261 Crowdstrike Jobs - Page 10

Knowledge of operating systems, system administration, and application security. Proficiency in security tools and technologies Experience with incident response methodologies. Strong knowledge of IT security protocols, data privacy standards Required Candidate profile Certified Information Systems Security Professional (CISSP) Vulnerability Scanner/Nessus, CrowdStrike, Cisco Meraki, Forcepoint One. Experience with cloud security and network security.

Role & responsibilities Mini. 2 years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Should be able to create HLD & LLD documents and should be able to draw architecture as per customer need Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Cons ultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee , Zscaler Email Security – Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Preferred candidate profile Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required 5-10 years’ experience in IT security Good communication skills Strong level of customer service required

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Lead Consultant (Cyber Security) Job Summary: The Lead consultant for Cyber Security (B2B SOC MSS) provides the advance level of support for Product Implementation & Services in the Security Operations. In this position, the consultant will be to lead the project (technical) consultants team for successful migration/ implementation of the Cyber Security Products (and Services). Mini. 5-10 years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Should be able to create HLD & LLD documents and should be able to draw architecture as per customer need Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Consultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee Email Security – Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Product certification from any of the above products will be added advantage Must be able to execute strategic and tactical direction for solutions offerings Experience in supporting a multiple customer base systems and network environments Provides timely and adequate response to threats/alerts, including off-hour support. Develop functional specifications for integrating/ adopting requirements into enterprise target state architecture or specific application Collaborate with business groups to help them to identify, classify, and secure high value data Provide feedback via periodic reports based on rule parameters; Ability to write regular expressions Ability to self- direct and work independently when necessary, and clearly articulate technical concepts/ issues to both technical and non- technical peers and management The ability to assess security events to drive to a resolution. Demonstrate Understand Critical Data Types such as PII, NPI, PCI, HIPAA, etc Demonstrate Understanding of Mass Storage, USB, Removable Media, for example allow charge but do not allow data copy Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Required Technical Expertise Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required 5-10 years’ experience in IT security Good communication skills Strong level of customer service required

Job Description Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check Career Level - IC3 Responsibilities Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 4-6 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities: Monitor, investigate, and close security incidents using QRadar SIEM , with deep expertise in offense triage and management. Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance. Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs. Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment). Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms. Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations. Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics. Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows. Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams. Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration. Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers. Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs. Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Experience in Designing and deploying use cases for SIEM and other security devices. Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar). Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling. Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary) Experience with network traffic analysis, packet capture tools, and deep dive investigations. Strong analytical, problem-solving, and decision-making skills. Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls. Preferred Qualifications: Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist. Prior experience in managing an in-house 24x7 SOC or leading shift teams. What We Offer: Work on a modern cloud-native security stack in a dynamic FinTech environment. Opportunity to lead security engineering and detection strategy for critical financial platforms. Be part of a tight-knit, expert-level team with a strong learning and innovation culture. Competitive salary, performance-based incentives, and growth opportunities.

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1-3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience : 1-3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances.

Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. Responsibilities: • Responsible for initial or secondary triage of security incidents identified by internal controls or external SOC partners • Proficient in Threat Research and understands the latest malware trends, common attack TTPs, and the general threat landscape • Proficient in Incident Response and automation workflows as it relates to Security Operations • Demonstrates ability to author content using a variety of query languages, as well as scripting for event enrichment and investigation • Detects, identifies, and responds to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures • Conducts threat hunting and analysis using various toolsets based on intelligence gathered • Responsible for documenting the incident life cycle, conducting handoffs, escalation, and providing support during cyber incidents • Create detailed Incident Reports and contribute to lessons learned in collaboration with the team • Works with vulnerability management resources to uncover and prioritize potential risks and makes specific recommendations to reduce the threat landscape and minimize risk • Works with leadership and the engineering team to improve and expand available toolsets when warranted are critical for the role Required Qualifications Skills : • Experience with one or more Security Information and Event Management (SIEM) solutions • Understanding of common Attack methods and their SIEM signatures • Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation • Strong knowledge and experience in Security Event Analysis capability • Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.) • Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats • Understanding of String Parsing and Regular Expressions • Strong analytical and problem-solving skills • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturit • Ability to interact effectively at all levels with sensitivity to cultural diversit • Ability to adapt as the external environment and organization evolves • Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements • Excellent in security incident handling, documentation, root cause analysis, troubleshooting and publishing post-Incident Reports. • Strong experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and incident response • Experience of network and system vulnerabilities, malware, networking protocols and attack methods to exploit vulnerabilities • Knowledge of cyber security frameworks and attack methodologies • Experience working with EDRs, Proxies, and anti-virus • Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies • Excellent verbal and written English communication skills Experience • More than 4-6 years of experience in Enterprise Cybersecurity or with a reputed services/consulting firm offering Security Consulting, Implementation and Managed Security services • More than 4 years of technical experience in Security Operations Center (SOC) and Information Security required • Experience with one or more Security Information and Event Management (SIEM) solutions Mandatory skill sets: Email Security: Proofpoint, Abnormal Security, M365 Defender SOAR: Palo Alto XSOAR • SIEM: Splunk Firewall: Palo Alto EDR: Crowdstrike Other tools: Darktrace and M365 Defender

Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check.

Your key responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analysts point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a seasoned EDR Subject Matter Expert with over 5 years of hands-on experience in managing enterprise-grade Endpoint Detection and Response (EDR) solutions, particularly Microsoft Defender for Endpoint and CrowdStrike. The ideal candidate should have experience working in dynamic environments across EDR platforms including EDR deployment on Windows servers, Linux servers, Windows workstations, macOS, iOS, and Android devices. Roles & Responsibilities:--Ensure 100% EDR Compliance by actively managing agent deployment, AV prevention policy enforcement, and coverage across all platforms.-Ensure MDE is in Passive (EDR in Block Mode ) where applicable and CrowdStrike as the Primary AV solution-Monitor and fine-tune alerts proactively to reduce noise and enhance detection accuracy. Handle incoming requests and incidents through ServiceNow (SNOW) or Jira for finetuning and IOC additions.-Maintain agent/platform health, ensuring that agents and security intelligence (AV signatures) are consistently updated and functioning optimally.-Develop custom detection policies using KQL (for MDE) and IOAs (for CrowdStrike) to identify threats beyond standard out-of-the-box detections.-Investigate and remediate performance issues caused by EDR agents as identified through ticketing systems (SNOW/JIRA). Tune configurations to reduce false positives, optimize resource usage (e.g., CPU/memory for MsMpEng.exe, Falcon sensor), and ensure high detection efficacy. Professional & Technical Skills: -Track and remediate vulnerabilities related to EDR components; coordinate with patching teams to ensure timely mitigation and compliance.-Collaborate with the team to run attack simulations using tools like AttackIQ, validating MDE and CrowdStrikes detection and prevention capabilities against real-world scenarios.-Document and maintain SOPs and knowledge base articles for all EDR-related operations, ensuring standardized processes and knowledge sharing.-Provide expert guidance and training on MDE/CrowdStrike tools to SOC and internal customers.-Support Weekend Move Events and Micro Segmentation activities (On demand)-Build dashboards/reports as per business requirements and should be able to automate repetitive tasks using PowerShell/Shell scripts. Additional Information:- The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities:-Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.)-SIEM Familiarity:Exposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Communication Skills: Clear written documentation and verbal escalation--Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:Sentinal One EDR, Splunk SIEM Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Endpoint ProtectionMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will focused to lead the design, implementation, and management of endpoint security controls across enterprise environments, will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trellix)-Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT&CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity. Professional & Technical Skills: -experience in endpoint security engineering or cybersecurity operations, with at least 2+ years in OT/ICS environments will be added advantage. -Experience with endpoint security scripting and automation using Python, Powershell Or API.-Familiarity with industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security ImplementationMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will be focused to lead the design, implementation, and management of endpoint security controls across enterprise environments. You will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trellix)-Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT&CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity. Professional & Technical Skills: -experience in endpoint security engineering or cybersecurity operations, with experience in OT/ICS environments will be added advantage. -Experience with endpoint security scripting and automation using Python, Powershell Or API.-Familiarity with industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum 5 years of experience in Operational Technology (OT) Security.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Endpoint ProtectionMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will focused to lead the design, implementation, and management of endpoint security controls across enterprise environments, will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trellix)-Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT&CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity. Professional & Technical Skills: -experience in endpoint security engineering or cybersecurity operations, with at least 2+ years in OT/ICS environments will be added advantage. -Experience with endpoint security scripting and automation using Python, Powershell Or API.-Familiarity with industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Role & responsibilities Role & responsibilities 6+ years of experience in cybersecurity operations with solid L3-level incident handling. Hands-on expertise with endpoint security solutions (CrowdStrike, SentinelOne, Microsoft Defender ATP, Carbon Black, etc.). Strong proficiency in conducting demos and technical evaluations for R&D or pre-deployment scenarios. In-depth understanding of SIEM platforms, EDR, network security, and intrusion detection. Experience with malware analysis, threat intelligence, and reverse engineering is a plus. Knowledge of Windows, Linux, and cloud environments (AWS/Azure/GCP). Familiarity with security frameworks (NIST, MITRE ATT&CK, SANS). Scripting skills (Python, PowerShell, Bash) for automation. Relevant certifications preferred: CISSP, OSCP, CEH, GCIA, GCIH .

About the Role Gruve is seeking a highly motivated and relationship-driven Partner & Alliances Manager based in Pune to lead and expand our strategic partnerships across the APAC region. This individual will play a key role in managing partner relationships, executing regional GTM activities, and supporting global partner program execution in close collaboration leadership and key stakeholders. You will serve as a regional ambassador for Gruve’s partnership strategy working closely with local OEMs, distributors, and technology alliances while aligning with internal sales, marketing, learning & development, and technical teams across time zones. This role is pivotal to Gruve’s international growth and partner-driven revenue acceleration. Key Responsibilities Strategic Relationship Development Build and manage business-level relationships with regional partners, distributors and OEM stakeholders Establish and maintain executive and business-level relationships and map OEMs with Gruve leadership Represent Gruve at APAC based partner events, conferences, and enablement sessions Act as the primary point of contact for regional partner activities, escalations, and collaboration Map Gruve business goals with OEM sellers, services team, leadership and drive the strategy Partner Program Mastery & Execution Execute local GTM plans in coordination with global partner leadership and stakeholders. Develop and execute a joint GTM plan to drive activity planning, co-sell motions, pipeline acceleration, partner-led deals, and programs. Track and report regional partnership certifications, event participation, and performance KPIs in collaboration with learning & development. You are the internal expert on all partner programs, incentives/rebates, deal registration and/or other benefits for partnerships in the region. Leverage MDF, rebates, spiffs, discounts, and sales plays to maximize profitability. Guide leadership on how to extract maximum value from each partnership. Work cross-functionally to support sales and other teams for partner-related initiatives. Due diligence on compliance, partnership status, maintaining partnership & legal records Own and elevate Gruve’s program membership levels to achieve the highest Tier(s). Internal Leadership & Cross-Functional Alignment Provide regular updates to leadership on opportunities, risks, growth, and revenue impact. Work closely with Presales, Sales Leadership and align with the business goals and strategy Lead QBRs to assess progress and identify growth opportunities. Drive the charter and roadmap using insights from market trends, customer needs, leadership direction, and partner ecosystems aligned with Gruve’s strategic interests. Establish strong alignment between Gruve’s sales teams and partner sales organizations to drive joint alignment. Basic Qualifications 7–10 years of experience in partnerships and alliances (preferably in tech/software) Must be able to travel to partner conferences and/or onsite visits throughout the region. Proven experience working with one or more APAC OEMs or distributors (e.g., Cisco, Red Hat, Microsoft, Palo Alto Networks, Fortinet, CrowdStrike, Zscaler, AWS, GCP, Ingram Micro. TD SYNNEX, Etevers etc.) Strong ability to build executive relationships and influence cross-functional teams. Ability to navigate complex partner ecosystems and align joint value propositions. Must be able to collaborate across time zones with internal teams in the U.S., EMEA, and beyond. Preferred Qualifications Excellent relationship management and communication skills. Entrepreneurial mindset with the ability to think strategically and act autonomously in a fast-paced environment. Strong organizational skills with the ability to manage multiple stakeholders and timelines. Experience working in fast-paced, high-growth environments.

We are seeking an accomplished Cybersecurity Sales Manager to drive revenue growth by selling advanced security solutions, including Zero Trust Network Access (ZTNA) , SASE , XDR , and cloud security platforms. The ideal candidate will possess a strong track record in enterprise B2B sales, with the ability to both close strategic deals and establish a cybersecurity practice by defining service offerings, building vendor partnerships, and executing go-to-market strategies. Key Responsibilities: Sales & Business Development Identify, engage, and close new business opportunities for cybersecurity products and services. Develop and execute strategic sales plans to meet revenue targets. Engage with CISOs and IT leaders to align security solutions with their risk posture and compliance needs (NIST, ISO 27001, GDPR). Lead Request for Proposal (RFP)/Request for Quotation(RFQ) responses and proposal development for large cybersecurity deals. Solution Selling & Technical Engagement Understand customer security requirements and propose tailored solutions. Work with pre-sales, technical consultants, and security engineers to deliver effective demonstrations and proof-of-concept (POC) engagements. Stay current on threat landscapes, Zero Trust frameworks, and emerging technologies (e.g., AI-driven security). Account Management & Relationship Building Manage existing accounts to drive customer retention and expansion. Develop strong relationships with cybersecurity vendors, technology partners, and system integrators. Ensure high customer satisfaction by coordinating with delivery, support, and managed security services (MSSP) teams. Market Research & Strategy Monitor emerging cybersecurity threats, competitor offerings, and market trends. Provide insights and recommendations to improve sales strategies and product positioning. Reporting & Collaboration Maintain accurate sales forecasts, CRM records, and pipeline reports. Work closely with marketing teams to develop targeted campaigns and lead generation strategies. Qualifications & Skills: 8-12 years of cybersecurity sales experience in system integration, IT security solutions, or MSSP(Managed security service providers) environments. Bachelor's degree in Computer Science, Cybersecurity, Business, or a related field (MBA is a plus). Proven track record of selling cybersecurity solutions such as firewalls, Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Security Operations Center (SOC) services, identity & access management (IAM), Data Loss Prevention (DLP), and cloud security. Knowledge of MITRE ATT&CK and D3FEND frameworks Proficiency in ITDR (Identity Threat Detection & Response) solutions Strong understanding of cybersecurity frameworks, compliance requirements, and risk management. Knowledge of API security gateways . Excellent negotiation, presentation, and communication skills. Experience working with cybersecurity vendors such as Palo Alto, Fortinet, Cisco, Check Point, Splunk, Microsoft, CrowdStrike, or similar. Proficiency with CRM tools (Salesforce, HubSpot, etc.) and sales methodologies. Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or vendor-specific certifications are a plus. Experience in selling cybersecurity solutions to large enterprises, financial institutions or similar. Understanding of managed security services (MSSP) and SOC operations.

Job ID: 200916 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we? Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking an experienced Vulnerability Management Specialist to join our Security Operations team. The ideal candidate will lead, implement, identify, assess, and mitigate security vulnerabilities across our infrastructure, including cloud environments. This role requires hands-on experience with vulnerability management tools, container security, and cloud security posture management, as well as a basic understanding of Generative AI technology What will your job look like? Implementing Vulnerability Management Solutions like Rapid7, Tenable, etc. Conduct regular vulnerability scans using tools such as Wiz, Rapid7, and CrowdStrike Exposure Management, Microsoft Defender etc. Analyze scan results, prioritize vulnerabilities, and collaborate with stakeholders to implement remediation plans. Manage and govern patch deployment processes to ensure timely remediation of vulnerabilities. Perform risk and vulnerability assessments, documenting findings and engaging with stakeholders to address risks. Oversee the risk acceptance and exclusion processes, ensuring appropriate documentation and approvals. Monitor container security and cloud security posture, recommending improvements and best practices. Provide threat management support and respond to identified threats effectively. Maintain comprehensive reports on vulnerability findings, trends, and remediation progress. Support security audits and compliance requirements related to vulnerability management. Has been involved into reviewing threat intelligence advisories for Zero day and critical vulnerabilities. Very good with documenting and tracking threat advisories Lead and mentor a team of vulnerability analysts All you need is... Required Skills and Experience: 6-9 years of experience in vulnerability management and threat management.Hands-on experience with vulnerability scanning tools (Wiz, Rapid7, Nessus , CrowdStrike , MDE, Axonius etc).Proficient in container security, On-prem and Cloud Vulnerability ManagementProficient in cloud platforms (AWS, Azure, or GCP).Experience in patch governance and stakeholder engagement for vulnerability remediation.Familiarity with risk acceptance and exclusion processes.Basic understanding of Generative AI (GenAI) concepts and experience handling co-pilot tool.Strong analytical skills and attention to detail.Excellent communication and stakeholder management skills.Good understanding of Security Frameworks and Standards (NIST , CIS , PCI-DSS etc.)Leading a team of Vulnerability Analysts. Preferred Qualifications: Experience with other security tools and frameworks.Experience with data visualization tools like Power BI, AWS Quicksight, etc.Scripting and Automation Experience (Python , Go, etc)Security Certifications ( CISSP or CISM or CEH) Why you will love this job: You will have the opportunity to work with the industry most advanced technologies and experts in a global company You will have opportunities to evolve yourself in the future of all cutting-edge technologies and business trends. You will be working with a great team Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

About Us Aeries Technology is a Nasdaq listed global professional services and consulting partner, headquartered in Mumbai, India, with centers in the USA, Mexico, Singapore, and Dubai. We provide mid-size technology companies with the right mix of deep vertical specialty, functional expertise, and the right systems & solutions to scale, optimize and transform their business operations with unique customized engagement models. Aeries is Great Place to Work certified by GPTW India, reflecting our commitment to fostering a positive and inclusive workplace culture for our employees. Read about us at https://aeriestechnology.com About Business Unit A platform that offers an end - to - end software and service platform for tickecting industry. Business offerings such as Yield Management, Data /Analytics , Event Management , Travel and Destination Management Roles and Responsibility As a Cybersecurity Analyst for Victory Live, you will play a critical role in safeguarding the organization’s cloud and on-premises infrastructure. You will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and vulnerabilities using advanced security tools and platforms such as Proofpoint, CrowdStrike, AWS, Azure Cloud, Uptycs, Obsidian, and other security technologies. This role requires expertise in vulnerability management, threat detection, security incident response, and cloud security. You will work closely with IT teams, threat hunters, and other stakeholders to ensure the organization's security posture remains resilient against evolving cyber threats. THE PLAN 1. Threat Detection & Response o Monitor security tools (e.g., CrowdStrike, Uptycs) for potential threats, malware, and other malicious activities. o Investigate security incidents and respond to detected threats using endpoint detection and response (EDR) tools such as CrowdStrike. o Collaborate with incident response teams to mitigate threats and vulnerabilities promptly o Participation in on-call rotation

About The Role Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security ImplementationMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will be focused to lead the design, implementation, and management of endpoint security controls across enterprise environments. You will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trellix)-Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT&CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity. Professional & Technical Skills: -experience in endpoint security engineering or cybersecurity operations, with experience in OT/ICS environments will be added advantage. -Experience with endpoint security scripting and automation using Python, Powershell Or API.-Familiarity with industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum 5 years of experience in Operational Technology (OT) Security.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.)-SIEM Familiarity:Exposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness-Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills: -SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution--Security Concepts:Basic understanding of malware, phishing, brute force-Tools:Sentinal One EDR, Splunk SIEM Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.)-SIEM Familiarity:Exposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness-Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills: -SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution--Security Concepts:Basic understanding of malware, phishing, brute force-Tools:Sentinal One EDR, Splunk SIEM Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.)-SIEM Familiarity:Exposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness-Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills: -SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution--Security Concepts:Basic understanding of malware, phishing, brute force-Tools:Sentinal One EDR, Splunk SIEM Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education