141 Incident Response jobs in India
Incident Response Lead
Posted 4 days ago
Job Viewed
Job Description
Ralliant is seeking a skilled **Security Operations Lead** based in India to lead international response operations and SOC mission. This role combines **incident command, response coaching** , and **technical depth** across detection and response, with a strong focus on MSSP oversight and continuous improvement. The ideal candidate brings deep experience in incident command, advanced triage/investigation skills, and the ability to communicate and report with clarity and impact.
**Key Responsibilities:**
+ Serve as **global incident commander** , driving incident response lifecycle activities including triage, containment, forensics, recovery, and lessons learned.
+ Lead and coordinate efforts across **multiple MSSP structures** :
+ A **managed defend and respond partner** delivering 24x7 coverage
+ A **staff augmentation-based MSSP** providing tiered security analyst resources.
+ Act as the **chief coach** for analysts across both in-house and partner-sourced teams-guiding investigation depth, alert tuning, and incident retrospectives.
+ Manage and report on **SOC performance metrics, SLAs, and KPIs** -focusing on mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat detection coverage.
+ Drive accountability and continuous improvement through **regular reporting** , operational dashboards, and escalation reviews to security leadership.
+ Leverage deep knowledge of **CrowdStrike Falcon** (EDR, Identity, Forensics) to validate detection effectiveness and lead incident investigations.
+ Support integration, optimization, and effective use of **CrowdStrike SIEM/LogScale** for advanced log correlation, threat hunting, and alert fidelity.
+ Ensure high-quality documentation and communication during incidents-including executive summaries, impact analysis, and regulatory reporting alignment (e.g., SOX, NIST 800-171).
+ Maintain and evolve incident playbooks and threat detection use cases in alignment with MITRE ATT&CK and emerging threat intelligence.
+ Actively participate in global cybersecurity strategy sessions and coordinate with peers across IT, GRC, and engineering to ensure defense-in-depth posture.
**Qualifications:**
+ 8+ years in security operations, incident response, or threat detection roles.
+ 3+ years managing or coordinating workstreams from MSSPs or staff augmentation models.
+ Strong experience in global incident command with a focus on collaboration, triage efficiency, and structured decision-making.
+ Hands-on expertise with **CrowdStrike Falcon** suite and familiarity with **CrowdStrike LogScale/SIEM** highly desirable.
+ Demonstrated ability to develop and track SOC **performance metrics** and drive data-informed decisions.
+ Deep investigative skillset including root cause analysis, endpoint/network forensics, and adversary behavior tracking.
+ Excellent written and verbal communication skills, especially for incident documentation and stakeholder briefings.
+ Familiarity with security frameworks (NIST, MITRE ATT&CK) and compliance domains (SOX, ITAR, NIST 800-171).
**Preferred Certifications:**
+ **CISSP, GCIH, GCFA, GCIA** , or similar relevant credentials.
+ Practical experience with log correlation platforms and case management tools (e.g., ServiceNow, Jira).
**Ralliant Overview**
Every day, engineers transform scientific potential into real-world impact, reshaping how we live and work. At this pivotal moment in technology, Fortive is creating a focused, standalone company poised to capitalize on powerful long-term trends with mission critical technologies advancing an electrified and digital future. Our team of scientists, engineers, and technologists is joining forces to pioneer solutions that will shape the future of industry.
Introducing Ralliant Corporation, a global technology company uniting trusted brands solving tough challenges to speed breakthroughs at leading companies, research institutions, and governments, across the semiconductor/communications/diversified electronics, industrial manufacturing, utilities, and aero, defense, and space industries.
Ralliant is fueled by a global team of changemakers, committed to continuous improvement and a strong culture rooted in disciplined execution. For more information please visit: Corporation Overview**
Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life - faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we're building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world.
**Bonus or Equity**
This position is also eligible for bonus and equity as part of the total compensation package.
Incident Response, Cybersecurity
Posted 4 days ago
Job Viewed
Job Description
**Role:** Incident Response Analyst
**Location:** Bangalore
**Full/ Part time:** Full time
**Build a career with confidence**
Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do
**About the Role:**
The Incident Response Analyst will play a critical role in safeguarding Carrier by swiftly identifying, investigating, and responding to cybersecurity incidents. Utilizing a strong understanding of threat detection and incident handling, the analyst will collaborate closely with other stakeholders to contain threats, minimize damage, implement preventive measures, and use lessons learned to enhance Carrier's security posture.
**Key Responsibilities**
+ Respond to security incidents promptly and effectively, following established incident response procedures.
+ Monitor and analyze security events and alerts to identify potential security incidents.
+ Conduct thorough investigations of security incidents to determine the root cause and impact.
+ Collaborate with other teams to contain and remediate security incidents.
+ Document and report on security incidents, including the actions taken and lessons learned.
+ Perform regular threat hunting activities to identify potential security threats and vulnerabilities.
+ Stay current with the latest cybersecurity trends, threats, and technologies.
+ Create and maintain documentation, training, playbooks, and work products.
+ Drive continuous improvement using Carrier Excellence.
**Requirements**
+ Bachelor's degree in Computer Science, Information Security, or a related field.
+ 10+ years of experience in a cybersecurity or incident response role.
**Preferred Qualifications**
+ Strong knowledge of tools and technologies (e.g., SIEM, IDS/IPS, EDR, firewall).
+ Experience with log analysis.
+ Experience with incident response methodologies and frameworks (e.g., NIST, SANS).
+ Familiarity with common attack vectors and techniques (e.g., phishing, malware, ransomware).
+ Excellent analytical and problem-solving skills.
+ Strong communication and interpersonal skills.
+ Ability to work independently and as part of a team.
+ Understanding of the Lockheed Martin Cyber Kill Chain and Mitre Att&CK framework
+ Experience with digital forensics and malware analysis.
+ Knowledge of network protocols and security architecture.
+ Familiarity with cloud security and incident response in cloud environments.
+ Experience with scripting and automation (e.g., Python, PowerShell, BASH).
+ One of the following certifications: CompTIA CSCP|CNSP; GCIH, GCIA, GCFA, GMON
**Benefits**
We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary.
+ Make yourself a priority with flexible schedules, parental leave
+ Drive forward your career through professional development opportunities
+ Achieve your personal goals with our Employee Assistance Programme
**Our commitment to you**
Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create
an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way.
Join us and make a difference.
Apply Now!
.
**Carrier is An Equal** **Opportunity/Affirmative** **Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.**
**Job Applicant's Privacy Notice:**
Click on this link ( to read the Job Applicant's Privacy Notice
Incident Response Analyst
Posted 4 days ago
Job Viewed
Job Description
25WD90131
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities:**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications:**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications:**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).
Incident Response L3
Posted today
Job Viewed
Job Description
Company is seeking a Cyber Security Specialist to join the Security Operations team. The
specialist will serve on the front lines of Company's Security team and will lead and support
security investigations across the company’s global infrastructure as well as respond to
escalations from different entities. The specialist will leverage an armory of tools to investigate
and respond to both external and internal security threats. Utilizing Company tooling, you will
monitor security events in real-time, assess external and internal threats, and provide accurate
and timely response. You will collaborate closely with multiple product team within the Tribe,
with a diverse set of skills to tackle the array of security challenges that we encounter.
Security Specialist, Incident Response Responsibilities includes :-
Lead security incident response in a cross-functional environment and drive incident
resolution.
Lead and develop Incident Response initiatives that improve Company capabilities to
effectively respond and remediate security incidents.
erform digital forensic investigations and analysis of a wide variety of assets including
endpoints.
erform log analysis from a variety of sources to identify potential threats.
uild automation for response and remediation of malicious activity.
rite complex search queries in the EDR as well as SIEM tools for hunting the adversaries.
orks on SOAR cases, automation, workflow & Playbooks.
ntegrating and working on Identity solutions.
eveloping SIEM use cases for new detections specifically on identity use cases.
Minimum Qualifications:
-10 years of experience in Security Incident Response, Investigations
orking experience in Microsoft On-prem and Entra ID solutions
ood knowledge in Active Directories and Tier 0 concepts
ery good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux.
xperience investigating and responding to both external and insider threats.
xperience with attacker tactics, techniques, and procedures (MITRE ATT&CK)
xperience analyzing network and host-based security events
Incident Response L3
Posted 1 day ago
Job Viewed
Job Description
specialist will serve on the front lines of Company's Security team and will lead and support
security investigations across the company’s global infrastructure as well as respond to
escalations from different entities. The specialist will leverage an armory of tools to investigate
and respond to both external and internal security threats. Utilizing Company tooling, you will
monitor security events in real-time, assess external and internal threats, and provide accurate
and timely response. You will collaborate closely with multiple product team within the Tribe,
with a diverse set of skills to tackle the array of security challenges that we encounter.
Security Specialist, Incident Response Responsibilities includes :-
Lead security incident response in a cross-functional environment and drive incident
resolution.
Lead and develop Incident Response initiatives that improve Company capabilities to
effectively respond and remediate security incidents.
Perform digital forensic investigations and analysis of a wide variety of assets including
endpoints.
Perform log analysis from a variety of sources to identify potential threats.
Build automation for response and remediation of malicious activity.
Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries.
Works on SOAR cases, automation, workflow & Playbooks.
Integrating and working on Identity solutions.
Developing SIEM use cases for new detections specifically on identity use cases.
Minimum Qualifications:
5-10 years of experience in Security Incident Response, Investigations
Working experience in Microsoft On-prem and Entra ID solutions
Good knowledge in Active Directories and Tier 0 concepts
Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux.
Experience investigating and responding to both external and insider threats.
Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK)
Experience analyzing network and host-based security events
Incident Response L3
Posted today
Job Viewed
Job Description
Company is seeking a Cyber Security Specialist to join the Security Operations team. The
specialist will serve on the front lines of Company's Security team and will lead and support
security investigations across the company’s global infrastructure as well as respond to
escalations from different entities. The specialist will leverage an armory of tools to investigate
and respond to both external and internal security threats. Utilizing Company tooling, you will
monitor security events in real-time, assess external and internal threats, and provide accurate
and timely response. You will collaborate closely with multiple product team within the Tribe,
with a diverse set of skills to tackle the array of security challenges that we encounter.
Security Specialist, Incident Response Responsibilities includes :-
Lead security incident response in a cross-functional environment and drive incident
resolution.
Lead and develop Incident Response initiatives that improve Company capabilities to
effectively respond and remediate security incidents.
erform digital forensic investigations and analysis of a wide variety of assets including
endpoints.
erform log analysis from a variety of sources to identify potential threats.
uild automation for response and remediation of malicious activity.
rite complex search queries in the EDR as well as SIEM tools for hunting the adversaries.
orks on SOAR cases, automation, workflow & Playbooks.
ntegrating and working on Identity solutions.
eveloping SIEM use cases for new detections specifically on identity use cases.
Minimum Qualifications:
-10 years of experience in Security Incident Response, Investigations
orking experience in Microsoft On-prem and Entra ID solutions
ood knowledge in Active Directories and Tier 0 concepts
ery good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux.
xperience investigating and responding to both external and insider threats.
xperience with attacker tactics, techniques, and procedures (MITRE ATT&CK)
xperience analyzing network and host-based security events
Incident Response, Cybersecurity
Posted today
Job Viewed
Job Description
Job Description
Role: Incident Response Analyst
Location: Bangalore
Full/ Part time: Full time
Build a career with confidence
Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do
About the Role:
The Incident Response Analyst will play a critical role in safeguarding Carrier by swiftly identifying, investigating, and responding to cybersecurity incidents. Utilizing a strong understanding of threat detection and incident handling, the analyst will collaborate closely with other stakeholders to contain threats, minimize damage, implement preventive measures, and use lessons learned to enhance Carrier’s security posture.
Key Responsibilities
- Respond to security incidents promptly and effectively, following established incident response procedures.
- Monitor and analyze security events and alerts to identify potential security incidents.
- Conduct thorough investigations of security incidents to determine the root cause and impact.
- Collaborate with other teams to contain and remediate security incidents.
- Document and report on security incidents, including the actions taken and lessons learned.
- Perform regular threat hunting activities to identify potential security threats and vulnerabilities.
- Stay current with the latest cybersecurity trends, threats, and technologies.
- Create and maintain documentation, training, playbooks, and work products.
- Drive continuous improvement using Carrier Excellence.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field.
- 10+ years of experience in a cybersecurity or incident response role.
Preferred Qualifications
- Strong knowledge of tools and technologies (e.g., SIEM, IDS/IPS, EDR, firewall).
- Experience with log analysis.
- Experience with incident response methodologies and frameworks (e.g., NIST, SANS).
- Familiarity with common attack vectors and techniques (e.g., phishing, malware, ransomware).
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Understanding of the Lockheed Martin Cyber Kill Chain and Mitre Att&CK framework
- Experience with digital forensics and malware analysis.
- Knowledge of network protocols and security architecture.
- Familiarity with cloud security and incident response in cloud environments.
- Experience with scripting and automation (e.g., Python, PowerShell, BASH).
- One of the following certifications: CompTIA CSCP|CNSP; GCIH, GCIA, GCFA, GMON
Benefits
We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary.
Make yourself a priority with flexible schedules, parental leave
Drive forward your career through professional development opportunities
Achieve your personal goals with our Employee Assistance Programme
Our commitment to you
Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create
an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way.
Join us and make a difference.
Apply Now!
.
Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Job Applicant's Privacy Notice:
Click on this link to read the Job Applicant's Privacy Notice
Be The First To Know
About the latest Incident response Jobs in India !
Analyst/Incident Response
Posted today
Job Viewed
Job Description
• EDR: Crowdstrike or Carbon Black
• Scripting or basic programming (Java, HTML, Powershell, bash)
• Entry-level certifications or higher