Security Analysis Specialist

Apply now »

Date: Jul 15, 2026

Location: Noida, UP, IN

Company: NTT DATA Services

Req ID: 373590 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Analysis Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN).

The Cyber Security SOC Analyst plays a critical role within the SOC division, collaborating with the client’s Incident Response team, Security Operations Centre, and other business units in the cybersecurity domain. Responsibilities include conducting daily incident investigations and analysis, which may vary based on external events and internal information needs. The analyst is expected to be proactive, delivering high-quality SOC monitoring & analysis services independently as well as in coordination with the team. 

Core/non-negotiable Skills:

  • Triage and Analysis
  • Understanding and assigning priorities
  • End to End IR response handling
  • Handling all Identity related threats
  • Malware and its lifecycle, malware investigation
  • Phishing and how to identify and actions you take around this, SPF
  • Understanding capabilities and to know when to escalate
  • Lateral Movement, Understanding KILL CHAIN, examples on how to investigate malwares


Responsibilities

•  Incident Response Handling: Incident Alert Investigation: Process development, documentations & Alert policy Tuning, Content management, Operation Maturity & Improvements to meet & maintain Quality controls

• In-depth understanding of Incident Response Lifecycle, Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks

• Experience in supporting Endpoint Detection and Response systems

• Create different dashboards based on the level of user and this was integrated with the customer care support UI

• Work on scripting the automated solution of the platform monitoring with python etc

• Use case validation by coordinating and communicating with technical team/higher management

• Prepared the documents for the mapping design and production support

• Ensure continuous service delivery & Manage Security incidents 24x7 & willing to work in NIGHT shifts Work from Office on a Hybrid Model

Must have in depth knowledge on Phishing alerts, Email header analysis, Endpoint alert analysis, O365 Defender & Email gateway is a plus

• Understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks & Incident response life cycle

• Proficient with SIEM technologies (Security Information and Event Management e.g.Splunk/MS sentinel or other SIEM TOOL)

• Participate in the development of strategic goals for SOC Operation like Alert tuning / noise reduction / automation, contribute to KPI enhancements on quality.

• Work with engineering teams to optimize alert data/Splunk Search/KQL data ingest and search

• Conduct research and make recommendations on data products, services, and standard Basics based on alerts

• Monitor different dashboards based on the anomaly levels & Analyse & recommend to customers with the remediation actions

• Work on scripting the automated solution of the platform monitoring with python etc

• Prepare the documents for the mapping design and SOC Operation support

• Responsible to implement search queries in Splunk/MS Sentinel in support to investigation/Analysis

Handle all SOC Incident related requests/issues

• Ready to go through all modifications and deployments & Learnings

• Work with the other security/IT teams to investigate, contain and remediate cyber security incidents

• Assist the incident response team with technical analysis and provide timely updates during an investigation if needed

• Use investigation findings to recommend security posture improvements (identify gaps)

  • Experience with collecting, analysing, and interpreting qualitative and quantitative data from multiple sources 

• Ability to write high-quality investigation reports for a senior-level audience

• Ability to develop specific expertise, to discern patterns of complex threat actor behaviour, and to communicate an understanding of current and developing cyber threats

• Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical)

• Collect, analyse investigate, store, and disseminate indicators of compromise (IOCs), threat intelligence

• Contribute to Threat Hunting, Threat profile & Advisories & Contribute to Operation maturity/Initiatives

• Ability to communicate (verbal and written) clearly and effectively (technically and non-technically).

• Ability to follow processes, procedures, and instructions. Ability to communicate with stake holders and customers.

• Ability to work and get along with other members within the team.  

 

Key skills & Experience:

4 - 5+ years’ for Level2 experience with in-depth knowledge in Incident Detection & Investigation in a SOC environment, SOC operations

• Experience working on SIEM tools such as Microsoft Sentinel, Splunk, QRadar etc.

• Understanding of IDS/IPS, Phishing, SIEM and AV / EDR / XDR / Proxy etc.

• TCP/IP, computer networking, routing and switching - an understanding of the fundamentals: the language, protocol and functioning of the internet

• Assessment - specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization's risk management of respective country

• Knowledge of risk management, defence in depth, offensive vs defensive techniques, report writing, investigation skills

• Researching, writing reports, proofreading presentations and articles, communications skills

• Python, KQL, scripting, Linux/Unix

• Strong verbal and written abilities to engage with technical and non-technical resources

• Strong analytical skills, Highly organized and detail oriented

• Self-motivated personality who can work independently and in team settings with minimal direction or guidance 

 

 

Qualifications:

• Bachelor’s degree in Computer Science / Engineering or higher.

• Any additional qualifications in Cyber Security or related field (preferred) 

 

Certifications (preferred):

• Any Certificates mentioned below 

SC 200, Security+, GSEC or CEH Certification, relevant SANS training or other technical

industry certifications

About NTT DATA

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-usThis contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.


Job Segment: Computer Science, Linux, Unix, Information Security, Consulting, Technology

Apply now »