261 Crowdstrike Jobs - Page 11

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Splunk SIEM and Sentinal One EDR to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reduce noise from false positives. Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.)-SIEM Familiarity:Exposure to Splunk UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Good analytical and triage skills-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness-Monitor real-time alerts and dashboards in Splunk SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated (host info, user details, etc.)-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness Professional & Technical Skills: -SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution--Security Concepts:Basic understanding of malware, phishing, brute force-Tools:Sentinal One EDR, Splunk SIEM Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst(L2) to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain. As a Security Operations Analyst(L2), you will be responsible for detecting, analysing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments. The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Key Accountabilities Should have experience of 4-7years in SOC. Ensure the Customers operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner. Critical incident analysis & validation Platform management tasks like checking the health status and basic troubleshooting. Create new runbooks, playbooks and knowledgebase documents. Trend monitoring & analysis Threat and vulnerability impact analysis Reactive discovery of adversaries based on threat advisory or intelligence reports. Compliance reporting Onboarding of log sources Rule and dashboard enhancements Basic threat hunting Created and manage the watchlists. Handling escalations from L1 Analysts Review the L1 handled Incident and prepare individual scorecards. Prepare and review the weekly and monthly reports. Co-ordinate with vendor for issue resolution Use of threat intelligence platforms such as OSINT, to understand latest threats. Researching and analysing the latest threats to better understand an adversarys tactics, techniques, and procedures (TTPs). Automation of security processes and procedures to enhance and streamline monitoring capabilities. Ensure all Zero Day vulnerabilities are resolved within agreed SLA (Service Level Agreement) periods by respective teams which was reported by L2 Analyst team. Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Required to work in 24/7 Rotational shift. Skills & Experience Existing experience as a Security Operations Analyst, or equivalent. Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: - Microsoft Sentinel Microsoft 365 Defender Microsoft Defender for Cloud Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint. Firewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco. Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF. Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec Nice to have skills/experience includes: Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of DevOps practices such as CI/CD, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Certified Information Security Systems Professional (CISSP) Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) CREST Practitioner Intrusion Analyst (CPIA) CREST Registered Intrusion Analyst (CRIA) CREST Certified Network Intrusion Analyst (CCNIA) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH)GIAC Security Operations Certified (GSOC) A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences.

The Blackbaud Cyber Security team is looking for a Senior Security Vulnerability Engineer to aid in identifying, assessing risk, and communicating vulnerability information across all Blackbaud environments. What youll do : ? As the Senior Security Vulnerability Engineer, you will work to identify Infrastructure vulnerabilities and misconfigurations in on-premises and cloud environments.? Validation skills will be essential before thoroughly assessing the risk associated with the findings and then partnering with internal stakeholders to ensure communication and understanding of the risk assigned to them.? The overall goals of the Vulnerability Management team include ensuring the identification, prioritization, and reporting of all risk associated with any Blackbaud network or asset. The team is responsible for ensuring the completeness and accuracy of the data as well as driving the organizations to meet enterprise goals in reducing the attack surface. Implement security controls and compensating/mitigating controls for vulnerability risk Architect, deploy and operationalize vulnerability scanning technology platforms and designing remediation workflows Design and implement advanced vulnerability dashboards and executive reports Research vulnerabilities, scanning logic, and possible solutions What youll bring: A highly motivated and experienced security practitioner who passionately eliminates security vulnerabilities by ensuring stakeholders across the business have the right resources and information to address all discovered security concerns. You have a knack for fostering effective relationships and explaining technical security information across various levels of audiences.? 5+ years of Cyber Security experience required Advanced practical skills in vulnerability assessment tooling such as Crowdstrike, Tenable.io, Cisco Vulnerability Management, Qualys, Tenable CSPM, Tenable ASM etc. Experience with multi-cloud environments and cloud security compliance tools Understanding of securing and hardening operating systems, applications, and containers including frameworks that provide guidance on these subjects Experience with Kubernetes, APIs and Web services, including REST and SOAP Understanding of cyber security concepts, including threats, vulnerabilities, encryption, network security, and IAMS Situational awareness around industry news on software vulnerabilities, including 0-day vulnerabilities and emergency patching. As well as understanding of modern security engineering concepts and security-by-design principles. Familiarity with API scripting such as python and bash and an understanding of varied operation systems and network topology.

About the role: The Blackbaud Cyber Security team is looking for a Senior Security Vulnerability Engineer to aid in identifying , assessing risk, and communicating vulnerability information across all Blackbaud environments. What youll do : As the Senior Security Vulnerability Engineer, you will work to identify Infrastructure vulnerabilities and misconfigurations in on-premises and cloud environments.Validation skills will be essential before thoroughly assessing the risk associated with the findings and then partnering with internal stakeholders to ensure communication and understanding of the risk assigned to them. The overall goals of the Vulnerability Management team include ensuring the identification, prioritization, and reporting of all risk associated with any Blackbaud network or asset. The team is responsible for ensuring the completeness and accuracy of the data as well as driving the organizations to meet enterprise goals in reducing the attack surface. Implement security controls and compensating/mitigating controls for vulnerability risk Architect, deploy and operationalize vulnerability scanning technology platforms and designing remediation workflows Design and implement advanced vulnerability dashboards and executive reports Research vulnerabilities, scanning logic, and possible solutions What youll bring : A highly motivated and experienced security practitioner who passionately eliminates security vulnerabilities by ensuring stakeholders across the business have the right resources and information to address all discovered security concerns. You have a knack for fostering effective relationships and explaining technical security information across various levels of audiences. 5+ years of Cyber Security experiencerequired Advanced practical skills in vulnerability assessment tooling such as Crowdstrike, Tenable.io, Cisco Vulnerability Management, Qualys, Tenable CSPM, Tenable ASM etc. Experience with multi-cloud environments and cloud security compliance tools Understanding of securing and hardening operating systems, applications, and containers including frameworks that provide guidance on these subjects Experience with Kubernetes, APIs and Web services, including REST and SOAP Understanding of cyber security concepts, including threats, vulnerabilities, encryption, network security, and IAMS Situational awareness around industry news on software vulnerabilities, including 0-day vulnerabilities and emergency patching. As well as understanding of modern security engineering concepts and security-by-design principles. Familiarity with API scripting such as python and bash and an understanding of varied operation systems and network topology.

Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred technical and professional experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred technical and professional experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

About the Role: Gruve Technologies is seeking a highly skilled Security Consultant-Splunk with deep hands-on experience in designing, deploying, and configuring Splunk SIEM and SOAR solutions . The ideal candidate will lead end-to-end implementations—from architecture planning to log source onboarding, security use case creation, and tool integrations. This role also includes the deployment and configuration of Cribl for data routing and enrichment. You’ll work closely with security analysts and engineering teams to ensure robust threat visibility, operational efficiency, and high-quality delivery. Key Responsibilities: 1. SIEM Design & Implementation Architect and deploy Splunk environments (single/multi-site, indexer/search head clustering). Define and implement data ingestion strategies. Configure Splunk components: UF/HF, indexers, deployment servers, apps, etc. Deploy and manage Cribl for log stream processing and transformation. 2. Log Source Onboarding Identify and prioritize IT, cloud, network, and application log sources. Develop onboarding playbooks and custom parsing logic. Configure props.conf, transforms.conf, and onboard into CIM-compliant structure. 3. Use Case Development & Configuration Collaborate with SOC to translate detection requirements into correlation rules and alerts. Build dashboards, reports, and alerting mechanisms in Splunk Enterprise Security (ES) . Optimize SPL queries and tune alerts to reduce noise and false positives. 4. Tool Integration Integrate Splunk with platforms including: SOAR solutions: Splunk SOAR, Palo Alto XSOAR TIPs: Anomali, open-source feeds Ticketing tools: ServiceNow, JIRA EDR/NDR solutions: CrowdStrike, Fortinet, Cisco, etc. Develop and manage APIs and automation scripts for bi-directional integration. 5. Documentation & Knowledge Transfer Prepare HLDs/LLDs, operational SOPs, and architecture diagrams. Create runbooks and ensure configuration backups. Conduct KT sessions and operational training for SOC teams. Required Skills & Experience: 5+ years in SIEM implementation (3+ years focused on Splunk) Strong expertise in Splunk SIEM, Splunk SOAR, and Cribl deployment/configuration Skilled in SPL (Search Processing Language), CIM compliance, and log enrichment Hands-on with onboarding data from varied sources and environments Experience integrating tools and building automation with Python, Bash, etc. Preferred Certifications: Splunk Core Certified Power User Splunk Certified Admin / Architect Splunk Enterprise Security Certified Admin (preferred) CompTIA Security+, GCIA, or CISSP (nice to have)

Overview The role of Infrastructure Support in the IT/Systems sector is crucial for ensuring the smooth operation and maintenance of a company’s technical infrastructure. This position plays a vital role in supporting various IT systems, networks, and hardware, contributing directly to the company’s success by enabling efficient operations and minimizing downtime. Responsibilities Strong exposure in ITIL process (Incidents & Requests). Excellent & Strong communication skill with Customer/Vendor. Following Standard Operating Procedures for BAU support configure and maintain all applicable Servers. Perform Health Check of UNIX Servers as per agreed schedules. Closure of Tickets, issue resolution and managing services as per agreed SLA. Performance monitoring & initiate actions for the servers & sub systems. Taking actions against alerts within SLA. Action to be taken to optimize Alert & events for permanent resolution. Responsible of conduct meeting with customer and preparing MOM to the customer Should be able to performing RHEL OS & Security, Open SSL vulnerability remediation on Production & Non Production . Able to build a CI/CD pipeline Jenkins job to streamline all the manual operations Must be hands on experience in monitoring application related infra alerts. Applying the latest security, enhancement and regular patches to the Unix / Linux servers, along with management tools Providing support for Unix / Linux incidents and service requests Assisting with any firewall / DNS requests related to Unix / Linux servers Performing research as required to implement any new Unix / Linux components that are required for project and operations related requests Preparing project and operational documentation, such as Run Books and System Operating manuals Coordinate between the client employees, Server/System Engineers and third party vendors/providers Assisting the Project Manager by providing a technical project coordination role. Abiding by Incident, Request including complying with the Service Level Agreements as documented in the Problem Severity matrix. Create regular reports for Management requirements. Basic shell scripting knowledge such as Bash or Python. Able to perform tools installation in all the flavour of OS such as Big Fix Agent , HPSA , Crowd Strike, Splunk agent. Should have an experience in OS package upgrade and Kernel upgradation activities. Able to resolve kernel panic and OS related issues. Performing new file system creation or extension on Redhat Linux servers as per request. User/group Administration tasks.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about Senior Security Consultant and driven to protect against the latest threats? We are seeking a Senior Security Consultant who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Senior Security Consultant, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise Minimum of 15 years of experience in security Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Good Knowledge and experience in Crowd strike , Microsoft Defender, Cortex , & Symantec EDR , Arcon PIM , Cyber Ark PIM & Iraje •Bachelor's or Master's degree in Computer Science(B.E/B.Tech/MCA), Information Security, or a related field Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Key Skills: AWS, Core Java, Java, Microservices, Spring Boot, Kafka. Roles & Responsibilities: Design, develop, and maintain backend components and services using Java and Spring Boot. Implement microservices architecture to enhance application scalability and performance. Collaborate with cross-functional teams to define, design, and ship new features. Ensure the performance, quality, and responsiveness of applications. Troubleshoot and debug applications to optimize performance. Participate in code reviews and maintain coding standards. Stay updated with emerging technologies and industry trends. Experience Required: 3-8 years of proven experience in backend development using Core Java and Spring Boot. Strong expertise in developing and deploying scalable microservices in AWS environments. Experience in troubleshooting, debugging, and performance tuning of Java applications. Involvement in cross-functional collaboration for feature development and delivery. Exposure to Kafka or similar messaging systems is a plus. Education: B.E., B.Tech.

Key Skills: Endpoint Security, Crowdstrike, EDR, Sentinel, Shell Scripting. Roles & Responsibilities: Monitor security alerts and events from EDR and SIEM tools. Perform initial triage, investigation, and escalation of security incidents. Conduct threat hunting across endpoints and cloud workloads using the MITRE ATT&CK framework. Assist in building an internal Cyber Threat Intelligence (CTI) repository. Analyze malware behaviors and artifacts including hashes, domains, persistence, and lateral movement. Perform incident documentation, evidence gathering, and ticket management. Build and customize detection rules and logic. Conduct weekly calls with clients to discuss detections, incidents, and Managed Detection and Response (MDR) updates. Manage multiple client environments while ensuring adherence to Service Level Agreements (SLAs). Hands-on experience with SIEM tools such as Microsoft Sentinel (mandatory) and Exabeam (preferred). Hands-on experience with EDR tools such as Microsoft Defender for Endpoint (mandatory) and CrowdStrike (mandatory). Basic understanding of scripting languages (preferred). Strong understanding of threat actors, malware types, and the attack lifecycle. Familiarity with the MITRE ATT&CK framework. Basic knowledge of PowerShell or KQL (Kusto Query Language) for log analysis. Experience in triaging phishing, endpoint, or insider alerts. Excellent communication skills and a collaborative team mindset. Experience Required: 1.5-3 years of experience in real-time monitoring and triaging security incidents using EDR and SIEM tools. Proven experience in threat hunting and malware analysis. Familiarity with industry-standard frameworks such as MITRE ATT&CK. Experience working in a Managed Security Services environment across multiple clients. Exposure to detection engineering and rule customization for improving threat visibility. Education: Any Graduation.