Cyber Security Incident Handler and Threat Hunter

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now At NTT DATA we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees have been key factors in our company's growth and market presence. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA Services and for the people who work here.

Overview
NTT DATA is seeking a dynamic and detail-oriented Cyber Security Incident Handler to join our Computer Security Incident Response Team (CSIRT). You will respond to security incidents and threats in accordance with OIS policies and standards, with the goal of reducing risk while supporting NTT DATA's global business operations. In this role, you will be at the forefront of our global incident response operations, performing rapid triage, forensic analysis, and proactive threat hunting across diverse environments. Utilizing cutting-edge tools, you will collaborate closely with business stakeholders to manage security incidents and neutralize threats to our systems and data. Whether addressing routine alerts or high-profile, nation-state attacks, your expertise will be crucial in safeguarding our digital infrastructure and driving the continuous improvement of our IT security posture, thereby reducing risk to NTT DATA and its customers.

Job Responsibilities Include:

• Handle the entire incident response lifecycle by conducting initial triage, performing detailed analysis of security alerts, and executing actions such as live response, containment, and escalation until the incident is resolved.
• Serve as an incident coordinator by operating security tools, ingesting incident data, tracking incident status, coordinating with internal and external teams, and promptly responding to customer queries and requests related to security events.
• Manage incident handling procedures across Windows, Mac, and Linux platforms, ensuring effective containment and remediation.
• Adapt and document procedures for security operations and incident response, ensuring efficient tactical process development tailored to specific incident requirements.
• Conduct digital forensic investigations using industry-standard tools (e.g., Falcon, X-Ways).
• Proactively hunt for threats in SIEM and other security platforms by analyzing log files, network telemetry, and digital artifacts to detect indicators of compromise.
• Perform basic malware analysis to identify and understand malicious activities.
• Develop, refine, and maintain incident response playbooks, runbooks, and technical documentation.
• Integrate threat intelligence with forensic findings to build a comprehensive understanding of emerging attacker tactics and context.
• Collaborate with cross-functional teams, providing mentorship and expert guidance during high-pressure incidents and on-call rotations.
• Participate in on-call rotation support, including weekends, holidays, and after-business hours as required to meet business needs.

Basic Qualifications:

• 2+ years of hands-on experience in Cybersecurity, Incident Response, Digital Forensics, Threat Hunting, or similar technical roles.
• Proficiency with SOC workflows, including threat hunting, detection, response, and threat intelligence.
• Strong understanding of Windows, and Unix-like operating systems, as well as enterprise authentication technologies (e.g., Active Directory, Entra ID; Okta - nice to have).
• Experience with endpoint, identity, cloud application, infrastructure, email, network, and other threat detection and prevention technologies, along with a comprehensive background in network, host, and application security.
• Experience in network security monitoring and IT operations, including familiarity with firewalls, proxies, IDS/IPS, WAFs, and other common network protocols and services.
• Great analytical skills with meticulous attention to detail, problem solver with an investigative mindset and with a curious, proactive approach to learning and adapting to evolving threats and technologies.
• Engaged teamplayer with strong written and oral communication skills (fluency in English).
• Willingness to work non-standard hours, including evenings, weekends, and occasional travel (although the job is fully remote and Romanian business hours based).

Preferred Skills:

• Experience with cloud forensics and investigating incidents in Azure and AWS cloud platforms.
• Demonstrated ability in scripting or programming (e.g., Python, PowerShell, Bash) for workflow automation and analysis.
• Exposure to advanced malware analysis and remediation strategies for targeted attacks.
• Degree in Cybersecurity, Information Systems, Computer Science, or a related field, or has equivalent relevant professional experience. (Recent graduates are encouraged to apply as well.)
• Any security certification (e.g., GIAC, OSCP, CEH, CCFR).
• Demonstrated thought leadership through published research, industry presentations, or active community engagement.

About NTT DATA
NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at

NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here . If you'd like more information on your EEO rights under the law, please click here . For Pay Transparency information, please click here .