131 Crowdstrike Jobs - Page 4

Position : Senior LeadEngineer SOC Incident Responder Grade :E1 Location :Chennai JobDescription: Support cyber incident response actions to ensureproper assessment, containment, mitigation and documentation Perform in-depth analysis and investigative effortswhen events are escalated and determine next appropriatecontainment / remediation / eradication efforts. Research and Evaluate new technologies like Anti APTsolutions, SOAR, ,Deception technologies, Big Data forensic analytic tools, andassist in implementation of the same. Assist with defining and updating incident responseplaybooks to ensure tasks align with best practice Identify and propose areas for improvement within theSecurity Operations Centre. Responsible for driving execution of daily, weekly,and monthly metrics for statistical threats and KPIs. Coordinate with global stakeholder along with theSenior management during contingency scenarios/ high severity incidents toensure responsive actions are communicated in timely manner. ProfileDescription: Should have 7-11 years of specific InformationSecurity experience. Should have subject matter expertise in relevantareas, such as Incident Response, Forensic analysis, Malware analysis,Intrusion analysis and Crisis Management. Strong working knowledge on security tools, such asSIEM,AV,Vulnerability scanners,Proxies,WAF,Net flow,IDS and Forensic Tools. In-depth knowledge of malware families and networkattack vectors Demonstrated experience in an enterprise-levelincident response team or security operations centre. Log (network, security, access, OS, application, etc.) analysis skills and experience in relation to identifying and investigatingsecurity incidents. Strong knowledge of Operating System Internals (Linux,Windows. Etc) Should be familiar with security engineeringpractises, web/Application security, Cloud Security. Should have Scripting knowledge () Have sound analytical and problem solving skills Preferable be a GIAC,CISSP, CEH certified Professional Experience in product suites like Mcafee, Fireye,Crowd Strike, Cylance etc.

"We're Hirng For Senior Security Engineer role at Noida/Bhubaneswar Location" Position: Senior Security Engineer Experience: 5 to 8 Years Location: Noida / Bhubaneswar Must-Have Skills: Cloud Security: AWS / GCP / Azure Security Services: IAM, VPC, Security Groups, KMS Security Tools: AWS Security Hub, Azure Defender, Prisma Cloud, CrowdStrike, Burp Suite, Nessus Container Security: Docker, Kubernetes Scripting: Python, Bash IaC Tools: Terraform, CloudFormation Core Concepts: Encryption, Authentication, Authorization, Secure Communication Client-facing experience in delivering actionable security solutions More information +91 73597 10155 | rushit@tekpillar.com

Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender, Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune. Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7. Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Contact details: Interested candidates drop your resumes to 8179814131 - Navya (Whats App only)

Picture Yourself at Pega: As a Senior Cloud Security Operations Analyst, you will play a critical role in ensuring the confidentiality, integrity, and availability of Pega's commercial cloud infrastructure and assets. You will be key in the continuous monitoring and protection of all global cloud security operations at Pega as well as an active participant in incident response efforts. As a key member of a team consisting of highly capable and talented problem-solving analysts and engineers, you'll help develop processes that drive proactive, automated detection and incident response tactics to support the quick resolution of cloud security events and incidents. You will accomplish this by collaborating with cross-functional teams including other security analysts, threat detection engineers, vulnerability analysts, security engineers, system administrators, and developers to proactively identify potential security risks and vulnerabilities within our cloud environment. You will leverage your strong analytical skills to assess and prioritize threats, applying your knowledge of industry best practices and cloud security frameworks. As a Senior Cloud Security Operations Analyst at Pega, you'll contribute to the success of our globally recognized brand. Your efforts will directly impact the security and trust our clients place in us, as we help them transform their business processes and drive meaningful digital experiences. So, picture yourself at Pega, where your expertise in cloud security is valued, and your passion for protecting data is celebrated. join us in shaping the future of secure cloud operations and make a lasting impact on the world of technology. What You'll Do at Pega: Perform security monitoring of Pega Cloud commercial environments using multiple security tools/dashboards Perform security investigations to identify indicators of compromise (IOCs) and better protect Pega Cloud and our clients from unauthorized or malicious activity Actively contribute to incident response activities as we identify, contain, eradicate, and recover Contribute to standard operating procedure (SOP) and policy development for CSOC detection and analysis tools and methodologies Assist in enhancing security incident response plans, conducting thorough investigations, and recommending remediation measures to prevent future incidents. Perform threat hunts for adversarial activities within Pega Cloud to identify evidence of attacker presence that may have not been identified by existing detection mechanisms Assist the threat detection team in developing high confidence Splunk notables focused on use cases for known and emerging threats, based on hypotheses derived from the Pega threat landscape Assist in the development of dashboards, reports, and other non-alert based content to maintain and improve situational awareness of Pega Cloud's security posture Assist in the development of playbooks for use by analysts to investigate both high confidence and anomalous activity Who You Are: You have an insatiable curiosity with an inborn tenacity for finding creative ways to deter, detect, deny, delay, and defend against bad actors of all shapes and sizes. You have been in the security trenches and you know what an efficient security operations center looks like. You have conducted in-depth analyses of various security events/alerts, contributed to incident response efforts, and developed new methods for detecting and mitigating badness wherever you see it. You bring a wealth of cloud security experience to the table and are ready to harness that expertise to dive into cloud-centric, technical analysis and incident response to make Pega Cloud the most secure it can be. You have a history of success in the information security industry. Your list of accolades include : SANS, Offensive Security, or other top-tier industry recognized technical security certifications focused on analysis, detection, and/or incident response Industry recognition for identifying security gaps to secure applications or products What You've Accomplished: Minimum of 6+ years of industry-relevant experience, with a demonstrated working knowledge of cloud architecture, infrastructure, and resources, along with the associated services, threats, and mitigations. Minimum of 4+ years in operational SIEM (Security Information and Event Management) roles, focusing on analysis, investigations, and incident response, with experience in Google Chronicle SIEM being an added advantage. 3+ years of operational cloud security experience preferably AWS and/or GCP including knowledge and analysis of various cloud logs such as CloudTrail, Cloud Audit, GuardDuty, Security Command Center, CloudWatch, Cloud Ops, Trusted Advisor, Recommender, VPCFIow, and WAF logs. 4+ years of operational experience with EDR/XDR platforms and related analysis and response techniques Operational experience performing investigations and incident response within Linux and Windows hosts as well as AWS, GCP, and related Kubernetes environments (EKS/GKE) Solid working knowledge of MITRE ATT&CK framework and the associated TTP's and how to map detections against it, particularly the cloud matrix portion Familiarity with the OWASP Top 10 vulnerabilities and best practices for mitigating these security risks. A solid foundational understanding of computer, OS (Linux/Windows), and network architecture concepts, and various related exploits/attacks Experience developing standard operating procedures (SOPs), incident response plans, runbooks/playbooks for repeated actions, and security operations policies Experience with Python, Linux shell/bash, and PowerShell scripting is a plus Excellent verbal and written communication skills, including poise in high pressure situations A demonstrated ability to work in a team environment and foster a healthy, productive team culture A Bachelor's degree in Cybersecurity, Computer Science, Data Science, or related field

So, whats the job? Red Team (70%) You'll lead the Vulnerability Management Program, providing strategic guidance to regional technology teams to address cyber risks. You'll initiate and execute Red Teaming Exercises across global Business Units, testing security controls and delivering actionable feedback. You'll manage the External Attack Surface Platform, assess risks, coordinate remediation efforts, and report on enterprise-wide security posture. You'll perform regular penetration tests to identify and exploit weaknesses in the external attack surface. You'll establish a Counter-Adversary capability in the Global SOC, maintaining sandboxes, identifying attacker TTPs, and performing advanced threat hunting. You'll manage Threat Intelligence feeds and respond to Zero-Day vulnerabilities by configuring alerts and defining automated response actions. You'll track and ensure completion of security improvements discovered during critical incidents or P1 investigations. You'll document and maintain a robust Incident Response Plan, aligning with best practices and evolving threat landscapes. You'll stay ahead of the curve through research on emerging threats, new defensive technologies, and evolving industry standards. Blue Team (30%) You'll lead and facilitate Security Incident Response Drills and Tabletop Exercises, enhancing organizational readiness. You'll serve as the technical escalation point for complex detections across the enterprise security stack. You'll collaborate with the Global SOC to optimize and evolve defensive control strategies. You'll support ISO27001 and SOC 2 audits, providing technical evidence and ensuring compliance. You'll assist with the deployment of standard security tools, ensuring consistent implementation across regions. You'll manage security vendors, attend QBRs, and drive improvements in their services. You'll create and maintain Blue Team playbooks, ensuring up-to-date CrowdStrike Fusion SOAR automations. You'll ensure all security tools are fully integrated into the NextGen SIEM, with reliable log ingestion and correlation. You'll conduct proactive threat hunting using CrowdStrike Query Language and develop Fusion Workflows to detect IOCs, alert teams, and automate responses. You'll perform daily health checks to validate the functionality and reliability of all deployed security tools. And what are we looking for? Youll have major experience in Red teaming, along with pen testing Youll have experience with security incident management and network monitoring in medium to large-scale enterprise environments. Youll bring over 6 years of general Information Security experience, with proven exposure to both strategic and hands-on roles. Youll have strong communication skills and demonstrated success collaborating across business and technical teams in large organisations. Youll have a solid understanding of core security technologies, including endpoint protection, data loss prevention, network security, and identity access controls. Youll ideally have experience working with tools like CrowdStrike, Netskope, and Vectra or similar EDR, SASE, and NDR platforms. Youll be familiar with SIEM technologies, with working knowledge of log correlation, threat detection, and rule creation. Youll have experience in scripting (e.g., Python, PowerShell) and developing or integrating security tooling via APIs to automate tasks or enhance capabilities

Position: Senior System Support Executive Position Summary The Senior System Support Executive is responsible for delivering technical support to end users across various enterprise applications and systems. This role ensures the resolution of technical issues efficiently and aligns IT services with business objectives. Key Responsibilities • Possess expert-level knowledge of Windows Server environments, including Active Directory, DHCP, DNS, WSUS, and WDS. • Take end-to-end ownership of employee technical issues and ensure timely resolution within service level expectations. • Provide real-time support to employees via chat, aiding in troubleshooting, root cause analysis, and issue resolution. • Contribute to Problem Management by identifying recurring incidents and proposing long-term solutions. • Drive continual improvement initiatives within the IT Operations Support function. • Conduct training sessions and prepare user-friendly documentation to enhance end-user self-service. • Create and maintain technical documentation to contribute to the departments knowledge base, promoting effective knowledge sharing. • Collaborate with Network and Systems Engineering teams to provide hands-on support for network and server infrastructure. • Perform scheduled system audits and routine maintenance checks on user systems. • Manage OS patching and maintain vendor relationships for timely support and escalations. • Oversee IT inventory and asset configuration documentation. • Demonstrate the ability to operate both independently and within a team structure. • Develop and document workarounds for unresolved incidents. • Communicate with users to assess and translate technical problems into actionable solutions. • Uphold consistency and reliability in service delivery. • Exhibit strong interpersonal, communication, and time management skills. • Apply effective decision-making and organizational capabilities to manage priorities and incidents. Technical Proficiencies • Hands-on experience with: Gsuite/any email systems, Fortinet Firewall,Switches, Crowdstrike, BitLocker, Ivanti Endpoint Management, AD. Preferred Qualifications • 5–7 years of proven experience in IT Infrastructure support. • A degree in B.E., B.Tech, MCA, MSc-IT, or an equivalent field. • Industry certifications such as CCNA, MCSA, or CompTIA N+ are advantageous. • Strong analytical, verbal, and written communication skills. • Proven troubleshooting capabilities and a methodical problem-solving approach.

Responsibilities : Technical and operational escalation point for investigations, incidents, and other elements of the MDR service. Assist in the development, documentation, analysis, testing, and modification of Varonis threat detection systems, playbooks, runbooks, and MDR team operations. Continuously train the team so they are equipped with the required skills and knowledge to effectively execute the MDR service. Validate findings and coordinate investigative efforts with customers and internal teams. Ensure all investigative findings are documented and communicated appropriately by the team, including tracking in CRM. Maintain up-to-date knowledge of all aspects of Varonis MDR service. Oversee and execute programs, projects, operational tasks, and responsibilities related to the MDR service. Conduct regular performance reviews and quarterly SWOT analyses to drive team growth and development. Requirements: Proven success in leading and managing within a team-oriented environment. 5+ years of experience working in cybersecurity operations in a global cybersecurity company 2+ years of experience leading a team. Degree or certification(s) in cybersecurity and/or proven ability to execute across cybersecurity operations disciplines, including monitoring, detection, investigation, and incident response. Proven ability to deliver security operations service while meeting SLA and other operational requirements. Knowledge of common security technologies and tools including network-based (firewall and IDS), host-based (EDR and AV), data-based (DLP and DSPM), and identity-based (PAM and IAM). Proven ability to creatively problem-solve when handling complex issues. Strong analytical and critical thinking skills. Excellent communication skills in English (written and oral) and interpersonal skills (direct reports, colleagues, and customers). Attention to detail and the capability to deliver outcomes autonomously.

Lead Consultant (Cyber Security) Job Summary: The Lead consultant for Cyber Security (B2B SOC MSS) provides the advance level of support for Product Implementation & Services in the Security Operations. In this position, the consultant will be to lead the project (technical) consultants team for successful migration/ implementation of the Cyber Security Products (and Services). Mini.2years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Consultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee Email Security Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Product certification from any of the above products will be added advantage Must be able to execute strategic and tactical direction for solutions offerings Experience in supporting a multiple customer base systems and network environments Provides timely and adequate response to threats/alerts, including off-hour support. Develop functional specifications for integrating/ adopting requirements into enterprise target state architecture or specific application Collaborate with business groups to help them to identify, classify, and secure high value data Provide feedback via periodic reports based on rule parameters; Ability to write regular expressions Ability to self- direct and work independently when necessary, and clearly articulate technical concepts/ issues to both technical and non- technical peers and management The ability to assess security events to drive to a resolution. Demonstrate Understand Critical Data Types such as PII, NPI, PCI, HIPAA, etc Demonstrate Understanding of Mass Storage, USB, Removable Media, for example allow charge but do not allow data copy Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Required Technical Expertise Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required Good communication skills Strong level of customer service required

Sr. Network & Security Engineer Location : Chennai - Taramani (Work From Office) Notice : Short Period / Immediate Full time role RESPONSIBILITIES Design, deploy, and manage scalable enterprise network infrastructures focusing on Cisco switches and routing technologies. Configure and maintain next-generation firewalls, including Palo Alto, FortiGate, and Cisco Firepower NGFW. Administer F5 Load Balancers (LTM, ASM) to ensure high availability and secure application delivery. Manage the full SSL certificates and domain services lifecycle, including DNS configuration and domain registration. Implement, monitor, and support endpoint security platforms such as Symantec Endpoint Protection Manager (SEPM), Trend Micro, and CrowdStrike. Perform ongoing threat monitoring, vulnerability remediation and incident response related to endpoints and network devices. Troubleshoot & resolve complex issues across network and endpoint layers, focusing on minimising downtime. Define/enforce network & endpoint security policies in alignment with compliance & organisational needs. Maintain detailed documentation of all infrastructure components, including network architecture, firewall configurations, SSL/DNS records, domain configurations, and endpoint security deployments. Collaborate with internal IT teams and business stakeholders to align security and infrastructure strategies with organisational objectives. Stay current on emerging threats, security technologies, and industry best practices. DESIRED SKILLS Experience in network and security engineering, including endpoint protection management. Expertise with Cisco Switches, routing protocols, and network design. Proven experience with Palo Alto, FortiGate, and Cisco Firepower firewalls. Strong operational knowledge of F5 Load Balancers (LTM, ASM). In-depth understanding of SSL/TLS certificate management and DNS/domain services. Hands-on experience with SEPM, Trend Micro, and CrowdStrike for endpoint protection. Solid knowledge of TCP/IP, VPNs, VLANs, NAT, ACLs, and network segmentation techniques. Familiarity with cybersecurity frameworks, threat intelligence, and incident response methodologies. Strong troubleshooting and analytical skills with a proactive mindset Experience in license management, procurement, purchase, contracts and vendor management for security and network infrastructure. Ability to work independently, manage multiple priorities, and provide off-hours/on-call support as needed. Excellent verbal and written communication skills. QUALIFICATIONS Bachelors or Masters degree in a related field. CCNP, PCNSE, Fortinet NSE Certifications, F5 Certified Administrator Interested can forward your latest resumes to John.s@zirlen.com

We are looking for a highly experienced Senior Cybersecurity Engineer with advanced skills in Splunk , CrowdStrike , vulnerability management , and identity provider (IDP) systems . This role will be instrumental in building robust detection, response, and identity-integrated security capabilities to defend against evolving threats. The ideal candidate will have a hands-on, security engineering mindset and a proven track record working across endpoint protection, SIEM, and identity systems. Key Responsibilities: Deploy, manage, and optimize Splunk Enterprise Security (ES) for real-time detection, alerting, and correlation of security events. Design and build custom SPL queries, dashboards, and threat detection logic , integrating data from CrowdStrike, IDPs, and vulnerability scanners. Lead the vulnerability management program , including scanning (Qualys, Tenable, Rapid7), analysis, risk prioritization, and driving remediation. Maintain and configure CrowdStrike Falcon , including prevention policies, detection tuning, response playbooks, and integration with SIEM and SOAR platforms. Leverage CrowdStrike telemetry for threat hunting, endpoint investigations, and threat actor tracking. Integrate and manage IDP platforms (e.g., Okta, Azure AD, Entra ID) to secure identity access, enforce MFA/SSO, and detect anomalous user behavior. Correlate identity, endpoint, and vulnerability data to drive risk-based alerting and incident response. Collaborate with incident response, IAM, infrastructure, and compliance teams to maintain a resilient and auditable security posture.

Endpoint Security Engineer Core Responsibilities Implement and manage endpoint security strategies to defend against malware , ransomware , and advanced persistent threats (APTs) . Deploy, configure, and maintain Endpoint Detection & Response (EDR) , antivirus (AV) , Mobile Device Management (MDM) , and Data Loss Prevention (DLP) tools. Monitor endpoint telemetry using SIEM platforms ; respond to security alerts and collaborate with incident response teams . Perform regular vulnerability assessments and ensure timely patching of endpoint systems. Conduct endpoint audits and enforce hardening standards across Windows , macOS , and Linux . Create, maintain, and enforce endpoint security policies and procedures . Coordinate with IT , cloud , and network teams to ensure end-to-end device security . Generate reports on endpoint posture , incidents , compliance gaps , and security trends . Mandatory Technical Skills & Tools Endpoint Protection & EDR Hands-on experience with at least two EDR platforms : Trellix , CrowdStrike , TrendMicro , SentinelOne Proficiency in endpoint protection suites : Trellix , Sophos , Kaspersky , TrendMicro Vulnerability & Patch Management Practical experience with vulnerability scanning and patching tools : Qualys , Tenable , SCCM , WSUS , BigFix Deep understanding of endpoint hardening techniques : Group Policy (GPO) , PowerShell , OS configuration lockdown Endpoint Monitoring & Incident Response SIEM experience for endpoint telemetry: Splunk , ELK Stack Proficient in root cause analysis and log interpretation : Event Viewer , Sysinternals , auditd Mobile Device & Data Protection MDM configuration and policy management: Microsoft Intune , AirWatch , MobileIron DLP deployment and monitoring: Symantec DLP , Microsoft Purview , Forcepoint Operating System Security In-depth knowledge of Windows endpoint internals and security configurations Experience with macOS and Linux hardening : Jamf , auditd , iptables , SELinux Endpoint Forensics & Malware Analysis Ability to investigate threats using forensic tools : FTK Imager , Volatility , Sysinternals Basic understanding of static and dynamic malware analysis Soft Skills Strong written and verbal communication to explain complex security concepts Ability to collaborate across infrastructure, cloud, and application teams Self-driven and detail-oriented , with strong independent execution capabilities

Role & responsibilities Job Description Collaborate with other teams to design and implement security solutions that meet our business needs Stay up to date on the latest security threats and technologies and recommend appropriate countermeasures Ensure firewall implementation and troubleshooting tickets are closed within SLA Be the main contact for clients offering expert guidance on network security best practices within a SASESSE framework Lead and support a team of network security professionals helping them execute security plans effectively Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with security policies Manage relationships with security vendors and service providers to ensure the best security solutions are in place Develop and track security metrics to measure the effectiveness of security measures and report on the security posture to senior management Develop and enforce network security policies and standards to ensure compliance with regulations Regularly assess our security measures and recommend improvements as needed Willingness to work from the Bangalore office as required Willingness to work on rotational and weekend oncalls Help evaluate and choose new security products and technologies to enhance our security In the event of a network multiuser incident promptly join the call to resolve the issues and provide a detailed chronological writeup of the multiuser outage Mandatory Skills : EDR - CrowdStrike,Endpoint Security - Symantec,Endpoint Security - Trellix,Endpoint Security - Trend Micro,EDR,Endpoint Protection send me your profile@ anitag@intellicsglobal.com or call at 8073224578

Role & responsibilities Understand the existing security controls (including Endpoint Detection & Response, anti-malware and incident response) Engage with other IT teams including Network Engineering, Data Center, Service Desk to ensure a consistent approach for organizational support across the enterprise Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt Establish non-production and production environments for testing and hosting the applications Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment Participate in daily stand-up of Compliance & Security release train and contribute to bi-weekly sprints Learn System Engineering concepts to analyze existing environment and find more efficient ways Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. Maintain regular communication with supervisor and continually update needs & priorities to Preferred candidate profile Hands-on experience in managing CrowdStrike, McAfee and TrendMicro platforms using the console, scripting and automation frameworks Hands-on expertise programming in Python Experience in L1/L2/L3 support and understanding of common corporate IT issues Have a sense of urgency in production issues and be a proactive speaker and listener Hands-on experience in programming with networking stack, TCP/IP stack, compute technologies (virtualization, containerization), storage Knowledge of technical design of the security controls (especially in the Windows OS)

Qualification Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills.

Are you ready to grow your career in our global tech hub? Zurich Cover-More helps people travel safely across the globe every day. We are there at every step of a traveller’s journey, to keep them safe and help them out if something goes wrong. We are committed to providing reliable, fast, flexible and bespoke services for our customers as well as the many well-known brands we partner with! Due to recent international acquisitions, our business has seen great growth and as a result we are now seeking a driven and engaging to join our team. This is a key position that will have you managing and truly partnering with a portfolio of our current clients. This is a fantastic opportunity for an experienced who wants to engage with their customer; you’ll become a part of their business and provide high quality, market leading advice and value-add service. So, what’s the job? Red Team You'll lead the Vulnerability Management Program, providing strategic guidance to regional technology teams to address cyber risks. You'll initiate and execute Red Teaming Exercises across global Business Units, testing security controls and delivering actionable feedback. You'll manage the External Attack Surface Platform, assess risks, coordinate remediation efforts, and report on enterprise-wide security posture. You'll perform regular penetration tests to identify and exploit weaknesses in the external attack surface. You'll establish a Counter-Adversary capability in the Global SOC, maintaining sandboxes, identifying attacker TTPs, and performing advanced threat hunting. You'll manage Threat Intelligence feeds and respond to Zero-Day vulnerabilities by configuring alerts and defining automated response actions. You'll track and ensure completion of security improvements discovered during critical incidents or P1 investigations. You'll document and maintain a robust Incident Response Plan, aligning with best practices and evolving threat landscapes. You'll stay ahead of the curve through research on emerging threats, new defensive technologies, and evolving industry standards. Blue Team You'll lead and facilitate Security Incident Response Drills and Tabletop Exercises, enhancing organizational readiness. You'll serve as the technical escalation point for complex detections across the enterprise security stack. You'll collaborate with the Global SOC to optimize and evolve defensive control strategies. You'll support ISO27001 and SOC 2 audits, providing technical evidence and ensuring compliance. You'll assist with the deployment of standard security tools, ensuring consistent implementation across regions. You'll manage security vendors, attend QBRs, and drive improvements in their services. You'll create and maintain Blue Team playbooks, ensuring up-to-date CrowdStrike Fusion SOAR automations. You'll ensure all security tools are fully integrated into the NextGen SIEM, with reliable log ingestion and correlation. You'll conduct proactive threat hunting using CrowdStrike Query Language and develop Fusion Workflows to detect IOCs, alert teams, and automate responses. You'll perform daily health checks to validate the functionality and reliability of all deployed security tools. And what are we looking for? You’ll have experience with security incident management and network monitoring in medium to large-scale enterprise environments. You’ll bring over 6 years of general Information Security experience, with proven exposure to both strategic and hands-on roles. You’ll have strong communication skills and demonstrated success collaborating across business and technical teams in large organisations. You’ll have a solid understanding of core security technologies, including endpoint protection, data loss prevention, network security, and identity access controls. You’ll ideally have experience working with tools like CrowdStrike, Netskope, and Vectra — or similar EDR, SASE, and NDR platforms. You’ll be familiar with SIEM technologies, with working knowledge of log correlation, threat detection, and rule creation. You’ll have experience in scripting (e.g., Python, PowerShell) and developing or integrating security tooling via APIs to automate tasks or enhance capabilities So, why choose us? We value optimism, caring, togetherness, reliability and determination. We have more than 2600 employees worldwide: we’re a global group of digital natives, actuaries, marketers, doctors, nurses, case managers, claims specialists, finance experts and customer service professionals. We share a global mission to look after travellers, at every step of their journey. Job flexibility. We understand the importance of making sure that work fits into your life, not the other way around. Our hybrid work week policy ensures our employees maintain work-life balance with the flexibility of 3 days in the office and 2 days working from home. Career growth . We want you to continue to learn, develop and bring your ideas to the table. We want to hear what you think, and we want you to work with the business - not for the business! Diversity and inclusion. We respect who you are and thoroughly embrace diversity. So whatever walk of life you wander, just be you and come as you are. Take the time you need, for you and your community. We encourage you to take the time you need, when you need it. We offer regular annual and personal leave benefits along with anniversary leave, covid leave (to get vaccinated and for when you’re sick), volunteer leave and a comprehensive paid parental leave scheme. We Also Offer Some Other Perks, Including Mediclaim insurance cover in case of any health emergency Coverage under group personal accident insurance Flexible and compressed work weeks and hybrid working options. Generous range of paid leave – 21 annual leave days, 6 sick leave days, 12 public holidays An extra day off for you to take on your birthday or your annual work anniversary.

Hi , We are hiring for the ITES Company for Carbon Black Role. Overview The Carbon Black Specialist is responsible for supporting and managing Carbon Black security products, with experience and certification in one or more Carbon Black solutions. This role involves independently working with customers through virtual platforms like Webex, providing expert training, mentoring, and exceptional customer service. The Carbon Black Cyber Security professional specializes in deploying, managing, and optimizing Carbon Black endpoint security solutions to protect organizations from cyber threats. Their responsibilities include monitoring security alerts, analyzing threats, and responding to incidents to ensure robust endpoint protection. Attention to detail, professionalism, and adaptability are key, with analysis, debugging, and programming in the enterprise security domain. Key Skills : Any Graduate Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Familiarity with analysis and debugging skill a plus Programming experience a plus To Apply, WhatsApp 'Hi' @ 9151555419 Follow the Steps Below: >Click on Start option to Apply and fill the details >Select the location as Other ( to get multiple location option ) a) To Apply for above Job Role ( Chennai ) Type : Job Code # 274 Job description: Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Certification obtained on the product(s) of expertise Ability and motivation to work with customers independently via Webex Excellent training and mentoring skills Team motivator who currently serves as an example for their team mates Consistently exceeds personal goal expectations Certification in the enterprise security space Good time management skills and ability to multi task Adaptable, professional, courteous, motivated and works well on their own or as a member of a team Excellent Customer Service skills and a demonstrated success exceeding customer expectations Strong communication (verbal and written) and customer handling skills Strong attention to detail and focus on producing quality work products and results Familiarity with analysis and debugging skill a plus Programming experience a plus

2 years of experience in endpoint security implementation and management. Hands-on experience with CrowdStrike Falcon, Trend Micro Apex One/Deep Security, and EDR solutions. Strong knowledge of endpoint security, malware analysis, and threat detection methodologies. Experience in PowerShell, Python, or Bash scripting for automation and security tasks. Familiarity with Windows, macOS, and Linux endpoint security best practices. Understanding of network security, firewalls, and SIEM platforms (Splunk, Sentinel, etc.). Security certifications such as CrowdStrike CCFA/CCFR, Trend Micro Certified Professional, CEH, or CISSP (preferred).

Endpoint & Network Security: Leverage CrowdStrike, XDR, and Zscaler for endpoint and network protection. Email & API Security: Manage and secure email platforms using Proofpoint and safeguard API security with WAF solutions.

Job ID: 197283 Required Travel :Minimal Managerial - Yes Location: :India- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our approximately 30,000 employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $4.89 billion in fiscal 2023. In one sentence The Information Security Lead develops, maintains, and publishes required information security standards, procedures, and guidelines per domain of responsibility. Responsible for conceiving and executing forward-looking security systems or processes design, implements programs for user awareness, compliance monitoring, security controls design and implementation. What will your job look like You will maintain the organization's information security effectiveness and efficiency by defining and leading the implementation of security approaches, standards and procedures supporting strategic plans and directions You will lead teams to resolve Information Security challenges. Provide the information security requirements for cross-organization projects and accompany the implementation of the requirements. Utilize deep information security understanding to support internal and external business-related activities, formulate IS solutions based on technical and business requirements. Maintain a detailed knowledge of IS solutions and present them to our customers. You will lead unit level initiatives and ensure competency to meet the needs of the team/ Amdocs /Customers. You will design solutions and formulate response to RFx, create POC/demos, and present IS solutions to customers/corporate stakeholders. Utilize deep technical knowledge of IS products and services to align appropriate solutions based on client need. You will lead and manage Information Security Projects, including (as required) budget and resources, customer relationships, timelines, deliverables, quality and overall management. You will recommend information technology strategies, policies, and procedures by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements. You will keep updated with emerging security threats and alerts; conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; collaborate with other cyber threat researchers. You will be accountable for meeting quality objectives, adherence to best practices, quality processes, and methodologies; lead continuous improvement via Root Cause Analysis, Lessons Learned, and Prevention processes; Track quality KPIs and continuously improve quality and measurements. You will promote clarity and alignment with ongoing, effective communication to the project team regarding the unit s goals and status, project matters, companywide changes, special initiative status, etc.; Strive for strong and healthy working relationships within the team. You will provide technical guidance and training to information owners, other security managers, and IT associates. Information Security Manager functions include: You will lead, manage and mentor teams in specific domains such as risk assessment, cyber technologies, corporate security, PMI, SOC, Penetration testing, security operations, etc. You will attract, develop and retain talent to build and maintain strong, effective and competent teams, and ensure the enhancement of their knowledge. Coach and empower the team and foster an environment that encourages teamwork based on motivation and inspiration. Responsible for HR processes such as recruitment, onboarding, definition of clear goals and objectives, ongoing performance management and feedback, career development, and growth of the team and its members. Manage day to day employee relations. 12. Information Security Expert functions include: You will be the technical expert and leader of certain domains such as IT, Application and GRC. All you need is... 1. 6-7 years of experience in the information security management ecosystem 2. Familiarity with industry standards and frameworks, such as NIST, CIS, ISO 27001, and GDPR. 3. Strong understanding of security best practices, including, vulnerability management, system hardening, patch management, and secure coding. 4. Proven experience working with security tools such as CrowdStrike, InsightVM, Tripwire, WIZ etc. 5. Experience with cloud security platforms (AWS, Azure) and native security services 6. Knowledge of network security principles & solutions, including IAM, firewalls, IDS/IPS, and secure network design. 7. Good team player - an advantage 8. Ability to scale up - for cross-domain security tools Why you will love this job: You will have the influence on many of the security teams in Amdocs and therefor the whole company You will bring the innovation into security teams in Amdocs You will have the independence to design the role as you think and like Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

**Urgent Hiring for the role of Cloud Security Analyst for our team** Job Title: Cloud Security Analyst Experience: 2+yrs Job Location: Remote Working Shifts: UK/EST Hrs. Job Description: We are seeking a skilled and experienced Cloud Security Analyst with over 2+ years of experience in securing cloud environments across AWS and Azure platforms. The ideal candidate will have hands-on expertise with AWS Security Hub, Azure Security Center, Palo Alto Next-Generation Firewalls (NGFW), and Crowdstrike. You will be responsible for configuring security controls, continuously monitoring for threats, and remediating vulnerabilities to ensure a secure and compliant cloud infrastructure. Required Skills & Experience: 2+ years of experience in cloud security or cybersecurity roles. Strong experience with: AWS Security Hub, Azure Security Center, Palo Alto NGFW, Crowdstrike Falcon Solid understanding of cloud infrastructure and services (IaaS, PaaS, SaaS). Experience with security monitoring, incident detection and response. Familiarity with cloud-native security frameworks and best practices (e.g., CIS Benchmarks, NIST, Zero Trust). Excellent problem-solving skills and attention to detail. Strong communication skills to work across technical and non-technical team Note: Interested candidates can drop their resumes at aagnihotri@fcsltd.com

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

Position: SOC Analyst 100% Remote Working Hours: US/UK hours Job description: We are seeking a highly motivated and skilled SOC Analyst to join our Security Operations Center. Key Responsibilities Monitor security events and alerts using tools such as Splunk, IBM QRadar, Microsoft Sentinel, and Palo Alto XSIAM. Perform initial triage and categorization of security events to determine severity and potential impact. Escalate confirmed incidents to appropriate teams or stakeholders with accurate and detailed information. Correlate logs and alerts across various platforms to detect anomalous behavior or indicators of compromise (IoCs). Utilize the MITRE ATT&CK framework to enrich detection and response processes. Collaborate with Incident Response and Threat Intelligence teams for deeper investigations. Generate reports and dashboards for incident trends, KPIs, and SOC performance. Maintain documentation of SOC procedures, playbooks, and workflows. Participate in regular threat-hunting and detection engineering activities. Continuously evaluate and tune detection rules and alerts for improved accuracy. Required Qualifications Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience) Certifications: CompTIA Security+ CySA+ Certified SOC Analyst (CSA) or equivalent Required Skills and Experience 3+ years of experience in a SOC environment or cybersecurity operations Proficient with SIEM platforms: Splunk, IBM QRadar, Microsoft Sentinel Experience with EDR/XDR platforms like Palo Alto XSIAM and CrowdStrike Falcon Familiarity with MITRE ATT&CK and threat detection mapping Preferred Qualifications Understanding of cloud security monitoring (Azure, AWS, GCP) Exposure to SOAR tools and incident response automation Knowledge of NIST, ISO 27001, and other security compliance frameworks Interested candidate can apply: dsingh15@fcsltd.com

• Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). • Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black).

Your key responsibilities Administration and management support of CrowdStrike Next-Gen SIEM/EDR Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development (Use case development) which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing and administering security solution CrowdStrike Next-Gen SIEM/EDR Hands-on expertise in Security use case development and log source integration Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security Analysts point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in ELK Stack Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Position summary: The Senior Presales Consultant for Cybersecurity plays a key role in assisting the sales team by providing technical expertise and insights into cybersecurity solutions and services during the pre-sales process. This role requires deep knowledge of security technologies, MSSP offerings and solutions, excellent communication skills and the ability to build trust with clients through technical consultancy and advisory. You will closely work with clients to assess their security requirements, design customized security solutions, services and articulate the value of the company’s products and services to drive successful sales outcomes. Key Roles & Responsibilities: Technical Presales Support: Collaborate with the sales team to identify client security needs and recommend appropriate technical solutions and services Conduct in-depth technical presentations, demo, workshops on below listed solutions: Cisco Security Solutions: SSE, Firewall, Secure Workload, SNA, ESA, MCD and so on Palo Alto Security Solutions: Prisma Access, Cortex XDR, XSIAM, CNAPP etc.. Gruve Professional and Managed Services: Next-Gen SOC, Device Management, VAPT, Network Security Assessments, Vulnerability Management, Threat Hunting, Dark Web Monitoring, EASM Solutions Design and propose customized architectures based on clients’ environments, challenges and business goals. Develop technical proposals, SOW, LLD and proof of concepts (PoCs) to demonstrate product & solution effectiveness. • Customer Engagement & Requirement Gathering: Engage with clients regularly to understand their security landscape, objectives and requirements Capture meeting notes, action items- Share with Internal, external stakeholders, follow up and act till the closure of the business Perform detailed analysis and risk assessments by taking note of regulatory and compliance requirements. Serve as a trusted advisor for security best practices and technology adoption, building strong client/customer relationships. Solution Design and Architecture: Proficient in designing end to end cybersecurity solutions, managed and professional services that address customer needs, integrating with existing environment where necessary. Collaborate with internal teams to ensure the proposed solutions are feasible, scalable, and align with the company’s technical capabilities. Prepare solution documentation, architecture diagrams, compliance framework summary guidelines, marketing collaterals as and when required. • Technical Knowledge and Expertise: Maintain up-to-date knowledge of technology trends, emerging threats, and new cybersecurity and network technologies. Educate sales team on new technologies, trends, market opportunities and be an advisor and support them with required updates to sell our solutions effectively Research and analyze competitors' security products, identifying differentiators and positioning the company’s solution accordingly. • Proposal Development and RFP/RFI Response Participate in the development of proposals and respond to Request for Proposals (RFPs) and Request for Information (RFIs) from potential customers. Collaborate with different teams to ensure technical accuracy, relevance, and compliance with customer requirements. Basic Qualifications: Bachelor's degree in computer science, cybersecurity, information technology, or related Experience: 5+ years of experience in a cybersecurity pre-sales, consulting or technical advisor role. Relevant certifications (such as CCIE, CISSP, CISM, CEH, or vendor-specific certifications) are a plus. Experience working in a cloud environment and cloud security will be a value add. Good understanding on Cybersecurity & Networking technologies – Firewall, SSE, SIEM, SOAR, NDR, Workload Protection, Routing, Switching and wireless Techno-commercial approach and hunger for growth and business with Integrity Preferred Qualifications: Understanding of security architecture and risk assessment methodologies. Strong understanding of cybersecurity principles, tools, and frameworks, including but not limited to firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, identity and access management, cloud security, and vulnerability management. Experience with security vendors and products (e.g., Cisco, Palo Alto, Fortinet, Zscaler/Netskope, CrowdStrike, Splunk, etc.) Knowledge of network security, cloud security (AWS, Azure, GCP), data security, and compliance standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Excellent ability to convey technical concepts to non-technical stakeholders. Proven experience conducting client meetings, presentations, and technical demos. Excellent communication, presentation, and interpersonal skills. Ability to build and maintain relationships with clients, acting as a trusted advisor.