[Remote] Cyber Security Incident Handler and Threat Hunter (Remote, Full-Time)

Note: The job is a remote job and is open to candidates in USA. NTT DATA is a global innovator of business and technology services seeking a Cyber Security Incident Handler to join their Computer Security Incident Response Team. The role involves responding to security incidents, performing forensic analysis, and proactive threat hunting to safeguard NTT DATA's digital infrastructure and reduce risk.

Responsibilities

• Handle the entire incident response lifecycle by conducting initial triage, performing detailed analysis of security alerts, and executing actions such as live response, containment, and escalation until the incident is resolved.
• Serve as an incident coordinator by operating security tools, ingesting incident data, tracking incident status, coordinating with internal and external teams, and promptly responding to customer queries and requests related to security events.
• Manage incident handling procedures across Windows, Mac, and Linux platforms, ensuring effective containment and remediation.
• Adapt and document procedures for security operations and incident response, ensuring efficient tactical process development tailored to specific incident requirements.
• Conduct digital forensic investigations using industry-standard tools (e.g., Falcon, X-Ways).
• Proactively hunt for threats in SIEM and other security platforms by analyzing log files, network telemetry, and digital artifacts to detect indicators of compromise.
• Perform basic malware analysis to identify and understand malicious activities.
• Develop, refine, and maintain incident response playbooks, runbooks, and technical documentation.
• Integrate threat intelligence with forensic findings to build a comprehensive understanding of emerging attacker tactics and context.
• Collaborate with cross-functional teams, providing mentorship and expert guidance during high-pressure incidents and on-call rotations.
• Participate in on-call rotation support, including weekends, holidays, and after-business hours as required to meet business needs.

Skills

• 2+ years of hands-on experience in Cybersecurity, Incident Response, Digital Forensics, Threat Hunting, or similar technical roles.
• Proficiency with SOC workflows, including threat hunting, detection, response, and threat intelligence.
• Strong understanding of Windows, and Unix-like operating systems, as well as enterprise authentication technologies (e.g., Active Directory, Entra ID).
• Experience with endpoint, identity, cloud application, infrastructure, email, network, and other threat detection and prevention technologies, along with a comprehensive background in network, host, and application security.
• Experience in network security monitoring and IT operations, including familiarity with firewalls, proxies, IDS/IPS, WAFs, and other common network protocols and services.
• Great analytical skills with meticulous attention to detail, problem solver with an investigative mindset and with a curious, proactive approach to learning and adapting to evolving threats and technologies.
• Engaged teamplayer with strong written and oral communication skills (fluency in English).
• Willingness to work non-standard hours, including evenings, weekends, and occasional travel (although the job is fully remote and Romanian business hours based).
• Experience with cloud forensics and investigating incidents in Azure and AWS cloud platforms.
• Demonstrated ability in scripting or programming (e.g., Python, PowerShell, Bash) for workflow automation and analysis.
• Exposure to advanced malware analysis and remediation strategies for targeted attacks.
• Degree in Cybersecurity, Information Systems, Computer Science, or a related field, or has equivalent relevant professional experience. (Recent graduates are encouraged to apply as well.)
• Any security certification (e.g., GIAC, OSCP, CEH, CCFR).
• Demonstrated thought leadership through published research, industry presentations, or active community engagement.

Company Overview

• Online recruitment It was founded in 2011, and is headquartered in Johannesburg, NA - South Africa, ZAF, with a workforce of 11-50 employees. Its website is https://executiveplacements.com.

Apply tot his job Apply To this Job