80 Crowdstrike Jobs - Page 2

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations Since 2011, our mission hasnt changed "” were here to stop breaches, and weve redefined modern security with the worlds most advanced AI-native platform Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward Were also a mission-driven company We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers Were always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other Ready to join a mission that mattersThe future of cybersecurity starts with you. About The Role As a Corporate Account Executive, you will be responsible for driving new business opportunities You must be extremely results driven, customer focused, technologically savvy, and innovative at building internal relationships and external partnerships to attack the market with passion! The right candidate will possess excellent energy and drive and a real desire to build business across a portfolio of accounts They will have the ability to build effective relationships quickly and to find valuable business within each account immediately that can then be enhanced by leveraging internal resources. This role will be based in Mumbai What You'll Do Actively engage our prospective customers to identify Small Business & Capable of Managing the Run rate Business opportunities for CrowdStrike across the assigned region Run a sophisticated Sales process from Prospecting to Closure. Collaborate with our Sales Engineers (SEs) to devise and execute account strategies and plans. Predominantly working with the Channels Team, Distribution team & Inbound sales representative. Working with the account covering small & medium range with capping of number of End points. Forecast and report updates to management team. Provide exceptional and high touch customer service, including escalation and coordination of support issues as needed for the set accounts. Become an insider within the Cyber Security Industry and become an expert at expert of CrowdStrike products. Stay well educated and informed as to the CrowdStrike competitive landscape and how to sell the value of our solutions and services when compared to the relevant competitors in the Next Generation Endpoint market space. Be a go-getter that sets his/her sights above and beyond to blow out their established targets and quotas. May require modified work hours to accommodate accounts in other time zones, and minimal, but occasional travel for accounts that require a higher touch to achieve closure. What Youll Need Min 6 years of Sales experience generating net new business within the assigned region Proven experience selling a complex multi-product architecture to organizations, selling into C-level Executives to Evaluator-level Engineers. Track record of exceeding expectations in an individually focused, quota carrying role. Cold Calling experience (not tech, SaaS, or Security specific). Technical aptitude and ability to learn new business and technical concepts quickly. Competitive nature, but also a collaborative team player. Strong presentation skills, both in person and via virtual channels. Security and/or SaaS Sales experience a plus. Persistent- Doesnt stop at "no" Believes they can overcome. Coachable Seeks help; knows how to get help, when to ask for it and what situations call for it. Motivated to learn, to succeed, to win, to grow. Aptitude Able to learn and implement new concepts quickly. Self-Disciplined Proven to be good at time management, organization, and demonstrate discipline in their process and everyday business. Self-aware- Has a solid understanding of their strengths and weaknesses and what they need to work on. Benefits Of Working At CrowdStrike Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role s, geographic neighbourhood groups and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified„¢ across the globe CrowdStrike is proud to be an equal opportunity employer We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Show more Show less

Job Title: Security Operations Center (SOC) Analyst (Positios-02) Experience: 5 to 8 Years Location: Hyderabad Department: Cybersecurity / Security Operations Industry: IT Services / MSSP / Software / FinTech / Healthcare IT Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (58 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 5–8 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: On-site / Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

Job Title: L2 Security Specialist Job Summary: The L2 Security Specialist will take a proactive role in threat hunting, security assessments, and improving defensive measures. This role involves deeper technical analysis, security tool management, and incident response. Key Responsibilities: Perform Data Discovery & Classification to enforce data protection policies. Manage File Upload Security Solutions to prevent malware and data leaks. Conduct Attack Surface Management (ASM) to reduce exposure to threats. Execute Breach & Attack Simulation (BAS) and assist Red Team operations. and analyze Phishing Simulation campaigns to improve security awareness. Implement and audit Active Directory (AD) Security controls. Lead IT Governance, Risk & Compliance (GRC) initiatives (e.g., ISO 27001, NIST). Deploy and analyze Decoy (Honeypot) systems to detect advanced threats. Administer Mobile Device Management (MDM) security policies. Ensure Secure Data Backup & Recovery (Ransomware Protection) effectiveness. Configure and maintain Network Access Control (NAC) solutions. Required Skills & Qualifications: 35 years of experience in cybersecurity operations. Hands-on experience with SIEM, BAS, ASM, and NAC tools. Strong knowledge of phishing, ransomware defense, and AD security. Experience in GRC frameworks (ISO 27001, NIST, GDPR). Familiarity with honeypots, incident response, and threat intelligence. Certifications like CISSP, CISM, OSCP, or CASP+ preferred.

We are looking for a candidate who could join our Information Technology Team. Technical Skill Set: 1. Should have a knowledge and understanding of TCP/ UDP. 2. Clean and rigid understanding on what is an AV and whats an EDR solution 3. Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. 4. Understanding on EDR logs and log co-relation. 5. Should be able to understand and retrieve information from packet captures. 6. Should have a sane knowledge of SIEM solution. 7. Knowledge on Log parsing would be an added advantage. 8. Knowledge on Advisories, IOCs, IOAs, Adversories. What are these and how are these to be processed and why? 9. Understanding on actions to be done on receiving an advisory. 10. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: 1. Should be able to prioritize tasks while processing advisories, incidents, problems and events. 2. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. 3. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. 4. Work with the 3rd party solution provider for integration purpose. 5. Prepare documentation related to process and Knowledge base for future easy-reference. 6. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. 7. Vendor management skills. 8. Any earlier experience in crisis situation handling would be an added advantage.

Strong expertise in AWS Security Services, XDR, CrowdStrike, Zscaler, Proofpoint, Defender, WAF, API Security. Knowledge of network security, IAM, SIEM, & automation tools. Certifications as CISSP, CHFI, GCIH, AWS Security Specialty are preferred.

? Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions. ? Monitor and analyze security alerts, events, and incidents to promptly detect and respond to threats. ? Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. ? Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps. ? Seen as the cloud-security and cloud-compliance SME by the teams you support. ? Participate in incident response activities, including containment, investigation, and recovery, in the event of a security incident. ? Stay updated with cybersecurity threats, vulnerabilities, and industry best practices to ensure the organization remains secure. ? Ability to provide security guidance for physical, virtual, and code infrastructure. ? Provide vendor due diligence reviews, including SOC2 and vendor risk assessments. ? Drive change to improve the overall security posture. ? Ensure the protection of Organization information assets through the technical enforcement of organizational security standards and policies. ? Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause. ? Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security. ? Collaborate with team members and stakeholders on firm-mandated audits and take responsibility in performing the required reviews associated with the audit. ? Review IAM control standards, objectives in regular basis and perform access reviews associated with it ? Be the trusted advisor to ensure security of designs and blueprints for application architectures and cloud platforms. ? Design and maintain automated workflows to streamline security operations. ? Establish solid relationships with other teams and provide advisement as needed. ? Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams. What is the expectation from the candidate's current role/profile ? Expert understanding of common information security standards and best practices. Experience in Security and regulatory compliance standards and frameworks ? Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation. ? Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU. ? Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight. ? Azure Cloud security experience (Preferred 2 years). ? Minimum 3 to 4 years of experience in cloud security ? Hands on experience securing public cloud workloads in a hybrid, corporate environment. ? Security, risk, and compliance experience with Cloud Platforms. ? Knowledge of security controls, configuration management, and vulnerability management in public cloud. ? Solid understanding of firewalls, WAFs, Web Gateways, and IPS ? Excellent problem-solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions. ? Practical understanding with Agile, ITIL, monitoring, and metrics

Job Title: Endpoint Security Lead(AV/EDR) Responsibilities: - Design, implement, and maintain endpoint security solutions (AV/EDR) - Monitor and analyze endpoint security event logs - Investigate and respond to security incidents - Develop and maintain endpoint security policies and procedures - Understanding and implementing Application and Device control policies - Collaborate with IT teams for endpoint security integration - Stay up-to-date with emerging threats and technologies - Should present reports to the clients as per requirements. Requirements: - 7+ years of experience in endpoint security (AV/EDR) - Strong knowledge of endpoint security technologies (e.g., McAfee, Symantec, CrowdStrike, Cortex XDR, Microsoft Defender) - Experience in Implementing the AV/EDR solution from scratch - Understanding the client network and implementing the security policies efficiently - Experience with security information and event management (SIEM) systems - Proficiency in query languages (e.g., SQL, KQL, XQL) - Strong analytical and problem-solving skills - Excellent communication and collaboration skills Good to Have: - Experience with cloud security (AWS/Azure) - Knowledge of threat intelligence and incident response - Experience with IT service management (ITSM) tools - Relevant certifications (e.g., CompTIA Security+, CISSP)

Your Role As a member of the Security Technology Operations (STO) team at Client, the Lvl2 Security Technology Analyst will work with a global security toolkit, focusing on Antivirus/Malware and Certificate Lifecycle Management (CLM) utilizing Crowdstrike, Venafi, and Symantec Protection Engine (SPE). The role involves taking a lead in incidents and service requests, supporting the consultant, and providing advanced troubleshooting and mentorship to more junior Lvl1 team members. Key Responsibilities: Lead and manage incident and request handling for Crowdstrike, CLM, and SPE Attain and maintain SLAs and KPIs, providing detailed reporting and the timely escalation when necessary to management Escalate complex issues to STO management and leadership as necessary Assist in advanced troubleshooting of system performance-related incidents Engage with stakeholders including Business Unit, Cyber, Compliance, and Engineering Engineering teams Assist in the creation, configuration updates, and testing of Crowdstrike policies and Venafi workflows Support change request creation, representation, and implementation for the technology stack Provide general workstation and server troubleshooting support and support Lvl1 team members Participate in major incident management calls to provide support on active incidents Mentor and share advanced knowledge with Lvl1 analysts Identify and help implement automation and optimization opportunities Experience: Prior experience with and understanding of Antivirus/Malware and CLM terminology and processes 3-5 years of experience in a security operations role and fundamental knowledge of incident and service request handling Good understanding of Windows, MacOS, and .nix operating systems Proven advanced troubleshooting capabilities Familiarity with scripting languages such as PowerShell and batch files Exceptional communication skills and the ability to mentor junior team members Your Role As a member of the Security Technology Operations (STO) team at Client, the Lvl2 Security Technology Analyst will work with a global security toolkit, focusing on Antivirus/Malware and Certificate Lifecycle Management (CLM) utilizing Crowdstrike, Venafi, and Symantec Protection Engine (SPE). The role involves taking a lead in incidents and service requests, supporting the consultant, and providing advanced troubleshooting and mentorship to more junior Lvl1 team members. Key Responsibilities: Lead and manage incident and request handling for Crowdstrike, CLM, and SPE Attain and maintain SLAs and KPIs, providing detailed reporting and the timely escalation when necessary to management Escalate complex issues to STO management and leadership as necessary Assist in advanced troubleshooting of system performance-related incidents Engage with stakeholders including Business Unit, Cyber, Compliance, and Engineering Engineering teams Assist in the creation, configuration updates, and testing of Crowdstrike policies and Venafi workflows Support change request creation, representation, and implementation for the technology stack Provide general workstation and server troubleshooting support and support Lvl1 team members Participate in major incident management calls to provide support on active incidents Mentor and share advanced knowledge with Lvl1 analysts Identify and help implement automation and optimization opportunities Experience: Prior experience with and understanding of Antivirus/Malware and CLM terminology and processes 3-5 years of experience in a security operations role and fundamental knowledge of incident and service request handling Good understanding of Windows, MacOS, and .nix operating systems Proven advanced troubleshooting capabilities Familiarity with scripting languages such as PowerShell and batch files Exceptional communication skills and the ability to mentor junior team members

Role & responsibilities Core Responsibilities Monitor security dashboards and alerts to identify potential threats. Respond to security incidents by following established response plans. Conduct threat hunting to proactively identify vulnerabilities and potential threats. Collaborate with other departments, such as network engineering and incident response teams, for coordinated threat response. Analyze security incidents and document findings to prevent future occurrences. Develop and maintain security monitoring tools and processes. Implement and optimize SIEM, SOAR, EDR, and Threat Intelligence platforms. Conduct vulnerability assessments and penetration tests to identify weaknesses. Create and maintain incident response procedures and playbooks. Provide detailed reports on security incidents and emerging threats. Stay updated with the latest cybersecurity trends and threats. Experience 7-9 years of experience in cybersecurity, with a focus on SOC operations. Extensive experience with security monitoring tools and incident response. Proficiency in threat hunting and vulnerability analysis. Strong knowledge of network protocols, operating systems, and common cybersecurity threats. Experience with SIEM, SOAR, EDR, and Threat Intelligence platforms. Ability to conduct in-depth threat intelligence analysis and develop containment strategies. Experience in conducting vulnerability assessments and penetration tests. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Knowledge of frameworks such as NIST Cybersecurity framework, MITRE ATT&CK, and Lockheed Martin Cyber Kill Chain.

Knowledge of operating systems, system administration, and application security. Proficiency in security tools and technologies Experience with incident response methodologies. Strong knowledge of IT security protocols, data privacy standards Required Candidate profile Certified Information Systems Security Professional (CISSP) Vulnerability Scanner/Nessus, CrowdStrike, Cisco Meraki, Forcepoint One. Experience with cloud security and network security.

Role & responsibilities Mini. 2 years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Should be able to create HLD & LLD documents and should be able to draw architecture as per customer need Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Cons ultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee , Zscaler Email Security – Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Preferred candidate profile Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required 5-10 years’ experience in IT security Good communication skills Strong level of customer service required

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Lead Consultant (Cyber Security) Job Summary: The Lead consultant for Cyber Security (B2B SOC MSS) provides the advance level of support for Product Implementation & Services in the Security Operations. In this position, the consultant will be to lead the project (technical) consultants team for successful migration/ implementation of the Cyber Security Products (and Services). Mini. 5-10 years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Should be able to create HLD & LLD documents and should be able to draw architecture as per customer need Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Consultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee Email Security – Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Product certification from any of the above products will be added advantage Must be able to execute strategic and tactical direction for solutions offerings Experience in supporting a multiple customer base systems and network environments Provides timely and adequate response to threats/alerts, including off-hour support. Develop functional specifications for integrating/ adopting requirements into enterprise target state architecture or specific application Collaborate with business groups to help them to identify, classify, and secure high value data Provide feedback via periodic reports based on rule parameters; Ability to write regular expressions Ability to self- direct and work independently when necessary, and clearly articulate technical concepts/ issues to both technical and non- technical peers and management The ability to assess security events to drive to a resolution. Demonstrate Understand Critical Data Types such as PII, NPI, PCI, HIPAA, etc Demonstrate Understanding of Mass Storage, USB, Removable Media, for example allow charge but do not allow data copy Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Required Technical Expertise Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required 5-10 years’ experience in IT security Good communication skills Strong level of customer service required

Job Description Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check Career Level - IC3 Responsibilities Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 4-6 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities: Monitor, investigate, and close security incidents using QRadar SIEM , with deep expertise in offense triage and management. Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance. Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs. Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment). Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms. Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations. Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics. Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows. Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams. Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration. Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers. Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs. Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Experience in Designing and deploying use cases for SIEM and other security devices. Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar). Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling. Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary) Experience with network traffic analysis, packet capture tools, and deep dive investigations. Strong analytical, problem-solving, and decision-making skills. Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls. Preferred Qualifications: Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist. Prior experience in managing an in-house 24x7 SOC or leading shift teams. What We Offer: Work on a modern cloud-native security stack in a dynamic FinTech environment. Opportunity to lead security engineering and detection strategy for critical financial platforms. Be part of a tight-knit, expert-level team with a strong learning and innovation culture. Competitive salary, performance-based incentives, and growth opportunities.

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1-3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience : 1-3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances.

Overview: We are seeking a skilled IT Security Engineer to manage patching, endpoint security, and automation across our infrastructure. The ideal candidate will be responsible for implementing security measures, ensuring compliance, and optimizing system performance through proactive security initiatives. Key Responsibilities: Patch Management: Develop and implement an effective patching strategy for Windows, Linux, and third-party applications. Utilize Endpoint Central (ManageEngine) to deploy patches, track compliance, and troubleshoot failures. Coordinate with teams to test and schedule patch rollouts with minimal business impact. Generate patch compliance reports and remediate non-compliant systems. Endpoint Central Management: Administer and optimize ManageEngine Endpoint Central for device management, patching, and software deployment. Monitor system health, enforce policies, and manage endpoint security configurations. Automate routine endpoint tasks using custom scripts. CrowdStrike Antivirus Management: Deploy, configure, and manage CrowdStrike Falcon for endpoint protection. Monitor security s, analyze threats, and take remediation actions. Ensure endpoint devices comply with security standards and company policies. Collaborate with SOC teams to investigate security incidents and fine-tune detection rules. Scripting & Automation: Develop and maintain PowerShell, Python, or Bash scripts to automate patching, compliance checks, and endpoint management tasks. Create dashboards and reports for patch status, endpoint security, and compliance tracking. Optimize security operations through custom automation solutions. Required Skills & Qualifications: 3+ years of experience in IT security, patch management, and endpoint protection. Hands-on experience with ManageEngine Endpoint Central for endpoint and patch management. Strong knowledge of CrowdStrike Falcon or similar EDR/XDR solutions. Proficiency in scripting (PowerShell, Python, or Bash) for automation and system management. Understanding of vulnerability management tools (Qualys, Nessus, Tenable, etc.). Familiarity with compliance frameworks like ISO 27001, NIST, or CIS benchmarks. Strong troubleshooting, analytical, and communication skills. Preferred Qualifications: Experience in security hardening and compliance auditing. Knowledge of cloud-based security solutions. Relevant certifications such as CISSP, CISM, CEH, or Security+. Required Skills Patch Management,Endpoint Management,CrowdStrike

Role & responsibilities : • Create/ review and uplift/ implement the third-party risk management framework. • Conduct comprehensive information security risk assessments of the suppliers for the cyber risks in alignment with the organizational policies, industry best practices and standards/regulatory requirements. • Collaborate with internal stakeholders to identify and mitigate potential risks. • Monitor and report on the risk status • Establish and maintain effective vendor management processes. • Provide risk management guidance and training to third party risk management teams. • Stay up to date with industry best practices and regulatory changes • Project management experience • Stake holder management • Communication management Mandatory skills CrowdStrike- Third-Party Risk Management (TPRM)

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Summary As a Cloud Security Engineer at Gainwell, you will be a part of an innovative healthcare technology company with a mission to serve the healthcare needs of our communities. Gainwell is seeking a Cloud Security Engineer who can provide technical leadership and be accountable for all security-related compliance and delivery for the customers assigned. Your role in our mission Essential Job Functions Performs basic vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies. Investigates and/or escalates security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security. Documents and reports event(s). Assists in providing engineering analysis, design and support for firewalls, routers, networks, and operating systems. Assists in performing product evaluations and recommends products/services for network security. Validates and tests basic security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies. Develops, tests and deploy firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. Assists in the review and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security. Assists in providing oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. What we're looking for Bachelor's degree in computer science, information systems, or related field preferred 10 or more years of IT experience is required along with 5 or more years of experience in Cloud security engineering... Security Understanding of NIST 800-53, CMS Compliance and auditing, and Cloud Security Security Tooling: Splunk, Nessus, CrowdStrike and other Cloud Security tools Cloud: AWS and or Azure operation functionalities IAM: Expertise in Identity and Access Management (IAM) solutions, including user provisioning, role-based access control, and policy enforcement in cloud environments. Possess any one of the security certifications (CCSP, AWS Certified Security, Specialty and Azure Security Engineer Associate, Advanced Cloud Security Practitioner (ACSP). Preferred but not required certifications (CISSP, CCNA). Prefer someone with JSON (JavaScript Object Notation) and deploying JSONs within a cloud environment. Experience in network, host, data and/or application security in multiple operating system environments. Experience working with IP networking , networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists. Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies. Experience working with federal regulations related to information security (CSF, NIST Special Publications, FedRAMP, FISMA). Strong analytical and problem-solving skills. Experience working with security architecture. Experience leading and working with small to medium teams. Proactive and can operate independently with guidance. Make decisions independently based off organizational and security best practices. What you should expect in this role Shift Timings (7:00 PM - 4:00 AM IST) Fully Remote Opportunity Video cameras must be used during all interviews, as well as during the initial week of orientation

Dear Candidate, We are looking for a skilled Cyber Security Engineer to design, implement, and maintain security solutions that protect systems, networks, and data from cyber threats. You will be responsible for threat detection, vulnerability assessments, incident response, and security compliance . If you have expertise in network security, endpoint protection, cloud security, and risk management , we'd love to hear from you! Key Responsibilities: Design and implement cybersecurity frameworks to protect IT infrastructure and applications. Conduct risk assessments, vulnerability scans, and penetration testing to identify security weaknesses. Implement and maintain firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM solutions . Develop and enforce security policies, procedures, and best practices . Investigate and respond to security incidents, breaches, and cyber threats . Perform log analysis, threat intelligence, and forensic investigations . Manage identity and access management (IAM) , multi-factor authentication (MFA), and privilege access controls. Secure cloud environments (AWS, Azure, GCP) and implement cloud security best practices . Conduct security awareness training for employees to mitigate cyber risks. Collaborate with DevOps teams to ensure secure coding and DevSecOps practices . Stay up to date with emerging threats, vulnerabilities, and cybersecurity trends . Required Skills & Qualifications: Strong knowledge of network security, firewalls, VPNs, and IDS/IPS solutions . Experience with SIEM tools (Splunk, IBM QRadar, ArcSight, ELK Stack). Hands-on experience with endpoint security solutions (CrowdStrike, Symantec, Microsoft Defender). Proficiency in penetration testing tools (Burp Suite, Metasploit, Kali Linux, Nmap). Understanding of encryption, authentication protocols (TLS, SSL, AES, RSA, PKI, OAuth, SAML) . Familiarity with cloud security best practices (AWS Security Hub, Azure Security Center, GCP Security Command Center). Experience with compliance frameworks (NIST, ISO 27001, CIS, SOC 2, GDPR, HIPAA). Knowledge of identity and access management (IAM, MFA, SSO, LDAP, Active Directory) . Ability to analyze security logs, alerts, and forensic data for threat detection. Strong scripting and automation skills (Python, PowerShell, Bash). Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Hi All, Greetings from Tecnics !!! We are hiring for Security /Hardware Sales requirement for Chennai location Skill/Title: Security/Hardware Sales Executive Exp: 3Yrs-5Yrs Loc: Chennai (Locals Only) Type:FullTime JD: Experience in hardware/security sales-Must Good client contacts Sales resources with contacts and relationship with C level executives. Should have experience in Field Sales Should have experience in Cold calling Should have experience in Generating leads. -- Thanks & Regards, Mounika

Description Hiring manager / EMP id :nitin.relekar@capgemini.com/408699 Primary Skill:Tools skills used in client space egMS Defender, CrowdStrike,SNOW Secondary Skill:Demonstrated experience in cybersecurity engineering, particularly in solution design, threat management, and configuration optimization. Deep understanding of network security, endpoint protection, cloud security, and modern threat landscapes. Intune experience Azure and other cloud technology experience Technical Skills in Scripting and Automation Experience with Device Management Certification:Security+, OSCP, CEH Shift Timing:Yes, 3:30 AM IST Customer Interview:No Onshore Interview:No LocationPune,Bangalore, Mumbai Configuration ReviewEvaluate and enhance security configurations across client solution Incident ResponseLead investigations into security incidents, manage containment and recovery efforts, and develop post-incident reports to drive continuous improvement. Security Policy Development/Implemetation for solutionContribute to the creation and refinement of security policies, procedures, and standards to align with evolving threats and compliance requirements. Hands-on expertise with security tools and platforms for monitoring, analysis, and threat detection (e.g., SIEM, EDR, XDR, AV solutions Proven ability to manage and respond to incidents while maintaining a calm and strategic approach. Strong leadership skills with the ability to inspire and manage teams effectively. Excellent communication skills to engage with both technical teams and non-technical stakeholders. Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Microsoft Defender;CrowdStrike Falcon;ServiceNow;problem solving Languages RequiredENGLISH Role Rarity To Be Defined

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support