150 Azure Sentinel Jobs - Page 6

Security Engineer: ( Microsoft Subject Matter Expert) : Fulltime Remote About the Role: Do you want to be on the frontline fighting for safe use within the digital frontier? Does describing your job to your family and friends as being a cyberwarrior or threat hunter sound awesome or awe inspiring? Then join us as part of our Security Operations Center (SOC) Engineering team as a Microsoft Services Subject Matter Expert (SME) supporting our frontline Threat Hunters. In addition, given the rapid changes within the Microsoft ecosystem you will also be working cross-functionally with Product Management and R&D Engineering to drive differentiation within our service as well with our Business Development team to help maintain the relationship with Microsoft. While this role will have business responsibilities that will help you expand your career options, the primary day to day role is as a Security Engineer. As a Security Engineer, you will serve as a critical support system for the SOC. You will create, enhance, and tune alerts and detections so that the SOC can best defend our client's networks. Your goal will be to continually improve the detection and alerting that the SOC receives. In some cases, you will work directly with clients to ensure that they send us the most beneficial and important data. You will leverage our tech stack, elements of Microsoft and provide ongoing support both internally and externally. In short, you will be a critical member of the team using Microsoft Defender, Microsoft Sentinel, Microsoft Suite including Purview, Entra, Intune tools, the Pondurance SIEM and SOAR as well as other products and services to protect our clients in the ever-changing threat landscape. Responsibilities: Stay on the forefront of the Microsoft ecosystem Drive security detection improvements Tune existing alerts and client data in our SIEM tooling for optimal performance. Identify workflow improvements and curate new automations through our SOAR platform Assist in continuous improvement efforts to evaluate detection and response capabilities Develop methods to detect potential threats Maintain the SOAR platform in support of day-to-day SOC activities Work with cross-functional teams to enhance detection capabilities Qualifications: Strong understanding of tuning alerts and pertinent logs to aid in detecting threats Expert knowledge of Microsoft including, but not limited to Defender, Sentinel, Purview, Entra, and Intune Experience building data retrieval from the Microsoft security ecosystem Leveraging detection mechanisms within SIEMs and SOAR A strong understanding of cyber-attacks, MITRE ATT&CK framework, emerging threats and threat modelling as well as security research techniques Intermediate experience with Python, PowerShell, Bash or Go Intermediate experience with IDS/IPS systems Talents: Ability to adjust and adapt in a fast pace and dynamic environment, including changes in responsibilities as the business evolves. Capacity for Synthesis: bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective Applied Technical Thinking: apply specialized, theoretical knowledge to efficient operational uses Demonstrate strong composure with a balance of urgency and intensity, as well as focus

Job Description: Were searching for Senior Security Engineer to assist our 247 managed security operations center. This role is in Integration Department, responsible for the strategic, technical, and operational direction of the Integration Team Responsibilities: • IBM QRadar/ Sentinel / Datadog , Integration and content management, Event Collector deployment/upgradation. • Troubleshooting skills at all layers of OSI Model. • Onboard all standard devices to QRadar, such as Windows Security Events, Firewalls, Antivirus, Proxy etc. • Onboard non-standard devices by researching the product and coordinating with different teams. Such as application onboarding or onboarding new security products. • Developing and Deploying connectors and scripts for log collection for cloud-based solutions. • Detailed validation of parsing and normalization of logs before handing over to SOC team will be day to day Job. • Coordinate between customer and internal teams for issues related to log collection. • The engineer needs to make sure that various team have completed their tasks, such as log validation, Log Source Not Reporting (LSNR Automation), Content Management before the Log Source is in production. • Troubleshooting API based log sources. • Documentation of integrations and versioning Essential Skills: • Prior SIEM administration and integration experience ( QRadar , Splunk , Datadog , Azure Sentinel) • Network and Endpoint Device integration and administration . • Knowledge of Device Integration : Log , Flows collection • Knowledge of Regular Expression and scripting language (ex: Bash , Python , PowerShell ), API implementation and development. • Knowledge of Parser creation and maintenance . • Knowledge of Cloud technologies and implementation . • Excellent in verbal and written communication . • Hands on experience in Networking , Security Solutions and Endpoint Administration and operations. Additional Desired Skills: • Excel, formulation • Documentation and presentation • Quick response on issues and mail with prioritization • Ready to work in 24x7 environment Education Requirements & Experience: • BE/B.Tech, BCA • Experience Level: 3+Year

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will play a crucial role in developing innovative solutions to enhance business operations and efficiency. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement software solutions to meet business requirements.- Collaborate with team members to design and optimize applications.- Troubleshoot and resolve technical issues in application development.- Stay updated with the latest technologies and trends in application development.- Provide technical guidance and support to junior team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Strong understanding of cloud computing principles.- Experience with Azure services like Azure Functions, Azure Logic Apps.- Knowledge of DevOps practices and tools.- Hands-on experience in developing and deploying applications on Azure.- Good To Have Skills: Experience with Azure Security Center. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will play a crucial role in developing solutions to enhance business operations and efficiency. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to analyze business requirements and translate them into technical solutions.- Develop and implement software solutions to meet business needs.- Conduct code reviews and ensure code quality and best practices are followed.- Troubleshoot and debug applications to resolve issues in a timely manner.- Stay updated on emerging technologies and trends to suggest improvements and innovative solutions. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Strong understanding of cloud computing principles and experience with Azure services.- Experience in designing and implementing scalable and secure applications on Azure cloud.- Knowledge of DevOps practices and tools for continuous integration and deployment.- Hands-on experience with monitoring, logging, and alerting tools for cloud-based applications. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Pune office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : DevOpsMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. You will collaborate with teams to ensure seamless integration and functionality of applications. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Develop and implement software solutions to meet business requirements.- Collaborate with cross-functional teams to ensure application functionality.- Conduct code reviews and provide feedback for continuous improvement.- Stay updated with industry trends and technologies for enhancing applications.- Assist in troubleshooting and resolving application issues. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Good To Have Skills: Experience with DevOps.- Strong understanding of cloud computing principles and practices.- Knowledge of software development lifecycle and methodologies.- Experience in designing and implementing scalable applications.- Familiarity with security protocols and best practices. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Bengaluru office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure Sentinel, No Function Specialty Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a key player in ensuring the security of the organization's digital assets and infrastructure. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Implement security measures to protect systems, networks, and data. Conduct security assessments and audits to identify vulnerabilities and risks. Develop and implement security policies, procedures, and best practices. Stay updated on the latest security trends, threats, and technologies. Professional & Technical Skills: Must To Have Skills:Proficiency in Splunk Security Information and Event Management (SIEM). Good To Have Skills:Experience with Microsoft Azure Sentinel. Strong understanding of security principles and practices. Knowledge of network security protocols and technologies. Experience in incident response and threat hunting. Ability to analyze and interpret security data for actionable insights. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk Security Information and Event Management (SIEM). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

We are looking for an experienced Cybersecurity Engineer with 5+ years of experience, including a minimum of 3 years working in an Azure cloud environment, to join our team. The ideal candidate will have expertise in designing, implementing, and maintaining cloud security solutions to protect our infrastructure, applications, and data. As part of the cybersecurity team, you will work to ensure the confidentiality, integrity, and availability of our systems and data within Microsoft Azure. You will be responsible for leveraging a range of Azure security tools, maintaining best practices, and ensuring the organization is protected from emerging security threats. Key Responsibilities : - Lead and implement security solutions in the Azure cloud environment using tools such as Azure Security Center, Azure Sentinel, Azure AD, and Key Vault. - Configure, monitor, and optimize Azure Security Center and Microsoft Defender for Cloud to ensure the highest level of security. - Implement and enforce identity and access management (IAM) policies using Azure Active Directory (Azure AD), ensuring secure user authentication, authorization, and access control. - Use SIEM (Security Information and Event Management) tools like Azure Sentinel to monitor and respond to security events, conducting proactive threat hunting and incident response. - Investigate security breaches and potential threats, providing detailed incident reports and recommending corrective actions. - Conduct vulnerability assessments and coordinate with other teams to address and resolve security issues. - Work closely with cloud-native security tools like Azure Sentinel, Microsoft Defender for Identity, and Azure Key Vault to ensure seamless encryption and secure key management. - Collaborate with DevOps and development teams to embed security practices into the CI/CD pipeline (DevSecOps) within Azure DevOps, securing applications from development through deployment. - Review and analyze cloud logs, vulnerabilities, and risk factors to implement appropriate remediation measures in the Azure cloud environment. - Ensure the security architecture complies with established security frameworks and standards such as NIST, CIS, SOC 2, GDPR, and ISO 27001. - Conduct risk assessments and ensure compliance with industry regulations and internal policies, maintaining comprehensive documentation for audits and assessments. - Implement controls to meet organizational compliance goals while ensuring data privacy and security. - Automate security tasks and monitoring using tools such as PowerShell, Azure CLI, or Terraform for Infrastructure as Code (IaC). - Create and maintain automation scripts to enforce security policies, automate response actions, and integrate security measures into Azure environments. - Secure containerized applications and microservices deployed on Azure Kubernetes Service (AKS). - Implement best practices to secure Docker containers and ensure security in AKS environments, including image scanning, vulnerability management, and runtime protection. - Collaborate with IT teams, development teams, and security architects to define and implement security policies, protocols, and standards. - Participate in regular security audits and ensure that all security policies are enforced and maintained across the organization's Azure environment. - Provide cybersecurity training and guidance to employees to foster a security-aware culture within the organization. - 5+ years of experience in cybersecurity, with at least 3 years of experience working within an Azure cloud environment. - Expertise in Azure cloud security services, including Azure Security Center, Azure Sentinel, Azure AD, and Azure Key Vault. - Hands-on experience in managing cloud security policies, configuring role-based access control (RBAC), and enforcing encryption techniques across Azure resources - Proficiency in using SIEM tools such as Azure Sentinel to monitor, analyze, and respond to security incidents. - Experience with cloud security best practices, including encryption, identity management, vulnerability scanning, and incident response. - Strong knowledge of security frameworks and standards such as NIST, CIS, SOC 2, GDPR, and ISO 27001. - Proficient with scripting and automation tools like PowerShell, Azure CLI, and Terraform for automating security tasks and cloud infrastructure. - Familiarity with container security in Azure Kubernetes Service (AKS) and microservices environments.

Position Summary Seeking a skilled Cloud Security Engineer to design and implement secure AWS/Azure architectures, ensuring compliance with GDPR, ISO 27001 The role involves risk assessment, cloud security optimization, IAM, and container security (Kubernetes, Docker) Proficiency in Terraform, CloudFormation, and cloud security tools like AWS GuardDuty, Azure Security Center is required Strong communication, leadership, and problem-solving skills are essential, Key Responsibilities Design and implement secure cloud architectures for AWS/Azure environments, Azure Sentinel, Azure Active Directory, Zero Trust Security, Microsoft 365 Defender AWS Security Hub, AWS IAM, Cloud Firewalls Optimize cloud infrastructure for cost, performance, and security, Ensure security compliance & audits with industry standards (GDPR, ISO 27001), Conduct risk assessments and develop mitigation strategies, Collaborate with CloudOps and engineering teams to embed security, Basic Qualifications And Required Skills Education: Bachelors or masters degree in computer science, or a related field, Expertise in cloud security tools (AWS GuardDuty, Azure Security Center), Proficiency in IaC (Terraform, CloudFormation), Experience with container security (Kubernetes, Docker), Knowledge of network security, IAM, and encryption protocols, Soft Skills Excellent communication and leadership skills, Strong analytical and problem-solving abilities, Ability to manage and mentor teams effectively, ?

Job Title: Security Operations Center (SOC) Analyst (Positios-02) Experience: 5 to 8 Years Location: Hyderabad Department: Cybersecurity / Security Operations Industry: IT Services / MSSP / Software / FinTech / Healthcare IT Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (58 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 5–8 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: On-site / Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

Cloud Security Lead/Architect(L3) Experience architecting security in cloud platforms like AWS, Azure. Experience creating High Level Designing (HLD) - Low-level Designing (LLD), reviewing the technical requirement document (TRD) for cloud security. Define data security policies through AIP,DLP,Etc Thereat hunting experiences with XRD,EDR,SIEM tools. Experience integrating cloud components with SIEM Planning, implementing, designing and reviewing security policies and other compliances. Experience leading SecOps teams. Guide the team on appropriate prioritization of qualified incidents, Notification through standard communication channel and opening of corresponding incident tickets on Ticketing platform Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams Leading IR, Escalations towards closure. Responsible for automating security controls, data and processes to provide improved metrics and operational support Mandatory certifications on Azure,AWS platforms,CCSP,etc. Secondary skillset in Google cloud is Preferred.

Job Description: Azure Security Engineer Skillset : Shadow IT scanning, thread modelling, security related stuff and DevOps Tasks and Responsibilities : Design , implement and maintain scalable data infrastructure solutions in Azure that support efficient data processing storage and retrieval Develop and implement solutions to ensure privacy policies are correctly implemented The implementations should advance compliance with legal forms of data use as well as support business use of data Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs Interacting with internal privacy program managers product development teams legal compliance governance and data protection teams Responsible for assisting with the management of the data privacy data protection data usability performance and the integrity of the privacy solution Interface with other developers and architects in implementing big data solutions that enable the business to be data driven while protecting the data assets Communication Able to drive written and oral communications Create newsletters presentations for reviews Good to have Knowledge on: CI CD Azure DevOps Release management Delivery pipelines Artifacts Version control ADO Build basic dashboards Access management GCDP CCPA Basics Access control audits Azure Defender Sentinel

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology

Role Purpose Band B3 Exp. In years 8 - 10 years of experience Location Offshore (Pune or Chennai or Bangalore or Hyderabad) Skills:- Azure Active Directory, Azure AD Connect, AD FS, Azure MFA Description Manage the end-to-end lifecycle of wildcard SSL certificates, including renewal, deployment, binding, and validation across internal systems and ADFS infrastructure Ensure certificates are updated with zero downtime by coordinating with stakeholders and scheduling changes during approved windows Administer and maintain ADFS infrastructure including Relying Party Trusts, claims rules, and federated authentication configurations Troubleshoot ADFS authentication issues, and manage integrations using SAML, OAuth, and WS-Federation protocols Manage and maintain on-premises Active Directory, including user account lifecycle, security group management, OU structure, and group policies Administer Azure Active Directory, handling user provisioning, access assignments, Conditional Access policies, and group memberships Monitor and support Azure AD Connect for seamless identity synchronization between on-prem AD and Azure AD Troubleshoot sync issues including attribute conflicts, duplicate objects, and connector Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Active Directory. Experience: 5-8 Years.

o Hands-on experience with at least one major public cloud platform, such as AWS, Azure, or Google Cloud Platform. Any other public cloud platform along with these will be an additional desirable attribute. o Experience in creating and evaluating cloud security architectures by following industry best practices. o Hands-on experience on cloud native security features like Azure Sentinel, Microsoft Defender for cloud, CloudTrail, GuardDuty, Inspector, Security Hub, Command Centre etc. o In-depth knowledge of managing common cloud security threats and vulnerabilities. o Experience with security compliance standards such as ISO 27001/27002/27017, NIST, CSA CCM etc. o Understanding on various government and regulatory compliance requirements w.r.t cloud security o Knowledge of Identity and Access Management protocols/solutions such as SSO, SAML Federated Identity, RBACs authorization solutions. o Experience with Linux Windows operating systems for patch management, log management, and understanding on OS hardening requirements. o Experience in scripting language such as Python, PowerShell etc. Security automation skills/experience will be an additional desirable attribute. o Experience in third party solutions such as Palo Alto Prisma Cloud, ZScaler, Sysdig, Checkpoint, etc. is desirable. o Good understanding of containerization technologies/concepts such as Kubernetes, Docker etc. and related security best practices. o Impeccable communication skills, both written and oral. o Strong organization and time-management skills, with the ability to swiftly transition between projects and tasks. o Must have one or more cloud certifications. Desirable certifications include: - AZ-500 (Azure Security Engineer) SC-100 (Cybersecurity Architect Expert) AWS Certified Specialty Security Google Cloud Professional Cloud Security Engineer AZ-303 (Microsoft Azure Architect Technologies) Prisma Certified Cloud Security Engineer (PCCSE)

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries. Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence. Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Sentinel SIEM & KQL query- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of security compliance standards and regulations- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Splunk Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence.- Strong understanding of cloud security principles and practices.- Experience with security incident response and management.- Knowledge of regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Familiarity with security tools and technologies used in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Role & responsibilities Role & responsibilities 6+ years of experience in cybersecurity operations with solid L3-level incident handling. Hands-on expertise with endpoint security solutions (CrowdStrike, SentinelOne, Microsoft Defender ATP, Carbon Black, etc.). Strong proficiency in conducting demos and technical evaluations for R&D or pre-deployment scenarios. In-depth understanding of SIEM platforms, EDR, network security, and intrusion detection. Experience with malware analysis, threat intelligence, and reverse engineering is a plus. Knowledge of Windows, Linux, and cloud environments (AWS/Azure/GCP). Familiarity with security frameworks (NIST, MITRE ATT&CK, SANS). Scripting skills (Python, PowerShell, Bash) for automation. Relevant certifications preferred: CISSP, OSCP, CEH, GCIA, GCIH .

Job Title: Senior Security Associate (Security Analyst ) Location: Bangalore, India Work Type: Work from Office (6 Months Contract) Shift: 24x7 Rotational Shifts (Mandatory) Overview:We are seeking a Senior Security Associate to join KPMG Managed Services (Spectrum) practice based in Bangalore. The ideal candidate will have experience in Security Operations Center (SOC), particularly in monitoring, triaging, and escalating security events using SIEM and other cybersecurity tools. Required skills: Experience with SIEM tools (Qradar, Splunk, Logrhythm, Solarwinds, etc.) Experience in Azure Sentinel Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire) Familiarity with incident response process and activities Familiarity with TCP/IP protocol, OSI Seven Layer Model Knowledge of Windows , Unix-based systems, architectures, and network security devices Intermediate level of knowledge of LAN and WAN technologies Must have a solid understanding of information technology, information security domains Knowledge of security best practices and concepts Desired certifications: Security+, C|EH, Network+, Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, or GIAC Reverse Engineering Malware Familiarity with ticketing tool / ITSM tool Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations Specifically, Security Analysts (L1) will: 1. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to: a. Firewalls b. Systems and Network Devices c. Web Proxies d. Intrusion Detection/Prevention Systems e. Data Loss Prevention f. EDR / Antivirus Systems g. Knowledgebase Framework (Confluence) 2. Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including: SIEM alert queue Security email inbox Intel feeds via email and other sources (e.g. NH-ISAC) Incident Ticketing queue (IT Security group) 3. Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context 4. Perform triage of service requests from customers and internal teams 5. Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation 6. Assist with containment of threats and remediation of environment during or after an incident 7. Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers 8. Document event analysis and write comprehensive reports of incident investigations 9. Proactively improve security-related operational processes and procedures 10. Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools 11. Maintain operational shift logs with relevant activity from the Analysts shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis Additional Information: Location: This is an on-site role in Bangalore. Shift Requirement: Candidates must be open to 24x7 rotational shifts, including night and weekend shifts. Candidates should have a positive attitude, strong work ethic, and the ability to meet tight deadlines in demanding environments

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence.- Strong understanding of cloud security principles and practices.- Experience with security incident response and management.- Knowledge of regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Familiarity with security tools and technologies used in cloud environments. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Roles & Responsibilities: Azure Security Posture and Azure Sentinel SIEM, Azure Security Center, Azure Policy, Azure Sentinel and Azure Monitor The focus of this team is to identify security vulnerabilities, remediate and implement security controls across MCS. Excellent stakeholder management skills and should be able to manage stakeholders at senior levels. Experience in proposing technical solutions in Microsoft. Experience in application security implementation using Azure AD Knowledge of CI and CD processes and Tools like AzureDevOPs Knowledge of defining build and release pipeline. Good understanding of cloud design patterns Ability to quickly perform POC on technically challenging requirements. Suggest tool/frameworks in given problem context Excellent written and oral communication skills Self-starter with quick learning ability and efficient Implementation skills with respect to country nuances Consultative and service bent of mind while dealing with key stakeholders Multi-task and should be able to work under stringent deadlines Ability to understand and work on various internal

We are hiring an experienced Cybersecurity Threat Detection Engineer for a contract-to-hire role based in Hyderabad. The ideal candidate will have 6+ years of hands-on experience in threat detection, incident response, and SIEM platforms such as Splunk, QRadar, or Azure Sentinel. The role focuses on developing high-fidelity detection content, integrating diverse log sources, and enhancing cloud and on-premise threat visibility. Strong knowledge of MITRE ATT&CK, adversary TTPs, and scripting for playbook automation is essential. The position is full-time onsite with a cab facility provided.

Role & responsibilities - Deploy, configure, and maintain the Devo, Swimlane, and Sentinel platforms. - Provide tier 2 support for platform-related incidents, troubleshooting complex issues, and identifying root causes. - Develop and implement automation scripts for routine tasks and workflows. - Collaborate with cross-functional teams to integrate platform solutions into existing infrastructure. - Lead platform upgrades, patch management, and capacity planning initiatives. - Mentor associate engineers and provide technical guidance and support. - Monitor platform performance, conduct performance tuning, and implement optimization strategies. Requirements: - Bachelor's degree in Computer Science, Engineering, or related field. - 3-5 years of experience in IT operations or platform engineering roles. - Proficiency in scripting languages such as Python, PowerShell, or Bash. - Hands-on experience with cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes). - Strong understanding of networking concepts, security best practices, and IT infrastructure components. - Excellent troubleshooting and diagnostic skills. - Ability to work independently and collaboratively in a fast-paced environment.

We are hiring an experienced Cybersecurity Threat Detection Engineer for a contract-to-hire role based in Hyderabad. The ideal candidate will have 6+ years of hands-on experience in threat detection, incident response, and SIEM platforms such as Splunk, QRadar, or Azure Sentinel. The role focuses on developing high-fidelity detection content, integrating diverse log sources, and enhancing cloud and on-premise threat visibility. Strong knowledge of MITRE ATT&CK, adversary TTPs, and scripting for playbook automation is essential. The position is full-time onsite with a cab facility provided.

Microsoft Sentinel (Azure SIEM) expertise Skilled in cybersecurity, incident analysis & KQL Strong in log monitoring & escalation handling Good knowledge of SIEM/SOAR tools Excellent troubleshooting skills Send resume: mohanrajk@desicrew.in Required Candidate profile 7+ yrs in Cybersecurity/SOC Expert in MS Sentinel (Azure SIEM) Strong in KQL, log monitoring, incident handling Skilled in SIEM/SOAR tools & integrations Good in escalation mgmt & communication