80 Crowdstrike Jobs - Page 3

Job Title IT Consulting Responsibilities Minimum 8+ years of experience in cybersecurity, with at least 4 years in cloud security roles (AWS / Azure / GCP). Design and implement robust, scalable cloud security architecture based on Secure Landing Zone tailored to meet client needs and align with industry standards and compliance frameworks.Deep understanding and hands on experience of cloud security controls and the ability to leverage advanced security tools like CNAPP, CIEM, and CWPP etc. ( PaloAlto Prisma, WIZ, Aqua, Orca, Crowdstrike and etc.)Experience on Azure, AWS and GCP platform, with security controls like CSPM (Microsoft Defender for Cloud / Security Hub), CNAPP, EDR (Microsoft Defender CWPP), Key Vault, DDoS (Azure DDoS/ AWS Shield), Security Groups, VNP, Firewall, SASE, Secure Web Gateway (FrontDoor / AWS WAF) and Serverless Security, etc.Desing and implement cloud security controls across all the security domains (Network, Identity and Access, Vulnerability, Environment Governance, Monitoring and Data Privacy) within Azure and AWSProficient in frameworks like CSA Cloud Controls Matrix, NIST Cybersecurity Framework, or similar.Hands-on experience in two or more core cloud security domains (e.g., IAM, Network Security, Governance etc.).Knowledge on Compliance Standards like HIPAA, PCI DSS, GDPR, and other relevant regulations.Extensive hands-on experience with tools like Experience in Automation, scripting Cloud Formation/ Terraform, and DevSecOps to secure cloud infrastructure deploymentCreate and maintain automation scripts to streamline cloud security processes, enhance system reliability, and reduce manual interventions Technical and Professional Requirements: Lead complex client engagements from business process analysis to solution delivery. Drive problem definition, solution architecture, and team guidance. As a thought leader, advise on design reviews and lead business development initiatives. Shape innovative solutions to address evolving client needs. Preferred Skills: Technology->Cloud Platform->AWS Database->AWS Technology->Infrastructure Security->Cloud Security Technology->Cloud Security->AWS - GRC Technology->Cloud Security->GCP - GRC Technology->Cloud Platform->Azure Devops->Azure Deployment Manager Additional Responsibilities: Infosys is a global leader in next-generation digital services and consulting. We enable clients in 45 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. Educational Requirements Bachelor of Engineering Service Line Cyber Security * Location of posting is subject to business requirements

Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF Knowledge on Cloud Security Experience working in a technical support or helpdesk role is preferred Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required Ability to prioritize and manage multiple tasks simultaneously Strong problem-solving skills and a methodical approach to troubleshooting Adaptability and willingness to learn new technologies and processes Commitment to providing exceptional customer service and support.

Role & responsibilities the endpoint protection infrastructure • Provide direction and support in the implementation of leading-edge endpoint antivirus, EDR, application control, DLP, secured web gateway, email protection, privilege management security technologies utilizing a risk-based approach for conducting demo, proof of concept and deployment to customers. • Provide engineering solutions to address new threats leveraging implemented endpoint tools and identify gaps where improvement and/or new controls are needed. • Take part in the design, build, and run of a variety of endpoint and network security implementations in a diverse and complex environment, taking ownership of each initiative and producing successful outcomes. • Work within a team of security engineering professionals responsible for planning, design, implementation, attack prevention and mitigation and ongoing support of security systems of high complexity to fulfil security requirements without impacting business needs. • Implement security and threat protection controls protect data and applications using a diversity of cloud and on-prem Endpoint security tools. • Managing system performance, capacity, and service quality • Troubleshooting of problems with platforms • Client transitions and handovers Preferred candidate profile BE / BTECH or equivalent qualification with 6-8 years of experience with good communication Hand-on knowledge in implementation of end point security, EDR, ATP, Web Proxy, Encryption , DLP , Email security products Having good knowledge in implementation of Broadcom, Trend Micro, Force Point, McAfee, Sophos products Having exposure in both on-premises as well as cloud implementations Able to design the solution, suggesting optimal products and implementation of the same. Having worked in presales and post sales with any of our competitors. Certification on any of the OEMs like Broadcom, Trend Micro, Force Point, McAfee, Sophos products

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF Knowledge on Cloud Security Experience working in a technical support or helpdesk role is preferred Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required Ability to prioritize and manage multiple tasks simultaneously Strong problem-solving skills and a methodical approach to troubleshooting Adaptability and willingness to learn new technologies and processes Commitment to providing exceptional customer service and support.

Description JD for Azure Security Engineer. Bachelors degree in Computer Science, Information Technology, or related field (or equivalent work experience). Minimum 6 years of industry experience. Proficiency in cloud services and tools Specific to Azure and strong understanding of Azure Cloud Security Services. Proven experience as Azure security Engineer with azure EntraID Identity and Access Management RBAC, ID governance, PIM/PAM, Conditional Access Policies, ID protection, MFA Access Reviews. Work under the guidance of security Architect team and help in Designing security Standards. Collaborate with engineering and architecture teams to identify security risks and recommend mitigating controls. Hands on Experience with Design/test/Implementation of Azure policies Covering infra/resource security. Hands on Experience with configuring Azure Security Services - MDC, Key Vault azure monitor and Log Analytics Workspace. Participate in creation and maintenance technical security policies, standards, configuration baselines, benchmarks, guidelines, and SOPs. Expertise in Azure technologies including CSPM, CWPP, EDR, SIEM/SOAR and CIEM with experience in Integration, Configuration and troubleshooting. Develop and execute information security plans, procedures, and policies Deep understanding of cloud security principles and best practices, with experience implementing security controls in Azure infrastructure services. Implement security best practices and ensure compliance with industry standards and regulations Such as MCSB, CIS, NIST, SOC in Azure infrastructure services. Collaborate with Enterprise Operations, Engineering, and IT teams to implement security standards and ensure standards are followed. Experience assessing and implementing security controls in all relevant areas (including access management, encryption methods, vulnerability management, network security, application security, etc.) Experience with security tools MDC , Wiz, CrowdStrike, Defender 365, Microsoft Entra, along with managing and troubleshooting issues in CrowdStrike, and Microsoft Defender. Excellent communication, collaboration interpersonal and relationship skills are required. Ability to work as a team player and as an individual contributor. Must be willing to learn, adapt, and work in fast paced, dynamic environment Azure certifications (e.g., Azure Security Engineer Associate AZ500, Security Operations Analyst Associate SC-200 and relevant certifications SC100 or Etc., are a plus. Advanced industry certification in relevant field (e.g., Ethical Hacker, CISM, CISSP). Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills Azure Cloud Services Languages RequiredENGLISH Role Rarity To Be Defined

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Role & responsibilities SEPM Task 1. Administrator and manage SEPM server and Upgrade application. 2. SEPM policy creation and modify existing policies. 3. SEP client agent upgrade with latest version in all Systems. 4. Manage USB access via SEPM. 5. Manage file, folder, and application exception via SEPM. 6. Manage Compliance and make sure all system is updated with latest policy and security signature. 7. Share weekly compliance report with customer. Crowd strike Tasks 1. Create new policies and modify existing policies in Crowd strike. 2. Create new Custom rules for Crowd strike. 3. Manage Mobile USB access via Crowd strike. 4. Manage Crowed strike Sensor compliance and make sure all systems are running with latest Sensor version. 5. Manage Machine Learning Exclusions and IOC management via Crowd strike. 6. Handling Crowd strike detections incidents and track till closer those incidents. Symantec WSS\Web filtering 1. Handling URL filtering Symantec WSS. 2. Create new policy and rules and modify existing policy and rules in Symantec WSS. 3. Resolved service-now tickets for WSS web filtering issue. 4. Upgrade and manage for WSS Auth connector. 5. Manage and add Domain controllers and groups in WSS Auth connector. DLP Tasks 1. Administrator and manage Symantec DLP servers and Upgrade application. 2. Create new policy and rules and modify existing policy and rules in Symantec DLP. 3. Resolved service-now tickets for DLP issue. Band: U3 Competency : CSRM

1: Incident Response: Respond to and manage cyber security incidents, including threat detection, containment, eradication, recovery, and post-incident activities 2: Threat Hunting: Proactively hunt for threats within our environment, using tools like CrowdStrike and Splunk to identify potential security risks. 3: Digital Forensics: Conduct digital forensic investigations to determine the root cause of security incidents and identify areas for improvement. 4: Correlation and Analysis: Correlate security event logs from various sources to identify potential security threats and anomalies. 5: Documentation and Reporting: Maintain accurate and detailed records of incidents, including incident reports, root cause analyses, and lessons learned. Continuous Improvement: Stay up to date with emerging threats and technologies and make recommendations for process and tool improvements

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Your key responsibilities Operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. First level of monitoring and triaging of security alerts Initial data gathering and investigation using SIEM, EDR, NSM solutions. Provide near real-time analysis, investigation and, reporting security incidents for customer Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Good hands-on knowledge of SIEM technologies such as Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analysts point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP etc. To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Ability to work in 24x7 shifts Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Hands-on experience in SIEM, EDR and NSM solution Certification in any of the SIEM platforms Knowledge of RegEx, Perl scripting and SQL query language. Certification - CEH, ECSA, ECIH, Splunk Power User

Summary : We are seeking a highly motivated and experienced Lead Operations and Security Engineer to join our growing team. This individual will be responsible for the day-to-day management, maintenance, and security of our critical IT infrastructure, including VMware environments, Azure cloud resources, and Office 365 services. The ideal candidate will have a strong background in systems administration, networking, and security best practices, with a proven ability to lead and mentor other team members. Responsibilities : Windows Server management: Administrate DCs, AD, DNS, DFS, RDS, other Windows Server functions and applications. Application Installation and Management: Install, configure, and manage applications within the VMware and Azure environments. Collaborate with development teams to ensure smooth application deployments and ongoing support. Occasional MS SQL administration. VMware Management: Design, implement, maintain, and troubleshoot IaaS VMware vSphere environments, including ESXi hosts, NSX-T SDN, virtual machines, storage, and networking. Perform capacity planning, performance monitoring, and resource optimization. Networking: Manage and maintain network infrastructure, including firewalls, switches, routers, VPNs, NAT and DNS. Troubleshoot network issues and implement network security measures. Office 365 Administration: Administer and support Office 365 services, including Exchange Online, SharePoint Online, Teams, OneDrive, Purview, and security settings. Azure Cloud Management: Manage and maintain Azure cloud resources, including virtual machines, virtual networks, storage accounts, application registrations, and EntraID. Implement and maintain Azure security best practices. Security: Implement and enforce security policies and procedures. Monitor systems for security threats and vulnerabilities. Respond to security incidents and participate in security audits. Administrate Arctic Wolf, Crowdstrike, Varonis, Defender, ATP. Automation: Develop and implement automation scripts for routine tasks to improve efficiency and reduce manual effort. Documentation: Create and maintain accurate documentation of systems, configurations, and procedures. Team Leadership and Mentorship: Provide technical guidance and mentorship to junior team members. Lead and participate in team projects. On-Call Support: Participate in an on-call rotation to provide support for critical systems. Qualifications: Bachelor's degree in computer science, Information Technology, or a related field preferred. 5+ years of experience1 in systems administration and IT operations. Extensive experience managing VMware vSphere environments. Strong networking skills, including experience with firewalls, switches, and routers. Experience with Office 365 administration, including Exchange Online, SharePoint Online, and Teams. Experience managing Azure cloud resources, including virtual machines, virtual networks, and storage. Solid understanding of security best practices and experience implementing security measures, familiarity with NIST-CSF, CMMC, NIST800-171, GDPR. Experience with scripting and automation (e.g., PowerShell, Python). Excellent problem-solving and troubleshooting skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with ITIL or other IT service management frameworks is a plus. Relevant certifications (e.g., VCP, MCSA, MCSE, Azure certifications) are a plus.

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Role Overview: As a SOC L2 Analyst , you will play a crucial role in safeguarding the organization's digital assets by detecting, analyzing, and responding to cyber threats. Your responsibilities will include investigating escalated security incidents, performing in-depth forensic analysis, and mentoring junior analysts. Additionally, you will leverage cutting-edge security tools to enhance threat detection and response capabilities while continuously optimizing SOC operations. Key Responsibilities: Triage and resolve security incidents escalated from L1 analysts. Conduct thorough forensic analysis and root cause investigations. Develop and implement remediation strategies to mitigate security risks. Proactively hunt for threats using tools like Splunk, CrowdStrike, and other security solutions. Analyze threat intelligence to identify and neutralize potential risks. Coordinate incident response efforts across various teams. Prepare detailed reports and briefings for leadership. Perform in-depth log analysis and event correlation using Splunk, NGSIEM, and QRadar. Fine-tune SIEM rules and alerts to enhance threat detection capabilities. Guide and mentor L1 analysts to enhance their technical and investigative skills. Conduct workshops and training sessions on advanced security practices and tools. Stay informed on emerging cybersecurity threats, trends, and technologies. Contribute to refining SOC workflows, detection methodologies, and response strategies. Qualifications & Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience. Strong background in cybersecurity, particularly in SOC operations, incident response, and client interaction. Demonstrated ability to lead SOC teams and deliver effective security solutions. Deep understanding of security tools, frameworks, and best practices. Excellent leadership, communication, and stakeholder management skills. Preferred certifications: CEH, CySA+,CISSP, CISM, GIAC, or other relevant credentials. Preference for immediate joiners. Required Skills & Expertise: Proficiency with security tools such as Splunk, NGSIEM, QRadar, and CrowdStrike. Strong understanding of network and endpoint security concepts. Hands-on experience in incident response, threat hunting, and log analysis. How to Apply: Interested candidates should submit a detailed resume and a cover letter outlining their qualifications and experience relevant to the role applied for. Applications should be sent via our careers portal or to hr@stfox.com. St. Fox is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

SOC L3 Security Analyst Job Summary : We are seeking an experienced SOC L3 Blue Team Analyst to join our security operations team. The ideal candidate will have a strong background in cybersecurity defense, incident detection, and response. As a senior-level analyst, the L3 SOC professional will lead the investigation of complex security incidents, perform root cause analysis, develop strategies for preventing future incidents, and provide guidance to junior team members. Key Responsibilities : Lead investigations of security incidents and events escalated from Level 1 and 2 analysts. Conduct deep-dive analysis and forensic investigations to identify and mitigate potential security threats. Develop and improve detection, incident response, and investigation workflows. Identify attack patterns, threats, and vulnerabilities within enterprise environments. Provide expert guidance and mentoring to junior SOC analysts (L1/L2). Collaborate with IT and other teams to recommend and implement security measures. Develop and manage threat intelligence sources and help enhance threat detection capabilities. Create and update incident response plans and playbooks. Produce detailed reports and documentation for management and compliance purposes. Stay current with emerging security threats, vulnerabilities, and countermeasures. Work on continuous improvements to SIEM (Security Information and Event Management) configurations, threat hunting, and security monitoring practices. Key Skills and Qualifications : Technical Skills : Security Monitoring Tools : Proficient with SIEM platforms (QRadar), IDS/IPS, and endpoint detection & response (EDR) tools (e.g., CrowdStrike, SentinelOne). Incident Response : Strong knowledge in incident response workflows, threat analysis, and mitigation strategies. Forensics : Expertise in digital forensics tools (e.g., FTK, EnCase, Volatility) and techniques for analyzing malware, compromised systems, and network traffic. Networking & Protocols : In-depth understanding of networking protocols (TCP/IP, DNS, HTTP, etc.) and network traffic analysis. Scripting & Automation : Experience with scripting languages (e.g., Python, PowerShell, Bash) for automation of security tasks and incident investigations. Cloud Security : Familiarity with securing cloud environments (e.g., AWS, Azure, Google Cloud) and identifying threats in cloud-based infrastructures. Soft Skills : Strong analytical and problem-solving abilities. Excellent communication skills for reporting incidents and collaborating with teams. Ability to mentor and guide junior analysts in security processes and techniques. Certifications (Highly Desired): Certified Information Systems Security Professional (CISSP) : A globally recognized certification for senior-level security professionals. Certified Ethical Hacker (CEH) : Demonstrates expertise in ethical hacking and penetration testing techniques. Certified Incident Handler (GCIH) : Focused on incident handling and response methodologies. GIAC Security Essentials (GSEC) : Validates knowledge of information security concepts. Certified Cloud Security Professional (CCSP) : Demonstrates knowledge of cloud security principles and practices. CompTIA Security+ : A foundational certification for understanding security best practices. SANS/GIAC Certifications (e.g., GIAC Certified Forensic Analyst - GCFA, GIAC Certified Intrusion Analyst - GCIA): Advanced certifications demonstrating expertise in digital forensics and intrusion analysis. Experience : Minimum of 6-9 years of experience in a SOC environment, with at least 3 years in a Level 3 role. Proven experience handling advanced security incidents, from detection to containment and remediation. In-depth experience in vulnerability management, threat intelligence analysis, and mitigation strategies. Preferred Qualifications : Experience with threat hunting and developing custom detection rules and use cases. Familiarity with modern attack techniques (e.g., APT, ransomware, insider threats). Knowledge of regulatory frameworks such as GDPR, HIPAA, or PCI-DSS. Work Environment : This role may require on-call availability for incident response outside of normal business hours. Strong collaboration with IT, development, and business teams.

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security Experience working in a technical support or helpdesk role is preferred Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required Ability to prioritize and manage multiple tasks simultaneously Strong problem-solving skills and a methodical approach to troubleshooting Adaptability and willingness to learn new technologies and processes Commitment to providing exceptional customer service and support

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Ingram Micro helps businesses Realize the Promise of Technology. It delivers a full spectrum of global technology and supply chain services to businesses around the world. Deep expertise in technology solutions, mobility, cloud, and supply chain solutions enables its business partners to operate efficiently and successfully in the markets they serve. Unrivalled agility, deep market insights and the trust and dependability that come from decades of proven relationships, set Ingram Micro apart and ahead. Ingram Micro takes pride in our unique culture. Our associates are our most important asset, and they are at the forefront of everything we do. Our dedication to a shared set of principles unites and guides us to better decisions and behaviors, enabling us to focus on the success of our business partners and associates. We have been certified by Great Place to Work, the global authority on workplace culture. Great Place to Work measures the degree of trust, pride and camaraderie within organizations. Being recognized for this certification is not just a destination for our company, its the beginning of a journey. The Great Place to Work certification is one of the many steps we are making to ensure the best employee experience for our associates, in alignment with our global Tenets of Our Success. Ingram Micro India has been awarded in the recent past as Safe place to work , most ethical distributor , top 100 inclusive workplace. Sound Knowledge of Firewall Security domain preferably of Cisco , Fortinet, Palo Alto, Trend Micro, SonicWALL Product knowledge, Funnel Management, end to end Order Execution Extensive Channel experience in managing the Kolkata/EAST Large IT System Integration Chanel partners with revenues greater than INR 30 CR Account Management Experience Ability to and Experience in managing High Volume Transactions Hardworking, Dedication, Accountability, Ownership and Responsibility Working knowledge of Ms Excel 5+ years Work Experience in Distribution Ingram Micro is committed to creating a diverse environment and is proud to be an equal opportunity employer. We are dedicated to fostering an inclusive and accessible environment where all associates are valued, respected, and supported. We are highly driven by our tenets of success: Results, Integrity, Imagination, Responsibility, Courage, and Talents.

Role & responsibilities Detailed Job Description ============= • 24/7/365 analysis and response for Security Events. • Provide security event monitoring, analysis, triage incident alerting, and reporting using Security console / Monitoring tool. • Fine-tune of false-positive alerts & update false positive knowledge database. • Creating monitoring trends, baselines. • Monitor Security Events from IDS/IPS, firewall, windows, Linux, etc. • Working on Phishing/spam emails. • Develop and maintain response playbooks with input from MSK Information Security office. • Conduct initial triage and pre-approved/determined remediation or escalation (as appropriate) for various incident. types including denial of service, hacking, malware, phishing, unauthorized access, etc. • Identify gaps in existing monitoring/alerting and work with MSK Information Security office to address the same. • Develop additional alerts/correlations as needed to better respond to emerging threats. • Implement automation as needed to help streamline response. • Track and report on metrics for incident response activities. • Manage, investigate and respond to alerts from SIEM environment. • Assist in integrating new log sources in the SIEM tool. • Assist in setting up additional SIEM alert rules and finetuning. • Inform on monitoring and reporting leading practices and develop use cases on how to use SIEM technologies. • Identify security events and work with IT security and business groups, per the incident management and escalation processes in ITSM tool. • Perform System Health & Performance of SIEM solution. • Monitoring of ServiceNow ticket queues and associated/MSK mailboxes. • Weekly reports for adherence to established SLAs • Configuration changes or minor upgrades through documented SOPs and mutually agreed under L1 scope of work • Representation in daily Ready for Business (RFB), Change Approval Board (CAB) and Major Incident meetings"

We are looking for a SOC lead in the Cyber Security group, please refer the details below: Location: Pune Exp Range 8-12 Years The Fiserv Cybersecurity Incident Response Team (CSIRT) is responsible for providing a systematic response to cyber security incidents. The mission is to promptly respond to security incidents to minimize their impact and to restore all services to normal operational state as soon as possible. Comprehend the main reasons that led to the security incident to avoid recurrence in the future. Analyze security incidents to estimate the frequency and impact of such events and measure the effectiveness of the existing countermeasures/controls. Key Functions involve Continuous monitoring to identify cybersecurity events that should be investigated; Prioritization and investigation of events and incidents; & Containment, eradication and recovery from cybersecurity incidents. Role Description Role: Incident Handler Role Description : As a CSIRT Analyst, you will be an integral part of our Global Cybersecurity team, focusing on detecting, analyzing, and responding to security incidents and threats. You will work closely with a 24x7 Response team to ensure timely and effective incident response, as well as collaborate with various stakeholders across the organization to enhance our overall security posture. The right candidate will be responsible for responding to security incidents, building playbooks and workflows, and working with management to improve the overall corporate security posture. The candidate needs to have in depth knowledge of any of the industry wide used Security Information Event Management Tools (SIEM, IDS/IPS, EDR). Should have knowledge of Email Security Tools, various Operating Systems viz: Windows, Linux & Unix, Networking Protocols (TCP/IP, DNS, HTTP), Encryption and Cryptography, Web Security (OWASP Top 10), Cloud Security, Incident Response Frameworks (NIST SP 800-61, SANS), Programming and Scripting (Python, PowerShell, Bash), Malware Analysis, Vulnerability Management. Incident Handler- CSIRT What does a great Incident Handler do? Great incident handler is professional with extensive experience and expertise in handling complex and critical security incidents. They serve as a part of an incident response team and are responsible for more challenging and escalated incidents that could have significant impacts on an organization's security. What You will do: Incident Analysis: Conducting in-depth analysis of complex security incidents to understand the scope, impact, and root cause of the incident. Incident Response: Leading and coordinating the response efforts to contain and remediate the incident effectively. Forensics: Conducting digital forensics and detailed investigations to collect evidence and identify the source and extent of the breach. Malware Analysis: Analyzing sophisticated malware and understanding its behavior and capabilities to develop appropriate countermeasures. Vulnerability Research: Staying updated with the latest security vulnerabilities and emerging threats to improve the organization's defenses proactively. Threat Intelligence: Utilizing threat intelligence to identify and counter potential threats targeting the organization. Incident Documentation: Ensuring comprehensive and accurate documentation of incident response activities, findings, and lessons learned for future reference. Collaboration: Working closely with other teams, such as Tier 1 and Tier 2 incident handlers, IT teams, legal, and management, to address incidents effectively. What You Will Need to Have: 3 to 5 years of professional Cybersecurity incident handling experience in a Security Monitoring Center or a Security Operating Center environment. Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments. Detailed understanding of network architectures and services (routing, switching, web, DNS, email). Perl, Python and REST API scripting experience for automation of manual security event data review and analysis. Should have expertise on TCP/IP network traffic and event log analysis. Knowledge and hands-on experience with Chronical, QRadar, NetIQ Sentinel or any SIEM tool. Knowledge of ITIL disciplines such as Incident, Problem and Change Management Bachelor or Masters of Science in Information Security, Computer Science, Risk Management, Information Technology, Engineering, Mathematics. Will consider equivalent relevant experience. What Would Be Great to Have: Threat Hunting skills Reverse Malware analysis Harvesting Cyber Threat Intelligence

Job Title : Solution Architect- Security Experience Required : 5+ Years (with 3+ years in a Solution Architect role) Certifications Required :OEM Certifications from Security vendors like PaloAlto, Splunk, Cisco, Trelix, Forcepoint,crowdstrike, Microsoft etc.. Mandate Skills: EDR (Endpoint Detection and Response): Cisco, Paloalto Cortex, CrowdStrike, SentinelOne, etc. DLP (Data Loss Prevention): Trelix, Forcepoint, Symantec, etc. Cloud Security: PaloAlto PrismaCloud, TrendMicro, etc. SIEM (Security Information and Event Management): Splunk Email & Web Security: Cisco, Proofpoint, Zscaler, etc. SASE (Secure Access Service Edge): PaloAlto, Cisco, Zscaler, etc. Should work on RFPs, Define SOWs Job Summary: We are looking for a highly skilled and motivated Security Solution Architect to join our growing team. This role offers the opportunity to design, implement, and oversee cybersecurity solutions for enterprise-level IT infrastructures. The ideal candidate will possess an extensive background in cybersecurity, a proven ability to work closely with clients, and a passion for leveraging security technologies to meet business objectives. If you're a technical leader with a solution-focused mindset, we want to hear from you. Key Responsibilities: Design & Implement Security Solutions : Architect and develop comprehensive cybersecurity solutions tailored to client needs, following best practices and industry standards. Security Assessments : Conduct thorough security assessments, identify vulnerabilities, and recommend effective remediation strategies. Create Security Architecture Artifacts : Develop and maintain security architecture models, templates, and documentation that support best practices for secure IT systems. Collaboration Across Teams : Collaborate with internal teams and clients to ensure seamless integration of security technologies within existing infrastructures. Continuous Learning & Adaptation : Stay informed on the latest cybersecurity threats, industry trends, and new technologies to ensure our solutions remain cutting-edge. Pre-sales Support : Provide deep technical expertise in pre-sales activities, including solution design and security architecture for proposals. Risk Management : Lead risk assessments, identifying and implementing strategies for mitigating security risks. Ensure Compliance : Ensure solutions meet regulatory requirements and follow frameworks such as ISO 27001, NIST, etc. Mentorship & Leadership : Act as a guide and mentor to junior team members, helping them grow in their technical and security expertise. Soft Skills : Excellent communication, problem-solving, and strategic thinking skills. Collaborative Mindset : Ability to work independently and collaborate effectively within cross-functional teams

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Job Title : Cloud Security Exp Range: 3-5 Years Job Description: Cloud Platforms (AWS / Azure / GCP). Candidate should have hands-on experience in CNAPP ( Any vendors like Crowd strike, CheckPoint, Prisma) Candidate should be good knowledge and hands-on with Cloud Native Security Services Candidate should have atleast 1 security certification like AWS Security or Azure Security. Candidate should have strong communication skills and E-mail Candidate should be flexible to work in 24X7 environment and willing to work from Bangalore only. Skills: Checkpoint CloudGuard,Cloud Security Assessment, Azure, AWS,GCP - GCS,AWS Security, Cybersecurity, Communication Skills Job Location: Electronic City Pahas1 Bangalore Shifts: 24/7 Shift Who can join by 30 Days of Notice Thanks and Regards, Ankita Ghosh ankita.patari@happiestminds.com