474 Security Intelligence jobs in India

**Job Requisition ID #**
25WD92064
**Position Overview**
The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents.
**Responsibilities**
+ Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
+ Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
+ Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
+ Help create and maintain process tools and documentation
+ Perform all stage of incident response from detection to postmortem
+ Collaborate with stakeholders in building and improving our Security Orchestration Platform
+ Clearly document notes for incidents in our case management solution
+ Perform basic forensics and malware analysis based on our playbooks and procedures
+ Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement
+ Maintain a high level of confidentiality and Integrity
**Minimum Qualifications**
+ BS in Computer Science, Information Security, or equivalent professional experience
+ 2+ years of cyber security experience in incident response
+ Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
+ Strong understanding of Security Operations and Incident Response process and practices
+ Experience performing security monitoring, response capabilities, log analysis and forensic tools
+ Strong understanding of operating systems including Windows, Linux and OSX
+ Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
+ Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
+ Excellent verbal and written communication skills
+ Ability to design playbooks for responding to security incidents
+ Ability to support off-hours, weekends, and holidays if needed in support of incident response
**Preferred Qualifications**
+ Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
+ One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired
#LI-PJ1
**Learn More**
**About Autodesk**
Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
**Salary transparency**
Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
**Diversity & Belonging**
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: you an existing contractor or consultant with Autodesk?**
Please search for open jobs and apply internally (not on this external site).

**Purpose and Scope:**
We are looking for a detail-oriented and proactive Major Incident Response Analyst to join our incident response team. The ideal candidate will be responsible for analyzing and managing major incidents that affect our operations, ensuring timely resolution and minimizing impact on the business. This role requires strong analytical skills, effective communication, and the ability to work collaboratively in a fast-paced environment.
**Responsibilities and Accountabilities:**
+ Proactively monitor and analyze incidents to identify major incidents that require immediate attention and escalation.
+ Collaborate with End User Technology Support, the Digital Desk, Security Operations, and other relevant teams to support effective response and resolution of major incidents.
+ Assist in investigations of major incidents to determine root causes and impact on business operations.
+ Maintain detailed incident records, including timelines, actions taken, communications, and resolution outcomes to support reporting and analysis.
+ Maintain and update the Major Incident Management process, including policies, procedures, knowledge base with critical contacts and best practices.
+ Organise and participate in post-incident reviews to identify lessons learned and recommend improvements to incident management processes.
+ Maintain and update incident management tools and documentation to ensure accurate tracking and reporting of major incidents.
+ Provide support and guidance to team members during major incidents, ensuring adherence to established processes and protocols.
+ Stay informed about industry trends, latest security threats, and best practices related to incident response and management.
+ Contribute to a culture of preparedness across Service Enablement, TechX and DigitalX.
+ Work closely with End User Technology Support, SecOps & Incident Response and the Digital Desk
+ Capable of identifying potential signs of external threat actor involvement which could indicate a security incident.
+ Stay current with industry trends, threats, and best practices related to incident management
**Required Qualifications:**
+ Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
+ Atleast 3 years of experience in incident management, with a focus on major incidents in a complex global environment.
+ Strong understanding of IT service management (ITSM) frameworks, such as ITIL.
+ Excellent leadership and team management skills, with the ability to motivate and guide cross-functional teams.
+ Strong analytical and problem-solving abilities, with a focus on root cause analysis and continuous improvement.
+ Exceptional communication skills, both written and verbal, with the ability to convey complex information to diverse audiences.
+ Relevant certifications (e.g., ITIL, CISSP, CISM) are a plus.
**Preferred Qualifications:**
+ Experience in managing IT budgets and vendor relationships.
+ Relevant certifications, such as ITIL, PMP, or AWS, are a plus
**Working Environment**
**Astellas' Global Capability Centres - Overview**
_Astellas' Global Capability Centres (GCCs) are strategically located sites that give Astellas the ability to access talent across various functions in the value chain and to co-locate core capabilities that are currently dispersed._ __ _Our three GCCs are located in India, Poland and Mexico._ __
__ _The GCCs will enhance our operational efficiency, resilience and innovation potential, enabling a timely response to changing business demands._ __
__ _Our GCCs are an integral part of Astellas, guided by our shared values and behaviors, and are critical enablers of the company's strategic priorities, sustainable growth, and commitment to turn innovative science into VALUE for patients._
Category
Astellas is committed to equality of opportunity in all aspects of employment.
EOE including Disability/Protected Veterans

Our client is actively seeking a highly skilled and dedicated Senior Incident Response Specialist to join their elite cybersecurity team. This is a critical, fully remote role where you will be at the forefront of defending the organization against cyber threats. Your primary responsibility will be to lead and manage the response to security incidents, minimizing their impact and preventing recurrence. This involves conducting thorough investigations, analyzing security events, identifying root causes, and implementing effective containment and eradication strategies. You will work with sophisticated tools and technologies to detect, analyze, and respond to a wide range of security incidents across the enterprise.

Key responsibilities include:

• Leading and coordinating the response to cybersecurity incidents 24/7, ensuring swift and effective action.
• Conducting in-depth forensic investigations of security breaches to determine scope, impact, and root cause.
• Analyzing security logs, network traffic, and endpoint data to detect malicious activity.
• Developing and implementing containment, eradication, and recovery strategies for security incidents.
• Documenting all aspects of incident response activities, including timelines, findings, and recommendations.
• Creating comprehensive incident reports for technical teams and senior management.
• Developing and refining incident response playbooks and procedures.
• Staying current with the latest threat intelligence, attack vectors, and mitigation techniques.
• Collaborating with internal teams (IT, Legal, Communications) and external agencies during incident response.
• Conducting post-incident reviews to identify lessons learned and areas for improvement.
• Maintaining and enhancing the incident response toolkit and infrastructure.
• Providing expertise and guidance on security best practices to prevent future incidents.
• Performing threat hunting activities to proactively identify potential security risks.
• Contributing to security awareness training for employees.

The ideal candidate will possess a Bachelor's degree in Computer Science, Cybersecurity, or a related field, with a minimum of 6-8 years of experience in incident response, digital forensics, or a similar cybersecurity role. Hands-on experience with SIEM tools (e.g., Splunk, QRadar), EDR solutions, and forensic analysis tools is essential. A strong understanding of various attack methodologies (e.g., MITRE ATT&CK framework) and malware analysis is required. Industry certifications such as GCIH, GCFA, OSCP, or CISSP are highly preferred. Excellent analytical, problem-solving, and communication skills are critical for effectively managing high-pressure situations and communicating complex technical information clearly. This position is 100% remote, allowing you to work from anywhere.

Our client is seeking a highly skilled Cybersecurity Analyst specializing in Incident Response to join their security operations team in Mysuru, Karnataka, IN . This critical role involves defending the organization against cyber threats, detecting security breaches, and orchestrating swift and effective responses to incidents. The ideal candidate will possess a deep understanding of threat landscapes, forensic investigation techniques, and security tools. This is a remote position, requiring a self-motivated individual with excellent analytical and problem-solving skills.

Responsibilities:

• Monitor security alerts and events from various sources, including SIEM, IDS/IPS, and endpoint detection systems.
• Investigate potential security incidents, determine their scope, impact, and root cause.
• Develop and execute incident response plans and playbooks.
• Conduct digital forensic investigations to collect and preserve evidence.
• Analyze malware and identify attack vectors.
• Contain and eradicate security threats from affected systems.
• Coordinate with internal teams (IT, Legal, PR) and external stakeholders during incident response.
• Document incident details, actions taken, and lessons learned.
• Develop and recommend security enhancements to prevent future incidents.
• Stay current with emerging threats, vulnerabilities, and cybersecurity best practices.
• Participate in threat hunting activities.
• Provide technical guidance and support to other security team members.
• Develop and deliver security awareness training as needed.
• Maintain and improve incident response tools and technologies.

Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• 3-5 years of experience in cybersecurity, with a focus on incident response and digital forensics.
• Hands-on experience with SIEM tools (e.g., Splunk, QRadar), IDS/IPS, and EDR solutions.
• Proficiency in forensic analysis tools (e.g., FTK, EnCase) and techniques.
• Strong understanding of network protocols, operating systems (Windows, Linux), and common attack vectors.
• Experience with malware analysis is a significant advantage.
• Relevant certifications such as CompTIA Security+, CEH, GIAC GCIH, or similar are highly desirable.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills, with the ability to articulate technical issues clearly.
• Ability to work under pressure and manage multiple incidents simultaneously.
• Willingness to be on-call as needed.

This role is based in Mysuru, Karnataka, IN , but is a fully remote position. Our client offers a challenging and dynamic work environment with opportunities for professional growth in the rapidly evolving field of cybersecurity.

As the Information Security Senior Global Incident Response Analyst, you will play a critical role in the organization's cybersecurity efforts. The position is responsible for acting as a senior analyst during security incidents, coordinating efforts with various members of the Incident Response Team, ensuring Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. This position will work closely with business owners, IT teams, Privacy/Legal, and other members of the Information Security Team to protect the confidentiality, integrity, and availability of the organization's data and systems.
In this role, you will be responsible for the following:
- Incident Response Command
Participate and occasionally lead the response to high-impact cybersecurity incidents.
Coordinate cross-functional teams globally to ensure timely containment, eradication, and recovery.
Act as a first-level decision-maker during incidents, escalating to Managers/Directors, coordinating with InfoSec Comms, and following established response protocols.
- Process & Procedure Improvement
Develop, maintain, and continuously improve global incident response playbooks, runbooks, and workflows.
Participate in regular incident simulations and tabletop exercises to evaluate and enhance response readiness.
Analyze incident post-mortems to identify root causes and implement corrective actions.
- Collaboration & Stakeholder Management
Work closely with IT, Security Operations, Legal, Communications, and business units worldwide to ensure alignment during incidents.
Work with Security Awareness function to assist in improving user security awareness stemming from security incidents.
Act as a liaison between technical teams and senior leadership to provide clear incident updates and risk assessments.
- Reporting & Compliance
Maintain incident documentation and reporting in accordance with regulatory and compliance requirements.
Track key incident metrics and produce reports to inform security strategy and executive leadership.
At a minimum, we would like you to have:
- Bachelor's degree in Information Security, Information Technology, Computer Science, or a related field or equivalent work experience.
- Proven experience (5 years) in cybersecurity (operations, vulnerability management, engineering, or related roles) with at least 1 year of experience coordinating incident response actions/activities
- Advanced knowledge of security concepts and principles
- Experience coordinating global, cross-functional teams in high-pressure situations
- Excellent communication and stakeholder management skills
- Familiarity with common security tools such as SIEM, EDR, forensics, and incident management platforms
- Strong analytical and problem-solving skills.
- Robust attention to detail.
- Obtain relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
Career Development:
- This position serves a mid-level individual contributor role in information security. As the Senior Global Incident Response Analyst gains experience and certifications, they can advance to higher-level roles such as Incident Response Lead and/or Manager. Continuing education and professional development are essential for career growth in this field.
**WHO IS VONTIER**
Vontier (NYSE: VNT) is a global industrial technology company uniting productivity, automation and multi-energy technologies to meet the needs of a rapidly evolving, more connected mobility ecosystem. Leveraging leading market positions, decades of domain expertise and unparalleled portfolio breadth, Vontier enables the way the world moves - delivering smart, safe and sustainable solutions to our customers and the planet. Vontier has a culture of continuous improvement and innovation built upon the foundation of the Vontier Business System and embraced by colleagues worldwide. Additional information about Vontier is available on the Company's website at .
**At Vontier, we empower you to steer your career in the direction of success with a dynamic, innovative, and inclusive environment.**
Our commitment to personal growth, work-life balance, and collaboration fuels a culture where your contributions drive meaningful change. We provide the roadmap for continuous learning, allowing creativity to flourish and ideas to accelerate into impactful solutions that contribute to a sustainable future.
Join our community of passionate people who work together to navigate challenges and seize opportunities. At Vontier, you are not on this journey alone-we are dedicated to equipping you with the tools and support needed to fuel your innovation, lead with impact, and thrive both personally and professionally.
**Together, let's enable the way the world moves!**
The company in which you have expressed employment interest is a subsidiary or affiliate of Vontier Corporation. The subsidiary or affiliate is referred to as a Vontier Company. Vontier Corporation and all Vontier Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, ancestry, sex (including pregnancy, childbirth and related medical conditions), age, marital status, disability, veteran status, citizenship status, sexual orientation, gender identity or expression, and other characteristics protected by law. The "EEO is the Law" poster is available at: Individuals who need a reasonable accommodation because of a disability for any part of the employment process should call or e-mail to request accommodation.

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Associate Information Security Incident Response Analyst is a developing subject matter expert, responsible for assisting with the detection and monitoring of threats and suspicious activity affecting the organization's technology domain.
This role supports the work of technical staff from various business areas as well as third-party technical experts.
The Senior Associate Information Security Incident Response Analyst role uses their developing technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
**Key responsibilities:**
+ Assists with the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
+ Supports access management activities according to the policy.
+ Assists with the implementation of and discuss security service audit schedules, review access authorisation and perform the required access controls and testing to identify security weaknesses.
+ Supports global team of Cyber Security Analysts and specialists.
+ Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, 2nd level triaging of security alerts, events, and notifications.
+ Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
+ Ability to follow and update established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
+ Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
+ Develops an understanding of current and emerging threats, vulnerabilities, and trends.
+ Supports the review of current configurations of company's production information systems and networks against compliance standards.
+ Provides support in the investigation of information security incident causes and follow processes to resolve these causes.
+ Assists configuration management by applying tools, techniques and processes to track, log and correct information related to CIs.
**To thrive in this role, you need to have:**
+ Knowledge of technological advances within the information security arena.
+ Understanding of inter-relationships in an overall system or process.
+ Knowledge of information security management and policies.
+ Ability to think critically, analyze information, and solve less complex problems.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related preferred.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
**Required experience:**
+ Moderate experience in a Technology Information Security Industry.
+ Moderate experience using End Point Protection Software.
+ Moderate experience using Enterprise Detection and Response software.
+ Moderate experience or knowledge of SIEM and IPS technologies.
+ Moderate experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
**Workplace type** **:**
Remote Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters-whether in writing or by phone-in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Principal Information Security Incident Response Analyst is a highly skilled subject matter exper, responsible for providing an escalation path for Level 1 and 2 workflows for high-risk incidents.
Additionally, this role facilitates proactive security measures through analytics and threat hunting processes and is responsible for detecting and monitoring escalated threats and suspicious activity affecting company technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).
This role is responsible to manage critical and high-risk exposures in the daily operation of real-time threat management activities.
This senior technical resource facilitates problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).
**Key responsibilities:**
+ Manages weekly sprints in Threat Hunting analytics.
+ Manages the processing of security alerts, events, and notifications (e.g. via email, ticketing, virus warning, intelligence feeds, workflow, etc.).
+ Manages the notification of internal and/or external teams according to agreed alert priority levels, and escalation trees.
+ Monitors events for suspicious events, investigation, and escalate where applicable.
+ Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
+ Prioritizes threat analysis based on risks associated with each threat and working with the appropriate teams to ensure related communications are in line with company best practice and recommendations.
+ Acts as the primary technical lead for the Computer Incident Response Team (CIRT), coordinating the work of technical staff from various departments, as well as the work of third-party technical experts.
+ Ties third party attack monitoring services and threat reporting services, into internal CIRT communications systems, so as to better alert CIRT team members about what's coming, and what preparations to undertake before production systems at NTT Ltd are damaged (and what remedial actions to take after damage has taken place).
+ Regularly reviews the current configurations of NTT Ltd production information systems and networks, with an eye towards the steps that attackers must take to break through existing defenses, and recommends configuration changes, system setting changes, network topology changes, and other modifications that would enhance the overall level of security.
+ Designs, specifies, programs, deploys, and fine-tunes custom software which analyses the vast amount of log, audit trail, and other recorded activity information that modern systems record, so as to be able to immediately detect unauthorized activity, most importantly intrusion by unauthorized parties and the execution of unauthorized software.
+ Designs automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against company systems has been detected.
+ Designs, specifies, programs, debugs, and oversees the work of others related to middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet company information security needs.
+ Performs post-mortem analyze with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users.
+ Reviews incident and problem management reports to identify potential security weaknesses and perform an impact and risk analysis, developing recommendations for highlighted risks, ensuring that these risks and solutions are presented to the relevant stakeholders.
+ Ensures that security service audit schedules are developed, scoped, discussed and agreed with the business.
+ Reviews access authorization for compliance with policy, administration security controls for effectiveness, security on the operational systems and verify that security monitoring is working.
**To thrive in this role, you need to have:**
+ Ability to remain calm and focused during stressful situations.
+ Ability to listen and adapt to changing situations.
+ Ability to recognize potential problems and take steps to fix the issues.
+ Extended understanding of complex inter-relationships in an overall system or process.
+ Extended knowledge of technological advances within the information security arena.
+ Demonstrates analytical thinking and a proactive approach.
+ Displays consistent client focus and orientation.
+ Extended knowledge of information security management and policies.
+ Extended understanding of current and emerging threats, vulnerabilities, and trends.
+ Extended understanding of malware forensics, network forensics, and computer forensics also highly desirable.
+ Ability to statically and dynamically analyze malware to determine target and intention.
+ Ability to uncover and document tools, techniques, procedures used by cyber adversaries in attacking managed infrastructure.
+ Sound decision making abilities with demonstrate teamwork and collaboration skills.
+ Displays good planning and organizing ability.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related field.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
+ Industry certifications such as CISSP, CISM, CISA, CEH, CHFI preferred.
+ Information Technology / ITILSM / ICT Security / ITIL v3 preferred.
**Required experience:**
+ Extended experience in a Technology Information Security Industry.
+ Extended experience working in a SOC/CSIRT.
+ Extended experience or knowledge of SIEM and IPS technologies.
+ Extended experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
+ Extended experience in building SIEM rules and/or indicators of compromise for threat detection.
**Workplace type** **:**
On-site Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Our client, a prominent player in the financial services industry, is seeking an experienced and dynamic Lead Information Security Analyst to bolster their security operations. This crucial role involves overseeing the security posture, managing Security Information and Event Management (SIEM) systems, and leading incident response efforts. The ideal candidate will possess extensive knowledge of cybersecurity threats, vulnerabilities, and mitigation strategies. Responsibilities include developing and implementing security policies and procedures, conducting regular security assessments, managing security tools and technologies, and acting as a primary point of contact during security incidents. You will be instrumental in detecting, analyzing, and responding to security breaches, ensuring minimal impact on the organization. Experience with various SIEM platforms (e.g., Splunk, QRadar, ELK Stack) and a strong understanding of log analysis and threat hunting techniques are paramount. This role also involves mentoring junior security analysts and contributing to the continuous improvement of the security program. The candidate should have a deep understanding of network security, endpoint security, cloud security, and cryptography. Excellent communication skills are required to liaise with IT teams, management, and potentially external auditors. This position is based in **Vadodara, Gujarat, IN**, with a hybrid work arrangement that balances remote flexibility with essential in-office collaboration. A minimum of 7 years of progressive experience in information security, with at least 3 years in a lead or senior analyst role. Proven expertise in SIEM administration, configuration, and utilization for threat detection. Hands-on experience in incident response, including containment, eradication, and recovery. Strong understanding of security frameworks (e.g., NIST, ISO 27001) and regulatory compliance. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly preferred. Bachelor's or Master's degree in Cybersecurity, Computer Science, or a related field. Ability to perform under pressure and make critical decisions during security incidents. Strong analytical and problem-solving capabilities.