420 Arcsight Jobs - Page 7

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities.Key Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness. Professional & Technical Skills: - 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- Preferred Certifications-SC-200:Microsoft Security Operations Analyst (strongly preferred), AZ-500:Microsoft Azure Security Technologies, MITRE -ATT&CK Defender (MAD) certificate (nice to have), SC-900:Microsoft Security, Compliance, and Identity Fundamentals - Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Imperva DAM Administrator to manage, maintain, and enhance our Imperva Database Activity Monitoring infrastructure. The ideal candidate will have deep experience with Imperva DAM, database security, and compliance frameworks such as PCI-DSS, SOX, and HIPAA. This role is crucial for ensuring real-time monitoring, alerting, and reporting of database activity to detect and prevent unauthorized or anomalous access. Roles & Responsibilities:- Administer, configure, and maintain the Imperva SecureSphere DAM platform across various environments (development, staging, production).- Deploy DAM agents/connectors across databases (Oracle, SQL Server, DB2, MySQL, etc.).- Develop and tune security policies, rules, and alerts for detecting suspicious database activity.- Monitor the DAM system health, logs, and performance metrics to ensure high availability and optimal operation.- Manage integrations with SIEM, ticketing systems, and other security tools.- Support audits and compliance reporting through custom report creation and event tracking.- Perform regular upgrades, patches, and configuration changes in accordance with security best practices.- Troubleshoot issues with DAM sensors, agents, and logging mechanisms.- Work closely with database administrators, application teams, and InfoSec stakeholders to ensure seamless data protection and policy enforcement.- Provide documentation, standard operating procedures (SOPs), and training to relevant stakeholders. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of risk assessment methodologies and frameworks.- Experience with security tools and technologies for vulnerability scanning and management.- Knowledge of compliance standards and regulations related to cybersecurity.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities. Roles & Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.- Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Professional & Technical Skills: - 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- Preferred Certifications-SC-200:Microsoft Security Operations Analyst (strongly preferred), AZ-500:Microsoft Azure Security Technologies, MITRE - ATT&CK Defender (MAD) certificate (nice to have) Microsoft Security, Compliance, and Identity Fundamentals. Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The IBM Technology Expert Labs organization is looking for an IBM zSecurity Delivery Consultant with expertise in IBM Z, RACF and Security products to lead and deliver pre-sales and post-sales client engagements that enable the adoption of IBM zSecure Suite and IBM ZMFA Ideal candidates will have demonstrated a successful history of implementing IBM Zsecure Suite engagements, be familiar with sysplex architectural methods, can independently assess IT infrastructures, evaluate gaps in best practices and create IBM Security solution recommendations for client environments while displaying excellent collaboration and communication with Clients, Sellers, Business Partners and Colleagues by delivering reports to clients. You will be responsible for developing and delivering IBM Security architecture, and implementation of IBM Security products which may include: Implement security policies and procedures to protect the integrity, confidentiality, and availability of information extensive knowledge of security administration by using the zSecure suite products Designing and customizing the ZMFA features, based on the client requirements Integrating and designing security with IBM Guardium Data centre and Quantum safe solutions. Assisting with customer to extract the audit reports for system vulnerabilities and implement security measures to mitigate risks Providing technical guidance and skills transfer to customer personnel for IBM zSecure suite products, ZMFA features, IBM Guardium and Quantum safe Producing planning and implementation reports and documentation. Installation, configuration, testing and maintenance of IBM RACF, and related Z software Other technical tasks as necessary to accomplish successful customer outcomes Aid customers to migrate the other vendor security products to the IBM RACF And Z security software’s. This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe, are needed. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe, are needed. 8+ years’ experience working with: RACF Security Administrators and capabilities of IBM zSecurity products including (zSecure ,ZMFA, Guardium and Quantum safe) z/OS RACF Security Administrators ,zSecure Admin Ability to migrate the other vendor security products to the RACF and IBM z Security related products Successfully delivering IBM Z projects and/or architecting and planning infrastructures for customer’s Security Needs 5+ years’ experience in: Customer or executive facing communications, requirements analysis, documentation, and report presentations. Create and manage RACF user profiles, group profiles, and access rights Implement security policies, extracting the Security audit reports using the zSecure suite products and procedures to protect integrity of the system Ability to lead customer technical workshops up to 20+ people. Strong written and verbal communication skills EnglishFluent. Preferred technical and professional experience Knowledge or experience with RACF ,zsecure products suite ,Guardium data center, ZMFA, Quantum safe Experience on Security Migrations (ACF2 to RACF or TSS to RACF) Practical SMP/E knowledge Assembler, JCL, REXX and CLIST knowledge.

Urgent Opening for Security Analyst - Hyderabad Posted On 20th Dec 2016 11:18 AM Location Hyderabad Role / Position Security Analyst Experience (required) 3+ Description Our Client is a leading IT company Title :Security Analyst Location : Hyderabad Department Operations Overview: The Security Analyst will take ownership of existing Operations controls from Security Engineers, and then improve those controls. : Develop and execute the Security Operations function Identify systems and scan for network vulnerabilities. Partner with TechOps and others to ensure the vulnerabilities discovered are closed in a timely manner Assess vendors for information security risk and recommend whether or leadership should accept the risk Report metrics and escalate issues with management as appropriate Monitor security logs to detect intrusions Coordinate incident response With guidance from the Lead Security Engineer, assess new releases of the product for security issues and approve the release on behalf of Security Monitor Security controls to discover deviations. Follow up to resolve deviations Review and approve network firewall rule requests : 3+ years of Information Security experience 1 year of experience with network, server, or application administration Basic knowledge of programming and scripting languages as well as HTML Thorough and detail-oriented Available to meet with US colleagues during US Central Time hours every working night and sometimes during US Pacific Time hours Excellent communication and interpersonal skills Self-starter eager to take on new challenges at a growing, cloud-based company Preferred: Security certification (e.g. CISSP, OSCP, CEH) Experience with any SIEM tool in SOC environment (ArcSight, Splunk, RSA enVision,etc.) Experience with application security methodologies such as OWASP Experience responding to external audits Send Resumes to girish.expertiz@gmail.com -->Upload Resume

The IBM Technology Expert Labs organization is looking for an IBM zSecurity Delivery Consultant with expertise in IBM Z, RACFand Security products to lead and deliver pre-sales and post-sales client engagements that enable the adoption of IBMzSecureSuite and IBM ZMFA Ideal candidates will have demonstrated a successful history of implementing IBM Zsecure Suiteengagements, be familiar with sysplex architectural methods, can independently assess IT infrastructures, evaluate gaps in best practices and create IBM Securitysolution recommendations for client environments while displaying excellent collaboration and communication with Clients, Sellers, Business Partners and Colleagues by delivering reports to clients. You will be responsible for developing and delivering IBM Securityarchitecture, and implementation of IBM Security productswhich may include: Implement security policies and procedures to protect the integrity, confidentiality, and availability of information extensive knowledge of security administration by using the zSecure suite products Designing and customizing the ZMFA features, based on the client requirements Integrating and designing security with IBM Guardium Data centre and Quantum safe solutions. Assisting with customer to extract the audit reports for system vulnerabilities and implement security measures to mitigate risks Providing technical guidance and skills transfer to customer personnel for IBM zSecure suite products, ZMFA features, IBM Guardium and Quantum safe Producing planning and implementation reports and documentation. Installation, configuration, testing and maintenance of IBM RACF, and related Z software Other technical tasks as necessary to accomplish successful customer outcomes Aid customers to migrate the other vendor security products to the IBM RACF And Z security software’s. This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe , are needed. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 12+ years’ experience working with: RACF Security Administrators and capabilities of IBM zSecurity products including(zSecure ,ZMFA, Guardium and Quantum safe) z/OSRACF Security Administrators ,zSecure Admin Ability to migrate the other vendor security products to the RACF and IBM z Security related products . Successfully delivering IBM Z projects and/or architecting and planning infrastructures for customer’s Security Needs 5+ years’ experience in: Customer or executive facing communications, requirements analysis, documentation, and report presentations. Create and manage RACF user profiles, group profiles, and access rights Implement security policies, extracting the Security audit reports using the zSecure suite products and procedures to protect integrity of the system Ability to lead customer technical workshops up to 20+ people. Strong written and verbal communication skills Preferred technical and professional experience Knowledge or experience with RACF ,zsecure products suite ,Guardium data center, ZMFA, Quantum safe Experience on Security Migrations (ACF2 to RACF or TSS to RACF) Practical SMP/E knowledge Assembler, JCL, REXX and CLIST knowledge

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities.Key Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.- Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Professional & Technical Skills: - Experience in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- SC-200:Microsoft Security Operations Analyst (strongly preferred).- AZ-500:Microsoft Azure Security Technologies.- MITRE ATT&CK Defender (MAD) certificate (nice to have).- SC-900:Microsoft Security, Compliance, and Identity Fundamentals Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred technical and professional experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

We are looking for a skilled professional with 6-9 years of experience to join our team as an SIEM specialist. The ideal candidate will have a strong background in security information and event management. Roles and Responsibility Design, implement, and manage SIEM systems to ensure the security and integrity of our organization's data. Develop and maintain dashboards and reports to provide insights into security threats and trends. Collaborate with cross-functional teams to identify and mitigate potential security risks. Conduct regular vulnerability assessments and penetration testing to identify weaknesses. Analyze log files and system logs to detect anomalies and suspicious activity. Develop and enforce security policies and procedures to ensure compliance with industry standards. Job Requirements Strong understanding of security principles and technologies such as firewalls, intrusion detection systems, and encryption. Experience with SIEM tools such as Splunk, LogRhythm, or QRadar. Excellent analytical and problem-solving skills with attention to detail. Ability to work effectively in a fast-paced environment and meet deadlines. Strong communication and collaboration skills to work with technical and non-technical stakeholders. Familiarity with industry standards and regulations related to security such as HIPAA, PCI-DSS, or NIST.

Immediate Job Openings on Security Analyst _ Gurgaon_ Contract Experience 4+ Years Skills Security Analyst Location Gurgaon Notice Period Immediate . Employment Type Contract Work Mode WFO 1. 4 to 8 years of exp in Security Analyst. 2. 2 to 3 Years of exp in Fine-tune SIEM rules to reduce false positive and remove false negatives. 3. Good exp in SOC (Security Operation Center)

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

Have over 10+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response. Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc. Experience in defining and reporting KPIs for Security Incident response. Familiarity with advanced SOC monitoring technologies, risk, threat and security measures. Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc. Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy. Preferably worked in BFSI domain with proven experience in SOC function. Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc. Skills and Application Leads the development and implementation of comprehensive Security Governance strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture. Deep understanding of Security Incident response frameworks and their application in creating robust policies. Automate potential resilient security processes to ensure continuous compliance with security best practices. Maintaining up-to-date knowledge of security trends, threats, and countermeasures Assess and design security posture determination processes, tools and methodologies Reviewing and approving use cases/playbooks for SIEM/SOAR tools Continuously monitor security hygiene and performance using tools and processes Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilience Other Knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective. Knowledge and expertise in conducting risk assessment and management. The ideal candidate will have a technical or computer science degree. Professional certifications: GCIH, CISSP, CEH, FOR608, CISM etc.

Responsible for monitoring and responding to security incidents within the SOC. Duties include analyzing security events, identifying vulnerabilities, and managing incidents using SIEM tools. The analyst must be adept at threat detection, incident response, and ensuring network security by implementing proactive measures to prevent data breaches.

Conduct investigations into phishing emails and security threats, analyzing patterns and identifying potential risks. You will collaborate with teams to mitigate cybersecurity risks. Experience in threat analysis and phishing investigations is required.

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.

Configures, monitors, and maintains firewall security policies. Protects enterprise networks from unauthorized access and cyber threats.

Manage FireEye NX, ETP, and Zscaler security solutions to monitor, detect, and respond to cybersecurity threats. You will configure and manage security appliances to protect against threats. Expertise in FireEye and Zscaler is required.

Monitor and manage security incidents using ArkSight for event and log management. Respond to threats, perform risk assessments, and implement security protocols to protect organizational data and IT infrastructure from breaches.

Implement and manage cybersecurity measures to protect enterprise systems from external and internal threats. You will monitor, identify, and respond to security incidents. Expertise in network security, threat detection, and incident response is required.

Implement and manage security solutions using Broadcom/CA tools, including SiteMinder and MFA/Advanced Authentication. Ensure secure access and protect enterprise systems from unauthorized access.

Focuses on implementing and managing Palo Alto network security appliances to safeguard enterprise systems. Duties include configuring firewalls, monitoring network traffic, and performing regular security audits. The role demands expertise in network security, firewalls, VPNs, and threat detection to prevent unauthorized access and data breaches.

Provide Level 2 support in Security Operations Centers (SOC), focusing on SIEM tools and threat detection. You will investigate and resolve security incidents, escalate critical issues, and ensure system integrity. Expertise in SIEM, threat detection, and incident response is essential.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Microsoft Azure Sentinel Good to have skills : Security Information and Event Management (SIEM) OperationsMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be responsible for leading the implementation and delivery of Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals with organizational objectives, ensuring that security measures are effectively integrated into the overall project framework. Your role will also require you to monitor project progress, address any challenges that arise, and facilitate communication among team members to foster a collaborative work environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement best practices for security project delivery.- Mentor junior team members to enhance their skills and knowledge. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Good To Have Skills: Experience with Security Information and Event Management (SIEM) Operations.- Strong understanding of cloud security principles and practices.- Experience with incident response and threat management.- Familiarity with compliance frameworks and security standards. Additional Information:- The candidate should have minimum 5 years of experience in Microsoft Azure Sentinel.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities. Roles & Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.- Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Professional & Technical Skills: - 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- SC-200:Microsoft Security Operations Analyst (strongly preferred)- AZ-500:Microsoft Azure Security Technologies- MITRE ATT&CK Defender (MAD) certificate (nice to have).- SC-900:Microsoft Security, Compliance and Identity Fundamentals Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education