130 Incident Response jobs in Malaysia

Monks Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Monks Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Direct message the job poster from Monks Global Talent Acquisition Leader | Talent Management and Candidate Attraction Specialist | Recruitment and Sourcing Strategy | Recruitment Process…

Please note that we will never request payment or bank account information at any stage of the recruitment process. As we continue to grow our teams, we urge you to be cautious of fraudulent job postings or recruitment activities that misuse our company name and information. Please protect your personal information during any recruitment process. While Monks may contact potential candidates via LinkedIn, all applications must be submitted through our official website (monks.com/careers).

Position Description

We are looking for an Incident Response Analyst who is able to analyze security events and investigate potential incidents, validate and manage high priority incidents while providing comprehensive written root-cause analysis to security teams & stakeholders, utilize tooling to contain & minimize overall impact while escalating unresolved incidents to security engineering teams, maintain & continuously update incident response plans and runbooks for more efficient incident response.

This person will be responsible for monitoring security alerts and events in order to identify & remediate security incidents across various on-prem and cloud based solutions. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions.

Key Accountabilities

Develop operational procedures to implement and continually improve the incident response process. Monitor security alerts within the tech stack, and investigate any potential security incidents. Analyze the alerts received to classify and assess the impact, managing high priority incidents, including communication to the business, facilitating root cause analysis and resolution. Perform cyber security investigations as part of the incident analysis. Coordinate with other departments the remediation tasks to be performed and escalate unresolved incidents. Perform post-mortem analysis to identify root causes and design controls or measures to prevent future incidents. Write comprehensive investigation reports capturing investigation details and root cause analysis aligned knowledge of modern Tactics, Techniques, and Procedures (TTPs). Collaborate with content production for security awareness.

Minimum Qualifications

3+ years of experience in similar roles Bachelor’s degree in Computer Science/Engineering/Information Security Working ITIL knowledge and experience or similar Functional knowledge of the MITRE ATT&CK framework Experience with log analysis, malware analysis, and/or forensic analysis Hands-on experience with industry leading security tools: EDR, SWG, SIEM, MDM

Qualities

Good communication Ability to confidently present findings to those with either a technical or non-technical background. Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills. Ability to self-organize and plan activities with commitment towards results. Ready to learn new contents both from others or self-learned. Passionate about self-improvement and suggesting improvements to processes or activities.

Preferred Qualifications

InfoSec Certification (e.g. CISSP, Comptia Sec+, CEH, etc) Cloud experience (AWS, Azure, GCP) in a production environment Scripting experience (Python, Perl, Powershell, etc) Experience in Blue/Red/Purple team engagements

About Monks

Monks is the global, purely digital, unitary operating brand of S4Capital plc. With a legacy of innovation and specialized expertise, Monks combines an extraordinary range of global marketing and technology services to accelerate business possibilities and redefine how brands and businesses interact with the world. Its integration of systems and workflows delivers unfettered content production, scaled experiences, enterprise-grade technology and data science fueled by AI—managed by the industry’s best and most diverse digital talent—to help the world’s trailblazing companies outmaneuver and outpace their competition.

Monks was named a Contender in The Forrester Wave: Global Marketing Services. It has remained a constant presence on Adweek’s Fastest Growing lists ), ranks among Cannes Lions' Top 10 Creative Companies ) and is the only partner to have been placed in AdExchanger’s Programmatic Power Players list every year ). In addition to being named Adweek’s first AI Agency of the Year (2023), Monks has been recognized by Business Intelligence in its 2024 Excellence in Artificial Intelligence Awards program in three categories: the Individual category, Organizational Winner in AI Strategic Planning and AI Product for its service Monks.Flow. Monks has also garnered the title of Webby Production Company of the Year ), won a record number of FWAs and has earned a spot on Newsweek’s Top 100 Global Most Loved Workplaces 2023.

We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.

Seniority level

Seniority level Mid-Senior level Employment type

Employment type Full-time Job function

Job function Management and Manufacturing Industries Advertising Services Referrals increase your chances of interviewing at Monks by 2x Sign in to set job alerts for “Incident Analyst” roles.

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago Bukit Raja, Selangor, Malaysia 1 week ago Wilayah Persekutuan Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago Security Operations Center Analyst (SOC Analyst)

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Petaling Jaya, Selangor, Malaysia 5 days ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago Security Operations Centre Analyst (Night Shift)

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago Taman Wilayah, Federal Territory of Kuala Lumpur, Malaysia 2 months ago Security Operations & Governance Analyst (1 year Contract)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Operational Technology (OT) Security Analyst

Petaling Jaya, Selangor, Malaysia 3 days ago Cyber Security Analyst (Governance, Risk & Compliance)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Analysts, Associate Analysts & Consultant – Cybersecurity Governance, Risk & Compliance (GRC)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Cybersecurity Incident Response Analyst, L2

The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. You will have an excellent opportunity to influence the security culture at Dell and further develop your career.

Join us as a Cybersecurity Incident Response Analyst, L2 on our Cybersecurity Incident Response team in Cyberjaya, Malaysia to do the best work of your career and make a profound social impact. What you’ll achieve

As a Cyber Incident Response Analyst L2, this role is responsible for investigating and reporting of security incidents supporting all Dell Business Units. This role requires experience in all phases of Cybersecurity incident response including preparation, analysis, notification, response, recovery, and post-mortem activities. This role interacts with all levels of the organization and is viewed as a subject matter expert on all Incident Response activities.

The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology).

You will:

• Serve as a global escalation point and work with the Incident Response Team members on tickets to manage / prioritize queue assignments
• Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident
• Participate in After Actions Reports creation based on Lessons Learned from critical cybersecurity incidents
• Investigate/analyze large and unstructured data sets, malicious artifacts, and EDR tools to identify trends and anomalies indicative of potential threats
• Liaison with stakeholders and internal CSIRT teams to serve as a Cyber Security Champion to help implement best security practices and mature the Security Incident Response process to meet the needs of the business.

Take the first step towards your dream career Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role: Essential Requirements

• 3-5 years hands-on experience with focus in areas such as systems, network, application, and information security
• Exceptional ability to conduct cybersecurity investigations, analyze and distill relevant findings and determine root cause
• Strong knowledge of security and web technologies such as SIEM, full packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP, UEBA, networking protocols, Microsoft Windows and Linux/Unix platforms and tools with related experience in corporate infrastructures
• Strong technical experience and familiarity of various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles
• Excellent analytical thinking, time management and coordination skills and excellent command in English (both written and verbal)

Desirable Requirements

• Industry recognized certification (CISSP, SANS GCIH, GCIA, GNFA, GREM, etc.)
• Knowledge and experience in: Digital Forensics, reverse malware tools, and scripting languages

Who we are

We believe that each of us has the power to make an impact. That’s why we put our team members at the center of everything we do. If you’re looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we’re looking for you.

Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.

Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here.

Job ID: R

#J-18808-Ljbffr

Overview

Associate (Forensics Lead), Incident Response — S-RM Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

The role focuses on forensic investigations within our Incident Response team, delivering delivery-focused support across incident response services and complex cyber incidents.

Responsibilities

• Supporting technical incident response from first contact through to closure: act as a technical resource on response cases, deploying expertise, creating tailored strategies for response workstreams, and guiding project colleagues as needed.
• Overseeing host- and network-based incident response investigations: triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
• Developing and sharing domain expertise: grow cyber expertise and share it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24x7x365 client incident coverage.
• Engaging in a variety of casework across public and corporate clients, with opportunities to broaden security awareness into testing and advisory projects, in addition to deepening incident response expertise.
• Flexible working practices to support wellbeing, with options to balance on-site and remote work.

Qualifications

• Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; candidates with exposure to IR teams or roles with IR aspects will be considered.
• Fundamental understanding of computer systems and networks, including:
  • Windows systems (e.g., domain services, standard build templates, SCCM, PowerShell)
  • Networking (firewall rules, network segmentation, DNS)
  • Virtualization technologies (ESXi, Hyper-V)
  • Endpoint Detection & Response solutions
• Experience conducting forensic investigations, particularly on Windows systems; Linux and MacOS investigation experience is preferred.
• Understanding of core incident response workstreams, including containment and restoration/recovery, is a benefit.
• Critical and investigative mindset with the ability to solve problems with limited information and guidance.
• Knowledge of cyber threat actors and their TTPs.
• Strong communication skills, comfortable speaking to individuals at all levels of an organization.
• Certifications (or equivalent) such as GCFE, GCFA, GCIH, GNFA are preferred; beneficial certifications include EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+.
• Working proficiency in another language (e.g., Malay, Tamil, Mandarin, Cantonese, Vietnamese) is beneficial but not required.
• Must have permission to work in Malaysia by the start of employment.

Benefits

• 20 days paid holiday each year, plus public holidays and additional leave accrual up to 5 days.
• Flexible working: minimum two days in the office per week; remote work option; flexible hours between 7am and 7pm.
• Pension scheme: EPF contributions in accordance with legislative requirements.
• Life insurance; company-paid private medical and dental insurance.
• Company-paid maternity, paternity and fertility treatment leave.
• Employee Assistance Programme: 24/7 access to specialist support services and resources.

The role will be based in our office in Kuala Lumpur with flexible working arrangements available.

#J-18808-Ljbffr

**Cybersecurity Incident Response Analyst, L2**
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell's business. You will have an excellent opportunity to influence the security culture at Dell and further develop your career.
**Join us as a** **Cybersecurity Incident Response Analyst, L2** **on our** **Cybersecurity Incident Response** **team in** **Cyberjaya, Malaysia** **to do the best work of your career and make a profound social impact. **
**What you'll achieve**
As a Cyber Incident Response Analyst L2, this role is responsible for investigating and reporting of security incidents supporting all Dell Business Units.  This role requires experience in all phases of Cybersecurity incident response including preparation, analysis, notification, response, recovery, and post-mortem activities.  This role interacts with all levels of the organization and is viewed as a subject matter expert on all Incident Response activities.   
The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology).  
**You will:**
+ Serve as a global escalation point and work with the Incident Response Team members on tickets to manage / prioritize queue assignments 
+ Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident  
+ Participate in After Actions Reports creation based on Lessons Learned from critical cybersecurity incidents 
+ Investigate/analyze large and unstructured data sets, malicious artifacts, and EDR tools to identify trends and anomalies indicative of potential threats  
+ Liaison with stakeholders and internal CSIRT teams to serve as a Cyber Security Champion to help implement best security practices and mature the Security Incident Response process to meet the needs of the business. 
**Take the first step towards your dream career**
**Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:**
**Essential Requirements**
+ 3-5 years hands-on experience with focus in areas such as systems, network, application, and information security
+ Exceptional ability to conduct cybersecurity investigations, analyze and distill relevant findings and determine root cause  
+ Strong knowledge of security and web technologies such as SIEM, full packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP, UEBA, networking protocols, Microsoft Windows and Linux/Unix platforms and tools with related experience in corporate infrastructures  
+ Strong technical experience and familiarity of various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles
+ Excellent analytical thinking, time management and coordination skills and excellent command in English (both written and verbal)
**Desirable Requirements**
+ Industry recognized certification (CISSP, SANS GCIH, GCIA, GNFA, GREM, etc.)  
+ Knowledge and experience in: Digital Forensics, reverse malware tools, and scripting languages
**Who we are**
We believe that each of us has the power to make an impact. That's why we put our team members at the center of everything we do. If you're looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we're looking for you.
Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.
Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here ( .
**Job ID:** R

Overview

Cybersecurity Incident Response Analyst, L2 The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. You will have an excellent opportunity to influence the security culture at Dell and further develop your career. Join us as a

Cybersecurity Incident Response Analyst, L2

on our

Cybersecurity Incident Response

team in

Cyberjaya, Malaysia

to do the best work of your career and make a profound social impact. What you’ll achieve

As a Cyber Incident Response Analyst L2, this role is responsible for investigating and reporting of security incidents supporting all Dell Business Units. This role requires experience in all phases of Cybersecurity incident response including preparation, analysis, notification, response, recovery, and post-mortem activities. This role interacts with all levels of the organization and is viewed as a subject matter expert on all Incident Response activities. The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology). You will

Serve as a global escalation point and work with the Incident Response Team members on tickets to manage / prioritize queue assignments Perform technical cybersecurity investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident Participate in After Actions Reports creation based on Lessons Learned from critical cybersecurity incidents Investigate/analyze large and unstructured data sets, malicious artifacts, and EDR tools to identify trends and anomalies indicative of potential threats Liaison with stakeholders and internal CSIRT teams to serve as a Cyber Security Champion to help implement best security practices and mature the Security Incident Response process to meet the needs of the business Essential Requirements

3-5 years hands-on experience with focus in areas such as systems, network, application, and information security Exceptional ability to conduct cybersecurity investigations, analyze and distill relevant findings and determine root cause Strong knowledge of security and web technologies such as SIEM, full packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP, UEBA, networking protocols, Microsoft Windows and Linux/Unix platforms and tools with related experience in corporate infrastructures Strong technical experience and familiarity of various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles Excellent analytical thinking, time management and coordination skills and excellent command in English (both written and verbal) Desirable Requirements

Industry recognized certification (CISSP, SANS GCIH, GCIA, GNFA, GREM, etc.) Knowledge and experience in: Digital Forensics, reverse malware tools, and scripting languages Who we are

We believe that each of us has the power to make an impact. That’s why we put our team members at the center of everything we do. If you’re looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we’re looking for you. Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us. Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy.

#J-18808-Ljbffr

Cybersecurity Incident Response Analyst, L2 The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. You will have an excellent opportunity to influence the security culture at Dell and further develop your career.

Join us as a Cybersecurity Incident Response Analyst, L2 on our Cybersecurity Incident Response team in Cyberjaya, Malaysia to do the best work of your career and make a profound social impact. What you’ll achieve As a Cyber Incident Response Analyst L2, this role is responsible for investigating and reporting of security incidents supporting all Dell Business Units. This role requires experience in all phases of Cybersecurity incident response including preparation, analysis, notification, response, recovery, and post-mortem activities. This role interacts with all levels of the organization and is viewed as a subject matter expert on all Incident Response activities.

The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology).

You will:

Serve as a global escalation point and work with the Incident Response Team members on tickets to manage / prioritize queue assignments

Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident

Participate in After Actions Reports creation based on Lessons Learned from critical cybersecurity incidents

Investigate/analyze large and unstructured data sets, malicious artifacts, and EDR tools to identify trends and anomalies indicative of potential threats

Liaison with stakeholders and internal CSIRT teams to serve as a Cyber Security Champion to help implement best security practices and mature the Security Incident Response process to meet the needs of the business.

Take the first step towards your dream career Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role: Essential Requirements

3-5 years hands-on experience with focus in areas such as systems, network, application, and information security

Exceptional ability to conduct cybersecurity investigations, analyze and distill relevant findings and determine root cause

Strong knowledge of security and web technologies such as SIEM, full packet capture, Firewall/NGFW, IDS/IPS, EDR, DLP, UEBA, networking protocols, Microsoft Windows and Linux/Unix platforms and tools with related experience in corporate infrastructures

Strong technical experience and familiarity of various types and techniques of cyber-attacks, with the incident response and threat hunting lifecycles

Excellent analytical thinking, time management and coordination skills and excellent command in English (both written and verbal)

Desirable Requirements

Industry recognized certification (CISSP, SANS GCIH, GCIA, GNFA, GREM, etc.)

Knowledge and experience in: Digital Forensics, reverse malware tools, and scripting languages

Who we are

We believe that each of us has the power to make an impact. That’s why we put our team members at the center of everything we do. If you’re looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we’re looking for you.

Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.

Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here.

Job ID: R

#J-18808-Ljbffr

Overview

Associate (Forensics Lead), Incident Response — S-RM Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia The role focuses on forensic investigations within our Incident Response team, delivering delivery-focused support across incident response services and complex cyber incidents. Responsibilities

Supporting technical incident response from first contact through to closure: act as a technical resource on response cases, deploying expertise, creating tailored strategies for response workstreams, and guiding project colleagues as needed. Overseeing host- and network-based incident response investigations: triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: grow cyber expertise and share it with the wider team through internal initiatives and programs. Participating in an on-call rotation to provide 24x7x365 client incident coverage. Engaging in a variety of casework across public and corporate clients, with opportunities to broaden security awareness into testing and advisory projects, in addition to deepening incident response expertise. Flexible working practices to support wellbeing, with options to balance on-site and remote work. Qualifications

Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; candidates with exposure to IR teams or roles with IR aspects will be considered. Fundamental understanding of computer systems and networks, including:

Windows systems (e.g., domain services, standard build templates, SCCM, PowerShell) Networking (firewall rules, network segmentation, DNS) Virtualization technologies (ESXi, Hyper-V) Endpoint Detection & Response solutions

Experience conducting forensic investigations, particularly on Windows systems; Linux and MacOS investigation experience is preferred. Understanding of core incident response workstreams, including containment and restoration/recovery, is a benefit. Critical and investigative mindset with the ability to solve problems with limited information and guidance. Knowledge of cyber threat actors and their TTPs. Strong communication skills, comfortable speaking to individuals at all levels of an organization. Certifications (or equivalent) such as GCFE, GCFA, GCIH, GNFA are preferred; beneficial certifications include EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+. Working proficiency in another language (e.g., Malay, Tamil, Mandarin, Cantonese, Vietnamese) is beneficial but not required. Must have permission to work in Malaysia by the start of employment. Benefits

20 days paid holiday each year, plus public holidays and additional leave accrual up to 5 days. Flexible working: minimum two days in the office per week; remote work option; flexible hours between 7am and 7pm. Pension scheme: EPF contributions in accordance with legislative requirements. Life insurance; company-paid private medical and dental insurance. Company-paid maternity, paternity and fertility treatment leave. Employee Assistance Programme: 24/7 access to specialist support services and resources. The role will be based in our office in Kuala Lumpur with flexible working arrangements available.

#J-18808-Ljbffr

Overview

Senior Information Security Incident Response Lead at NTT DATA Asia Pacific.

Key Responsibilities

• Lead and manage complex security incidents, acting as a key contact for stakeholders.
• Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
• Conduct forensic investigations on compromised hosts, networks, and cloud environments.
• Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
• Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
• Develop and refine detection rules, improving alert fidelity and response workflows.
• Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
• Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
• Provide strategic recommendations for improving the organization’s security posture.
• Create detailed incident reports, threat intelligence assessments, and executive summaries.
• Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.

Knowledge and Attributes

• Ability to communicate and work across different cultures and social groups.
• Ability to plan activities and projects well in advance, and account for changing circumstances.
• Ability to maintain a positive outlook at work and work well under pressure.
• Ability to work hard and put in longer hours when necessary.
• Active listening, paraphrasing for understanding, probing for relevant information, and avoiding interruptions.
• Adaptability to changing circumstances and a client-focused mindset.

Academic Qualifications and Certifications

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.

Required Experience

• Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
• Strong forensic analysis skills across Windows, Linux, and macOS systems.
• Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
• Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
• Knowledge of malware analysis techniques, including static and dynamic analysis.
• Familiarity with cloud security investigations (AWS, Azure, GCP).
• Strong scripting skills in Python, PowerShell, or similar languages for automation.
• Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
• Experience with vulnerability management, red teaming, or penetration testing is a plus.
• Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.

Preferred Certifications

• GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional)
• Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)

Key Competencies

• Strong analytical and problem-solving skills in high-pressure situations.
• Ability to manage multiple investigations efficiently while meeting deadlines.
• Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
• Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
• Ability to work in a fast-paced environment and adapt to evolving threats and challenges.

Workplace type

Full-time

About NTT DATA

NTT DATA is a global innovator of business and technology services serving 75% of the Fortune Global 100. We invest in R&D and support a diverse, inclusive workplace with experts in more than 50 countries.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category.

#J-18808-Ljbffr

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Key Responsibilities:**
+ Lead and manage complex security incidents, acting as a key contact for stakeholders.
+ Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
+ Conduct forensic investigations on compromised hosts, networks, and cloud environments.
+ Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
+ Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
+ Develop and refine detection rules, improving alert fidelity and response workflows.
+ Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
+ Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
+ Provide strategic recommendations for improving the organization's security posture.
+ Create detailed incident reports, threat intelligence assessments, and executive summaries.
+ Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
**Knowledge and Attributes:**
+ Ability to communicate and work across different cultures and social groups.
+ Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
+ Ability to maintain a positive outlook at work.
+ Ability to work well in a pressurized environment.
+ Ability to work hard and put in longer hours when it is necessary.
+ Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
+ Ability to adapt to changing circumstances.
+ Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.
**Academic Qualifications and Certifications:**
+ Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
+ Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
**Required experience:**
+ Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
+ Strong forensic analysis skills across Windows, Linux, and macOS systems.
+ Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
+ Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
+ Knowledge of malware analysis techniques, including static and dynamic analysis.
+ Familiarity with cloud security investigations (AWS, Azure, GCP).
+ Strong scripting skills in Python, PowerShell, or similar languages for automation.
+ Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
+ Experience with vulnerability management, red teaming, or penetration testing is a plus.
+ Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
**Preferred Certifications:**
+ GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
+ CISSP (Certified Information Systems Security Professional)
+ CEH (Certified Ethical Hacker)
+ OSCP (Offensive Security Certified Professional)
+ Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
**Key Competencies:**
+ Strong analytical and problem-solving skills in high-pressure situations.
+ Ability to manage multiple investigations efficiently while meeting deadlines.
+ Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
+ Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
+ Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
#LI-APAC
**Workplace type** **:**
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.