Cybersecurity Incident Response Analyst at Brandtechplus

Brandtech+ (formerly known as OLIVER+) is a global team of creative thinkers, tech-savvy trendsetters, and production pros specialising in film, CGI, automation, AI, motion design, and digital/print content. We partner with over 300 clients in 40+ countries and counting. Our focus is to connect clients with high-quality solutions, talent and ambitious opportunities worldwide.  As a part of The Brandtech Group, we're at the forefront of leveraging cutting-edge AI technology to revolutionise how we create and deliver work. Our AI solutions enhance efficiency, spark creativity, and drive insightful decision-making, empowering our teams to produce innovative and impactful results. Role: Cybersecurity Incident Response Analyst Location: Mumbai, India About the role: The Incident Response L1 Analyst is the first line of defence in the cybersecurity incident response function. This role focuses on monitoring, initial detection, triage, and escalation of security incidents across the organization’s IT environment. The L1 analyst works closely with SOC, L2/L3 IR teams, and IT teams to ensure timely identification and containment of threats. What you will be doing: 1. Security Monitoring & Detection • Continuously monitor security alerts from SIEM, SOAR, EDR, XDR, email security, and cloud security tools • Identify potential security incidents such as: o Phishing and malicious emails o Malware and ransomware detections o Suspicious logins and account compromise attempts o Endpoint and network anomalies 2. Incident Triage & Initial Analysis • Perform initial investigation and validation of alerts to determine if they are true positives or false positives • Classify incidents based on severity, impact, and urgency • Collect and document basic evidence (logs, alerts, affected users/devices, timestamps) 3. Incident Response (L1 Scope) • Execute pre-approved response actions, such as: o Isolating endpoints (via EDR) o Resetting compromised user passwords o Blocking malicious IPs, URLs, or senders o Quarantining emails or files • Follow Incident Response Playbooks and SOPs 4. Escalation & Coordination • Escalate confirmed or high-severity incidents to L2/L3 Incident Responders with complete and accurate context • Coordinate with IT, Endpoint, Identity, and Email teams when required • Maintain clear communication during active incidents 5. Documentation & Reporting • Accurately document incidents in the ticketing or IR management system • Maintain clear timelines, actions taken, and outcomes • Support daily/weekly incident reports and metrics 6. Continuous Improvement • Identify recurring issues or alert patterns and raise recommendations • Assist in improving detection rules, playbooks, and response workflows • Stay updated on emerging threats, attack techniques, and security best practices What you need to be great in this role: Technical Skills • Basic understanding of: o Cybersecurity fundamentals (CIA triad, attack lifecycle) o Common attack types (phishing, malware, brute force, ransomware) o Windows, macOS, and basic Linux concepts • Familiarity with security tools such as: o SIEM (e.g., Microsoft Sentinel, Splunk) o EDR/XDR (e.g., Microsoft Defender, CrowdStrike) o Email security and web security gateways • Basic log analysis and alert interpretation skills Soft Skills • Strong attention to detail • Ability to follow processes and playbooks accurately • Calm and methodical approach during security incidents • Good written and verbal communication • Willingness to work in shifts / 24×7 environment • Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field (preferred) • 2+ years of experience in SOC, IR, or IT Security roles • Entry-level cybersecurity certifications are a plus: o CompTIA Security+ o Microsoft SC-900 / SC-200 o CEH (Foundation level) Req ID: 17247 #LI-AK1 #BTG+ Our values shape everything we do: Be Ambitious to succeed  Be Imaginative to push the boundaries of what’s possible  Be Inspirational to do groundbreaking work  Be always learning and listening to understand  Be Results-focused  to exceed expectations  Be actively pro-inclusive and anti-racist across our community, clients and creations  Brandtech+, a part of the Brandtech Group, is an equal opportunity employer committed to creating an inclusive working environment where all employees are encouraged to reach their full potential, and individual differences are valued and respected. All applicants shall be considered for employment without regard to race, ethnicity, religion, gender, sexual orientation, gender identity, age, neurodivergence, disability status, or any other characteristic protected by local laws.  Brandtech+ has set ambitious environmental goals around sustainability, with science-based emissions reduction targets. Collectively, we work towards our mission, embedding sustainability into every department and through every stage of the project lifecycle.'