99 Digital Forensics Jobs

Education Qualification : B.Sc Skills : Primary -> Technology | Splunk SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Primary -> Technology | Sentinel SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Network Security Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Qradar SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC CIH/CSA/CompTIA CySA+/Cisco Certified CyberOps Associate/Splunk Core Certified User/IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

We are seeking an experienced Senior Information Security Engineer to lead critical security initiatives, design secure architectures, and respond to advanced threats. This role requires strong technical expertise, strategic thinking, and a proactive mindset to help mature our cybersecurity posture. Looking for a candidate who thrives in a fast-paced environment and does not shy away from challenges. About Cimpress: Led by founder and CEO Robert Keane, Cimpress invests in and helps build customer-focused, entrepreneurial mass customization businesses. Through the personalized physical (and digital) products these companies create,we empower over 17 million global customers to make an impression. Last year, Cimpress generated $3.5B in revenue through customized print products, signage, apparel, packaging and more. The Cimpress family includes a dynamic, international group of businesses and central teams, all working to solve problems, build businesses, innovate and improve. As a National Pen brand, Pens.com provides custom marketing solutions to 22 countries worldwide, fostering global connections between businesses and their customers. We specialize in personalized promotional products, including writing instruments, stationery, drinkware, bags, gifts, and trade show accessories. Our operations are supported by a network of 9 facilities across North America, Europe, Africa, and India. This global presence underscores our commitment to the timely delivery of our products and services to customers across the markets we serve. About the Role: Key Responsibilities: Design and implement security architecture for infrastructure, cloud, and applications. Lead threat detection, incident response, and forensic analysis . Perform vulnerability management and penetration testing , and guide remediation efforts. Own and optimize SIEM, EDR, Microsoft defender for cloud and O365, CNAPP (Cloud native application protection platform), Cloud security IAM, and other security technologies . Collaborate with DevOps and IT to embed security best practices across systems. Provide technical leadership in risk assessments, audits , and compliance initiatives (ISO 27001, SOC2, GDPR). Mentor junior team members and contribute to InfoSec training and policy development . Partner with business units on risk mitigation and secure solution design . Responding to and completing security requests from SOC, the lead security engineer, or security manager, with assistance from relevant technical teams as needed. Security event monitoring, data analysis and correlation, and escalation where appropriate, using security monitoring and management tools and their outputs. Vulnerability management data generation and analysis (running scans in Tenable, Crowdstrike, and analyzing outputs), and escalation to appropriate teams for remediation. Other duties as assigned. Required Skills & Qualifications: Bachelor's or Masters degree in Cybersecurity, Computer Science, I.T , or related discipline. Experience with Vulnerability assessment and penetration testing and hands on experience in application security domain. 4-6 years of experience in security engineering, Security operations centre, or architecture and application security domain. Deep understanding of SOC, Endpoint security, Data security , network security, cloud security (AWS/Azure/GCP), and Linux/Windows hardening . Hands-on with tools like: SIEM (Splunk, Sentinel) EDR/XDR (CrowdStrike, SentinelOne) IAM, PAM, and firewall solutions Microsoft Defender for cloud and O365 Orac Security: CNAPP Strong knowledge of encryption, secure coding, IAM, and security frameworks (NIST, MITRE ATT&CK). Industry certifications preferred any of these: CompTIA Security+, Microsoft SC-900 , CEH, CISSP, OSCP, CISM, GIAC, or AWS Security Specialty. Proven experience leading security projects and mentoring teams. 4-6 years of experience in an Information Security Analyst role. Experience with common security monitoring tools (Tenable, Solarwinds, Axonius, Aquawave, Splunk). Experience with EDR tools (Crowdstrike). Data management skills using Excel or other data management platform. Preferred Attributes and Qualifications: Ability to excel in a dynamic environment with rapidly changing priorities. Discretion with respect to best practices in information security. Discretion in communication with respect to audience and nature of information communicated. Certifications, education, or experience to demonstrate baseline security, networking, and computing skills commensurate with 4 years' experience in security analysis. What You will Gain: Real-world exposure to enterprise security tools and workflows. Mentorship from experienced InfoSec professionals. A clear career path to mid- and senior-level security engineering roles. Remote First-Culture: In 2020, Cimpress adopted a Remote-First operating model and culture. We heard from our team members that having the freedom, autonomy and trust in each other to work from home and, the ability to operate when they are most productive, empowers everyone to be their best and most brilliant self. Cimpress also provides collaboration spaces for team members to work physically together when it's safe to do so or believe in office working will deliver the best results. Currently we are enabled to hire remote team members in over 20 US States as well as several countries in Europe: Spain, Germany, UK, Czech Republic, the Netherlands and Switzerland. More information about the organization can be found in the below link: https://cimpress.com https://www.linkedin.com/company/cimpress/ https://twitter.com/Cimpress Want to explore more about our brands? Please visit: https://cimpress.com/brands/explore-our-brands/

Job Description Mission The Triager CERT position is part of the Groups Computer Emergency Response Team (CERT), the organization’s cyber defense division. The team’s mission is centered around three critical areas: 1. Threat Prevention & Crisis Preparedness – Proactively anticipating and mitigating threats while preparing for potential cyber crises. 2. Threat Detection & Analysis – Identifying vulnerabilities, detecting threats, and uncovering attacks. 3. Incident Response – Investigating, managing, and resolving security incidents while mitigating their impact on the IT ecosystem. 4. Analyzes risks, performs studies and implements solutions to ensure the security of IT and digital solutions (availability, integrity, confidentiality, traceability). Additional Information: This position operates within a follow-the-sun model to ensure global coverage and requires 3-4 days of office presence per week. Weekend on-call support will be on a rotational basis. Experience and Skills Required: 5- 10 years of experience in the IT security domain, with a background in IT development or DevOps. Proven ability to maintain confidentiality and discretion in handling sensitive information. Extensive experience with incident management and familiarity with SIEM tools. Strong collaboration skills, with the ability to work effectively in a global team environment. Behavior skills: Exceptional organizational and analytical skills. Ability to work in a fast-paced environment while maintaining attention to detail. Strong communication and interpersonal skills to liaise with global teams and stakeholders. Proactive mindset with a commitment to continuous improvement in incident management processes. KEY EXPECTED ACHIEVEMENTS: Service Delivery Manager (SDM) – 70% The primary responsibility of the SDM is to ensure the efficient functioning of the incident response process within CERT, ensuring that attacks are detected and contained. Key duties include: Monitoring security alerts raised through various channels. Understanding incidents, assessing their criticality and priority. Creating or modifying tickets and assigning them to analysts. Tracking ticket resolution to ensure closure in compliance with SLAs. Maintaining constant communication with global CERT teams (France, Americas, India, and China) and other stakeholders (e.g., DOTI, DOMF). Consolidating and publishing statistics/figures related to incidents handled by CERT and other stakeholders. This includes: Verifying SLA compliance, especially for priority 1 incidents. Quantifying the number of incidents handled by CERT based on various analytical axes. Analyzing SLAs, proposing improvement actions, and following up on their implementation. Keeping the following documentation updated: Skills matrix for ticket orientation. Analyst access management. Decision trees for incident routing. Additional Activities – 30% Depending on their expertise, the triager may be assigned occasional missions within the team, such as: Development projects. Security incident response tasks.

As an Incident Response Analyst at Autodesk, your role involves monitoring, identifying, assessing, containing, and responding to various information security events. You will work in a large and complex environment, collaborating with teams across the company to address security issues and drive incident response. Your passion for security and growth will be crucial in accepting challenging projects and incidents. **Key Responsibilities:** - Handle day-to-day operations to monitor, identify, triage, and investigate security events using various Endpoint (EDR), Network, and Cloud security tools - Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity - Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents - Create and maintain process tools and documentation - Perform all stages of incident response from detection to postmortem - Collaborate with stakeholders to build and enhance the Security Orchestration Platform - Document incident notes in the case management solution - Perform basic forensics and malware analysis based on playbooks and procedures - Work in a 24/7 environment, including night shifts, based on business requirements - Maintain a high level of confidentiality and integrity **Qualifications Required:** - BS in Computer Science, Information Security, or equivalent professional experience - 2+ years of cyber security experience in incident response - Technical depth in specialties like Malware analysis, Host analysis, and Digital forensics - Strong understanding of Security Operations and Incident Response process and practices - Experience with security monitoring, response capabilities, log analysis, and forensic tools - Familiarity with operating systems including Windows, Linux, and OSX - Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools - Excellent critical thinking, analytical, organizational, verbal, and written communication skills - Ability to design playbooks for responding to security incidents - Willingness to support off-hours, weekends, and holidays as needed for incident response At Autodesk, we are committed to creating a culture of belonging where everyone can thrive. If you are passionate about security, growth, and making a difference in the world, join us in shaping the future with meaningful work. (Note: The job description does not contain any additional details about the company.),

We are hiring for our one of reputed government client I4C- MHA for CDTI Hyderabad Role. * MCA or any other post-graduation degree in Engineering in CSE/IT/ Computer Science/ Electronics and Telecommunication, with the area of specialization in cyber security/inf-ormation Security/digital Forensics/ Understanding of network security, ciphers, data on the wire, shell scripting. Experience: 7+ Years Job Role: Detect emerging Cybercrime threats based upon analysis, data feeds crime reporting and sources (internal & external intelligence sources). Working within the team and the wider Information Security group to build new tools for intelligence gathering. * Knowledge of innovative technologies like block-chain, Artificial Intelligence/Machine Learning, IOT Security, Cloud Security will be an added advantage. * Knowledge of cryptography protocols. * Ability to derive intelligence out of data and reports generated and ability to conduct research in that direction and development of tools to handle such threats and overcome such risks. * Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape. * Identify and suggest appropriate infrastructure with suitable mitigation strategies for cyber crime * Evaluate target systems to analyze results of scans, identify and recommend resolutions * Producing periodic Cybercrime threat analysis reports with mitigation measures. * Programming skills with proficiency in one or more of the following, Python, Java, C++. * Excellent knowledge of digital hardware, computer programming, cyber security practices, databases & operating systems artifacts. * Review unlawful and suspicious content in open source and escalate violations to the appropriate govt. department. * Collect, organize, analyze and develop reliable actionable intelligence about cybercrime, criminals, criminal infrastructure from open sources. Must have advanced understanding of how to use open-source including social media for intelligence. * Ability to draft Sop's/ RFP/ Advisory Manuals/ Reports pertaining to Cyber Security/Inf-ormation Security/Cybercrime Investigation. * Proven ability to work both independently and as a team and present/develop ideas. * Ability to work effectively with technical and non-technical stakeholders. * Ability to communicate (verbal and written) with stakeholders in non-technical terms. * Experience with multiple social media platf-orms. * Using data from social media, open sources, search engines, public records, and the deep web to compile detailed reports on cybercrime, criminals and criminal infrastructure. Share your cv to d.darshani@cipl.org.in

We are hiring a Cybersecurity Trainer in Ahmedabad & Vadodara to teach, mentor, and inspire students in areas like ethical hacking, network security, and forensics. Must hold a Masters degree, 6–12 months experience.

The IT Application Owner (ITAO) AVP based in Pune, India, plays a crucial role in ensuring the compliance with IT policies and procedures throughout the application's life cycle, with a specific focus on IT management and Information Security. As the custodian of the application, you will oversee the segregation of responsibilities within the project to ensure the secure operation of the application in alignment with regulations, policies, and standards. Your responsibilities include maintaining application documentation, ensuring application infrastructure reliability and compliance, and serving as the IT Single Point of Contact (SPOC) for audit initiatives. In this role, you will be responsible for various key tasks including IT governance, cloud security and governance, information security, information content publishing, specialist advice, knowledge management, business risk management, continuity management, data management, methods and tools support, and maintaining information security documentation for assigned IT assets in the DB Group IT Asset inventory. Your involvement in change and transformation will encompass requirements definition and management, delivery and operation tasks such as availability management, service acceptance, configuration management, asset management, change management, security administration, application support, problem management, and incident management. Additionally, you will support key role holders in developing a secure environment and guide ITAOs on implementing information security controls. To excel in this role, you are required to have 6 to 9 years of experience in IT Service Management, IT Governance, or IT Project Management. Strong communication and presentation skills, the ability to work with multiple stakeholders, and a familiarity with VUCA environments are essential. Profound knowledge of Information Security processes, DB Information Security principles, policies, and procedures, as well as experience in financial markets and institutions, are also necessary. An understanding of various technologies such as databases, application/web servers, security certificates, Unix servers, microservices, SOA, communication protocols, networking, and high availability architecture is beneficial. Preferred skills include experience with distributed development teams, finance products, Google Cloud Security, and relevant certifications such as CISSP, ISSMP, CISM. You should also possess quality assurance, conformance review, digital forensics, and relationship management skills. We offer training, coaching, and a culture of continuous learning to support your career progression and provide a range of flexible benefits to suit your needs. At Deutsche Bank Group, we aim to create a positive, fair, and inclusive work environment where individuals are empowered to excel together every day. For more information, please visit our company website at [https://www.db.com/company/company.htm](https://www.db.com/company/company.htm). Join us at Deutsche Bank Group and be part of a team where success is shared and celebrated, promoting a collaborative and empowering work environment for all.,

About KPMG in India KPMG entities in India are professional services firm(s) affiliated with KPMG International Limited. Established in August 1993, our professionals leverage the global network of firms and possess knowledge of local laws, regulations, markets, and competition. With offices across India, including Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara, and Vijayawada, KPMG entities offer services to national and international clients across various sectors. Providing rapid, performance-based, industry-focused, and technology-enabled services, we combine global and local industry knowledge with experience in the Indian business environment. Job Description - BE/B. TECH/BCA/B.SC/M.SC/MCA/M. Tech-(Computers/Electronics/IT) from IIT/ NFSU/ IIIT only - Minimum one certification such as CEH/CPTC/OSCP/ECSA/CEPT or equivalent - 5+ years of post-qualification relevant work experience - Proficiency in managing large-scale digital evidence media - Comprehensive knowledge of forensic digital device data preservation, acquisition, analysis, and documentation - Expertise in Ethical Hacking, Penetration Testing, OSINT, Deep and Dark Net Investigations - Preferred experience in handling real-life cyber-crime cases and investigation of Web Defacement/Site Down activities - Skilled in Email and VOIP call Analysis, Web SMS/Image/Reverse Image/Video Source tracing methods - Practical knowledge of enterprise and open-source tools with industry benchmark - Thorough knowledge of Digital Forensics, Malware Forensics, Memory Analysis, APTs, and intelligence threat assessments - Experience in generating forensic documents for case investigation - Bug-bounty program winners will be preferred Equal employment opportunity information Qualifications - BE/B. TECH/BCA/B.SC/M.SC/MCA/M. Tech-(Computers/Electronics/IT) from IIT/ NFSU/ IIIT only,

7+ years ,Cyber/Windows forensics, host-based forensics, network forensics, malware analysisExperience with tools like EnCase, Axiom, X-Ways, FTK, SIFT, ELK, Redline, open-source forensic tools/ Loc-Hyderabad,Share CV at sony.pathak@aptita.com Required Candidate profile Mastery of tools like EnCase, Axiom, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCP Dump, and other open-source forensic tools8+ years of incident response or digital forensics exp

Job Overview: Incident Response: Respond to and manage cybersecurity incidents, including threat detection, containment, eradication, recovery, and post-incident activities Threat Hunting: Proactively hunt for threats within our environment, utilizing tools such as Anomali ThreatStream to identify potential security risks. Digital Forensics : Conduct digital forensic investigations to determine the root cause of security incidents and identify areas for improvement. Correlation and Analysis: Correlate security event logs from various sources to identify potential security threats and anomalies. Documentation and Reporting: Maintain accurate and detailed records of incidents, including incident reports, root cause analysis, and lessons learned. ESSENTIAL JOB FUNCTIONS: Review security alerts escalated by SOC analysts to determine if they constitute an incident. Investigate incidents to determine scope and impact. Record incident details, artifacts, and evidence in the incident tracking system Execute response protocols and playbooks to respond to incidents Escalate incident response protocols to senior staff when necessary Communicate with end users to collect information and resolve issues Collaborate with IT, Legal, and Marketing teams during the incident response process SUPPLEMENTAL JOB FUNCTIONS: Performs additional duties as directed. Effectively accomplishes set goals while primarily working in a hybrid capacity. Will need to be available on an on-call basis for off-hours critical incident response. Key Skills - Strong understanding of digital forensics techniques, incident response processes, and cybersecurity principles. Familiarity with industry-standard tools like EnCase, FTK, Magnet Axiom, and other specialized forensic software. Using SIEM tools and other security monitoring technologies to identify and analyze security events Strong ability to analyze security events and identify patterns and anomalies Understanding data recovery techniques and tools.

As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches. But that's not all at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems. Not only will you be responsible for ensuring the security of Kyndryl's customers network and systems, but you will also enrich the organizations knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks. You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions. Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with “outside the box” ideas that could change the trajectory of cyber security. This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity team! Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Role & responsibilities: : You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills and Experience: Having 7+years of Experience in DFI/Threat Hunter Lead the development of threat hunting hypotheses using threat intelligence, MITRE ATT&CK, and kill chain models Guide the team in conducting hunts across SIEM, EDR/XDR, and network telemetry to uncover hidden threats Validate and refine threat intelligence to ensure it is actionable and relevant Translate hunting outcomes into detection logic and use cases for SIEM and SOAR platforms Collaborate with content developers to build and tune correlation rules and analytics Identify gaps in visibility and recommend improvements to logging and telemetry coverage Escalate confirmed findings to L3 incident response teams with detailed evidence and RCA Recommend preventive and detective countermeasures (e.g., policy changes, new rules) Support RCA documentation and post-incident reviews Perform forensic acquisition and analysis of endpoints, servers, and cloud workloads involved in security incidents Extract and preserve digital evidence in accordance with legal and compliance standards. Preferred Skills and Experience: Conduct timeline analysis, memory forensics, and disk image reviews to reconstruct attacker activity Deliver weekly/monthly reports on threat hunting activities, findings, and trends Participate in governance forums and contribute to executive dashboards Ensure alignment with SLA/KPI metrics and compliance requirements Mentor junior threat hunters and analysts on hypothesis building, investigation techniques, and tool usage Conduct knowledge-sharing sessions and contribute to skills development plans Coordinate with CTI, SOC, and engineering teams to align hunting with broader security goals

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels, holiday properties, flights, activities, and more. As part of Booking Holdings and based in Asia, we have a diverse team of 7,100+ employees from 95+ nationalities across 27 markets. At Agoda, we believe in bridging the world through travel, enabling people to enjoy, learn, and experience the amazing world we live in while bringing individuals and cultures closer together. The Security Department at Agoda is responsible for overseeing security, compliance, GRC, and security operations to ensure the safety and protection of the company and its employees. We are currently seeking an experienced and highly motivated Incident Response Specialist to join our team. In this role, you will be tasked with addressing security incidents and threats promptly, strategizing and leading incident engagements, monitoring threats targeting Agoda, and preventing attacks from occurring or escalating. Key Responsibilities: - Handling critical, high, and medium cyber security incidents at Agoda - Drafting incident reports and communicating summaries to senior leadership, end users, and legal teams - Developing playbooks for different cyber security incidents and utilizing automation to reduce MTTR time - Automating incident response tasks and developing custom security tools - Tuning security controls to optimize alerts and reduce false positives - Gathering threat intelligence and performing threat hunting across the enterprise - Supporting legal and regulatory teams as a technical subject matter expert for cyber incidents - Evaluating new technologies and conducting POCs for new security products Requirements for Success: - 5+ years of experience in Cyber Security with a focus on Incident Response and working with 24/7 SOC teams - Strong understanding of NIST, CSF, MITRE, and other cyber security frameworks - Proficiency in programming or scripting skills (e.g., Python or C++) for automating tasks and developing security tools - Hands-on experience with major security incidents and incident response automation - Knowledge of malware analysis and digital forensics is a plus - Certification in Cyber Security, Forensics, and Incident Response (e.g., CISSP, ECSA, GISP, GCIH, GCFE, GCFA) is advantageous - Excellent communication skills in English (both oral and written) - Ability to be flexible, fast-moving, adaptable, and skilled in multitasking Agoda offers a relocation package to Bangkok, Thailand, along with a range of benefits including a hybrid working model, WFH Set Up Allowance, remote working opportunities, accommodation discounts, and more. Join us in our mission to make travel easy and rewarding for everyone and contribute to a dynamic and innovative work environment that values diversity, creativity, and collaboration. Equal Opportunity Employer,

You will be responsible for maintaining the global backup environment including NAS, SAN, VMware, local OS, and SQL backups. Additionally, you will assist in building and managing the disaster recovery environment. Your role will involve providing mentoring and support for the service desk team. Excellent communication skills are crucial as you will be working in a global enterprise environment with diverse team members. Your work experience should include a good knowledge of Microsoft Active Directory, MS Windows 2016/2019, VMWare, Linux (Redhat, Ubuntu), and experience in patch management, backup, archival, and restoration. You will collaborate with the Cloud development group to support their current and future needs. Defining and implementing the compliance roadmap based on organizational requirements and ensuring adherence to InfoSec and regulatory standards are key aspects of this role. You will be involved in Infrastructure Security Vulnerability Management Operations, incident handling, evidence acquisition, digital forensics, endpoint and network security, and Cybersecurity incident management. Experience with vulnerability management tools such as Qualys, Rapid7, and Tenable is desirable. A strong understanding of industry security best practices and standards is important. Knowledge of Azure sizing calculator, hands-on experience in Azure Cloud projects, Cloud Migration/Transformation, Active Directory migration, and Hybrid Cloud setup are also required skills. The ideal candidate should have a Bachelor's Degree in Computer Science, Information Technology Engineering, or a related field, with a minimum of 7-8 years of hands-on experience. Proficiency in backup environments, VMware administration, Windows and Linux technologies, and Azure Cloud infrastructure is necessary for this role.,

Workday Job Profile: Domain Architect - Security, Specialist Role: Domain Architect - Security, Specialist JOB CATEGORY: Domain Architect Security Function: SAEP Engineering - Onshore Contractors Role Summary: This role assists in the execution of the vision, direction, and roadmap for strategic security technology programs, and designs scalable cybersecurity infrastructure, defines security standards, and integrates advanced tools to enhance threat response and resilience. Responsibilities: Develop and maintain security architecture frameworks that align with business objectives and industry standards across multiple domains. Design and implement security solutions tailored to specific domains, such as cloud security, network security, application security, and data security. Proven experience in security architecture and domain-specific security roles. Work closely with cross-functional teams, including IT, development, and operations, to integrate security best practices into all phases of the project lifecycle. Implement security monitoring tools and processes to detect, respond to, and recover from security incidents effectively. Provides architectural guidance in shaping strategic, security infrastructure technology programs for the organization. Assists in determining security requirements by evaluating business strategies and requirements; researches information security standards; conducts system security and vulnerability analyses and risk assessments; studies architecture/platform; identifies integration issues. Assists in the planning of the security systems by evaluating network and security technologies; develops requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards. Plans for the implementation of security systems by helping to specify intrusion detection methodologies and equipment; directs equipment and software installation and calibration; prepares preventive and reactive measures. Creates, transmits, and maintains keys; provides technical support; completes documentation. Verifies security systems by developing and implementing test scripts; reviews incident response analyses; conducts training programs. Upgrades security systems by monitoring security environment; identifies security gaps; implements enhancements. Updates job knowledge by tracking and understanding emerging security practices and standards; participates in educational opportunities; reads professional publications; maintains personal networks; participates in professional organizations. Communicates technical concepts effectively to a broad group of stakeholders. Utilizes a general understanding of the competitive landscape and corporate and business unit strategies to provide context for security architectural decision making. Participates in special projects and performs other duties as assigned. Designs and develops enterprise-wide cybersecurity systems and infrastructure with a focus on scalability and long-term resilience. Defines and maintains security standards across the development lifecycle, ensuring alignment with industry protocols. Conducts vulnerability scanning, system hardening, and supports incident response and disaster recovery planning. Integrates advanced forensic tools for post-incident analysis and attack reconstruction. Provides recommendations to optimize security architecture integration and resolve implementation challenges. Collaborates with external agencies (e.g., law enforcement, intelligence) to enhance threat intelligence and response capabilities. Qualifications & Skills: Minimum 8 years of related work experience, with at least three years in technology architecture. Bachelor’s degree (B.E./B.Tech) in Computer Science or IT, or Bachelor’s in Computer Applications (BCA), or Master’s in Computer Applications (MCA). Professional security certifications preferred, including CISSP (Certified Information Systems Security Professional) and GSEC (GIAC Security Essentials Certification). Expertise in security architecture, network security design, risk assessment methodologies, and compliance frameworks. Experience with intrusion detection systems, PKI implementation, digital forensics, and advanced security tools. Strong analytical and problem-solving skills to assess vulnerabilities and develop effective security solutions. Excellent communication and leadership abilities to collaborate with technical and business teams .

The GRC Advisor is responsible for working in the capacity of a Subject Matter Expert in the governance, risk, and compliance programs of our customers. You will inter-work closely with a number of teams including business, architecture, infrastructure, legal and regulatory, data protection, application development, operations, service management and others to identify risks to the business. Your role is typically customer facing and you will be required to conduct interviews, collect data, and analyze necessary documentation in order to perform an appropriate assessment. Post assessment, you are expected to recommend solutions to address those risks and to ensure the business satisfies the necessary industry-specific compliance requirements. Supports with the conduct of risk assessments, creation of customer-specific recommendations, collaterals, and documentation. You will also support with the definition of risk metrics to define and monitor progress, respond to customer questions on GRC related issues, conduct risk assessments for small engagements, track risk and compliance gaps, and ensure work to remediate gaps meets deadlines. Additionally, you will conduct periodic reviews of security and privacy policies and procedures, certifications, and compliance requirements. Skills (competencies) required for this role include Business Acumen, Business Agility, Business Continuity, Business Partnering, Business Understanding, Contracting, Critical Thinking, Data Analysis, Data Management, Data Privacy, Data Security, Digital Forensics, Encryption, Identity Management, Incident Management, Information Technology Assessment, Intelligence Analysis, Knowledge Management, Physical Device Security, Policy Development, Problem Solving, Procurement, Project Management, Requirements Analysis, Risk Management, System Integration, System Testing, Target Development, Threat Analysis, Verbal Communication, Vulnerability Assessment, and Written Communication.,

The School of Computer Science and Engineering is currently seeking exceptional academicians and industry professionals to lead specialized clusters within the B.Tech CSE programme. As a Cluster Lead, you will be responsible for various key aspects including curriculum development, research enhancement, industry collaboration, student experience, and overall growth of the cluster. The specialized clusters within the B.Tech CSE programme include: 1. Cluster of Data and Infrastructure Solutions - Data Engineering Specialization - Cloud Computing Specialization - Full Stack Development 2. Cluster of Cyber Security & Intelligence - Cyber Security & Digital Forensics Specialization Key Responsibilities: - Lead the academic and administrative functions of the cluster. - Develop and update specialized curricula aligned with industry standards. - Drive research initiatives and secure funding for innovative projects. - Establish and nurture strong industry-academia collaborations for internships, capstone projects, and placements. - Mentor faculty and students to achieve academic and professional excellence. Eligibility Criteria: - Hold a B.Tech., M.Tech., and Ph.D. in Computer Science or related fields with expertise in the relevant cluster domain. - Possess a minimum of 8-10 years of experience in academia, research, or industry, with demonstrated leadership capabilities. - Demonstrate a proven track record of research publications in reputed journals/conferences. - Have experience in leading funded research projects or industry collaborations. If you are passionate about shaping the future of computer science education and possess the necessary qualifications and experience, we invite you to join us in this exciting opportunity to lead the way forward.,

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Splunk SIEM Tool Expert | Level 3 Support | 3 - Experienced Primary -> Technology | Sentinel SIEM Tool Design SME | Level 3 Support | 3 - Experienced Secondary -> Technology | Qradar SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CompTIA Security+/CSA/GIAC SEC/CEH/Cisco Certified CyberOps Associate/GIAC CIH/GIAC SOC/Splunk Core Certified Advanced Power User/Splunk Enterprise Certified Admin/IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures. Leadership and Mentoring: - *Leading and mentoring junior analysts and team members. *Providing training and development opportunities to enhance team skills. *Sharing expertise and best practices with the team. *Conducting training sessions and workshops to upskill team members.

Were looking for an experienced Cloud Cyber Defense & Incident Response Analyst to safeguard our cloud environments against evolving cyber threats. This role blends proactive threat hunting with fast, effective incident response to ensure the security, resilience, and integrity of our cloud infrastructure. The ideal candidate brings deep expertise in cloud security, threat intelligence, digital forensics, and modern incident response practices. This position follows a rotating shift schedule either 07:0015:00 IST or 00:0008:00 IST Key Responsibilities: Lead end-to-end incident handling: detection, triage, containment, eradication, and recovery. Conduct forensic analysis of cloud security incidents to determine root causes and impact. Create and maintain incident response playbooks tailored to cloud-based threats. (Bonus) Bring experience in incident management processes. Continuously monitor cloud platforms for anomalies and suspicious activities. Leverage SIEM tools, threat intel feeds, and analytics to detect potential intrusions. Perform log and network traffic analysis to identify malicious behaviors. Translate threat intelligence into actionable security improvements. Track emerging cloud-focused attack techniques and recommend defenses. Partner with cloud engineers and security teams to integrate best practices. Use cloud-native security tools and automation to enhance detection and response. Increase operational efficiency with SOAR platforms. Maintain and refine alerting and monitoring rules. Align security operations with standards such as ISO 27001 and SOC 2. Prepare detailed incident reports and recommend remediation steps. Support security audits and assessments of cloud environments. Requirements: Bachelors degree in Cybersecurity, Information Security, or related field or equivalent experience. Proven Experience in cybersecurity, cloud security, or incident response. Strong knowledge of AWS and Azure security features. Experience with SIEM, IDS/IPS, and EDR solutions. Scripting and automation skills (Python, PowerShell). Familiarity with MITRE ATT&CK framework and modern defense strategies. Proven experience in cloud-based incident response and digital forensics. Preferred Certifications : AWS Certified Security Specialty, or Microsoft Certified: Security, Compliance, and Identity Fundamentals; GIAC Certified Incident Handler (GCIH) or GIAC Cloud Forensics Responder (GCFR); CISSP or CCSP.

Role: Threat Hunter Primary Skills 8+ years experience of working in IT Security and relevant areas like Security Operations Centre, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc. Should have experience to handle Incident Response for diverse financial organization environment. Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as agreed by SLA. In depth understanding of incident response frameworks such as NIST and SANS. Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection) Responsibilities: Manage all aspects of Security Incident Response and Threat Hunting including validation, monitoring, containment, log analysis, system forensic analysis, and reporting. Work closely with SOC Manager and business stakeholders to meet project deliverables. Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners. Should be expertise in Creation of SOP and Playbook. Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectation. Collaboration with the wider teams (like IT/Business operations teams where applicable) in the production and maintenance of efficient and effective incident response playbooks on timely basis. Collaboration with External Incident Response Retainer services for end-to-end tracking and remediation of security incidents. Recommend system enhancements or compensating controls to remediate security deficiencies. Ensure preservation of all evidence as per applicable laws and regulations and maintain records of chain of custody during incidents

About the Role We are seeking a dynamic and detail-oriented Cyber Forensic candidates to join our Forensic Team in Risk Advisory practice. The ideal candidate will have hands-on experience in cyber incident response, digital forensics, and threat investigations, and will be responsible for supporting high-impact engagements involving cyber breaches, fraud investigations, and forensic analysis. Role & responsibilities Conduct end-to-end digital forensic investigations across endpoints, servers, cloud, and mobile devices. Support cyber incident response engagements including containment, eradication, recovery, and root cause analysis. Perform evidence acquisition, chain of custody documentation, and forensic imaging using industry-standard tools and Chain of custody procedures. Analyze logs, memory dumps, and network traffic to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). Assist in malware analysis, reverse engineering, and threat actor profiling. Prepare detailed technical reports and executive summaries for clients and internal stakeholders. Preferred candidate profile Bachelors or Masters degree in Computer Science, Information Security, Digital Forensics, or a related field from a reputed institute. 25 years of relevant experience in cyber forensic and incident response. Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) including log acquisition. Experience with forensic tools such as EnCase, FTK, X-Ways, Autopsy, Cellebrite, Magnet AXIOM. Preferred Certifications (any one) GCFA (GIAC Certified Forensic Analyst) GCIH (GIAC Certified Incident Handler) CHFI (Computer Hacking Forensic Investigato

Job Summary: We are seeking an experienced Cyber Security Trainer to join our team. The ideal candidate will have a solid background in cybersecurity principles and practices, combined with a passion for teaching and helping students understand complex cybersecurity concepts. You will be responsible for delivering high-quality training sessions and supporting students as they develop skills essential to succeed in the cybersecurity field. Key Responsibilities: Deliver engaging and interactive training sessions on cybersecurity topics, including but not limited to network security, threat analysis, malware protection, digital forensic, and ethical hacking. Develop and update course materials, including presentations, handouts, and online resources, to reflect the latest cybersecurity trends and practices. Conduct hands-on labs and exercises to help students gain practical experience with cybersecurity tools and techniques. Assess students' understanding and progress through evaluations, assignments, and feedback sessions. Stay updated with the latest cybersecurity developments and incorporate new knowledge into training programs. Support and mentor students as they navigate their learning journey, answering questions, and providing guidance on cybersecurity career paths. Qualifications: Bachelors degree in Technology (BTech) or a Master’s in Computer Applications (MCA), or a Master's degree in Technology (MTech) 2-3 years of experience in cybersecurity or a related field, with proven knowledge of current cybersecurity threats, tools, and practices. Previous experience in teaching, training, or mentoring is highly desirable. Excellent communication skills, with the ability to simplify complex topics and engage a diverse audience. Strong knowledge of cybersecurity tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability assessment tools. Preferred Skills: Relevant certifications in cybersecurity, such as CompTIA Security+, CISSP, CEH, or similar. Familiarity with e-learning platforms and digital training tools. Strong problem-solving skills and adaptability to different learning styles. Why Join Us: Opportunity to make a meaningful impact on the next generation of cybersecurity professionals. Collaborative and supportive work environment. Access to continuous learning and professional development opportunities.

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile As an Assistant Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations:- Preferred Knowledge The role requires efficient incident response and digital forensics skills to minimize the impact of cyber risks. The individual will oversee Security monitoring, Security tools Operations, Security incidents, ensure incidents are managed effectively and reported to stakeholders. This role primarily consists of first responder activities and to conducting thorough response activities on behalf of a wide variety of clients across every sector. The role requires efficient incident response and digital forensics skills to minimize the impact of cyber risks. The individual will oversee Security monitoring, Security tools Operations, Security incidents, ensure incidents are managed effectively and reported to stakeholders. This role primarily consists of first responder activities and to conducting thorough response activities on behalf of a wide variety of clients across every sector. Demonstrates proven expertise and success in incident handling, triage of events, network analysis and threat detection, trend analysis. Should have the following skills: Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures Knowledge of Windows, Active Directory, DNS & Linux operating systems, Good Experience in SIEM monitoring (QRadar, Sentinel) Knowledge of SOAR technologies, working with playbooks (Cortex, Phantom, Demisto) Working experience and knowledge of ITSM tools for incident management. Must be action oriented and have a proactive approach to solving issues. Knowledge of security logs, log quality review. Knowledge on IT (Operating systems, networking, databases) and IT security knowledge (system and network security) including IT security tools. Good knowledge of office collaboration tools Roles & Responsibilities Detect, Analyse, Investigate, and report qualified security incidents to the Client as per the defined SLA Provide recommendations to the security incidents reported as per SLA Investigates incidents using various security event sources (FW, IDS, PROXY, AD, EDR, DLP etc.). Investigations into non-standard incidents and execution of standard scenarios. Provide dashboard and data related to Incidents/Offenses for governance reports. Escalates to L3 if investigations uncover unusual or atypical situations. Monitoring unhealthy log source/data source and escalate to engineering team to fix them. Participate in incident response (IR) efforts; detect, identify, respond, contain and remediate all information security incidents. Rapidly and accurately determine the source of a security incident and moving quickly to identify and apply containment, mitigation, and remediation steps. Contribute to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Corporate Security organization. Track, monitor incident actions while applying intelligence, situational awareness to prioritise incident actions based on risk Responsible for Incident and Breach communications, assessments, and reports and customer facing, to include leadership and executive management for the purpose of enabling Senior Management to make decisions in a crisis Develop and document processes to ensure consistent and scalable response operations Deliver tabletop IR assessments and real-life IR simulations at a technical and executive level. Conduct in-depth root cause analysis on complex malware and user/system behaviour event Gather and analyse forensic evidence for cyber security incidents and investigations. Develop and document enhanced event analysis and incident response processes and procedures. Required Knowledge Overall experience of at least 4+ years in SIEM monitoring and Cyber security Incident response and Management Hands-on experience with security tools and devices, operating systems, and/or networking devices desired. Proven skills and experience in log analysis, incident investigations Experience working across diverse teams to facilitate solutions Experience working with Security practitioners Willingness to working 24/7 environment in rotating shifts. Ability to work in time-sensitive and stressful situations with ease and professionalism, possess an efficient and versatile communication style Evidence handling Data acquisition (Disk, Memory, Mobile, Cloud, Enterprise Wide) Digital forensics (Windows, Mac OS, Linux/Unix) Thorough understanding of Cyber kill chain and MITRE ATT&CK framework. Experience with one or more of SIEM tools such as QRadar, Sentinel, etc... is required Experience on EDR tools for Incident response and threat hunting (Crowdstrike, MS Defender, Sentinel One) Strong knowledge and experience with commonly used forensic toolsets, including EnCase, FTK. Experience reviewing raw logs and performing advanced data correlation and analysis (i.e., firewall, network flow, IPS, endpoint protection, web application, host OS, database, AAA, etc) Experience of network & host-based forensic analysis and techniques Experience of malware analysis and understanding attack techniques. Industry certifications such as along with experience will be a bonus. Experience in lieu of certification will be taken into consideration Required Qualification Bachelor’s/Master’s Degree (Full-Time) Certifications Certifications like ECIH v2, CHFI, GCIH or GCIA is preferred. Abilities Strong English verbal, written communication, report writing and presentations skills. Ability to multitask and prioritize work effectively. Responsive to challenging tasking. Highly motivated self-starter giving attention to detail. Strong analytical skills and efficient problem solving. Capable to operate in a challenging and fast-paced environment. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterized by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

As an Information Security Senior Analyst, you will be expected to have a strong background in Security Operations, Incident Response/Management, DLP, Forensic/Reverse engineering, Cloud Security, and IAM. You will play a crucial role within our Security Operations team, which is a vital part of our Global Information Security function. In this position, you will be responsible for overseeing multiple security solutions such as XDR, IAM, Firewall, Email Gateway, SIEM, CASB, among others. Additionally, you will work as an InfoSec Analyst in our ASOC, performing incident response and threat hunting tasks in collaboration with our Managed Security Service Provider (MSSP). Key Qualifications: - Minimum of 9-12 years of experience in SOC, Incident Response, IAM, DLP, SIEM, Email Gateway, and Firewall. - A Master's degree in Information Systems, Cybersecurity, or a related field, along with at least 8 years of relevant experience. Additional years of experience may be considered in place of a degree. - Approximately 9 years of progressive experience in information technology. - At least 7-9 years of practical information security experience. - Demonstrated ability to work effectively with a geographically dispersed team. - Hands-on experience with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, Digital Forensics, WLAN Monitoring, and Threat Modeling. - Expertise in information security technologies, networking, systems, authentication (including MFA), and directory services. - Proficiency in managing complex troubleshooting issues. - Proven capability to handle competing priorities and thrive under pressure. - Ability to contribute to organizational strategic thinking beyond the immediate scope of responsibility. - Preferred certifications include CEH, CISM, CHFI, Security+, Network+, or equivalent. - Strong collaboration skills are essential, as you will be required to work effectively as part of a cohesive team and collaborate with other teams both locally and globally. - Exceptional communication skills, including the ability to gather relevant data, actively listen, engage in dialogue, articulate ideas clearly, navigate tense situations successfully, and manage and resolve conflicts.,

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Sentinel SIEM Tool Expert | Level 3 Support | 3 - Experienced Primary -> Technology | Securonix SIEM Tools Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | ArcSight SIEM Tools Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CompTIA Security+/Certified SOC Analyst (CSA)/GIAC Security Essentials (GSEC)/Certified Ethical Hacker (CEH)/Cisco Certified CyberOps Associate/GIAC Certified Incident Handler (GCIH)/GIAC Security Operations Certified (GSOC) Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures.

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.