193 Incident Response jobs in Bengaluru
Incident Response Analyst
Posted 10 days ago
Job Viewed
Job Description
25WD91175
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).
Incident Response Analyst
Posted today
Job Viewed
Job Description
Position Overview
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
Responsibilities
Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
Help create and maintain process tools and documentation
Perform all stage of incident response from detection to postmortem
Collaborate with stakeholders in building and improving our Security Orchestration Platform
Clearly document notes for incidents in our case management solution
Perform basic forensics and malware analysis based on our playbooks and procedures
Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
Maintain a high level of confidentiality and Integrity
Minimum Qualifications
BS in Computer Science, Information Security, or equivalent professional experience
2+ years of cyber security experience in incident response
Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
Strong understanding of Security Operations and Incident Response process and practices
Experience performing security monitoring, response capabilities, log analysis and forensic tools
Strong understanding of operating systems including Windows, Linux and OSX
Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
Excellent verbal and written communication skills
Ability to design playbooks for responding to security incidents
Ability to support off-hours, weekends, and holidays if needed in support of incident response
Preferred Qualifications
Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
Learn More
About Autodesk
Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk – it’s at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you’re an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
Salary transparency
Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.Diversity & Belonging
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here:
Are you an existing contractor or consultant with Autodesk?
Please search for open jobs and apply internally (not on this external site).
Information Security Analyst, Incident Response L1
Posted today
Job Viewed
Job Description
Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
Additional Career Level Description:
Knowledge and application:
Problem solving:
Interaction:
Impact:
Accountability:
Workplace type:
Hybrid WorkingAbout NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Cyber Incident Response - Junior Incident
Posted today
Job Viewed
Job Description
**Cyber & Investigative Services - Junior Incident Coordinator**
**EY Technology**:
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
**EY Technology **supports our technology needs through three business units:
**Client Technology (CT)** - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
**Enterprise Workplace Technology (EWT)** - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
**Information Security (InfoSec)**:
- InfoSec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
**The opportunity**
**Your key responsibilities**
- Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
- Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
- Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
- Help lead small to medium sized projects as directed by leadership
- Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company’s incident response plan
- As requested, develop and deliver metrics to leadership
- Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
- Own and manage the teams internal action playbooks and knowledgebase
- Must be willing to be on-call off hours in rotation with other team members (required)
**Skills and attributes for success**
- Resolution of security incidents by validating root cause and solutions
- Analyze findings in investigative matters, and develop fact-based reports
- Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
- Demonstrated integrity and judgment within a professional environment
- Inquisitive approach to analysis and peer review
- Application of emotional intelligence and calm under pressure
- Ability to appropriately balance work/personal priorities
**To qualify for the role, you must have**
- ** Education**:
- Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
- **
Experience**:
- 5+ years’ experience in at least two of the following roles:
- Member of a Security Operations Center (SOC)
- Security Incident Response Analyst or supporting function (2 years minimum)
- eDiscovery or related role performing forensic functions
- Deep understanding of security threats, vulnerabilities, and incident response
- Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
- Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
- Understanding of regulatory stipulations regarding security incidents
- Experience with SIEM technologies (i.e. Splunk)
- Deep understanding of both Windows and Unix/Linux based operating systems
**Ideally, you’ll also**
**What we look for**
- Demonstrated integrity in a professional environment
- Ability to work independently
- Have a global mind-set for working with different cultures and backgrounds
- Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
- Excellent organizational skills and strong
Major Incident Response Analyst
Posted 17 days ago
Job Viewed
Job Description
We are looking for a detail-oriented and proactive Major Incident Response Analyst to join our incident response team. The ideal candidate will be responsible for analyzing and managing major incidents that affect our operations, ensuring timely resolution and minimizing impact on the business. This role requires strong analytical skills, effective communication, and the ability to work collaboratively in a fast-paced environment.
**Responsibilities and Accountabilities:**
+ Proactively monitor and analyze incidents to identify major incidents that require immediate attention and escalation.
+ Collaborate with End User Technology Support, the Digital Desk, Security Operations, and other relevant teams to support effective response and resolution of major incidents.
+ Assist in investigations of major incidents to determine root causes and impact on business operations.
+ Maintain detailed incident records, including timelines, actions taken, communications, and resolution outcomes to support reporting and analysis.
+ Maintain and update the Major Incident Management process, including policies, procedures, knowledge base with critical contacts and best practices.
+ Organise and participate in post-incident reviews to identify lessons learned and recommend improvements to incident management processes.
+ Maintain and update incident management tools and documentation to ensure accurate tracking and reporting of major incidents.
+ Provide support and guidance to team members during major incidents, ensuring adherence to established processes and protocols.
+ Stay informed about industry trends, latest security threats, and best practices related to incident response and management.
+ Contribute to a culture of preparedness across Service Enablement, TechX and DigitalX.
+ Work closely with End User Technology Support, SecOps & Incident Response and the Digital Desk
+ Capable of identifying potential signs of external threat actor involvement which could indicate a security incident.
+ Stay current with industry trends, threats, and best practices related to incident management
**Required Qualifications:**
+ Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
+ Atleast 3 years of experience in incident management, with a focus on major incidents in a complex global environment.
+ Strong understanding of IT service management (ITSM) frameworks, such as ITIL.
+ Excellent leadership and team management skills, with the ability to motivate and guide cross-functional teams.
+ Strong analytical and problem-solving abilities, with a focus on root cause analysis and continuous improvement.
+ Exceptional communication skills, both written and verbal, with the ability to convey complex information to diverse audiences.
+ Relevant certifications (e.g., ITIL, CISSP, CISM) are a plus.
**Preferred Qualifications:**
+ Experience in managing IT budgets and vendor relationships.
+ Relevant certifications, such as ITIL, PMP, or AWS, are a plus
**Working Environment**
**Astellas' Global Capability Centres - Overview**
_Astellas' Global Capability Centres (GCCs) are strategically located sites that give Astellas the ability to access talent across various functions in the value chain and to co-locate core capabilities that are currently dispersed._ __ _Our three GCCs are located in India, Poland and Mexico._ __
__ _The GCCs will enhance our operational efficiency, resilience and innovation potential, enabling a timely response to changing business demands._ __
__ _Our GCCs are an integral part of Astellas, guided by our shared values and behaviors, and are critical enablers of the company's strategic priorities, sustainable growth, and commitment to turn innovative science into VALUE for patients._
Category
Astellas is committed to equality of opportunity in all aspects of employment.
EOE including Disability/Protected Veterans
Senior Information Security Incident Response Analyst
Posted today
Job Viewed
Job Description
Job Description
Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
Your day at NTT DATA
The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts.
The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
What you'll be doing
Key Responsibilities:
Knowledge and Attributes:
Academic Qualifications and Certifications:
Required Experience:
Workplace type:
Remote WorkingAbout NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Incident response commander / project manager | aiir – ai-driven incident response
Posted today
Job Viewed
Job Description
Company DescriptionAii R is the first AI-driven breach response and extortion management platform that automates negotiations, investigations, and recovery, reducing incident costs and response times. At the core of Aii R is CEIRA, an AI-powered virtual breach response analyst that streamlines ransom negotiations, tracks cryptocurrency payments, conducts forensic investigations, and automates breach notifications. The platform provides AI-powered ransom negotiation, crypto payment tracking, threat intelligence, digital forensics, and automated breach notification and compliance. Aii R supports cyber insurers, enterprises, legal teams, and SOC, ensuring faster response times and reduced breach costs.Role DescriptionWe are seeking a Incident Response Commander / Project Manager based in India to join our product innovation team. You’ll play a critical role in translating real-world IR experiences into actionable use cases, working closely with our engineering and AI teams to test and validate breach workflows, QA features, and build out battle-tested Promptbooks for varied breach types.This role requires deep domain expertise in the end-to-end incident response lifecycle—particularly across ransomware, business email compromise, insider threat, and regulatory breach scenarios.Key Responsibilities? Subject Matter Expert for Breach ResponseBring your extensive IR experience to shape Promptbook scenarios and playbooks across a wide range of case types, from extortion to insider threats. QA and Feature TestingAct as the QA lead for new breach response features, workflows, and case management logic inside the Aii R platform. Test AI-generated recommendations and prompt outputs for accuracy and relevance? Promptbook Development & Use Case DesignAuthor and validate Promptbooks (prompt-based workflows) for breach scenarios that mimic real-life attacker TTPs and regulatory obligations? Cross-Functional CoordinationCollaborate with product managers, AI engineers, and UX teams to ensure functionality meets field demands and maintains alignment with real-world investigation and response flow?️ Project Management SupportHelp manage internal development sprints and delivery schedules related to breach response and forensic modules.Required Skills & Experience 10+ years of experience in cybersecurity, with at least 5 years in hands-on incident response (in-house, consulting, MSSP, or law enforcement)? Strong understanding of the IR lifecycle: detection, containment, eradication, recovery, and post-incident review. Experience building IR playbooks or response frameworks (NIST, MITRE ATT&CK, ISO 27035, etc.)? Familiarity with prompt engineering, AI-generated response design, or at least strong interest in working closely with LLMs and intelligent systems? Proven experience in QA testing, user acceptance testing (UAT), or product feedback loops? Comfortable using project management and product tools like Jira, Confluence, Notion, etc? Experience coordinating with distributed teams across time zones? Self-starter, detail-oriented, and passionate about redefining IR with modern tools.Nice-to-Have? Familiarity with forensic tools (Velociraptor, KAPE, etc.) or SIEM/XDR platforms like Sentinel, Splunk, Defender? Exposure to breach notification laws, regulatory frameworks (GDPR, HIPAA, SEC, etc.)? Background in product management, AI testing, or user story writing? Experience in working with AI security tools or building IR tools/platforms.What We OfferOpportunity to shape a next-gen cybersecurity platform from the ground upCollaborative, agile team culture across the U. S. and IndiaFlexible remote work scheduleFast-paced, high-impact work environment with a mission to protect global organizations from breach chaos
Be The First To Know
About the latest Incident response Jobs in Bengaluru !
Incident response commander / project manager | aiir – ai-driven incident response
Posted today
Job Viewed
Job Description
Incident response commander / project manager | aiir – ai-driven incident response
Posted today
Job Viewed
Job Description
Incident Response Commander / Project Manager | AIIR – AI-driven Incident Response
Posted today
Job Viewed
Job Description
Company Description
AiiR is the first AI-driven breach response and extortion management platform that automates negotiations, investigations, and recovery, reducing incident costs and response times. At the core of AiiR is CEIRA, an AI-powered virtual breach response analyst that streamlines ransom negotiations, tracks cryptocurrency payments, conducts forensic investigations, and automates breach notifications. The platform provides AI-powered ransom negotiation, crypto payment tracking, threat intelligence, digital forensics, and automated breach notification and compliance. AiiR supports cyber insurers, enterprises, legal teams, and SOC, ensuring faster response times and reduced breach costs.
Role Description
We are seeking a Incident Response Commander / Project Manager based in India to join our product innovation team. You’ll play a critical role in translating real-world IR experiences into actionable use cases, working closely with our engineering and AI teams to test and validate breach workflows, QA features, and build out battle-tested Promptbooks for varied breach types.
This role requires deep domain expertise in the end-to-end incident response lifecycle—particularly across ransomware, business email compromise, insider threat, and regulatory breach scenarios.
Key Responsibilities