150 Azure Sentinel Jobs - Page 5

LTIMindtree Hiring for Azure Sentinel L2/L3 SOC Analyst for Hyderabad Location- Notice period-immediate to 15 days. Exp-5 to 8 yrs. Location- Hyderabad Skill Combination: Minimum 6 yrs in security domain, and at least 3 yrs as L2/L3 if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview (YES/NO)- Job Description- Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct post incident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

Role & responsibilities - Deploy, configure, and maintain the Devo, Swimlane, and Sentinel platforms. - Provide tier 2 support for platform-related incidents, troubleshooting complex issues, and identifying root causes. - Develop and implement automation scripts for routine tasks and workflows. - Collaborate with cross-functional teams to integrate platform solutions into existing infrastructure. - Lead platform upgrades, patch management, and capacity planning initiatives. - Mentor associate engineers and provide technical guidance and support. - Monitor platform performance, conduct performance tuning, and implement optimization strategies. Requirements: - Bachelor's degree in Computer Science, Engineering, or related field. - 3-5 years of experience in IT operations or platform engineering roles. - Proficiency in scripting languages such as Python, PowerShell, or Bash. - Hands-on experience with cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes). - Strong understanding of networking concepts, security best practices, and IT infrastructure components. - Excellent troubleshooting and diagnostic skills. - Ability to work independently and collaboratively in a fast-paced environment.

Role & responsibilities Develop and implement custom analytics rules within Microsoft Sentinel to identify security threats and anomalies. Leverage KQL and other tools to create custom detection on Microsoft Defender XDR MDE & MDCA. Create advanced detection rules based on business requirements & SOC Use Cases. Work with SIEM and SOAR solutions at scale. Collaborate with other security teams to identify and prioritize security requirements and develop effective solutions. Update the code (KQL) on analytical rule for finetuning the false positive incidents. Stay up to date with the latest security threats and trends and apply this knowledge to improve our security posture. Perform content enrichment depending on feedback received from security analysts. Have a strong understanding of Cloud Security and Networking Concepts and practices. Helps to create reports that properly present the key risk and performance indicators. Communicating & reporting concise summaries of complex scenarios & information across diverse and senior stakeholder groups. Design, maintain Content Management standard operating procedures (SOP), processes and guidelines. Report preparation for leads and management review with data from dashboards & reports. Preferred candidate profile Strong understanding of JSON, Kusto Query Language (KQL) and PowerShell languages. Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway. Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics. Knowledge of the common attack vectors on various layers. Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix. Experience with Security Operations Center, SIEM management & solutions ownership. Knowledge of various security methodologies and technical security solutions. Conduct an audit of the platform configuration to optimize it. Optimizing the way logs are processed and leveraged by SOC team members. Knowledge on schemas of Microsoft Defender XDR solutions (Microsoft Entra ID and ID protection, Microsoft Defender for Endpoint, Microsoft Defender for Cloud apps, Microsoft Purview Information Protection) and Microsoft 365. Knowledge of schemas with security events logs from Microsoft windows server. Experience of working within a regulatory/controlled environment. Understanding of Cyber Security Risk and mitigation strategies.

Role & responsibilities Preferred candidate profile This role is for you if you have the below Educational qualifications •Graduation degree in any stream or equivalent / post-graduation degree/diploma, Certification in any IAM product would be an added advantage. Work experience •We are looking for a of IAM resource with 5+ years of experience for one of our engagements. The resource must work from our Pune/Bangalore office and willing to work on shifts The ideal candidate will: •At least 60 months of Privileged Access Management domain experience with expertise in Conjur as the primary skill and CyberArk administration as the secondary skill •A quick learner and adaptable to changing environments •Have strong analytical skills and communication skills •Build strong professional working relationships with client personnel •Clear understanding of IAM solution design and configuration •Working in rotational shifts supporting client environment. •Deliver timely and high-quality work diligently •Identify issues and opportunities, and communicate them to appropriate senior member Technical Skills Required: •60 months of experience in Conjur and CyberArk administration 1. Conjur Administration: •Serve as the primary administrator for Conjur, overseeing deployment, configuration, and maintenance of the Conjur environment. •Manage secrets within Conjur, ensuring their protection and proper access control according to organizational policies and requirements. •Monitor system performance, conduct regular health checks, and ensure high availability and reliability of Conjur services. •Troubleshoot and resolve complex issues related to Conjur infrastructure and performance. •Implement and enforce best practices for secrets management, policy management, and integration with other systems. 2. CyberArk Privilege Cloud Administration: •Act as a secondary administrator for CyberArk Privilege Cloud, contributing to the deployment, configuration, and maintenance of the solution. •Assist in managing privileged accounts, credential rotation, session management, and audit trails as per organizational policies. •Support monitoring and troubleshooting of CyberArk Privilege Cloud performance and issues, ensuring reliable and secure operations.

Have knowledge on Microsoft cloud platform Azure AD and Azure IAM. Should understand Identity Lifecycle management, Access Management, Multi-factor Authentication and Privilege Identity and Access implementation knowledge. Should be having IDAM project experience. Knowledge of Active Directory Identities and the Life cycle user creation/modification, security group - creation/modification, password management. Knowledge of Azure Cloud and Azure AD. Azure SSO Configurations, Azure MFA Configurations and Troubleshooting Understanding of Conditional Access Policies Knowledge of Azure AD RBAC concepts, Custom Roles and PAM configurations Knowledge of monitoring the Azure AD logs Knowledge of creating NSGs and modifications of it. Knowledge of Azure Identity Provisioning Service Knowledge of Azure Identity Governance. PowerShell Training and should be able to write scripting for Azure AD and PowerShell Command lets. Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender, Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune. Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7. Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Contact details: Interested candidates drop your resumes to 8179814131 - Navya (Whats App only)

Role & responsibilities Role : Azure Sentinel Experience : 7 to 9 Years Location : Hyderabad Notice Period: Immediate to 15 Days Job Description We are looking for an experienced SOC Engineer (L2/L3) with hands-on expertise in Microsoft Azure Sentinel. The ideal candidate will be responsible for advanced threat detection, incident response, and evaluating AI-generated security analysis outputs. Key Responsibilities: Perform exploratory, simple, and complex data analysis for the alerts on sentinel (e.g., anomaly detection, clustering). Create and review visualizations such as timelines and activity graphs. Generate and validate reports with insights, recommendations, and next steps. Evaluate AI-generated outputs for: Accuracy of insights and structured data. Quality of code and logic. Relevance and real-world applicability. Grade outputs using a predefined rubric and provide feedback. Handle 2030 evaluations per day depending on task complexity.Required Skills: 6-9 years of experience in a SOC environment (L2/L3 level). Strong knowledge of Azure Sentinel and KQL (Kusto Query Language). Experience with threat detection, incident response, and security analytics. Familiarity with data visualization and reporting tools. Ability to assess AI-generated content and provide structured evaluations. Preferred Qualifications:Ai/ML Knowledge and understanding of Python Experience with AI/ML in cybersecurity. Certifications like AZ-500, SC-200, or equivalent

- Opportunity with Billion Dollar Canadian Multinational. - Looking for Strong technical acumen SOC Senior Analyst and offers the opportunity to significantly enhance the SOC's maturity by refining detection rules and incident response playbooks. Required Candidate profile 5+ Yrs in SOC. Kusto Query Language (KQL) queries, Microsoft Sentinel's Investigation Graph, User and Entity Behavior Analytics (UEBA) insights, Microsoft Defender XDR suite SC-200 Certification.

Role & responsibilities The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office. Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role) Specifically, Security Analysts (L2) will: 1. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to: a. Firewalls (Zscalar, Cisco ASA & Palo Alto etc.,) b. Systems and Network Devices c. Web Proxies (Zscalar) d. Intrusion Detection/Prevention Systems (Zscalar, Cisco ASA & Palo Alto etc.,) e. Data Loss Prevention (Zscalar) f. EDR / Antivirus Systems (Crowd Strike, MDE etc.,) g. Knowledgebase Framework (Confluence) 2. Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including: SIEM tools like Splunk & Microsoft Sentine queue management from different data sources Network/EndPoint/Firewall etc., (Splunk & Microsoft Sentinel etc.,) Security email inbox (ProofPoint, Rapid7, Area1 etc.,) Intel feeds via email and other sources (e.g. NH-ISAC) Incident Ticketing queue (ServiceNow) 3. Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context 4. Perform triage of service requests from customers and internal teams 5. Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation 6. Assist with containment of threats and remediation of environment during or after an incident 7. Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers 8. Document event analysis and write comprehensive reports of incident investigations 9. Proactively improve security-related operational processes and procedures 10. Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools (Splunk & Microsoft Sentinel) 11. Maintain operational shift logs with relevant activity from the Analysts shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis 12. Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingest of daily intelligence reports and previous shift logs 13. Conduct research and document events of interest within the scope of IT Security 14. Alternatively, consulting, or advisory experience in Security Operations 15. Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression. 16. Validate IOCs that triggered the original alert. 17. Research additional internal and external data sources for additional enrichment of event information 18. Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident. 19. Create filters, data monitors, dashboards, and reports within monitoring utilities. 20. Troubleshoot security monitoring devices to improve event correlation and performance. 21. Handle high and critical severity incidents as described in the operations playbook. 22. Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing 23. In-depth knowledge of at least one SIEM platform or security data lake and related processes 24. Knowledge of various security tools, their functions, and comparisons 25. Knowledge of network and cloud security fundamentals 26. Ability to explain complex technical concepts in business terms. 27. Extensive experience in report writing and presentation. 28. Strong, adaptable, and flexible work ethic 29. Good time management skills 30. Ability to work under pressure and prioritise activities Qualifications Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field 5+ years of technical experience of prior MDR/SOC/Incident response experience Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required Shall have demonstrated professional experience in incident detection and response, malware analysis, or cyber forensics Act as a workstream participant to support tier-1, tier-2, or tier-3 SOC environments Demonstrated strong oral and written communication and client facing skills Demonstrated strong analytical and communications skills Flexibility to adapt to different types of engagement, working hours, work environments, and locations Proven ability to work creatively, analytically in a problem-solving environment Ability to work nights, weekends, and/or holidays in the event of an incident response emergency Be comfortable working against deadlines in a fast-paced environment Identify issues, opportunities for improvement, and communicate them to an appropriate senior member Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required Required skills: 6+ years of technical experience in Information Security Experience with SIEM tools (Qradar, Splunk, Logrhythm, Solarwinds, etc.) Experience in Azure Sentinel Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire) Familiarity with incident response process and activities Familiarity with TCP/IP protocol, OSI Seven Layer Model Knowledge of Windows, Unix-based systems, architectures, and network security devices Intermediate level of knowledge of LAN and WAN technologies Must have a solid understanding of information technology, information security domains Knowledge of security best practices and concepts Desired certifications: Security+, C|EH, Network+, Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, or GIAC Reverse Engineering Malware Familiarity with ticketing tool / ITSM tool Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations Preferred candidate profile

Job Summary The Sr. Cyber Security Architect will play a pivotal role in designing and implementing robust security solutions to protect our digital assets. Candidate should have expertise in governance risk management compliance and operational technology security to protect against cyber threats and ensure the uninterrupted functioning of essential operations. Design secure system architectures for OT environments including network segmentation and access controls.mplement security controls and intru Responsibilities Lead the design and implementation of comprehensive security solutions to safeguard digital assets. Oversee the integration of Azure Sentinel for enhanced threat detection and response capabilities. Provide expert guidance on deploying Proofpoint Enterprise Email Protection to secure email communications. Implement Windows Defender ATP to ensure endpoint protection across the organization. Manage Checkpoint Firewall configurations on AWS/Azure to maintain network security. Collaborate with cross-functional teams to align security architecture with business objectives. Conduct regular security assessments to identify vulnerabilities and recommend improvements. Develop and maintain security policies and procedures to ensure compliance with industry standards. Monitor security systems and respond to incidents promptly to minimize impact. Design user-centric security solutions that enhance the overall user experience. Stay updated with the latest security trends and technologies to inform strategic decisions. Facilitate training sessions to educate employees on security best practices. Support the development of security strategies that contribute to the companys mission and societal impact. Qualifications Possess extensive experience in solution design and architecture with a focus on security. Demonstrate proficiency in Azure Sentinel and its application in threat detection. Have a strong background in deploying and managing Proofpoint Enterprise Email Protection. Show expertise in configuring and maintaining Windows Defender ATP. Exhibit knowledge of Checkpoint Firewall operations on AWS/Azure platforms. Understand user experience services and their integration with security solutions. Hold a degree in Computer Science Information Technology or a related field. Certifications Required Not Required

Role & responsibilities Strong understanding of cybersecurity standards, practices, and policies Hands on experience with Security Technologies such as SIEM, Secure web gateway, mail protection, endpoint protection / EDR, WAF, Identity & Threat protection, etc. Hands on experience of security tools implementation including initial setup, configuration and managing daily operations Experience with Windows, Linux, and MacOS architectures Knowledge of security best practices for on-premises virtualization (VMware) and multiple cloud platforms (e.g.: Azure, GCP, AWS) Understanding of network concepts and protocols, including monitoring logs for anomalous activity Proven experience in leading projects and managing vendor relationships Excellent communication skills, with the ability to assertively address Information Security challenges Familiarity with risk analysis and mitigation methodology, security policy and procedure development, incident response and handling, security training and awareness Hands on knowledge of incident response (investigating BEC, phishing, etc.) Hands on experience on reviewing and analyzing IIS and/or Kubernetes logs for threat investigation Technical/Domain Skills: Security related certifications (e.g., CISSP, CISM, or equivalent) Scripting and automation capabilities via tools like: Python, Bash, PowerShell, API Active engagement in Information Security communities, keeping apprised of the latest tools, technologies, and threats Education (Required): Education: BE / B. Tech Work Experience (Required): •10 to 12 years of experience

Dear Candidate, We are hiring a Cloud Security Architect to design secure, scalable, and compliant cloud environments by embedding security throughout architecture and operations. Key Responsibilities: Define security architecture standards and implement cloud security frameworks. Secure identity, access management, encryption, logging, and network controls. Perform threat modeling, risk assessments, and architecture reviews. Design automation for security enforcement in cloud CI/CD pipelines. Collaborate with DevOps, compliance, and infrastructure teams. Required Skills & Qualifications: Deep understanding of cloud security (AWS, Azure, GCP). Knowledge of IAM, KMS, firewalls, security groups, WAFs, and SIEM tools. Experience with tools like Prisma Cloud, Sentinel, or AWS Security Hub. Familiarity with NIST, CIS Benchmarks, and ISO 27001 standards. Certifications such as AWS Security Specialty, Azure Security Engineer, or CISSP. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Educational Requirements Bachelor of Engineering Service Line Data & Analytics Unit Responsibilities A day in the life of an Infoscion As part of the Infosys delivery team, your primary role would be to interface with the client for quality assurance, issue resolution and ensuring high customer satisfaction. You will understand requirements, create and review designs, validate the architecture and ensure high levels of service offerings to clients in the technology domain. You will participate in project estimation, provide inputs for solution delivery, conduct technical risk planning, perform code reviews and unit test plan reviews. You will lead and guide your teams towards developing optimized high quality code deliverables, continual knowledge management and adherence to the organizational guidelines and processes. You would be a key contributor to building efficient programs/ systems and if you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you!If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Additional Responsibilities: Knowledge of more than one technology Basics of Architecture and Design fundamentals Knowledge of Testing tools Knowledge of agile methodologies Understanding of Project life cycle activities on development and maintenance projects Understanding of one or more Estimation methodologies, Knowledge of Quality processes Basics of business domain to understand the business requirements Analytical abilities, Strong Technical Skills, Good communication skills Good understanding of the technology and domain Ability to demonstrate a sound understanding of software quality assurance principles, SOLID design principles and modelling methods Awareness of latest technologies and trends Excellent problem solving, analytical and debugging skills Technical and Professional Requirements: DBT Developer Preferred Skills: Technology->Cloud Security->Microsoft Azure - Threat Detection & Response->Azure Sentinel

Greeting of the Day.... I am Hirimng Thales Vormrtric/ Thales CipherTrust enginner for my client... Location: Chennai, Bangalore Experienece:6-13 Years NP: Immedaite-60 days Job Description • 6+ years in Encryption and Key Management tools and technologies. • Hands-on expertise with Vormetric DSM and CipherTrust Manager. • Proficient in Linux and Windows OS with administration knowledge. • Strong understanding of encryption, key management, and cryptographic principles. • Familiarity with Public Key Infrastructure (PKI) is a plus. • Hands-on experience onboarding applications, databases, and storage platforms into CipherTrust Manager or Vormetric DSM. • Vormetric DSM / CipherTrust Manager. • skills in stakeholder communication, process understanding, and documentation. • Proficient in using enterprise-level security tools for data protection. Primary Skills • Encryption • Key Management and Cryptography • Vormetric DSM • CipherTrust Manager Secondary Skills Ability to work with cross-functional teams and support secure integration processes To apply send me your resume at chanchal@oitindia.com or sharwe this job in your community.

Roles & Responsibilities: Azure Security Posture and Azure Sentinel SIEM, Azure Security Center, Azure Policy, Azure Sentinel and Azure Monitor The focus of this team is to identify security vulnerabilities, remediate and implement security controls across MCS. Excellent stakeholder management skills and should be able to manage stakeholders at senior levels. Experience in proposing technical solutions in Microsoft. Experience in application security implementation using Azure AD Knowledge of CI and CD processes and Tools like AzureDevOPs Knowledge of defining build and release pipeline. Good understanding of cloud design patterns Ability to quickly perform POC on technically challenging requirements. Suggest tool/frameworks in given problem context Excellent written and oral communication skills Self-starter with quick learning ability and efficient Implementation skills with respect to country nuances Consultative and service bent of mind while dealing with key stakeholders Multi-task and should be able to work under stringent deadlines Ability to understand and work on various internal

Should have done SIEM Engineeringactivities for more than 2 years. Hands on Experience to Configure,manage, and maintain the Microsoft Sentinel SIEM platform including logmanagement, retention configurations, maintenance of logs at low cost. Monitor, analyze, investigate andrespond to security incidents in MS Sentinel by collaborating with the SOC teamand Customers. Should be able to Integrate/onboarddevices (Linux, Palo Alto, Fortinet, windows and other devices etc.) to Azuresentinel Should have expertise in integratingdata sources which are not supported by Sentinel tool OOB. Custom parserdevelopment and ability to solve technical issues in Sentinel. Troubleshoot and resolve issuesrelated to SIEM (Sentinel) infrastructure and integrations like logs notreporting to Sentinel. Creation of integration documentsand sending them to customers as per requirement. Strong Knowledge of different MicrosoftDefender products Generate and reviewWeekly/Monthly reports to provide insights on security posture and SIEMeffectiveness to Customers Regularly review use caseperformance and keep track of any fine tuning done to use cases includingidentifying scenarios where fine tuning can be done and effectively communicateto customer/internal for fine tuning. Act as single point of contact forthe client during any issues of Integration or Incidents. What you ll do: Creation and Fine Tuning inCustom KQL queries and functions for complex detection and monitoring Requirements. Knowledge of Workbooks creation, Building Playbooks (Enrichment andResponse) in Sentinel automation through logic apps. Preference should be given to candidateswho have completed expert training and certifications in Sentinel and Defender productsof Microsoft. Strong communication, collaborationand multi-tasking skills to work effectively with cross-functional teams andstakeholders. Relevant professionalcertifications such as: AZ-900, SC-900, SC-200, Certified Ethical Hacker (CEH)or any other SIEM Engineering certification. Stay updated with the latesttrends and developments in SIEM technologies and cybersecurity threats andutilize it in System if required. What we offer: Insurance Group Medical Coverage, Group Personal Accident, Group Term Life Insurance Rewards and Recognition Program,Employee Referral Program, Wellness Program and CSR Initiatives Maternity and Paternity Leaves Company Sponsored CertificationProgram

Cybersecurity, Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept, Fortinet FortiSOAR, Palo Alto Networks - Firewalls, Cortex XSOAR, Python We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred) Experience with SOAR play book creation , integration etc Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage

Role & responsibilities Strong background developing Azure Sentinel/DEVO analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting within the Azure Cloud. Strong and demonstrated background working with Log Analytics Workspaces, Kusto Query Language (KQL), Language integrated query Dashboard\workbook development. Strong understanding of Azure PaaS services. Solid experience with Logic Apps in Azure Experience in Creation of Resource groups, Log analytics workspace for Azure Sentinel & DEVO Integration to Data sources Develop SIEM and SOAR use cases and log data collection utilizing the Azure Sentinel, DEVO and Azure Log Analytics toolsets. Highly proficient with Azure Sentinel, DEVO and Azure Log Analytics. Develop analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting and KQL queries for data normalization and parsing capabilities within Log Analytics' data ingestion pipeline. Develop incident response capabilities using Logic Apps in Azure. Integrate and automate developed use cases into Azure DevOps CI/CD pipelines. Develop Jupyter notebooks in Python and integrate them with Azure Sentinel Understanding of Azure Lighthouse, Azure AD, B2B, and common Cloud authentication patterns. Ability to configure, automate, harden, and deploy Azure Sentinel Services. Possess skills on Use case Development DEVO, Sentinel, Splunk. Hands-on experience with Sentinel/Splunk SIEM use case creation and tuning. Strong understanding of Cloud Security and Networking Concepts and practices. Work with Tactical Use Case Development team to assist in processing the more intricate use case development tickets from our customer request queue. Excellent knowledge on MITRE Tactics and Techniques Work closely with our Threat Intel team to identify security alerting gaps that we can fill with our detection services. Back up Operation Use Case Development team on SIEM onboarding tasks and Security Analyst collaboration. Experience with multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques Provide superior technical security expertise to ensure that the Security Operations Centre (SOC) is always delivering a professional service to its customers Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and develop use cases and rules to be developed into the SIEM platform Develop and improve Security Information and Event Management (SIEM) content and all relevant technologies used in the team, continually refining and create the rules and logic (use cases) to make the detection capabilities more efficient and effective Create and enhance internal processes and procedures Professional communications and reporting to SOC stakeholders and customers Act as a mentor and team lead to all First Level Security Analysts, support and supervise them, ensure knowledge transfer within the team Deliver qualified information about actual threats and indications, recommendations how the associated risk can be mitigated Contribute to the overall performance and success of the Security Operations Centre Build on and continuously improve SOC analytics framework Ensure effective operation of SIEM content: filters, rules, expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC Mentor and guide the First Level Security Analysts Provides professional data analysis within the SOC processes and to SOC customers in order to drive further security measures and risk mitigation activities. Responsible for execution and maintenance of SOC related analytical processes and tasks Detailed technical security reporting to Management operating companies and appropriate stakeholders Work closely with other Information Security teams to ensure effective intrusion detection and incident response Continually maintain and improve technical capabilities through individual development activities, accreditations and certifications to remain constantly prepared to challenge the ever-evolving cyber threat Deep information security expertise Knowledge of network concepts, Windows and Unix administration Knowledge of typical security devices such as firewalls, intrusion detection systems, AV and End Point security, Web Application Firewalls, anti-spam systems, event correlation systems, etc. Understanding of security threats, attack scenarios; analysis and intrusion detection skills Analytical and Communication Skills: a. Excellent analytical skills and out-of-the box thinking b. Excellent communication capabilities c. Team player d. Fluent in English Quick learner and intuitive thinker the more you learn, the faster you’ll grow. Effective time task management skills. Confidence in independently delivering technical solution. Good problem-solving skills; ability to visualize a problem/situation and think abstractly to solve it

Job Information Job Opening ID ZR_1690_JOB Date Opened 24/01/2023 Industry Technology Job Type Work Experience 10-12 years Job Title Security Architect City Mumbai Province Maharashtra Country India Postal Code 400001 Number of Positions 4 Roles & Responsibilities: Azure Security Posture and Azure Sentinel SIEM, Azure Security Center, Azure Policy, Azure Sentinel and Azure Monitor The focus of this team is to identify security vulnerabilities, remediate and implement security controls across MCS. Excellent stakeholder management skills and should be able to manage stakeholders at senior levels. Experience in proposing technical solutions in Microsoft. Experience in application security implementation using Azure AD Knowledge of CI and CD processes and Tools like AzureDevOPs Knowledge of defining build and release pipeline. Good understanding of cloud design patterns Ability to quickly perform POC on technically challenging requirements. Suggest tool/frameworks in given problem context Excellent written and oral communication skills Self-starter with quick learning ability and efficient Implementation skills with respect to country nuances Consultative and service bent of mind while dealing with key stakeholders Multi-task and should be able to work under stringent deadlines Ability to understand and work on various internal check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

About V Group V Group Inc., an IT-based solution entity based out of New Jersey. With multiple offshore sites (Pune and Bhopal) in India. With offerings ranging from IT infrastructure to Product development, V Group Inc provides a compliant service in numerous industry sectors while maintaining structure, stability, and core values. Ranked by INC5000 in 2020 - Fastest Growing IT Co. in the USA. Current business groups include e-commerce, Digital, Professional services, IT projects, and Products. Join our team of innovative technical and business-savvy people; with a passion for creating solutions! Visit us at: https://www.vgroupinc.com (Corporate website) || https://www.webstorevgroup.net (Ecommerce Store) || https://www.vgroupdigital.com/portfolio (Digital Products). Job Details: Position Title : Security Operation Analyst (L1 SOC) Job Locatio n: Pune Job Timing: Rotational (On Call support is required) Experience : 4+ Years of relevant experience. Job functions: The security analyst, Level 1, works within the SOC (Security Operations Center) and is responsible for the monitoring of systems, investigating root causes, and coordinating with Level 2 and 3 engineers for analysis and response. SIEM Alert Investigation . Monitor alerts and notices from firm’s managed SIEM solution. Alerts may require investigation, coordination, or escalation. Monitor Microsoft Defender ATP High alerts through Azure console and email. Same as above. Web site blocks/ Exceptions. Using the Cisco Umbrella platform, manage exceptions to policies by whitelisting or otherwise allowing someone to access a site, once approved. Perform vulnerability scans on new servers and other resources prior to allowing them to be put into production. Notify stakeholders of vulnerabilities to be remediated and steps to remediate them. Assist with regularly scheduled vulnerability scans . Assist with the renewal and acquisition of certificates Communicate policies with end-users Create new ways to search for potentially suspicious events on systems Participate in projects to improve security monitoring toolkits as well as to improve defensive controls Provide different types of data to measure security and compliance Understanding of an Information Security Management program and related standards such as ISO 27001, NIST, COBIT, etc. Additional Activities: Support in incident management, build skills to grow Support in Vulnerability Assessment, Threat Intelligence, coordinating patches Assist in configuration of Azure Sentinel E5 EMS Microsoft Security migration support in future Requirement : 3+ years of experience L1 support analyst in SOC (Security Ops Groups) MUST HAVE: SIEM tool experience MUST HAVE: Azure Defender, Azure ATP (Advance Threat Protection) Experience Good to have: Azure Sentinel, E5 EMS Microsoft Security exp., Azure Security Center Perks & Benefits Health & Accident Insurance Paid Leaves and Sick Leaves Education sponsorship / Certification Reimbursement Free Training Platforms Gym membership EPF, Gratuity. Onsite Opportunities.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Resource would be working directly with Client driving enhancements and recommending technological enhancements. Integrating custom applications by developing custom connectors like OT and internal build applications. Perform Log Analytics Migration from different Azure regions, basically performing architectural changes recommended by audit team. Working with Cyber Threat client team to develop detection models using Sentinel Jupiter. Work with security architects to recommend and build DR environment for Azure Sentinel. Integrate Anomaly Threat Stream with Azure Sentinel. Would be working with infrastructure architects to segment sentinel resources based on Tier architecture. Recommend and implement new upcoming Azure Sentinel features. Recommend and Architect Complex SOAR automations using Azure Logic Apps. Professional & Technical Skills: Must Have Skills: Proficiency in Azure Sentinel Build activity. Strong understanding of threat intelligence analysis Experience in designing and implementing security solutions Knowledge of security compliance standards and regulations Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in which 4 years of experience in Azure Sentinel deployments and implementation. This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent

We are seeking a highly skilled SOC Security Engineer with expertise in Azure DevOps and Azure Sentinel to join our Security Operations Centre (SOC). The ideal candidate will have a strong technical security background and a deep understanding of cloud environments, particularly Azure. This role requires the ability to develop and implement security use cases and rules within the Azure Sentinel platform, ensuring the SOC delivers professional and effective services to its customers. Role & responsibilities Excellent knowledge of one of the SIEM products Azure DevOps. Proven experience in a SOC environment, with a focus on Azure Sentinel and Azure DevOps. Must have technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers. Good knowledge of Cloud especially Azure Experience of building Azure sentinel is a must. Understanding of security threats attack scenarios analysis and intrusion detection skills. develop use cases and rules to be developed into the SIEM Azure Sentinel platform Knowledge of network technologies Windows and Unix administration Knowledge of typical security devices such as firewalls intrusion detection systems AV and End Point security Web Application Firewalls anti-spam systems event correlation systems. Primary Skills Terraform Azure DevOps. Azure Security. Education and Certification: Degree in Computer Science, Information Technology, or a related field. Certification: Good to have Azure Security Certifications AZ-900,AZ-104

Job Summary Site Reliability Engineer Responsibilities Ensure security automation across our entire platform collaborating with developers security and operations teams to ensure platform integrity Have a passion for Security Agile and DevOps and promote shiftleft and ShiftRight culture which integrates security analysis into each CI/CD stages Implement new tools and processes to enable security in Cloud environment Automatic audit and implement security control in the DevOps CI/CD pipeline ensuring processes are followed maintained reviewed and updated regularly Contribute to SRE operations (Production support incident response and Oncall rota) Pasion for observability The skills you will need Strong experience in SRE practice with knowledge of conducting security checks and mitigation (static and dynamic code analysis SAST DAST IAST vulnerability analysis / penetration tests security component analysis) Hands on Experience with Azure DevOps is a must including Repos advanced pipelines and package management. Must have knowledge in Azure Cloud and its solutions Hands on Experience in IaC JSON/YAML Azure Bicep Azure policies Azure DevOps Open Telemetry Azure Monitoring Azure Sentinel Azure Defender Grafana Kusto queries Kubernetes AKS Azure ARC BICEP Azure function apps Azure Synapse PowerBI Azure Data Factory Dynamics 365 AzureML and MLflow Programming skills on PowerShell Knowledge on building and testing .NET and C# application and APIs Experience onCloud Networking Skills (TCP/IP SSL SMTP HTTP FTP DNS) WAF IPS/IDS Azure FrontDoor Experience working on large scale distributed systems with deep understanding of design impacts on performance reliability operations and security Working Experience in Monitoring tools and their implementation preferably with Azure Monitoring Suit. Knowledge of securing APIs and security in microservices is beneficial Should have demonstrated ability to work in an Agile environment Strong communication and teamwork skills Certifications Required Azure DevOps