Security Incident Response Analyst

endava· Client Delivery
Apply Now ↗

About this role

Company Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.
 
By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.
 
From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

The Incident Response Analyst is part of the front line of our Cyber Threat Intelligence and Incident Response team, responsible for providing Endava with high fidelity, actionable cyber threat intelligence and specialist incident response capabilities.

Strong knowledge of the latest security threats, industry standard incident response methodologies, and investigation techniques is expected. Candidates should also demonstrate adaptability, knowledge of both incident response and cyber threat intelligence, and an eagerness to learn emerging threat actor tactics, tools and techniques.

Responsibilities:

· Act as a key responder during security incidents, supporting containment, eradication and recovery activities.

· Perform detailed investigation and analysis of security alerts, intrusions and malware using EDR, SIEM and forensic tooling.

· Support post-incident reviews, identifying root cause, control gaps and lessons learned.

· Coordinate with SOC, CTI, IT, legal and third-party providers during incidents to ensure timely and effective response

· Support evidence collection and documentation to meet legal, regulatory and internal reporting requirements.

 

In periods without active incident response activity, the analyst will actively support Cyber Threat Intelligence operations and initiatives

Qualifications

Qualifications:

· Degree in Cyber Security, Computer Science, Information Technology or a related discipline, or equivalent practical experience.

· Relevant incident response, blue team or security operations certification (for example GCIH, GCED, or equivalent).

· Demonstrated experience responding to security incidents, labs or realistic tabletop exercises.

Experience:

6-10 years experience with Incident management

· 3+ years in cybersecurity, with at least 2 years in SOC/CTI/Incident Response.

· Hands-on experience in malware analysis, memory forensics, and log analysis.

· Strong understanding of network protocols, secure configurations, and common attack techniques (MITRE ATT&CK).

· Experience supporting or participating in security incident response activities, including investigation and containment.

· Familiarity with SOC tooling such as SIEM, EDR, Threat Intelligence Platforms and alerting platforms.

· Experience analysing security alerts, logs and endpoint telemetry to identify malicious activity.

· Experience documenting incidents, investigations and lessons learned in a clear and structured manner.

Technical Skills:

· Hands-on experience with SIEM and EDR tools for alert investigation and incident analysis.

· Ability to analyse endpoint, network and log data to identify malicious activity.

· Familiarity with incident response processes, including triage, containment and recovery.

· Basic malware analysis and investigation skills, such as analysing file hashes, URLs and suspicious processes.

· Understanding of common attack vectors, vulnerabilities and exploitation techniques.

Additional Skills:

· Strong problem-solving and analytical skills.

· Ability to remain calm and decisive during high-pressure incidents.

· Excellent communication skills, both technical and non-technical.

· Continuous learning mindset and willingness to explore new tools and methods.

Additional Information

Discover some of the global benefits that empower our people to become the best version of themselves:

  • Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;   
  • Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
  • Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
  • Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
  • Health: Global internal wellbeing programme, access to wellbeing apps;
  • Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.

Frequently Asked Questions

Is the salary disclosed for the Security Incident Response Analyst position at endava?
The salary for this Security Incident Response Analyst role at endava is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the Security Incident Response Analyst position at endava located?
This Security Incident Response Analyst role at endava is based in Bengaluru, Bengaluru, Karnataka, India, Karnataka, in. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Is the Security Incident Response Analyst role at endava full-time or part-time?
This is listed as a Full time position. It is posted as a Security Incident Response Analyst role in the Client Delivery department at endava.
Which team or department does the Security Incident Response Analyst at endava belong to?
This Security Incident Response Analyst position is part of the Client Delivery department at endava. See the full job description for more information about the team structure and responsibilities.
How do I apply for the Security Incident Response Analyst position at endava?
Click the "Apply Now" button on this page. You will be redirected to endava's official application portal hosted on smartrecruiters where you can submit your application directly.
When was the Security Incident Response Analyst job at endava posted?
This Security Incident Response Analyst position at endava was posted on Feb 3, 2026. Apply as soon as possible — early applications are often reviewed first.
Security Incident Response Analyst
endava
Apply for this role ↗

You'll be redirected to endava's official application page on SmartRecruiters.