Cyber Defense & Incident Responder

Req ID: 357174 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Cyber Defense & Incident Responder to join our team in Merrifield, Virginia (US-VA), United States (US).

Job Summary: 

The Cyber Defense & Incident Responder is responsible for monitoring, analyzing, and responding to assigned cybersecurity incidents in accordance with established procedures. This role focuses on incident triage, investigation, containment, and recovery to minimize impact and restore normal operations. Analysts leverage security tools, event logs, correlation data, and threat intelligence to determine the nature and scope of incidents, document findings, and recommend remediation steps.

Job Duties:

• Monitor enterprise security systems and analyze alerts to identify potential cybersecurity incidents.
  • Review SIEM, IDS/IPS, EDR, and other related tool alerts for anomalous activity and indicators of compromise/attacks (IOCs/IOAs).
  • Validate alerts to reduce false positives and prioritize based on severity and potential impact.
• Perform initial triage and analysis of security events to determine scope, severity, and urgency.
  • Examine log data, network telemetry, and endpoint information to identify possible malicious activity.
  • Correlate event details with internal and external threat intelligence.
• Execute incident response actions in accordance with established procedures.
  • Contain affected systems, remove malicious artifacts, and assist in system recovery.
  • Escalate complex or critical incidents to Senior SOC Analysts or SOC Leads.
• Document and communicate incident findings to support resolution and improvement efforts.
  • Prepare incident tickets, timelines, and investigative notes.
  • Contribute to after-action reviews (AARs) and post-incident reporting.
  • Create incident tickets
  • Upload supporting evidence, draw sound conclusions and upload artifacts
  • Communicate effectively, providing clear, accurate, and concise information
  • Exercise sound analytical skills to derive correct conclusions associated with incident investigations.
• Maintain SOC processes, tools, and playbooks to ensure effective incident handling.
  • Recommend refinements to SOPs and escalation procedures.
  • Identify opportunities to streamline analysis workflows and improve detection capabilities.
• Participate in training, exercises, and knowledge-sharing to strengthen response readiness.
  • Support red, blue, or purple team exercises when directed.
  • Share lessons learned and best practices with SOC team members.
• Stay informed on current and emerging cyber threats relevant to the organization’s environment.
  • Track evolving tactics, techniques, and procedures (TTPs) of threat actors.
  • Incorporate relevant intelligence into incident analysis and response.

Basic Qualifications:

• Bachelor's degree in information technology, cybersecurity, data science, information systems, or computer science.
  • Education Equivalency: One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program.
• Minimum 6 years of experience in Information Technology (IT) and/or Information Security (IS).
• DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding.
• Ability to obtain a interim Secret Security Clearance and must be eligible for a Top-Secret clearance if requested.

About NTT DATA

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com, @nttdatafed.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.