations Center or cybersecurity role.
- Familiarity with security technologies such as SIEM tools, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security platforms.
- Experience in incident detection, investigation, and response.
- Strong understanding of common security vulnerabilities, attack techniques, and defensive technologies.
- Familiarity with security standards and frameworks (NIST, CIS, ISO 27001, etc.).
- Good communication skills and the ability to work in a team environment.
- Strong problem-solving skills and attention to detail.
- Willingness to work flexible hours, including weekends and holidays, and be on-call as required.
Why Join Us?
- Work on innovative airline IT products used globally.
- Collaborative, growth-oriented team culture.
- Opportunities to learn aviation domain knowledge and cutting-edge QA practices.
- Competitive salary and benefits package.
Please send resumes to
Security Incident Response Analyst
Posted today
Job Viewed
Job Description
SIEM Admin**:
I. Deploy, configure, and maintain SIEM solutions (e.G., Splunk, IBM QRadar, ArcSight).
II. Monitor and analyze security events and alerts from the SIEM system.
III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system.
V. Develop and implement SIEM dashboards and reports.
VI. Perform regular health checks and maintenance on the SIEM infrastructure.
VII. Work with other security team members to investigate and respond to security incidents.
VIII. Stay updated on the latest threats, vulnerabilities, and SIEM technologies. IX. Document configurations, processes, and procedures.
SOC Admin**:
I. Manage and maintain SOC infrastructure, including servers, network devices, and security tools. II. Ensure the availability and performance of SOC tools and technologies (e.G., SIEM, IDS/IPS, firewalls).
III. Perform regular system updates, patches, and backups.
IV. Monitor the SOC environment for hardware and software issues and resolve them promptly.
V. Support the SOC team in incident detection, analysis, and response.
VI. Develop and maintain SOC documentation, including configurations, processes, and procedures.
VII. Collaborate with IT and other security teams to enhance the overall security posture.
VIII. Stay updated on the latest security technologies and best practices.
IX. Assist in the development and implementation of SOC policies and procedures.
Security Incident Response Analyst
Posted today
Job Viewed
Job Description
Detection and Response Analyst - Rapid7 MDR (SOC 24 x 7)
Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments.
About the Role
As a core member of our 24/7/365 Security Operations Center (SOC), you will:
- Investigate Malicious Activity: Conduct in-depth investigations into various threats, from account compromises to complex zero-day exploits, on workstations, servers, and in the cloud.
- Generate Incident Reports: Document investigations using the MITRE ATT&CK Framework , including forensic, malware, and root-cause analysis.
- Collaborate and Communicate: Work closely with Customer Advisors on findings and recommendations, and with fellow analysts to share threat intelligence and best practices.
- Enhance Detections: Provide continuous feedback to our Threat Intelligence and Detection Engineering team to improve detection capabilities.
What You'll Bring
We're looking for individuals with:
- Strong understanding of Windows, MacOS/Darwin, and Linux operating systems .
- Fundamental knowledge of threat actor tactics (e.G., lateral movement, privilege escalation, persistence).
- Practical experience with CTF/HTB challenges and penetration testing tools (e.G., Mimikatz, Metasploit).
- Hands-on experience with forensic artifact and/or malware sample analysis .
- A passion for continuous learning, strong collaboration skills, and a customer-centric approach.
Why Rapid7?
Rapid7 is dedicated to creating a secure digital world. We foster a dynamic and collaborative environment where you can grow your career, push cybersecurity boundaries, and help protect our 10,000+ global customers from emerging threats.
Incident Response Analyst
Posted 2 days ago
Job Viewed
Job Description
25WD92064
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).
Incident Response Analyst
Posted 1 day ago
Job Viewed
Job Description
Hi,
As the Information Security Senior Global Incident Response Analyst , you will play a critical role in the organization's cybersecurity efforts. The position is responsible for acting as a senior analyst during security incidents, coordinating efforts with various members of the Incident Response Team, ensuring Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. This position will work closely with business owners, IT teams, Privacy/Legal, and other members of the Information Security Team to protect the confidentiality, integrity, and availability of the organization's data and systems.
In this role, you will be responsible for the following:
- Incident Response Command
- Participate and occasionally lead the response to high-impact cybersecurity incidents.
- Coordinate cross-functional teams globally to ensure timely containment, eradication, and recovery.
- Act as a first-level decision-maker during incidents, escalating to Managers/Directors, coordinating with InfoSec Comms, and following established response protocols.
- Process & Procedure Improvement
- Develop, maintain, and continuously improve global incident response playbooks, runbooks, and workflows.
- Participate in regular incident simulations and tabletop exercises to evaluate and enhance response readiness.
- Analyze incident post-mortems to identify root causes and implement corrective actions.
At a minimum, we would like you to have:
- Bachelor’s degree in information security, Information Technology, Computer Science, or a related field or equivalent work experience.
- Proven experience (5 years) in cybersecurity (operations, vulnerability management, engineering, or related roles) with at least 1 year of experience coordinating incident response actions/activities
- Advanced knowledge of security concepts and principles
- Experience coordinating global, cross-functional teams in high-pressure situations
- Excellent communication and stakeholder management skills
- Familiarity with common security tools such as SIEM, EDR, forensics, and incident management platforms
- Strong analytical and problem-solving skills.
- Robust attention to detail.
- Obtain relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
Career Development:
- This position serves a mid-level individual contributor role in information security. As the Senior Global Incident Response Analyst gains experience and certifications, they can advance to higher-level roles such as Incident Response Lead and/or Manager. Continuing education and professional development are essential for career growth in this field.
Incident Response Analyst
Posted today
Job Viewed
Job Description
As the Information Security Senior Global Incident Response Analyst, you will play a critical role in the organization's cybersecurity efforts. The position is responsible for acting as a senior analyst during security incidents, coordinating efforts with various members of the Incident Response Team, ensuring Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. This position will work closely with business owners, IT teams, Privacy/Legal, and other members of the Information Security Team to protect the confidentiality, integrity, and availability of the organization's data and systems.
In this role, you will be responsible for the following:
- Incident Response Command
- Participate and occasionally lead the response to high-impact cybersecurity incidents.
- Coordinate cross-functional teams globally to ensure timely containment, eradication, and recovery.
- Act as a first-level decision-maker during incidents, escalating to Managers/Directors, coordinating with InfoSec Comms, and following established response protocols.
- Process & Procedure Improvement
- Develop, maintain, and continuously improve global incident response playbooks, runbooks, and workflows.
- Participate in regular incident simulations and tabletop exercises to evaluate and enhance response readiness.
- Analyze incident post-mortems to identify root causes and implement corrective actions.
At a minimum, we would like you to have:
- Bachelor’s degree in information security, Information Technology, Computer Science, or a related field or equivalent work experience.
- Proven experience (5 years) in cybersecurity (operations, vulnerability management, engineering, or related roles) with at least 1 year of experience coordinating incident response actions/activities
- Advanced knowledge of security concepts and principles
- Experience coordinating global, cross-functional teams in high-pressure situations
- Excellent communication and stakeholder management skills
- Familiarity with common security tools such as SIEM, EDR, forensics, and incident management platforms
- Strong analytical and problem-solving skills.
- Robust attention to detail.
- Obtain relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
Career Development:
- This position serves a mid-level individual contributor role in information security. As the Senior Global Incident Response Analyst gains experience and certifications, they can advance to higher-level roles such as Incident Response Lead and/or Manager. Continuing education and professional development are essential for career growth in this field.
Be The First To Know
About the latest Incident response Jobs in India !
Incident Response Analyst
Posted today
Job Viewed
Job Description
Hi,
As the Information Security Senior Global Incident Response Analyst , you will play a critical role in the organization's cybersecurity efforts. The position is responsible for acting as a senior analyst during security incidents, coordinating efforts with various members of the Incident Response Team, ensuring Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. This position will work closely with business owners, IT teams, Privacy/Legal, and other members of the Information Security Team to protect the confidentiality, integrity, and availability of the organization's data and systems.
In this role, you will be responsible for the following:
- Incident Response Command
- Participate and occasionally lead the response to high-impact cybersecurity incidents.
- Coordinate cross-functional teams globally to ensure timely containment, eradication, and recovery.
- Act as a first-level decision-maker during incidents, escalating to Managers/Directors, coordinating with InfoSec Comms, and following established response protocols.
- Process & Procedure Improvement
- Develop, maintain, and continuously improve global incident response playbooks, runbooks, and workflows.
- Participate in regular incident simulations and tabletop exercises to evaluate and enhance response readiness.
- Analyze incident post-mortems to identify root causes and implement corrective actions.
At a minimum, we would like you to have:
- Bachelor’s degree in information security, Information Technology, Computer Science, or a related field or equivalent work experience.
- Proven experience (5 years) in cybersecurity (operations, vulnerability management, engineering, or related roles) with at least 1 year of experience coordinating incident response actions/activities
- Advanced knowledge of security concepts and principles
- Experience coordinating global, cross-functional teams in high-pressure situations
- Excellent communication and stakeholder management skills
- Familiarity with common security tools such as SIEM, EDR, forensics, and incident management platforms
- Strong analytical and problem-solving skills.
- Robust attention to detail.
- Obtain relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
Career Development:
- This position serves a mid-level individual contributor role in information security. As the Senior Global Incident Response Analyst gains experience and certifications, they can advance to higher-level roles such as Incident Response Lead and/or Manager. Continuing education and professional development are essential for career growth in this field.