422 Arcsight Jobs - Page 16

Delhi , India Designation: Partner Position: SOC Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SOC Instructor Mentor will deliver advanced training and mentorship to Eduroids' students on a part-time basis, focusing on Security Operations Center (SOC) concepts, tools, and best practices. The role involves conducting engaging training sessions, developing industry-relevant course materials, and providing personalized guidance to students, equipping them with the skills required to excel in SOC roles such as security analysts and incident responders. Key Responsibilities Training Delivery: Lead interactive weekend sessions on SOC operations, incident response, threat detection, and security monitoring. Demonstrate workflows and methodologies for handling cybersecurity incidents within a SOC environment. Curriculum Development: Design and update course content, labs, and case studies aligned with SOC tools and frameworks, such as SIEM, SOAR, and endpoint detection platforms. Create comprehensive training materials covering SOC processes, including triage, analysis, containment, and remediation. Hands-On Learning: Facilitate hands-on labs using SOC tools like Splunk, IBM QRadar, ArcSight, and SentinelOne. Guide students through simulated incident response scenarios and log analysis exercises. Mentorship: Provide one-on-one guidance to students, addressing their questions and helping them understand real-world SOC workflows. Offer career advice, including certifications and skill-building strategies for aspiring SOC professionals. Industry Alignment: Ensure training materials reflect the latest cybersecurity trends, SOC methodologies, and compliance standards. Assessment and Feedback: Evaluate students through practical exercises, incident response scenarios, and periodic assessments. Provide constructive feedback to enhance participants’ skills and confidence. Knowledge Transfer: Share insights from a minimum of 15 years of professional experience in cybersecurity and SOC operations, emphasizing enterprise-grade practices. Key Measures Student Competency: High rates of student skill acquisition, demonstrated through successful completion of projects and assessments. Curriculum Relevance: Training content is continuously updated to align with current SOC tools, standards, and practices. Hands-On Proficiency: Students demonstrate practical expertise in using SOC tools and handling cybersecurity incidents. Feedback Scores: Achieve excellent ratings from students for training quality and mentorship effectiveness. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field. Experience: Minimum of 15 years of professional experience in SOC operations, cybersecurity, or incident response. Hands-on experience with SOC tools, threat intelligence, and forensic analysis in enterprise environments. Real-time experience with Fortune 500 companies is highly preferred. Technical Skills: Proficiency in SOC workflows, including threat detection, incident response, and log management. Experience with SIEM solutions (Splunk, IBM QRadar, ArcSight) and SOAR platforms. Familiarity with scripting languages like Python, PowerShell, or Bash for automating SOC tasks. Strong understanding of MITRE ATT&CK framework and cybersecurity standards like NIST and ISO 27001. Soft Skills: Excellent communication and presentation abilities. Proven mentorship skills with a passion for teaching and guiding aspiring cybersecurity professionals. Strong analytical and critical thinking skills. Personal Attributes Passionate about cybersecurity and SOC operations. Resilient, adaptable, and committed to continuous learning. Collaborative team player who fosters an inclusive and engaging learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to mentor and shape the next generation of SOC professionals. Collaborative and innovative work culture.

Job Title: Security Operations Center (SOC) Analyst (Positios-02) Experience: 5 to 8 Years Location: Hyderabad Department: Cybersecurity / Security Operations Industry: IT Services / MSSP / Software / FinTech / Healthcare IT Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (58 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 5–8 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: On-site / Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

Diverse Lynx is looking for SOC Analyst to join our dynamic team and embark on a rewarding career journey. Monitor and analyze security events and incidents, identifying and investigating potential threats Maintain the security of our network and systems by implementing security controls and best practices Work closely with the rest of the security team to ensure that our systems and networks are secure and compliant with industry standards Maintain accurate documentation and reports on security events and incidents Communicate effectively with team members and other stakeholders to ensure that security issues are addressed in a timely and effective manner Stay up to date with the latest security technologies and threats

Diverse Lynx is looking for SOC Lead to join our dynamic team and embark on a rewarding career journey. Lead the SOC team and manage the organization's security operations Ensure that the SOC is staffed with skilled analysts and that the SOC team is executing their tasks efficiently and effectively Monitor and respond to security events and alerts to detect potential security incidents Manage security incidents and provide guidance on remediation Develop and maintain incident response plans and playbooks Collaborate with cross-functional teams to ensure security technologies, policies, and procedures align with business needs Develop and maintain security policies, standards, and procedures Conduct security awareness training for employees and contractors Experience with security information and event management (SIEM) tools such as Splunk or QRadar Excellent problem-solving and analytical skills Strong communication and interpersonal skills

You will contribute as a Managed Security Services (MSS) expert responsible for one of the key functions like Security Governance, Risk & Compliance Management, OMS security infrastructure management, or Security Monitoring & Response Management. You will be part of a team that works independently within a global environment & solve complex problems, and contribute to process improvements. You have: 4-6 years of relevant experience and/or a graduate / postgraduate equivalent degree. Management Experience / Achieved well-advanced skills in a specific professional discipline combining deep knowledge of theory and organizational practice or expertise. Recognized expert in their field (depth & breadth). It would be nice if you also had: Familiarity in security system design, implementation, and performance management. Knowledge to make strategic decisions and mentor senior engineers. Familiarity with complex improvement projects with moderate risk and resources. You will address and resolve highly complex Managed Security Services (MSS) operations performance issues or challenges including through technical leadership of highly skilled teams. You will interpret internal and external Managed Security Services (MSS) and technology challenges and recommend solutions. You will lead the development of innovative practices to improve MSS operations. You will contribute to the design, building, testing, and implementation of security systems within an organizations IT and telecom network. You will be the owner of Performance & Quality Management of Security Operations & Administration and also approve new and/or changes to guidelines and procedures for the function. You will contribute to strategic decisions for not only Managed Services operations, but also MSS business & act as a professional leader for Managed Services operations, mentoring senior Service Operations Engineers. You will contribute to developing the concepts to determine the professional direction of Managed Services delivery operations personnel.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Position Summary: This position will support Mphasis Cyber Defense Center/SOC. It requires to continuously monitor cyber security events, perform triages and provide response/remediation activities. Responsibilities:  Continuously monitor security alerts generated by SIEM and other security tools.  Perform initial triage to distinguish genuine security incidents from false positives and promptly escalate complex or confirmed threats to senior analysts or incident response teams.  Conduct in-depth analysis of potential security incidents by gathering and correlating data from various sources.  Identify indicators of compromise to determine the scope, impact, and root cause of incidents.  Develop and execute effective containment and remediation strategies in close coordination with incident response teams.  Engage in proactive threat hunting to uncover stealthy or sophisticated attacks that bypass standard monitoring mechanisms.  Maintain accurate and detailed incident logs and reports that capture the analysis, response actions, and lessons learned.  Communicate technical findings clearly to both technical and non-technical stakeholders.  Collaborate with fellow SOC analysts, incident responders, and IT teams to optimize detection rules and continuously improve the organization’s security posture.  Evaluate and implement new security technologies while contributing to the development of SOC playbooks, standard operating procedures, and best practices.  Continuously learn and keep abreast on latest trends in attack patterns and tools Desired Skills/Experience:  3-6 years of overall experience in area of Systems/Network/Information Security and minimum 2 years in SOC/MSS services  Experience SIEM Monitoring solutions [Qradar, ArcSight, Splunk, etc.,] and a variety of other security devices found in a SOC environment  Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,  Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet, network topologies)  Experience in major operating systems (Windows, Linux)  Understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps  Strong analytical and problem-solving skills  Excellent communication and interpersonal skills  Professional/Technical Certifications (Security+, CCSE, CCSP, TICSA, MCSE, CISSP, etc.) desirable Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include continuous monitoring of Security Information Event Management (SIEM), EDR, XDR, DLP and related platforms for correlated events and alerts and working with the client to take action. Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Knowledgeable in various IR response commands related to Windows, Linux and advanced attack techniques related to Endpoints and servers Analysts are also expected to maintain open communication and visibility with their team members, Senior Analysts, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. Capabilities Preferred to have some formal training or experience in delivering Managed Security or Managed Detection and Response Services. Preferred to have a sound understanding and up-to-date knowledge of common security threats, attack vectors, vulnerabilities, exploits, and Network Architecture / Protocols (such as OSI, TCP/IP, P2P, etc.) and Packet Analysis. Must have hands-on experience to correlate and analyze information, raw logs, and complex data sets from a wide variety of enterprise technologies including but not limited to SIEM, UEBA, EDR, IDS, IPS, Proxy, Firewall, DLP, and other Threat intelligence tools and Telemetries for anomalous activity and items of interest. Preferred to have the necessary experience to conduct initial triage of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the SOC, escalate to the client for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Experience in conducting research analysis and data gathering requirements to present in a report format is preferred. Should be able to develop/follow standard processes and complete documentation as needed. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing. Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Traditional SIEM ArcSight ESM. Emerging SIEM such as MS Azure Sentinel, Exabeam, Obsidian. Experience in handling investigations related to XDR and Good knowledge of latest endpoint/Server based attacks Endpoint awareness for Carbon Black, CrowdStrike, SentinelOne, MS Defender. Knowledge of IR process, Ticketing tools Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Education, Training & Certifications Minimum Experince in SOC/IR 1 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security from specialized schools Preferred to have relevant entry-level or mid-level security certifications such as CEH, Security+. COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response. Show more Show less

Job Title: Senior SOC Analyst (SIEM, Threat Hunting & Incident Response) Department: Cybersecurity & IT Risk Management Reports To: CISO / Director – Cybersecurity & GRC Location: Manesar, Haryana (On-site at Client Location) Employer: VVNT SEQUOR, Noida Summary: VVNT SEQUOR is hiring a Senior SOC Analyst to strengthen the cybersecurity posture of a leading client in Manesar, Haryana. This is a full-time on-site role requiring deep hands-on expertise in threat detection, incident response, SIEM management, and vulnerability assessments. As a senior member of the Security Operations Center (SOC), you will lead advanced threat-hunting efforts, optimize detection logic, and ensure rapid response to cybersecurity events. Your key responsibilities will include: Leading 24x7 SOC operations , threat monitoring, triage, and escalations using tools like ArcSight, Splunk, and ELK . Creating and fine-tuning correlation rules , dashboards, and playbooks to enhance detection capabilities. Executing proactive threat hunting using MITRE ATT&CK , EDR telemetry, threat intel feeds, and custom threat models. Coordinating and leading incident response , performing forensic investigations using CHFI methodologies , memory analysis, and endpoint data. Performing and overseeing Vulnerability Assessment & Penetration Testing (VAPT) using Nessus, Qualys, OpenVAS, Metasploit , and Burp Suite . Managing EDR and SOAR platforms , integrating automated responses and threat intelligence feeds. Administering and securing firewalls (FortiGate, Palo Alto), WAFs, IDS/IPS, and Anti-DDoS infrastructure. Maintaining compliance with ISO 27001, NIST CSF, and internal security baselines , conducting regular audits and patch validations. Documenting Root Cause Analyses (RCA) , incident timelines, and post-incident review reports. Leading security awareness programs (e.g., KnowBe4) and mentoring junior analysts. We are looking for someone with: Bachelor's degree in Cybersecurity, Information Security, or related field. 7–9 years of SOC and cybersecurity operations experience. Strong knowledge of SIEMs (e.g., ArcSight, Splunk), EDRs (CrowdStrike, SentinelOne) , and log correlation techniques . Proven skills in threat analysis, IOC handling, malware analysis , and incident lifecycle management . Working experience with security automation (SOAR) and scripting (e.g., Python, PowerShell) for response actions. Solid understanding of MITRE ATT&CK, NIST 800-61, OWASP Top 10 , and compliance mandates . Proven experience in writing technical incident reports, security playbooks, and conducting RCA. Bonus points for: Certifications like CEH, CHFI, Security+, GCIA, GCFA, Splunk Certified Analyst, PCNSE . Experience with Tripwire SCM, KnowBe4 , or cloud-native security tools (AWS GuardDuty, Azure Sentinel). Exposure to OT/ICS security , manufacturing, or automotive environments. Familiarity with Purple Teaming, Red Team/Blue Team drills , and Threat Intelligence Platforms (TIPs) . Why join VVNT SEQUOR? Lead and influence real-time SOC strategies for a mission-critical enterprise. Gain hands-on experience with top-tier cybersecurity technologies and threat landscapes. Subsidized Cab and Lunch facilities at client site. Work in a client-focused, innovation-driven cybersecurity environment. To Apply: Please submit your resume along with the cover letter to chaitali@vvntsequor.in or parveen.arora@vvntsequor.in Also, you can connect over WhatsApp +91-9891810196 or +91-8802801739 IMPORTANT: Do mention clearly to Job Role that you are applying for along with your Last Salary Drawn information as well as your Earliest Joining Date in your covering letter or email. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Job Title : Cybersecurity Analyst (2+ years of experience) Location : Trivandrum,kerala Job Type : Full-time Key Responsibilities Monitor and Respond to Security Alerts : Continuously monitor security alerts across various platforms (SIEM, IDS/IPS, firewall, etc.). Investigate and triage security incidents, ensuring quick resolution or escalation as needed. Work with the incident response team to manage and contain security breaches. Vulnerability Management Conduct regular vulnerability scans and assessments to identify weaknesses in the organization's IT infrastructure. Coordinate patch management efforts to ensure systems remain up to date with security patches. Recommend and implement strategies to mitigate Auditing & Compliance : Assist with security audits and assessments, ensuring compliance with industry regulations (e.g., GDPR, HIPAA, PCI-DSS). Maintain and track security policies, procedures, and documentation. Threat Intelligence & Analysis Keep up-to-date with emerging cyber threats, trends, and vulnerabilities to proactively protect the organization. Analyze security data and reports to identify patterns and trends in cyber threats. Implement threat intelligence feeds and integrate them with security tools. Security Tool Management Configure, manage, and maintain security tools such as firewalls, anti-virus, anti-malware, and SIEM platforms. Assist with the configuration and deployment of endpoint detection and response (EDR) tools. Collaboration & Training Collaborate with other IT teams to ensure security controls are applied consistently across all systems. Assist in training internal teams on best practices for security hygiene and incident reporting. Required Skills & Qualifications Minimum of 2 years in a cybersecurity or IT security-related role, with a solid understanding of network security, system security, and incident response. Technical Skills Proficient in security technologies such as SIEM (Splunk, ArcSight), IDS/IPS, firewalls, VPNs, endpoint protection, etc. Experience with vulnerability management tools and patching processes. Knowledge of TCP/IP, firewalls, and other network protocols. Familiarity with operating systems (Windows, Linux, MacOS) and common security vulnerabilities (OWASP Top 10, (Preferred) : CompTIA Security+ Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) GIAC Security Essentials (GSEC) or Skills : Strong analytical and problem-solving skills. Excellent written and verbal communication skills. Ability to work independently and as part of a team. Strong attention to detail and ability to prioritize tasks in a fast-paced environment. (ref:hirist.tech) Show more Show less

Job Title:DLP Lead Experience8-14 Years Location:Bangalore /Pune : Technical Skills: Experience in configuring s and creating workflows on Email DLP - Proofpoint Prior experience with CASB Netskope or similar solution Knowledge of security principles including cloud , standards and techniques Understanding of cloud principles ,cloud applications and key cloud service providers Prior experience with Data loss prevention tools, SIEM, network devices and other infrastructure Reviews violations of data security procedures to eliminate violations Strong experience on Mimecast email Security solution for threat Protection, Spoofing, Encryption, Archive, URL Defense Strong understanding of email delivery architecture, email gateway and DNS technologies Strong understanding of networking, SMTP, DNS Experience of compliance requirements for database security (e.g. SOX, HIPAA, PCI etc.) Strong verbal and written communications skills; must be able to effectively communicate technical details and thoughts in non-technical/general terminology to various levels of the organization. Work well in team environments with internal and external resources as well as work independently on tasks Strong organizational, and time management skills Process Skills: Overall management of Email DLP solution - Proofpoint Analyze blocked emails Manage CASB operations ,maintain implemented Netskope CASB solution,respond and resolve incidentsinvestigate and conduct analysis Work on email release/drop as per requests Tune/Amend email DLP policies Perform Daily DLP System Health check and publish health report Update/Add - roles modification, response rules, complex and new policies modifications Email DLP – Microsoft E4 licenses CASB –Netskope Behavioral Skills: Effective interpersonal, team building and communication skills Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker. Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user. Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, 'not-invented-here' syndrome and damaging pursuit of the bleeding edge for its own sake. Learn things quickly, while working outside the area of expertise. Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design Ability to communicate complex technology to no tech audience in simple and precise manner. Ownership skills. Qualification: Must have 4 Year degree (Computer Science, Information Systems or equivalent) 4+ years overall IT experience.

Overview 170+ Years Strong. Industry Leader. Global Impact. At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded together, we share a commitment to integrity, vigilance, and excellence. Pinkerton is an inclusive employer who seeks candidates with diverse backgrounds, experiences, and perspectives to join our family of industry subject matter experts. The Assistant Site Security Manager, assigned to one of Pinkerton's largest global clients, will provide operational support in the application of physical security operations at the client's campus to ensure a safe working environment and support the organization's core business objectives. Responsibilities Represent Pinkerton’s core values of integrity, vigilance, and excellence. Provide operational support in the application of physical security operations to ensure a safe working environment. Assist in the evaluation, development, and implementation of regional security strategies. Implement site security plans, security assessments, site specific risk/threat analysis and training awareness programs with the assistance of law enforcement agencies. Support the regional internal communication program. Liaise with government, consular and private sector agencies to enhance security operations. Provide support to Security Manager regarding contingency planning, risk/threat assessments, and the maintenance of effective networks across all business groups. Assist with the intelligence gathering process regarding the protection against high security threats, emergencies, and contingencies. Assist with the Building Emergency Reaction Readiness Program through the collaboration with key stakeholders. Support the creation and review of regional level strategic relocation planning. Preserve the business infrastructure at local and region level through the implementation of strategic business objectives. Provide multi-level communication between the business units in cooperation with individuals, teams, and vendors. Conduct periodic review sessions with vendors to achieve quality service delivery provision by suppliers and vendors. Manage and direct all security staff and daily on-site security operations and ensure correct and continuous business operations. Assist in the development of internal and external service optimization. Respond immediately to all security incidents and emergencies, as dictated by policy. Provide operational support to the Regional Security Manager during incidents and emergencies. Act as the global security representative during initial stages, as dictated by policy. Support established systems including but not limited to; access control, system trouble shooting, and access card management. Coordinate security support for both internal/external events. All other duties, as assigned. Qualifications Bachelor's degree preferred with at least Three years of corporate security operations experience. Able to carry out responsibilities with little or no supervision. Effective written, verbal, and presentation skills. Able to multi-task and organize workload for effective implementation. Client orientated and results driven. Able to interact effectively at all levels and across diverse cultures. Able to prioritize duties and responsibilities in accordance with level of importance. Able to adapt as the external environment and organization evolves. Computer skills; Microsoft Office. Working Conditions: With or without reasonable accommodation, requires the physical and mental capacity to effectively perform all essential functions; Regular computer usage. Occasional reaching and lifting of small objects and operating office equipment. Frequent sitting, standing, and/or walking. Travel, as required. Pinkerton is an equal opportunity employer to all applicants and positions without regard to race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/prenatal status, pregnancy/childbirth or related conditions, religion, creed, age, disability, genetic information, veteran status, or any protected status by local, state, federal or country-specific law.

Job Summary: The SOC Monitoring and Incident Response Specialist is responsible for monitoring security events, identifying potential threats, investigating incidents, and initiating incident response actions. This role requires extensive experience in cybersecurity, threat intelligence, and incident response processes to support our security operations and safeguard our organization's IT environment. Key Responsibilities: Security Monitoring & Analysis · - Monitor and analyze security alerts from various sources (SIEM, IDS/IPS, firewalls, endpoint protection, etc.). · - Identify suspicious activity and investigate to understand the threat level and scope. · - Perform triage of alerts to assess whether they represent legitimate threats or false positives. · Act as the first responder to security incidents, containing and mitigating threats. · - Document and track incidents, performing root-cause analysis to prevent recurrence. · - Coordinate incident response efforts, collaborating with internal teams and external partners if needed. · - Utilize threat intelligence to stay updated on emerging threats and attack vectors. · - Correlate threat intelligence data with real-time monitoring to detect indicators of compromise (IOCs). · - Proactively hunt for threats and vulnerabilities within the organization’s network. · - Conduct forensic investigations of compromised endpoints, servers, and networks to determine the nature and extent of attacks. · - Collect, preserve, and analyze evidence for potential use in legal or disciplinary actions. · - Provide detailed reports on findings and recommendations for improvements in security posture. Process Improvement & Documentation · - Contribute to the development and improvement of SOC processes, playbooks, and runbooks. · - Document security incidents and response activities in detail, ensuring accurate record-keeping. · - Provide post-incident reports, insights, and recommendations to improve defenses and incident handling procedures. · - Work with IT and cybersecurity teams to improve overall network and endpoint security. · - Communicate with stakeholders, translating technical findings into business impacts. · - Participate in cross-functional meetings and contribute to the overall risk management strategy. · - Mentor junior SOC analysts and assist in their professional development. · - Conduct training sessions and awareness programs to improve cybersecurity knowledge within the organization. Requirements: Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience). Experience: 6-8 years of experience in a SOC, incident response, or similar cybersecurity role. Certifications: Preferred certifications include CISSP, CISM, GIAC (GCIA, GCIH), or CEH. Technical Skills: · - Proficiency with SIEM tools (e.g., Splunk, QRadar, ArcSight, Logrhythm), IDS/IPS systems, firewalls, and EDR and WAF solutions. · - Familiarity with common operating systems (Windows, Linux) and networking protocols (TCP/IP, DNS, HTTP, etc.). · - Strong understanding of cyber threats, vulnerabilities, malware, and attack methods. · - Experience with scripting languages (Python, PowerShell) is an asset. · - Knowledge of forensic tools and processes for data recovery and analysis. Soft Skills: · - Strong analytical and problem-solving abilities. · - Ability to work effectively under pressure and manage multiple tasks. · - Excellent communication and interpersonal skills, with the ability to explain technical issues to non-technical audiences. · - Team-oriented with a proactive and collaborative attitude. Show more Show less

Why Join Siemens? At Siemens, you will be part of a global leader committed to innovation, quality, and excellence. This role offers the opportunity to work on challenging projects, develop professionally, and make a significant impact in the electrical and instrumentation domain, particularly within power plant and renewable energy projects. If you are passionate about leading a talented team and driving technical excellence, we encourage you to apply. As Siemens Energy, "We energize society" by supporting our customers to make the transition to a more sustainable world, based on innovative technologies and our ability to turn ideas into reality. We do this by Expanding renewables Transforming conventional power Strengthening electrical grids Driving industrial decarbonization Securing the supply chain and necessary minerals Looking for challenging role? If you really want to make a difference - make it with us Siemens Energy (SE) is a global pacesetter in energy, helping customers to meet the evolving demands of today's industries and societies. SE comprises broad competencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Munich in Germany and more than 88,000 employees in over 80 countries, Siemens energy has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years. Your new role "“ challenging and future-oriented You would be responsible for all system administration requirements like installation, upgrades, and updates of DCS Systems (SPPA T3000) before the delivery of components to customers as well as during the after-sales service phase. You would be part of remote service support center and would support customers in troubleshooting of problems faced by customer. As part of your profile there would be requirement of travelling to many project sites during installation as well as service phase of I&C Systems. You have great opportunity to work with global remote support centers and global teams We don't need superheroes, just super minds You're a bachelor's in engineering with 3 to 5 years of experience in system administration of Instrumentation & Control (I&C)/PLC systems. You've great knowledge and experience of DCS & PLC Systems You've great knowledge of SPPA T3000 control system and "˜know-how' on the system administration and troubleshooting would be an added advantage. You've great knowledge of network implementation including switches, firewalls, router etc. You've professional exposure in implementation of cyber solutions like NIDS, Application Whitelisting, Domain Controller, SIEM Solutions would be added advantage. We've got quite a lot to offer. How about you? This role is based in Gurgaon, where you'll get the chance to work with teams impacting entire cities, countries "“ and the shape of things to come. We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

Varonis is looking for Security Analyst to join our dynamic team and embark on a rewarding career journey. Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans

Bring more to life. Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology? At Cytiva, one of Danaher’s 15+ operating companies, our work saves lives—and we’re all united by a shared commitment to innovate for tangible impact. You’ll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher’s system of continuous improvement, you help turn ideas into impact – innovating at the speed of life. Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research to developing innovative vaccines, new medicines, and cell and gene therapies. At Cytiva you will be able to continuously improve yourself and us – working on challenges that truly matter with people that care for each other, our customers, and their patients. Take your next step to an altogether life-changing career. Learn about the Danaher Business System which makes everything possible. The Security Operations Analyst is responsible for monitoring, analyzing, and responding to security incidents to protect the organization’s digital assets and infrastructure. By proactively identifying threats and vulnerabilities, they play a critical role in minimizing risk and ensuring business continuity. This position reports to the Senior Manager, Security Operations and is part of the Information Security Team which operates globally. This will be an on-site role, based at our office in Bangalore working as part of a global team. At Cytiva, our vision is, to advance future therapeutics from discovery to delivery. What you will do: Perform advanced security incident analysis and digital forensics to identify threats and mitigate risks. Lead complex security investigations, including malware analysis, network traffic analysis, and endpoint detection. Provide guidance to L1 and L2 SOC analysts, improving the quality of information coming into the Security Operations team. Investigate and respond to escalated security incidents in a timely manner. Collaborate with our engineering teams to optimize and fine-tune SIEM (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security tools. Conduct proactive threat hunting to uncover hidden threats and vulnerabilities within the organization. Partner with other IT and security teams to improve the organization's security posture. Produce detailed reports and recommendations for remediation and security improvements, including hosting post incident reviews with wider technical teams. Who you are: Minimum 5+ years of experience in a corporate IT environment, with at least 2 years in an L3 or senior analyst role. Deep knowledge of security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Hands-on experience with incident response, threat hunting, and forensic investigations. Familiarity with cloud security (AWS, Azure, Google Cloud) and modern attack techniques. Certifications such as OSCP, CEH are a plus. It would be a plus if you also possess previous experience in: Scripting and automation (Python, PowerShell, Bash) to improve SOC processes SME in EDR, SIEM, UBA, DLP or Data Security Operation Technology (OT) environments Cytiva, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it’s a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info. Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life. For more information, visit www.danaher.com. At Danaher, we value diversity and the existence of similarities and differences, both visible and not, found in our workforce, workplace and throughout the markets we serve. Our associates, customers and shareholders contribute unique and different perspectives as a result of these diverse attributes. Show more Show less