131 Crowdstrike Jobs

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY-cyber security team, you shall work as a SOC Senior consultant who will assist clients in the administration and management of security solutions. We're looking for a Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Administration and management support of CrowdStrike - Acting as the subject matter expert on the solution for the customer and utilizing its capabilities in daily operational work - Advising customers on best practices and use cases to achieve customer end state requirements - Developing content for automated security event monitoring and alerting, along with corresponding event response plans for systems Skills and attributes for success: - Customer service-oriented with a commitment to meeting customer needs and seeking feedback for improvement - Experience in managing CrowdStrike - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analysts point of view - Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus - Strong knowledge and experience in Security Monitoring and Cyber Incident Response - Familiarity with network monitoring technology platforms such as Fidelis XPS or others - Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have: - B. Tech./ B.E. with sound technical skills - Strong command of verbal and written English language - Technical acumen and critical thinking abilities - Strong interpersonal and presentation skills - Minimum 4 years of hands-on experience operating/implementing the above security tools - Certification in any of the SIEM platforms is a plus - Knowledge of RegEx, Perl scripting, and SQL query language - Certification - CCSA, CEH, CISSP, GCIH What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You'll get to work with inspiring and meaningful projects, receive support, coaching, and feedback from engaging colleagues, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As a member of our team, your main responsibility will be to evaluate new and existing security vulnerabilities sourced both internally and externally. You will need to determine their relevance, document the impact, and devise a remediation strategy in a format that is understandable to our customers. Your focus will encompass a wide range of technologies, including major cloud hosting environments, Linux servers, specialized hardware, various coding languages, and virtualization technologies. The ideal candidate will possess the ability to comprehend the technicalities of security, evaluate risks, and communicate these complex concepts in a clear and simple manner. Your tasks will include: - Reviewing vulnerability scan reports - Monitoring external sources for new vulnerabilities - Assessing the applicability of vulnerabilities within context - Determining the real impact of vulnerabilities - Documenting findings and disclosures for each vulnerability and sharing them with customers - Negotiating disclosure timing with external researchers - Monitoring remediation progress and updating documentation - Participating in Security Incidents related to urgent vulnerabilities - Providing metrics and statistics Minimum Qualifications: - At least five (5) years of relevant experience (including indirectly related experience) - Strong team player - Ability to interpret and communicate CVEs to both technical and non-technical audiences - Familiarity with hacking techniques and programming languages - Knowledge of risk evaluation - Proficiency in the MS Office suite - Excellent written and verbal communication skills - Ability to adapt quickly to changing priorities - High school diploma, GED, or equivalent professional experience - Flexibility in terms of work location Preferred Qualifications: - Experience in evaluating security risks within a production environment - Familiarity with Jira - Direct customer communication experience - Proficiency in at least one of the following languages: Python, Go, Java, or C - Experience with scan reports from various tools like Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk - Remote work experience across different time zones and cultures - Security certifications such as CISSP, CRISC, AWS SCS, etc. - Ability to work flexible hours Join our team today and be part of a dynamic environment where your expertise in cybersecurity will be valued and utilized to make a real impact.,

We are looking for an experienced Information Security professional with certifications like CISSP or CISA, and a strong background in leading compliance initiatives for SOC 2 Type II, ISO 27001, PCI DSS, and IOCFR. Direct experience working with RBI regulations and auditors is mandatory . The ideal candidate should have hands-on knowledge of AWS cloud security, and familiarity with tools such as GuardDuty, Wiz/Orca, Splunk, Crowdstrike, and Vanta. Experience in fast-paced sectors like FinTech, E-commerce, or Payment Solutions is a strong plus. What You&aposll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What Were Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology. Show more Show less

Function Goal : To support the organization's information security efforts by assisting with the monitoring and initial analysis of security threats, providing support in risk management activities, and helping ensure compliance with security policies to protect the organization's information assets. Key Result Areas : Assist in the development, review, and maintenance of security policies and procedures and provide support for security-related documentation to ensure robust security frameworks are in place. Ensure compliance with relevant security standards and regulatory requirements and participate in internal and external security audits to ensure the organization meets all necessary guidelines. Assist in the development and implementation of new security initiatives and technologies. Provide support for security-related projects, including planning, execution, and monitoring. Coordinate with project teams to ensure security requirements are met. Monitor and assess the effectiveness of security training programs. Promote best practices and educate staff on security policies and procedures. Create and distribute security awareness materials, such as security bulletins, phishing simulations and posters to ensure all employees are well-informed and vigilant and have a high level of security awareness. Assist in identifying potential security risks and vulnerabilities within the organization's systems and processes. Participate in the evaluation of risks by analyzing the likelihood and potential impact of security threats. Use tools and techniques to document identified risks and share findings with senior team members for further analysis to ensure proactive risk management. Participate in training and development opportunities to enhance security skills and knowledge. Provide feedback on existing security processes and suggest improvements to enhance effectiveness and to ensure continuous improvement of security measures.

What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organizations security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications: Experience:6-8 years in cybersecurity, with a focus on SOC operations and incident response. Environment:Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills: Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM:Splunk, CrowdStrike, QRadar EDR:CrowdStrike, Carbon Black, SentinelOne SOAR:Palo Alto XSOAR, Splunk SOAR Forensics:FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes: Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM 3:00 PM 2:00 PM - 11:00 PM IST

NTT DATA Services is looking for individuals who are exceptional, innovative, and passionate about cybersecurity technologies. As part of our team, you will provide operational support for various technologies such as CrowdStrike, Zscaler, Checkpoint Harmony, and others within scope. Your responsibilities will include communicating plans and updates on tasks and projects, as well as identifying and escalating issues and risks. Additionally, you will schedule and lead working group meetings, prepare meeting agendas and minutes, and ensure timely closure of action items. You will also be responsible for offering ad-hoc operational support, ensuring the integration of functions align with business goals, and identifying problem causality, business impact, and root causes. As a senior member of the team, you may advise or mentor junior team members, coordinate with cross-functional Operations and Technology (O&T) counterparts to enhance risk oversight, and address non-compliant items through collaboration with Business Managers and staff from various sectors. To qualify for this role, you should have at least 6 years of relevant experience, preferably in a bank or financial institution setting. Strong expertise in Cyber Security and antivirus/malware technologies, specifically CrowdStrike, Trellix, and Zscaler, is required. Excellent written and verbal communication skills are essential, along with knowledge of Scripting and Programming Languages. You should also demonstrate the ability to interpret and apply information security policies, standards, and procedures, as well as possess influencing and relationship management skills. Ideally, you will hold a Bachelor's degree or equivalent experience, with a Master's degree being preferred. If you are ready to be part of a dynamic and forward-thinking organization, apply now and join us in tackling security challenges across multiple businesses. #LI-MIWS,

Job Description CyberSecOn is looking for a talented and dedicated Cyber Security Analyst who can work remotely. A Cyber Security Analyst is responsible for maintaining the security and integrity of data. The security analyst must possess knowledge of every aspect of information security to protect company assets from evolving threat vectors.The main responsibilities will include: Monitor and investigate security events and alerts from various sources, such as logs, network traffic, threat intelligence, and user reports. Conduct proactive and reactive threat hunting campaigns to uncover hidden or emerging threats on the cloud environment. Perform root cause analysis and incident response to contain and remediate cloud abuse incidents. Document and communicate findings, recommendations, and lessons learned to relevant stakeholders and management. Develop and update cloud abuse detection rules, indicators, and signatures. Research and stay updated on the latest cloud abuse trends, tactics, techniques, and procedures (TTPs) of threat actors. Provide guidance and training to other security teams and cloud users on best practices and standards for cloud security. Manage multiple client environment cyber security infrastructure and applications. Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc. Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable. Responsible for managing and improving the defined patch management & configuration review process and activities. Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with companys compliance requirements. Skills & Experience: 4 years + years of experience in a security analyst role, preferably in a SOC environment. Good knowledge on security analyst, engineering, and project management experience Experience in client management for security projects. Knowledge and hands-on experience with SIEM technologies such as Microsoft Sentinel, Rapid7 Insight IDR, Wazuh, etc. Create play books and automation on Microsoft sentinel is desirable. Strong experience in Virtualisation, Cloud (Azure, AWS, other service providers) design, configuration, and management. Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines. Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools. Experience and ability to perform Phishing campaign and/or similar social engineering exercise. Subject matter expert in one or multiple areas as Windows, Unix, Linux OS. Vendor or Security specific certifications is preferred. Demonstrated analytical, conceptual and problem-solving skills. Ability to work effectively with limited supervision on multiple concurrent operational activities. Ability to communicate effectively via email, report, procedures in a professional and succinct manner. Preferred : Candidates who can join immediately or within 15 days.

As a seasoned Cybersecurity professional in a leadership role, you will be responsible for overseeing various aspects of Digital Forensics and Incident Response (DFIR) across Operational Technology/Industrial Control Systems (OT/ICS) and Information Technology (IT) environments. Your primary duties will involve conducting forensic investigations and root cause analyses of cyber incidents, coordinating incident response activities, and ensuring compliance with breach containment and recovery protocols. You will play a crucial role in the development and maintenance of playbooks, Standard Operating Procedures (SOPs), and readiness frameworks for both proactive and reactive DFIR measures. Additionally, you will be tasked with establishing and managing forensic labs and tooling infrastructure to support memory, disk, network, and cloud forensics. Collaborating with client Chief Information Security Officer (CISO) teams and legal/compliance counterparts during forensic escalations will also be a key aspect of your role. As a mentor and leader, you will guide junior investigators, ensuring their skill development through hands-on training. Your expertise will drive continuous improvement initiatives in forensic collection, chain of custody, and evidence handling procedures. Furthermore, you will be expected to provide support for expert testimony, litigation response, and legal documentation as needed. Your role will require close collaboration with red, blue, and purple teams to develop an integrated threat mitigation strategy. You will also conduct forensic workshops, table-top exercises, and readiness assessments for clients. Building relationships with global Original Equipment Manufacturers (OEMs) and DFIR product partners to enhance capabilities will be essential for the success of the organization. In terms of required skills and tools, you should be proficient in utilizing tools such as EnCase, FTK, Magnet AXIOM, Autopsy, Volatility, and Wireshark. Experience with Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) platforms like CrowdStrike, SentinelOne, and Carbon Black is crucial. Familiarity with OT forensic challenges, including air-gapped ICS/SCADA systems, and a deep understanding of ICS protocols such as Modbus, DNP3, and OPC-UA are also expected. Your personality traits and leadership abilities will be put to the test in this role. Strong analytical skills, attention to detail, and strategic thinking will be essential, especially in high-pressure situations. Your proven ability to lead in crisis scenarios, communicate effectively with stakeholders, and manage teams will be highly valued. Collaborating seamlessly with cross-functional teams, including Security Operations Center (SOC), engineering, legal, and client teams, will be instrumental in achieving the organization's cybersecurity goals. To qualify for this position, you should hold a Bachelor's or Master's degree in Cybersecurity, Computer Science, or related fields. Preferred certifications include GCFA, GCFE, CHFI, CISSP, or their equivalents. A minimum of 14 years of cybersecurity experience, with at least 5 years in DFIR leadership roles, and prior experience managing DFIR services for critical infrastructure or consulting environments are prerequisites for this role.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of our cloud environments, specifically across AWS or Azure. Your primary responsibilities will revolve around collaborating with DevOps and IT teams to implement and oversee security measures, identify and mitigate risks, and ensure compliance with industry standards. Your key responsibilities will include: - Utilizing Microsoft Defender for Cloud and EDR tools like SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint to enhance security measures. - Applying AI coding techniques for anomaly detection, threat prediction, and automated response systems. - Managing Microsoft Defender for Cloud to safeguard Azure environments. - Leveraging Endpoint Detection and Response (EDR) tools for threat detection and response. - Designing, implementing, and managing security solutions across AWS, Azure, and GCP. - Employing AWS security capabilities such as AWS Inspector, WAF, GuardDuty, and IAM for cloud infrastructure protection. - Implementing Azure security features including Azure Security Center, Azure Sentinel, and Azure AD. - Managing security configurations and policies across GCP using tools like Google Cloud Armor, Security Command Center, and IAM. - Conducting regular security assessments and audits to ensure vulnerability identification and compliance. - Developing and maintaining security policies, procedures, and documentation. - Collaborating with cross-functional teams to integrate security best practices into the development lifecycle. - Monitoring and responding to security incidents and alerts. - Implementing and managing Cloud Security Posture Management (CSPM) solutions with tools like Prisma Cloud, Dome9, and AWS Security Hub to continuously enhance cloud security posture. - Utilizing Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, and ARM templates for cloud infrastructure automation and management. Qualifications: Must Have Qualifications: - Bachelor's degree in computer science, Information Technology, or a related field. - 1-3 years of experience in cloud security engineering. - Proficiency in AWS security capabilities. - Strong skills in Terraform for Infrastructure as Code (IaC). - Experience with Cloud Security Posture Management (CSPM) tools. - Familiarity with Web Application Firewall (WAF). - Relevant certification such as CISSP or AWS Certified Security Specialty or similar. Good to Have Qualifications: - Additional experience with AWS security capabilities. - Strong understanding of cloud security frameworks and best practices. - Proficiency in Infrastructure as Code (IaC) tools like CloudFormation and ARM templates. - Experience with AI coding and applying machine learning techniques to security. - Excellent problem-solving skills and attention to detail. - Strong communication and collaboration skills. This role will be based at The Leela Office on Airport Road, Kodihalli, Bangalore. The position follows a hybrid work model with office presence on Tuesdays, Wednesdays, and Thursdays, and remote work on Mondays and Fridays. The work timings are from 1 PM to 10 PM IST, with cab pickup and drop facility available. Candidates based in Bangalore are preferred.,

Role & responsibilities : Level 2 SOC Analyst Role Overview: A Level 2 SOC Analyst is responsible for more advanced threat detection and incident response. They handle escalated incidents from Level 1 analysts and perform in-depth analysis to mitigate security threats. Key Responsibilities: Monitor security alerts and notifications generated by security tools and escalated by L1 team Conduct in-depth analysis of security events and incidents to determine their impact and severity, and escalate as necessary according to established procedures Investigate and triage security incidents, including analyzing log data, network traffic, and other relevant information to identify indicators of compromise (IOCs) and determine the root cause Develop and maintain incident response playbooks, procedures, and documentation to ensure consistency and efficiency in incident handling processes Collaborate with threat intelligence analysts to stay informed about emerging threats, vulnerabilities, and attack techniques, and incorporate this knowledge into security monitoring and response activities Configure and manage security tools and technologies to enhance threat detection and response capabilities. Skills and Qualifications: Education: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 2-4 years of experience in SOC operations and incident response. Experience in CrowdStrike SIEM and EDR preferred. Google SecOps , Crowdstrike NGSIEM Analytical Skills: Strong ability to analyze complex security data and identify patterns or anomalies. Documentation: Maintain detailed records of incidents, including analysis, response actions, and lessons learned. Develop SOC Runbooks. Communication Skills: Excellent verbal and written communication skills for documenting incidents and collaborating with team members. Problem-Solving: Ability to think critically and solve complex security issues. Certifications (Preferred): Certifications such as CompTIA Security or Certified Ethical Hacker (CEH) or similar. Work Environment: Typically works in a security operations center. May require shift work to provide 24/7 monitoring.

Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering. Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response. Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud. Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences. Key Accountabilities Ensure the Customers operational and production environment remains healthy and secure at all the times. Assist with customer onboarding customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings.

Lead Consultant (Cyber Security) Job Summary: The Lead consultant for Cyber Security (B2B SOC MSS) provides the advance level of support for Product Implementation & Services in the Security Operations. In this position, the consultant will be to lead the project (technical) consultants team for successful migration/ implementation of the Cyber Security Products (and Services). Mini.2years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Consultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee Email Security Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Product certification from any of the above products will be added advantage Must be able to execute strategic and tactical direction for solutions offerings Experience in supporting a multiple customer base systems and network environments Provides timely and adequate response to threats/alerts, including off-hour support. Develop functional specifications for integrating/ adopting requirements into enterprise target state architecture or specific application Collaborate with business groups to help them to identify, classify, and secure high value data Provide feedback via periodic reports based on rule parameters; Ability to write regular expressions Ability to self- direct and work independently when necessary, and clearly articulate technical concepts/ issues to both technical and non- technical peers and management The ability to assess security events to drive to a resolution. Demonstrate Understand Critical Data Types such as PII, NPI, PCI, HIPAA, etc Demonstrate Understanding of Mass Storage, USB, Removable Media, for example allow charge but do not allow data copy Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Required Technical Expertise Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required Good communication skills Strong level of customer service required

Dear Cybersecurity Professionals, We are thrilled to invite you to our upcoming AI in Cybersecurity User Group activity , happening on 26th July in Chennai . This is an excellent opportunity to connect, learn, and exchange insights on how AI is revolutionizing the cybersecurity landscape. Highlights of the event: Expert talks on AI-driven cybersecurity solutions Real-world case studies and practical insights Networking with industry peers and thought leaders Interactive sessions to discuss challenges & best practices Please note: Seats are strictly limited , and registrations will be accepted on a first-come, first-served basis. Date: 26th July 2025 Time: 10:30 AM 12:30 PM Location: Chennai (venue details will be shared upon confirmation) If youre interested in joining, please reply to this email or register through below link at the earliest to secure your spot. https://forms.cloud.microsoft/r/Qc57BKrBmQ Looking forward to your participation in building a vibrant AI in cybersecurity community!

You are a skilled SOC Analyst Level 2 who will be joining our Security Operations Center team in Pune. Your primary responsibility will be to protect our organization's digital assets by monitoring, analyzing, and responding to security incidents. Utilizing tools like Splunk, you will play a pivotal role in defending the organization's information assets by handling complex security incidents, performing detailed investigations, and mentoring L1 analysts. Your role involves using advanced security tools to detect, analyze, and respond to sophisticated cyber threats and contribute to improving SOC processes to stay ahead of evolving cybersecurity challenges. Your responsibilities will include investigating and resolving escalated security incidents, performing in-depth root cause analysis, conducting proactive threat hunting activities, utilizing advanced endpoint protection and threat analysis tools like Cisco AMP and CrowdStrike, monitoring and analyzing network traffic to detect anomalies and potential intrusions, performing detailed log analysis and event correlation using Splunk, recommending and configuring SIEM rules and alerts to enhance detection capabilities, monitoring and securing cloud services and applications using CASB solutions, collaborating with cross-functional teams to coordinate incident response efforts, documenting findings and actions, mentoring L1 analysts, and staying updated on emerging cybersecurity threats, trends, and technologies. You should bring proficiency with tools like Cisco AMP, Splunk, Duo, CASB, CrowdStrike, ExtraHop, ServiceNow, and JIRA, strong knowledge of network and endpoint security principles, and hands-on experience with incident response, threat hunting, and log analysis. In return, you will receive a competitive salary and benefits package, a culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications, the opportunity to work with cutting-edge technologies, employee engagement initiatives, annual health check-ups, and insurance coverage for yourself, spouse, two children, and parents. The company fosters a diverse and inclusive environment, offering hybrid work options, flexible working hours, and accessible facilities to support employees with disabilities. If you have specific requirements, please inform us during the application process or at any time during your employment. Persistent Ltd. is committed to creating an inclusive environment where all employees can thrive, accelerate growth both professionally and personally, impact the world in powerful, positive ways, enjoy collaborative innovation, and unlock global opportunities to work and learn with the industry's best. Join us and unleash your full potential at Persistent, an Equal Opportunity Employer that prohibits discrimination and harassment of any kind.,

Job Summary: We are seeking a highly skilled and motivated SOC Analyst / Detection Engineer to join our Security Operations Center. This role requires expertise in developing advanced KQL and Splunk queries, detection engineering, and incident response within complex enterprise environments. The ideal candidate will bring hands-on experience with SIEM, EDR, cloud security, incident playbooks, and OSINT tools, while also showing a passion for mentoring junior team members. Key Responsibilities: Develop and fine-tune detection rules and analytics using KQL (Microsoft Sentinel) and SPL (Splunk). Lead threat hunting activities leveraging EDR telemetry, SIEM logs, and threat intelligence sources. Design and implement detections based on behavioral patterns and MITRE ATT&CK mappings. Investigate security alerts and incidents, triage threats, and provide detailed incident reports and root cause analysis. Build and maintain incident response playbooks, SOPs, and runbooks to streamline SOC operations. Collaborate with internal teams to continuously improve detection logic and incident workflows. Mentor and train junior analysts, promote knowledge sharing, and support SOC skill development. Develop integrations and use cases with various log sources from on-prem, cloud, and hybrid environments. Utilize OSINT tools and frameworks (e.g., VirusTotal, Shodan, Censys, MISP, AbuseIPDB, Whois, etc.) during threat investigation and enrichment. Drive automation and orchestration where applicable using SOAR technologies. Stay up to date on threat intelligence, emerging tactics, techniques, and procedures (TTPs). Technical Skill Requirements: Detection Engineering: Strong expertise in writing detection queries (KQL/SPL), developing use cases, and tuning alerts. SIEM: Hands-on experience with Microsoft Sentinel and Splunk (Enterprise Security). EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint. Cloud Security: Security monitoring in Azure, AWS, and GCP. Microsoft 365 Security: Defender for Office 365, Entra ID (Azure AD), Purview (compliance). Web Security Filtering: Experience or knowledge of Zscaler and similar solutions. Incident Response: Playbook development, SOPs, runbook creation, triage, and remediation. OSINT Tools: Practical usage of VirusTotal, URLScan.io, MISP, Shodan, Censys, GreyNoise, AbuseIPDB, Whois, etc. Log Analysis: Deep understanding of log formats from servers, network devices, cloud services, and applications. Automation/SOAR: Familiarity with automation frameworks (Logic Apps, Sentinel Playbooks, Splunk SOAR) is a plus. Scripting: PowerShell, Python, or equivalent scripting for enrichment and automation. Additional Expectations: Willingness to mentor and train junior SOC team members. Ability to work independently in a fast-paced SOC environment. Excellent analytical, communication, and problem-solving skills. Strong attention to detail and a proactive security mindset. Preferred Certifications (Nice to Have): SC-200: Microsoft Security Operations Analyst Splunk Core/Enterprise Security certifications CrowdStrike CCFR / CCFH Zscaler ZCCA/ZCCP Azure/AWS/GCP security certifications GIAC (GCIA, GCED, GCIH) or other relevant SANS certifications

Hi All, Movate ( Formerly known as CSSCorp ) is hiring for Senior Endpoint Security Engineer Role. Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

Lead endpoint compliance team - 10-15 members Own developing, implementing, and maintaining endpoint security policies, procedures, and controls to meet regulatory requirements and industry standards.

Key Responsibilities: Lead advanced incident response, including triage, containment, eradication, and root cause analysis. Perform forensic investigations, malware analysis, and threat hunting activities. Manage and fine-tune enterprise security solutions: SIEM, EDR, NDR, firewalls, IDS/IPS, DLP, WAF, VPNs , etc. Act as a subject matter expert (SME) for escalated security events from L1/L2 teams. Review and update runbooks, threat detection rules, and incident response procedures. Collaborate with threat intelligence teams to analyze IOCs, TTPs, and emerging threats. Perform regular vulnerability assessments and coordinate patch management with IT/DevOps. Conduct security reviews of infrastructure, applications, and network architecture. Ensure compliance with ISO 27001, NIST, GDPR, PCI-DSS , or other applicable standards. Automate security operations and incident response workflows using tools/scripts (e.g., Python, PowerShell). Mentor junior engineers and conduct technical training sessions. Required Skills and Qualifications: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 510 years of hands-on experience in cybersecurity, with at least 23 years in an L3 or advanced SOC role. Expertise in managing and troubleshooting security tools: SIEM (Splunk, QRadar, ArcSight, etc.) EDR/XDR (CrowdStrike, SentinelOne, Defender ATP) Firewalls (Palo Alto, Fortinet, Cisco ASA) IDS/IPS, DLP, VPN, NAC, etc. Strong knowledge of cyberattack techniques , threat detection , and incident response lifecycle . Familiarity with MITRE ATT&CK , Cyber Kill Chain , STIX/TAXII , and YARA rules . Proficiency in scripting or automation (Python, Bash, PowerShell). Excellent documentation, troubleshooting, and analytical skills.

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of the cloud environments in either AWS or Azure. Your responsibilities will involve collaborating closely with the DevOps and IT teams to implement and manage security measures, identify risks, and ensure compliance with industry standards. You will be expected to have experience with Microsoft Defender for Cloud and Endpoint Detection and Response (EDR) tools such as SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint. Furthermore, you will apply AI coding techniques to enhance security measures, implement Microsoft Defender for Cloud for Azure protection, and utilize EDR tools for threat detection and response. Designing, implementing, and managing security solutions across various cloud platforms like AWS, Azure, and GCP will be a key part of your role. Utilizing security capabilities specific to each platform, such as AWS Inspector, WAF, GuardDuty, Azure Security Center, Sentinel, and IAM, will be essential in safeguarding the cloud infrastructure. Regular security assessments, audits, and the development of security policies and documentation will also fall within your responsibilities. Collaborating with cross-functional teams to integrate security best practices into the development lifecycle, monitoring and responding to security incidents, and managing Cloud Security Posture Management (CSPM) solutions using tools like Prisma Cloud and AWS Security Hub will be crucial aspects of your role. You should hold a Bachelor's degree in computer science, Information Technology, or a related field, along with 1-3 years of experience in cloud security engineering. Proficiency in AWS security capabilities, Azure AD, Microsoft Defender, M365, Exchange security, and Terraform for Infrastructure as Code (IaC) is required. Relevant certifications such as CISSP or AWS Certified Security Specialty will be beneficial. Additional qualifications that would be advantageous include experience with cloud security frameworks, Infrastructure as Code (IaC) tools like CloudFormation and ARM templates, AI coding, and machine learning techniques applied to security. Strong problem-solving skills, attention to detail, and effective communication and collaboration abilities are also desired. This position is based at The Leela Office in Bangalore, with a hybrid work model of 3 days in the office and 2 days remote work. The work timings are from 1 pm to 10 pm IST, with cab pickup and drop facilities available. Candidates based in Bangalore are preferred for this role.,

You are a skilled and proactive Vulnerability Management Analyst with 3 to 6 years of experience who will be joining the security team at CyberProof, a UST Company. In this role, you will be responsible for leading the day-to-day operations of vulnerability assessment and remediation efforts for a client. You will work hands-on with tools like Qualys, Defender, Crowdstrike, and Nessus. Your sharp analysis, technical precision, and mentoring mindset will have a direct impact on the enterprise's security posture. Your key responsibilities will include leading and overseeing vulnerability assessment scans using various tools, configuring and scheduling scans, interpreting assessment findings, and supporting ongoing remediation efforts. You will also be responsible for managing and maintaining up-to-date vulnerability, asset, and configuration databases, performing continuous asset discovery, and ensuring comprehensive scan coverage. Prioritizing vulnerabilities based on criticality, exploitability, and potential business impact will be a crucial part of your role. Additionally, you will mentor junior analysts, escalate risks, coordinate mitigation tasks, and ensure adherence to company and customer information security standards and regulatory compliance. Preferred qualifications for this role include proven experience in vulnerability management, familiarity with CVSS scoring, patch management cycles, and vulnerability lifecycle workflows. Strong analytical skills with the ability to translate complex technical findings into actionable risk narratives are essential. Experience working in hybrid cloud or enterprise environments would be advantageous. Certifications like CompTIA Security+, CEH, or Qualys Vulnerability Management Specialist are also considered beneficial.,

The Senior Analyst role within Bain's Cyber Security Department focuses on safeguarding the organization's digital assets and integrity. As a Senior Analyst, you will play a crucial role in understanding how security measures align with the organizational strategy. Your responsibilities will include organizing and leading the development and implementation of security controls that comply with regulatory requirements and best practices. You will be responsible for monitoring, analyzing, and responding to potential security incidents and threats. Assessing their urgency and impact on Bain, you will implement necessary measures to protect the organization's digital assets, data, and infrastructure. This may involve taking a leadership position in coordinating activities across the team, collaborating with technical teams and Security leadership. The Senior Analyst Security Operations role encompasses various disciplines, including Threat Intelligence, Vulnerability Management, Pro-Active Security Testing, and Enhanced Security Operations. Depending on the requirements, team members may dedicate a percentage or all of their time to these specific disciplines. Your principal accountabilities will include: - Vulnerability Management (80%) - Collaborating with cross-functional teams and providing leadership and guidance. - Conducting regular vulnerability scans on the organization's network, applications, and systems. - Implementing and operationalizing vulnerability management tools, processes, and best practices. - Prioritizing vulnerabilities based on risk and potential impact. - Leading meetings to remediate identified vulnerabilities and tracking progress. - Enhanced Security Operations (10%) - Expertise in Forensic Investigations and Tooling. - Leadership experience in Red Team, Blue Team, Purple team exercises. - Professional Development and Innovation (10%) - Staying informed about emerging trends and technologies in cybersecurity. - Collaborating with security team members, IT departments, and relevant business units to address security concerns. - Exploring Professional Certifications and planning trainings with leadership. Your knowledge, skills, and abilities should include: - Strong expertise in Security Monitoring & Incident Detection and Response. - Knowledge of various security tools like Splunk, CrowdStrike, Windows Defender, and others. - Understanding of Vulnerability & Attack Surface Management toolsets, Threat Intelligence tools, etc. - General skills such as good communication, analytical mindset, ability to work independently and in a team, eagerness to learn, and entrepreneurial spirit. Qualifications and Experience: - Bachelor's degree in a related field or equivalent education and experience. - 4-6 years of experience in the same domain. - Experience in deploying systems or applications, complex problem solving, and working in a dynamic environment. - Strong customer service, communication, troubleshooting, and endpoint security control design skills. - Experience with automation of Information Security controls, scripting, and cloud security control frameworks. In this role, you will play a vital part in enhancing the organization's overall security posture and addressing security concerns effectively. Your ability to adapt to new challenges, work collaboratively, and stay updated with cybersecurity trends will be crucial for success in this position.,

The Pre-Sales Engineer plays a crucial role in collaborating with the Sales team to offer technical expertise throughout the Sales Cycle. Understanding the unique technical requirements and business challenges of potential clients is a primary responsibility. Crafting solutions tailored to meet these needs and effectively communicating the value proposition of the company's products or services are key tasks. Industry exposure in Distribution, System Integrators, GSI, Retail, Service Providers, or OEMs is required. Hands-on experience with Cybersecurity Solutions like Perimeter Security (Firewall), Endpoints (AV, EDR, EPP), and IDAM (SSO, MFA, PIM/PAM) is essential. Key responsibilities include collaborating with clients to comprehend their technical needs, developing industry-specific product demonstrations and presentations, and conducting Proofs of Concept. Training Sales and Pre-Sale teams of Partners in the technical aspects of the product is also a significant part of the role. An in-depth understanding of technical concepts is necessary to deliver successful Demos and POCs and configure solutions according to clients" Network Architectures. Experience with Vendor solutions such as Cisco, Palo Alto Networks, Forcepoint, Netskope, CrowdStrike, or CyberArk, in addition to Industry-recognized certifications like CCNA, CCNP, CCIE, AWS, or Azure, is highly advantageous. Key Attributes: - Excellent communication, presentation, and interpersonal skills - Strong problem-solving abilities - Customer-oriented mindset - Effective time management, team collaboration, and multitasking skills This is a Full-time, Permanent position offering benefits such as Paid time off, and Provident Fund. The work schedule is during the Day shift, and the work location is in person.,

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies