Incident Response

Navi Mumbai, Maharashtra ₹180000 - ₹250000 Y Skillventory

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Role & responsibilities:

  • The Lead Incident Response Team is responsible for overseeing the end-to-end management of technology incidents across the enterprise.
  • This role ensures rapid detection, containment, resolution, and root cause analysis of incidents affecting critical IT services.
  • The position requires strong leadership, technical acumen, and the ability to coordinate across multiple teams under pressure.
  • Act as the primary liaison during major incidents, ensuring timely updates to senior leadership.
  • Ensure adherence to incident management policies, ITIL standards, and regulatory requirements.
  • Define and evolve the incident response strategy in alignment with business continuity and disaster recovery plans.
  • Lead post-incident reviews and drive systemic improvements across the organization.
  • Lead the triage, containment, and resolution of high-impact technology incidents.
  • Activate war rooms and coordinate rapid response efforts across teams.
  • Oversee real-time monitoring tools and ensure effective alerting mechanisms.
  • Recommend and implement automation for incident detection and resolution.
  • Conduct detailed post-incident investigations and root cause analysis.
  • Document incident timelines, impact assessments, and corrective actions.

Preferred candidate profile :

  • Experience in managing incidents in hybrid cloud environments.
  • Familiarity with cybersecurity incident response frameworks.
  • Ability to work under pressure and lead cross-functional teams during crises.
  • Certifications such as ITIL, PMP, or SRE are a plus.
This advertiser has chosen not to accept applicants from your region.

SOC- Incident response

Navi Mumbai, Maharashtra ₹1500000 - ₹2500000 Y Clarity Consulting

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Desired qualifications

• Bachelors degree in computer science, Cybersecurity, or related field, or equivalent

experience.

• Minimum of 5-9 years of experience in cybersecurity, IT security operations, or incident

response.

• Prior experience in a Security Operations Center (SOC) or handling security incidents in an

enterprise environment.

• Experience with security monitoring, SIEM platform tuning, and threat detection engineering.

Technical Skills:

- Advanced proficiency with Splunk, Azure Sentinel, ELK SIEM & EDR platforms (experience with

other SIEM platforms like Azure Sentinel is a plus).

- In-depth understanding of network protocols (TCP/IP, DNS, HTTP, etc.), security devices

(firewalls, IDS/IPS, etc.), and endpoint security technologies (EDR, antivirus, etc.).

- Hands-on experience with log analysis, data correlation, and incident investigation.

- Familiarity with threat intelligence tools, data sources, and feeds.

- Strong understanding of security frameworks, including MITRE ATT&CK, NIST, and OWASP.

Preferred Certifications

• CompTIA Security+, CEH or similar certifications.

• Splunk, EDR Certified Security Engineer or other relevant certifications.

This advertiser has chosen not to accept applicants from your region.

SOC Analyst/Incident Response

Mumbai, Maharashtra Anicalls (Pty) Ltd

Posted today

Job Viewed

Tap Again To Close

Job Description

• Splunk experience
• EDR: Crowdstrike or Carbon Black
• Scripting or basic programming (Java, HTML, Powershell, bash)
• Entry-level certifications or higher
This advertiser has chosen not to accept applicants from your region.

Senior - Cyber Incident Response

Mumbai, Maharashtra KPMG India

Posted today

Job Viewed

Tap Again To Close

Job Description

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.
Cyber Incident Response

Equal employment opportunity information

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
B Tech or Equivalent
This advertiser has chosen not to accept applicants from your region.

Principal Analyst: Information Security Incident Response (NTT)

Mumbai, Maharashtra NTT America, Inc.

Posted 11 days ago

Job Viewed

Tap Again To Close

Job Description

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Principal Information Security Incident Response Analyst is a highly skilled subject matter exper, responsible for providing an escalation path for Level 1 and 2 workflows for high-risk incidents.
Additionally, this role facilitates proactive security measures through analytics and threat hunting processes and is responsible for detecting and monitoring escalated threats and suspicious activity affecting company technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).
This role is responsible to manage critical and high-risk exposures in the daily operation of real-time threat management activities.
This senior technical resource facilitates problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).
**Key responsibilities:**
+ Manages weekly sprints in Threat Hunting analytics.
+ Manages the processing of security alerts, events, and notifications (e.g. via email, ticketing, virus warning, intelligence feeds, workflow, etc.).
+ Manages the notification of internal and/or external teams according to agreed alert priority levels, and escalation trees.
+ Monitors events for suspicious events, investigation, and escalate where applicable.
+ Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
+ Prioritizes threat analysis based on risks associated with each threat and working with the appropriate teams to ensure related communications are in line with company best practice and recommendations.
+ Acts as the primary technical lead for the Computer Incident Response Team (CIRT), coordinating the work of technical staff from various departments, as well as the work of third-party technical experts.
+ Ties third party attack monitoring services and threat reporting services, into internal CIRT communications systems, so as to better alert CIRT team members about what's coming, and what preparations to undertake before production systems at NTT Ltd are damaged (and what remedial actions to take after damage has taken place).
+ Regularly reviews the current configurations of NTT Ltd production information systems and networks, with an eye towards the steps that attackers must take to break through existing defenses, and recommends configuration changes, system setting changes, network topology changes, and other modifications that would enhance the overall level of security.
+ Designs, specifies, programs, deploys, and fine-tunes custom software which analyses the vast amount of log, audit trail, and other recorded activity information that modern systems record, so as to be able to immediately detect unauthorized activity, most importantly intrusion by unauthorized parties and the execution of unauthorized software.
+ Designs automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against company systems has been detected.
+ Designs, specifies, programs, debugs, and oversees the work of others related to middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet company information security needs.
+ Performs post-mortem analyze with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users.
+ Reviews incident and problem management reports to identify potential security weaknesses and perform an impact and risk analysis, developing recommendations for highlighted risks, ensuring that these risks and solutions are presented to the relevant stakeholders.
+ Ensures that security service audit schedules are developed, scoped, discussed and agreed with the business.
+ Reviews access authorization for compliance with policy, administration security controls for effectiveness, security on the operational systems and verify that security monitoring is working.
**To thrive in this role, you need to have:**
+ Ability to remain calm and focused during stressful situations.
+ Ability to listen and adapt to changing situations.
+ Ability to recognize potential problems and take steps to fix the issues.
+ Extended understanding of complex inter-relationships in an overall system or process.
+ Extended knowledge of technological advances within the information security arena.
+ Demonstrates analytical thinking and a proactive approach.
+ Displays consistent client focus and orientation.
+ Extended knowledge of information security management and policies.
+ Extended understanding of current and emerging threats, vulnerabilities, and trends.
+ Extended understanding of malware forensics, network forensics, and computer forensics also highly desirable.
+ Ability to statically and dynamically analyze malware to determine target and intention.
+ Ability to uncover and document tools, techniques, procedures used by cyber adversaries in attacking managed infrastructure.
+ Sound decision making abilities with demonstrate teamwork and collaboration skills.
+ Displays good planning and organizing ability.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related field.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
+ Industry certifications such as CISSP, CISM, CISA, CEH, CHFI preferred.
+ Information Technology / ITILSM / ICT Security / ITIL v3 preferred.
**Required experience:**
+ Extended experience in a Technology Information Security Industry.
+ Extended experience working in a SOC/CSIRT.
+ Extended experience or knowledge of SIEM and IPS technologies.
+ Extended experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
+ Extended experience in building SIEM rules and/or indicators of compromise for threat detection.
**Workplace type** **:**
On-site Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
This advertiser has chosen not to accept applicants from your region.

Principal Analyst: Information Security Incident Response (NTT)

Mumbai, Maharashtra NTT

Posted today

Job Viewed

Tap Again To Close

Job Description

JOB DESCRIPTION

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA
The Principal Information Security Incident Response Analyst is a highly skilled subject matter exper, responsible for providing an escalation path for Level 1 and 2 workflows for high-risk incidents.

Additionally, this role facilitates proactive security measures through analytics and threat hunting processes and is responsible for detecting and monitoring escalated threats and suspicious activity affecting company technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

This role is responsible to manage critical and high-risk exposures in the daily operation of real-time threat management activities.

This senior technical resource facilitates problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).

Key responsibilities:
  • Manages weekly sprints in Threat Hunting analytics.
  • Manages the processing of security alerts, events, and notifications (e.g. via email, ticketing, virus warning, intelligence feeds, workflow, etc.).
  • Manages the notification of internal and/or external teams according to agreed alert priority levels, and escalation trees.
  • Monitors events for suspicious events, investigation, and escalate where applicable.
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
  • Prioritizes threat analysis based on risks associated with each threat and working with the appropriate teams to ensure related communications are in line with company best practice and recommendations.
  • Acts as the primary technical lead for the Computer Incident Response Team (CIRT), coordinating the work of technical staff from various departments, as well as the work of third-party technical experts.
  • Ties third party attack monitoring services and threat reporting services, into internal CIRT communications systems, so as to better alert CIRT team members about what’s coming, and what preparations to undertake before production systems at NTT Ltd are damaged (and what remedial actions to take after damage has taken place).
  • Regularly reviews the current configurations of NTT Ltd production information systems and networks, with an eye towards the steps that attackers must take to break through existing defenses, and recommends configuration changes, system setting changes, network topology changes, and other modifications that would enhance the overall level of security.
  • Designs, specifies, programs, deploys, and fine-tunes custom software which analyses the vast amount of log, audit trail, and other recorded activity information that modern systems record, so as to be able to immediately detect unauthorized activity, most importantly intrusion by unauthorized parties and the execution of unauthorized software.
  • Designs automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against company systems has been detected.
  • Designs, specifies, programs, debugs, and oversees the work of others related to middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet company information security needs.
  • Performs post-mortem analyze with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users.
  • Reviews incident and problem management reports to identify potential security weaknesses and perform an impact and risk analysis, developing recommendations for highlighted risks, ensuring that these risks and solutions are presented to the relevant stakeholders.
  • Ensures that security service audit schedules are developed, scoped, discussed and agreed with the business.
  • Reviews access authorization for compliance with policy, administration security controls for effectiveness, security on the operational systems and verify that security monitoring is working.

  • To thrive in this role, you need to have:
  • Ability to remain calm and focused during stressful situations.
  • Ability to listen and adapt to changing situations.
  • Ability to recognize potential problems and take steps to fix the issues.
  • Extended understanding of complex inter-relationships in an overall system or process.
  • Extended knowledge of technological advances within the information security arena.
  • Demonstrates analytical thinking and a proactive approach.
  • Displays consistent client focus and orientation.
  • Extended knowledge of information security management and policies.
  • Extended understanding of current and emerging threats, vulnerabilities, and trends.
  • Extended understanding of malware forensics, network forensics, and computer forensics also highly desirable.
  • Ability to statically and dynamically analyze malware to determine target and intention.
  • Ability to uncover and document tools, techniques, procedures used by cyber adversaries in attacking managed infrastructure.
  • Sound decision making abilities with demonstrate teamwork and collaboration skills.
  • Displays good planning and organizing ability.

  • Academic qualifications and certifications:
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related field.
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred.
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
  • Industry certifications such as CISSP, CISM, CISA, CEH, CHFI preferred.
  • Information Technology / ITILSM / ICT Security / ITIL v3 preferred.

  • Required experience:
  • Extended experience in a Technology Information Security Industry.
  • Extended experience working in a SOC/CSIRT.
  • Extended experience or knowledge of SIEM and IPS technologies.
  • Extended experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
  • Extended experience in building SIEM rules and/or indicators of compromise for threat detection.
  • Workplace type:

    On-site Working

    About NTT DATA
    NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

    Equal Opportunity Employer
    NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

    This advertiser has chosen not to accept applicants from your region.
    Be The First To Know

    About the latest Incident response Jobs in Mumbai !

     

    Nearby Locations

    Other Jobs Near Me

    Industry

    1. request_quote Accounting
    2. work Administrative
    3. eco Agriculture Forestry
    4. smart_toy AI & Emerging Technologies
    5. school Apprenticeships & Trainee
    6. apartment Architecture
    7. palette Arts & Entertainment
    8. directions_car Automotive
    9. flight_takeoff Aviation
    10. account_balance Banking & Finance
    11. local_florist Beauty & Wellness
    12. restaurant Catering
    13. volunteer_activism Charity & Voluntary
    14. science Chemical Engineering
    15. child_friendly Childcare
    16. foundation Civil Engineering
    17. clean_hands Cleaning & Sanitation
    18. diversity_3 Community & Social Care
    19. construction Construction
    20. brush Creative & Digital
    21. currency_bitcoin Crypto & Blockchain
    22. support_agent Customer Service & Helpdesk
    23. medical_services Dental
    24. medical_services Driving & Transport
    25. medical_services E Commerce & Social Media
    26. school Education & Teaching
    27. electrical_services Electrical Engineering
    28. bolt Energy
    29. local_mall Fmcg
    30. gavel Government & Non Profit
    31. emoji_events Graduate
    32. health_and_safety Healthcare
    33. beach_access Hospitality & Tourism
    34. groups Human Resources
    35. precision_manufacturing Industrial Engineering
    36. security Information Security
    37. handyman Installation & Maintenance
    38. policy Insurance
    39. code IT & Software
    40. gavel Legal
    41. sports_soccer Leisure & Sports
    42. inventory_2 Logistics & Warehousing
    43. supervisor_account Management
    44. supervisor_account Management Consultancy
    45. supervisor_account Manufacturing & Production
    46. campaign Marketing
    47. build Mechanical Engineering
    48. perm_media Media & PR
    49. local_hospital Medical
    50. local_hospital Military & Public Safety
    51. local_hospital Mining
    52. medical_services Nursing
    53. local_gas_station Oil & Gas
    54. biotech Pharmaceutical
    55. checklist_rtl Project Management
    56. shopping_bag Purchasing
    57. home_work Real Estate
    58. person_search Recruitment Consultancy
    59. store Retail
    60. point_of_sale Sales
    61. science Scientific Research & Development
    62. wifi Telecoms
    63. psychology Therapy
    64. pets Veterinary
    View All Incident Response Jobs View All Jobs in Mumbai