55 Digital Forensics Jobs

The Forensic Analyst role will entail working closely with the investment research team across different sectors and geographies. Key Responsibilities: Deep dive into annual reports Assessment of corporate disclosures including exchange filings and MCA filings Report drafting and presentation of corporate governance findings to the team Aid the groups ESG and stewardship efforts Qualification & Skills: Chartered Accountant Excellent working knowledge of accounting & corporate governance best practices High degree of curiosity Strong analytical skills The above role is only for Chartered Accountants who have cleared in the last 12 months

Would you like to ensure the security of a global organization and be part of a successful team Join the Digital Technology Team at our organization, where we are at the forefront of the digital transformation. Our team is dedicated to cybersecurity architecture and data protection for our global operations, providing premium products and services to our customers and employees. As a Senior Cyber Investigator, your responsibilities will include conducting investigations related to computer crime, internal inquiries, data protection violations, and legal requirements. You will be tasked with recovering and analyzing material from digital devices, collecting evidence in a legally supported manner, and utilizing existing technologies to design new products and systems. Additionally, you will present project plans, technical roadmaps, risks, and recommendations to senior business leaders and communicate solutions across the organization and with partner teams. To excel in this role, you should possess a minimum of 5 years of experience as a Cyber-focused investigator, extensive expertise in digital imaging and cyber forensic analysis, and a strong work ethic with a proactive mindset. Your ability to work independently, think creatively to solve problems, and communicate effectively at an executive level will be crucial. A Bachelor's Degree in Information Security, Business, Risk Management, Finance, Statistics, or a related field is required, along with knowledge of IT security standards and technologies, evidence collection, digital forensics, and report writing. Training in Information Security-specific disciplines and relevant certifications such as GCFE, GCFA, MCFE, or other Cyber Investigation related certifications are preferred. At our organization, we offer flexible working patterns, including full-time office-based roles in Mumbai or Bangalore, as well as hybrid working arrangements that allow for a combination of office and remote work. We prioritize the well-being and development of our employees, fostering a culture of innovation, inclusion, and collaboration. Join us in revolutionizing energy and industrial solutions worldwide, where our innovative technologies are driving progress towards a safer, cleaner, and more efficient future for people and the planet. If you are passionate about making a real difference in a company that values innovation and progress, we invite you to join our team and contribute to taking energy forward.,

You should have practical and updated knowledge in recent concepts related to Information Security, VA/PT, Information Security Auditing, and Digital Forensics. You should be efficient in teaching, training, and offering consultancy services in the above areas. This is a Full-time, Permanent position with benefits such as commuter assistance and leave encashment. The work schedule is Monday to Friday with weekend availability required. The preferred education requirement is a Master's degree. You should have at least 1 year of experience in teaching, making lesson plans, and a total of 1 year of work experience. Proficiency in English is preferred. The work location is in person, and the expected start date is 01/10/2025.,

Overall Purpose: This career step requires career level experience. Responsible for cyber security areas across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers and our vendors/partners. Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs. Key Roles and Responsibilities: Includes ideation, testing, proof of concept and support for various cyber related projects. Analysis, of complex security issues and the development and engineering activities to help mitigate risk. Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&Ts cyber security needs and that of our managed services teams. Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers. Applies measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhance our mitigation techniques and technology solutions. Areas of work in this are include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cyber security application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber application development & testing, cyber IoT planning & testing, cyber policy & requirements & standards. Job Contribution: Technical professional with some experience. Sound technical knowledge growing through application, expanding knowledge of ATT technologies. Experience: Typically requires 6-8 Years experience. Job Description - External Collaborate with stakeholders to gather and understand business requirements and translate them into technical specifications. Implement and maintain CI/CD pipelines for various software projects, ensuring efficient and reliable software delivery. Collaborate with development and operations teams to define and implement deployment strategies and release management processes. Monitor and troubleshoot CI/CD pipelines, identifying and resolving issues to ensure smooth and uninterrupted software delivery. Stay up-to-date with the latest industry trends and technologies related to CI/CD and Azure DevOps. Provide technical guidance and support to junior developers and team members. Location: IND:KA:Banglaore / Intl Tech Park, Whitefield Rd - Storage: Innovator Building, Itpb, Whitefield Rd Job ID R-75973 Date posted 07/24/2025

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Sentinel SIEM Tool Design SME | Level 3 Support | 3 - Experienced Primary -> Technology | Splunk SIEM Tool Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | Qradar SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CompTIA Security+/CSA/GIAC SEC/CEH/Cisco Certified CyberOps Associate/GIAC CIH/GIAC SOC/Splunk Core Certified Advanced Power User/Splunk Enterprise Certified Admin/IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures. Leadership and Mentoring: - *Leading and mentoring junior analysts and team members. *Providing training and development opportunities to enhance team skills. *Sharing expertise and best practices with the team. *Conducting training sessions and workshops to upskill team members.

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Anti APT tool and in IR Reports To: Security Operations Lead / SOC Manager Job Summary: We are looking for a highly skilled Anti-APT and IncidentResponse Specialist to lead the detection, analysis, and remediation ofsophisticated cyber threats, including Advanced Persistent Threats (APTs). Thecandidate will work closely with threat intelligence, SOC, and forensic teamsto respond to incidents, contain threats, and fortify the environment againstfuture attacks. Key Responsibilities: Anti-APT Operations: Monitor for indicators of APT campaigns using threat intelligence feeds, SIEM, EDR, NBAD, and anomaly detection tools. Identify and analyze tactics, techniques, and procedures (TTPs) used by threat actors aligned with MITRE ATT&CK. Leverage threat intelligence to proactively hunt and neutralize stealthy threats. Incident Response (IR): Lead and execute all phases of incident response: identification, containment, eradication, recovery, and lessons learned. Perform forensic analysis on systems and logs to determine the root cause, scope, and impact of security incidents. Collaborate with IT, SOC, and legal/compliance teams during major incidents and breach investigations. Create and maintain IR playbooks, response workflows, and escalation procedures. Detection and Prevention: Work with SIEM and SOAR teams to improve alert fidelity and develop custom correlation rules. Coordinate with endpoint, network, and cloud teams to plug gaps and strengthen defenses post-incident. Assist in configuring anti-APT technologies like sandboxing, deception platforms, and EDR/XDR solutions. Required Skills and Qualifications: Strong knowledge of APT groups and attack frameworks (e.g., MITRE ATT&CK, Lockheed Martin Kill Chain). Hands-on experience in incident response, digital forensics, threat hunting, and malware analysis. Proficiency with tools such as: EDR (e.g., CrowdStrike, SentinelOne, Carbon Black) SIEM (e.g., Splunk, QRadar, ArcSight) Forensics tools (e.g., FTK, EnCase, Volatility) Threat intel platforms (MISP, Anomali, ThreatConnect) Strong understanding of Windows/Linux internals, memory/process analysis, and network forensics. Experience writing detection rules (Sigma, YARA) and incident reports. Preferred Qualifications: Certifications: GCIH, GCFA, GNFA, CHFI, OSCP, or similar. Experience with APT campaigns linked to sectors like government, BFSI, or critical infrastructure. Exposure to cloud incident response (Azure, AWS, GCP) and OT/ICS threat environments. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : CEH/CSA/CHFI

Should have vision in Digital Forensics or cyber security and well-educated on IT or computer science Technical support for the global customers of Mobile and digital forensics product Excellent Communication Skills Required Candidate profile Testing digital devices and mobile apps, trouble ticketing, issue reporting Good English presentation skill with international way of speech Exp. in digital forensics preferably Need Immediate Joiners

As an Internship Trainee at SANA Cyber Forensics Investigation and Data Security Services Pvt. Ltd., you will play a vital role in supporting various cyber forensic investigations and data security operations. Located in Pune, this full-time on-site position will allow you to gain hands-on experience in the field of digital forensics. You will be involved in assisting with data collection, analysis, and ensuring the confidentiality, integrity, and availability of information throughout the investigative processes. Your responsibilities will also include supporting ongoing fraud and internal investigations, utilizing your understanding of cyber security, digital forensics, and data analysis. To excel in this role, you should possess strong analytical and problem-solving skills, along with a familiarity with investigation techniques, fraud detection, and internal audits. Effective written and verbal communication skills are essential, as you will be collaborating with a team of professionals to achieve investigative goals. Candidates with a Bachelor's degree or current enrollment in Cyber Security, Computer Science, Forensics, or a related field are encouraged to apply. Prior experience with forensic tools and software would be considered advantageous in this role. If you are passionate about contributing to the security of digital information and keen on gaining practical experience in cyber forensics, this internship opportunity at SANA Cyber Forensics Investigation and Data Security Services Pvt. Ltd. is ideal for you. Join us in upholding the principles of Confidentiality, Integrity, and Availability in all our investigative operations.,

The Security Threat Analyst II supports the Arete Security Operation Center (SOC) in monitoring, detection, and response efforts for the Digital Forensics and Incident Response (DFIR) organization. You will assist the Tiger Teams in identifying pre/post-breach malicious artifacts, conducting threat hunts for additional malicious artifacts, escalating findings, and ensuring collaboration with the Forensic team for targeted collections and root-cause analysis. In this role, you will review alerts generated by SentinelOne and implement appropriate containment and mitigation measures. Collaboration with the Forensics team to conduct threat hunting using identified Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) will be a key responsibility. Additionally, you will assist the Tiger Team in targeted collections of systems based on identified malicious activities in the client's environment. Your duties will include conducting historical log reviews to support threat hunting efforts, ensuring all malicious artifacts are mitigated in the SentinelOne console, examining client-provided documents and files, conducting perimeter scans of client infrastructure, managing client-related tasks within the ConnectWise Manage ticketing system, creating user accounts in SentinelOne console, and generating Threat Reports showcasing activity observed within the SentinelOne product. You will also execute passphrase exports as needed for client offboarding, submit legacy installer requests, provide timely alert notifications to the IR team, and serve as an escalation point for Tier 1 analysts. Furthermore, you will assist with uninstalling/migrating SentinelOne, generate Ranger reports, manage and organize client assets, apply appropriate interoperability exclusions, perform SentinelOne installation / interoperability troubleshooting, contribute to the overall documentation of SOC processes and procedures, participate in Handler on Duty (HOD) shifts, and internally escalate support ticket/alerts to Tier III-IV Analysts as needed. Other duties may also be assigned by management. To excel in this role, you should possess demonstrated knowledge of Windows and Unix operating systems, a thorough understanding of Digital Forensics and Incident Response practices, proficiency in advanced analysis techniques for processing and reviewing large datasets, familiarity with TCP/IP and OSI Model concepts, expertise in the Incident Response Life Cycle stages, working knowledge of the MITRE ATT&CK framework, ability to work independently, and a commitment to producing quality work. The job requirements include a Bachelor's Degree and 4+ years of IT security related experience or a Master's or Advanced Degree and 3+ years of related experience, current or previous experience with Endpoint Detection and Response (EDR) toolsets, previous experience working on a SOC/CIRT team, ability to communicate in both technical and non-technical terms, and 1-2 Information Security Certifications preferred. Please note that the above statements are intended to describe the general nature of work being performed and are not exhaustive. The work environment is usual office working conditions, and salary and benefits will be paid consistent with Arete salary and benefit policy. The Arete Incident Response Human Resources Department retains the sole right to make changes to this job description. Arete is an equal employment opportunity employer.,

Role Proficiency: Manage a team of Threat Intelligence analysts who oversee delivering the hands-on service to customers and and act as an incident manager with highly technical skills during escalated cyber incidents. Responsible for developing the service to meet market standards. Develop forensic methodologies and dictate the threat hunting methodology to align with the changing cyber landscape and lead the forensic and proactive hunting disciplines into the most advanced techniques in the market. Develop the analysts' technical skills. Effectively communicate with stakeholder. Study the market and help expand the TI service. Outcomes: Stay on top of cyber security news from the clear deep and dark web daily. Pay attention to industry news security threats outside of their network and the intentions of potentially threatening entities. Mentor the team on best practice workflows and procedures to achieve their full potential and to increase level of security posture of customers. Solve complex forensics and hunting issues being escalated by team members and be the highest escalation point for all Operations teams. Define processes and workflows to optimize the work of the CTI analysts. Ensure documentation included in ThreatConnect/ CDC as predefined / agreed standards. Learn from review process for continuous improvement. Communicate and report appropriately as per defined process. Improve and automate response and hunting processes to increase efficiency of the services. Engage with sales teams to drive potential customers to purchase the services and increase CyberProof's margin goals Constantly strive to upgrade team workflows. Measures of Outcomes: CTI weekly recommendations tuning the hunting query etc. Number of threat intelligence finished reports including threat landscape and asset-based intelligence delivered by the analysts Customer satisfaction - upsells new customers customer engagement. Evidence of skill development including training certification etc. Ideas suggested that will help innovation and optimization of processes. Increased productivity and efficiency of the service by focusing on automating activities. Outputs Expected: Collection: Working with OSINT sources. Using WEBINT techniques to collect and enrich intelligence data. Develop and maintain deep web sources. Processing and analysis: Analyse the threat data into a finished report including technical recommendations MITRE ATT&CK mapping and valid IOCs. Complete documentation including annotation in ThreatConnect / CDC to ensure audit trail as per defined standards and quality requirements. In accordance with the defined process ensure that the defined reports are created and published to stakeholders. Continuous Learning innovation and optimization Ensure completion of analysts learning programs. Innovate new processes and workflows to deploy proactivity in all aspects to address complex threats and risks. Communicate with stakeholder: Effectively communicate with customers to deliver timely and accurate Threat Intelligence. Communicate with other teams to collaborate in the development of the Threat Intelligence service and the other offerings of the company. Present finished intelligence to team members management and clients. Learning and Development: Continuously learn new technologies and stay updated on cyber threats. Create innovative research reports (global trends cross clients collaboration with other teams in the company). Develop the analysts' technical skills Sales and service development: Understand the sales cycle and contribute to increase sales. Understand product development and influence on its design. Assist with Marketing efforts to showcase our Intelligence and research Actively help develop new services Skill Examples: User level skills in use of CDC ThreatConnect Sixgill IntSights VT Premium. Ability to manage incidents and collaborating several team activities in parallel streams to handle incident holistically. Excellent logical problem-solving ability and analytical skills for intelligence processing and analysis. Good time management skills Great oral and written communication skills. Presentation skills Sales skills to increase the uptake of services Designing skills for product development Programming languages such as Python and PowerShell Data analytics tools - SQL BI reports Knowledge Examples: Knowledge Examples Understanding of cybersecurity threat landscape and a deep understanding of computer intrusion activities incident response techniques tools and procedures. Understanding of enterprise IT Infrastructure including Networks OS Databases Web Applications etc. Deep and proven knowledge in baseline operating system internals network communications and user behavior. Thorough knowledge of digital forensics methodology as well as security architecture system administration and networking (including TCP/IP DNS HTTP SMTP) Experience conducting research in the areas of WEBINT OSINT social media platforms and virtual HUMINT. Experience with security assessment tools such as NMAP Netcat Nessus and Metasploit is a plus. Desirable - Training / Certification in Ethical Hacking etc. Additional Comments: Requirements: To be successful in this role, you should meet the following requirements: - 5+ years of technical experience in IT or IT Security, for example as a network or operating system administrator. - Expert level knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM), EDR, Email Protection, Case Management & other cyber security tools. - Expert level knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc. - Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google. - Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc. - Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. - Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. - Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards - Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation. - Formal education and advanced degree in Computer Science or similar and/or commensurate demonstrated work experience in the same. - CEH, EnCE, SANS GSEC, GCIH, GCIA CISSP or any similar Certifications. Required Skills Cyber Security,Anti Malware,Firewall,Proxies

As a Security Engineer at Rapid7, you will play a crucial role in building, integrating, and automating security controls across a variety of environments. Your primary responsibility will be to enhance global technology security by designing and implementing robust security solutions. Joining our IT team, you will collaborate with a group of dedicated professionals who are committed to advancing technology security across different business verticals. Your role will involve driving the design and integration of security controls, managing IT infrastructure vulnerabilities, and providing security consulting to various business units. Key responsibilities include building, integrating, and automating security controls from cloud to endpoint, serving as a subject matter expert in enhancing IT security for end-user devices, infrastructure, applications, and identity/access management. You will also be involved in automating vulnerability management and incident detection/response, leading and collaborating on security projects, and curating metrics to demonstrate security control effectiveness. To excel in this role, you are expected to bring at least 5 years of experience in information security, particularly in areas such as vulnerability management, incident detection/response, digital forensics, or malware analysis. Additionally, proficiency in software development with Python or Go, strong knowledge of Windows, macOS, & Linux security hardening/monitoring, expertise in secure network, systems, and application design/architecture, and experience in maintaining AWS cloud infrastructure will be valuable assets. Moreover, your ability to identify security event root causes from disparate systems, excellent communication skills with technical and non-technical audiences, a proactive mindset, and a strong curiosity for staying updated on emerging threats and industry trends are essential qualities for success in this role. At Rapid7, we value diverse perspectives and experiences, and if you are passionate about cybersecurity and eager to contribute to creating a secure digital world, we encourage you to apply and be a part of our dynamic team.,

As a member of the Product Security Engineering (PSE) team within the Cloud CISO organization at Google, you will have the opportunity to contribute to ensuring the security of every product shipped by Cloud and enhancing the security assurance levels of the underlying infrastructure. Your role will involve collaborating with product teams to develop more secure products by implementing security measures by design and default, providing tools, patterns, and frameworks, and enhancing the expertise of embedded security leads. Your responsibilities will include researching innovative detection techniques to prevent and mitigate abusive activities such as outbound security attacks, botnet, DDoS, and other malicious behaviors that breach Google Cloud Platform's (GCP) Terms of Service. You will be tasked with developing fidelity detection mechanisms to identify malicious activities based on raw network and host level telemetry, as well as analyzing logs and packets to enhance the accuracy of detections. Additionally, you will be involved in hunting for threats and abusers and responding effectively to safeguard Google and its users from potential attacks. The ideal candidate for this role should possess a Bachelor's degree or equivalent practical experience, with at least 5 years of experience in security analysis, network security, intrusion detection system, threat intelligence, or threat detection. A minimum of 2 years of experience as a technical security professional, particularly in digital forensics or systems administration, is required. Proficiency in executive or customer stakeholder management and communication, along with a data-driven approach to solving information security challenges, is essential. Preferred qualifications for this position include a Master's degree in Computer Science or a related field, knowledge of defensive security concepts such as adversity tactics and techniques, MITRE ATT&CK framework, and logging practices. Familiarity with networking and internet protocols (e.g., TCP/IP, HTTP, SSL) and experience in analyzing malicious network traffic will be advantageous. Strong organizational and multitasking skills are highly desirable for effectively managing responsibilities in a global and cross-functional environment. Join us in our mission to accelerate digital transformation for organizations worldwide through Google Cloud, where we offer enterprise-grade solutions leveraging cutting-edge technology and tools to help developers build sustainably. Become a part of a dynamic team dedicated to protecting Google and its users from potential threats, while maintaining trust and reputation for the brand and company globally.,

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Sentinel SIEM Tool Design SME | Level 3 Support | 3 - Experienced Primary -> Technology | Securonix SIEM Tools Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | ArcSight SIEM Tools Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CISSP/CISM/CISA/CRISC/GIAC SOC/GIAC Certified Enterprise Defender (GCED)/Certified Ethical Hacker (CEH)/SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures. Leadership and Mentoring: - *Leading and mentoring junior analysts and team members. *Providing training and development opportunities to enhance team skills. *Sharing expertise and best practices with the team. *Conducting training sessions and workshops to upskill team members.

Education Qualification : Engineer - B.E / B.Tech / MCA Skills : Primary -> Technology | Sentinel SIEM Tool Design SME | Level 3 Support | 3 - Experienced Primary -> Technology | Splunk SIEM Tool Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | Qradar SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Cybersecurity General Administrator | Level 2 Support | 2 - Knowledgeable Tertiary -> Technology | Network Traffic Analysis Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | CompTIA Security+/CSA/GIAC SEC/CEH/Cisco Certified CyberOps Associate/GIAC CIH/GIAC SOC/Splunk Core Certified Advanced Power User/Splunk Enterprise Certified Admin/IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 Delivery Skills required are: - Technical Expertise: - *Expert knowledge of threat detection techniques and tools. *Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. *Conducting in-depth digital forensics investigations. *Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - *Deep understanding of log analysis techniques and tools. *Identifying patterns and anomalies in large datasets. *Integrating threat intelligence into monitoring and response processes. *Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - *Working closely with other IT and security teams to ensure comprehensive security coverage. *Leading the coordination of response efforts during major incidents. *Ensuring effective communication and collaboration among all stakeholders. *Coordinating with external partners and vendors for specialized support. Continuous Improvement: - *Continuously evaluating and improving security processes and procedures. *Implementing lessons learned from incidents to enhance the overall security posture. *Contributing to the development and updating of security policies and procedures. Leadership and Mentoring: - *Leading and mentoring junior analysts and team members. *Providing training and development opportunities to enhance team skills. *Sharing expertise and best practices with the team. *Conducting training sessions and workshops to upskill team members.

Conduct Cyber Risk reviews for the organizational clients in a swift and thorough manner Assist in understanding common cyber threats and vulnerabilities Assist in understanding common cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations Assist in understanding Business continuity and disaster recovery planning methodologies Assist in understanding risk management methodologies and procedures Understand Underwriting Insights for Risk Report Creation Assist to prepare a risk report based on organizational internal cyber resilience network, which can become the primary basis of underwriting the cyber risk. Assist in understanding qualitative and quantitative methods for analyzing, interpreting, and synthesizing raw data into intelligence for deriving insights for liability underwriting Roles and Responsibilities 2

The Investigation Head will lead and manage forensic investigations and fraud risk assessments across Sun Pharma's global operations. This role demands high integrity, discretion, and strategic thinking to protect the organization from financial and reputational risks. You will ensure that investigations are conducted independently, thoroughly, and aligned with global best practices. You will lead end-to-end forensic investigations globally, ensuring objectivity and confidentiality. Conduct fraud data analytics and background checks using advanced tools such as Intella Pro and Falcon NEO2. Analyze digital evidence, databases, and systems to identify anomalies and gather proof. Conduct interviews with suspects and witnesses, maintaining professionalism and composure. Prepare detailed investigation reports and executive summaries for senior management and audit committees. Present findings, root causes, and actionable recommendations to leadership. Collaborate with Legal and HR to support law enforcement actions and internal disciplinary processes. You will supervise and mentor a team of forensic professionals and manage co-sourced engagements. Drive continuous improvement in investigative methodologies and internal controls. Undertake special assignments as directed by the Head Global Internal Audit. Key Skills required for this role include exceptional verbal and written communication skills, strong stakeholder engagement and relationship management, analytical mindset with attention to detail and investigative acumen, ability to lead under pressure and manage sensitive situations, team leadership, coaching, and project management capabilities, strategic thinking, and problem-solving orientation. Approximately 15% travel may be required for this role, with the geographical scope covering all business units and geographies of Sun Pharma globally. You will have internal interactions with Legal, Human Resources, Senior Management, Audit Committees, and Business Unit Heads. External interactions will include engagement with law enforcement agencies, external forensic consultants, Big 4 firms, and regulatory bodies as applicable. Educational qualifications required for this position include being a Chartered Accountant (CA), Commerce Graduate, and Certified Fraud Examiner (CFE) is preferred. Specific certification such as CFE or equivalent forensic certification is also preferred. Skills needed for this role include expertise in forensic investigation tools and techniques, proficiency in data mining, analytics, and digital forensics, strong report writing and presentation skills, interviewing and interrogation techniques, and knowledge of regulatory and legal frameworks. The ideal candidate should have 10-12 years of post-qualification experience in forensic investigations and fraud risk assessments, with a minimum of 4-5 years with a Big 4 consulting firm. At least 2-3 years of experience in a managerial or leadership role is required. Experience in the pharmaceutical or manufacturing industry is preferred, along with exposure to global operations and cross-border investigations.,

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Network Security Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

The role available at SANA Cyber Forensics Investigation and Data Security Services Pvt. Ltd. is for an Internship Trainee position based in Pune. As an Internship Trainee, you will be actively involved in cyber forensic investigations, data collection, and analysis processes. Your responsibilities will include providing support for ongoing fraud and internal investigations while ensuring the security and integrity of data at all stages of the investigative procedures. To excel in this role, you should have a solid understanding of Cyber Security, Digital Forensics, and Data Analysis. Proficiency in investigation techniques, fraud detection, and internal audits will be advantageous. Strong analytical and problem-solving skills are essential for this position. Effective written and verbal communication skills are also required to convey findings and updates clearly. The ability to work both independently and collaboratively within a team setting is essential. Ideally, you should hold a Bachelor's degree in Cyber Security, Computer Science, Forensics, or a related field. However, current enrollment in such programs will also be considered. Any prior experience with forensic tools and software will be viewed as a positive attribute. Join us at SANA Cyber Forensics Investigation and Data Security Services Pvt. Ltd. and be part of a team dedicated to upholding the principles of Confidentiality, Integrity, and Availability in all our operations.,

Company Name- CIPL (www.cipl.org.in) We have opening for our one government client Ministry of Home Affairs. Client Name- I4C (Indian Cybercrime Coordination Centre) Designation- Cybercrime Threat Intelligence Analyst - Hyderabad , Vacancy -1 Cybercrime Investigator/ Cyber Crime Investigation Researcher - Delhi , Vacancy- 2 Detect emerging Cybercrime threats based upon analysis, data feeds crime reporting and sources (internal & external intelligence sources). Working within the team and the wider Inf-ormation Security group to build new tools for intelligence gathering. * Knowledge of innovative technologies like block-chain, Artificial Intelligence/Machine Learning, IOT Security, Cloud Security will be an added advantage. * Knowledge of cryptography protocols. * Ability to derive intelligence out of data and reports generated and ability to conduct research in that direction and development of tools to handle such threats and overcome such risks. * Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape. * Identify and suggest appropriate infrastructure with suitable mitigation strategies for cyber crime * Evaluate target systems to analyze results of scans, identify and recommend resolutions * Producing periodic Cybercrime threat analysis reports with mitigation measures. * Programming skills with proficiency in one or more of the following, Python, Java, C++. * Excellent knowledge of digital hardware, computer programming, cyber security practices, databases & operating systems artifacts. * Review unlawful and suspicious content in open source and escalate violations to the appropriate govt. department. * Collect, organize, analyze and develop reliable actionable intelligence about cybercrime, criminals, criminal infrastructure from open sources. Must have advanced understanding of how to use open-source including social media for intelligence. * Ability to draft Sop's/ RFP/ Advisory Manuals/ Reports pertaining to Cyber Security/Inf-ormation Security/Cybercrime Investigation. * Proven ability to work both independently and as a team and present/develop ideas. * Ability to work effectively with technical and non-technical stakeholders. * Ability to communicate (verbal and written) with stakeholders in non-technical terms. * Experience with multiple social media platf-orms. * Using data from social media, open sources, search engines, public records, and the deep web to compile detailed reports on cybercrime, criminals and criminal infrastructure.

Lead Security Analyst (P4) Must Have skills: SOC, End to end investigation, L4 ticket investigation, IDR ( Incident Response) , Digital Forensics, Public Cloud Experience: 10 to 14 years Shift: Rotational Job Responsibilities: As a Level 4 (L4) Lead Security and Threat Monitoring Analyst, you will be part of UKGs Global Security Operations Center (GSOC) team investigating events of interest and incidents as they are validated, prioritized, and categorized by UKGs 24x7 L1, L2 and L3 analyst teams. You will facilitate and follow UKG’s standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners’ and customers’ data and services. You will be an escalation point for all incidents, either regionally or during shift assignment; analyzing, confirming, re-prioritizing if necessary and/or escalating/remediating those identified threats within the UKG computing environment. Having handson experience into Digital Forensics and Public cloud. You will work closely with UKG’s GSOC teams in the US, Europe, and India to promote an integrated, uniform, and holistic threat detection and response capability to facilitate and enable a robust and proactive security posture. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT’s. Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), post incident reporting and continuous improvement recommendations to enhance UKG’s security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities. Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. Primary/Essential Duties and Key Responsibilities: • Review tickets escalated from L1 or L2 analysts to confirm the priority, category and accuracy of the details and conditions. • Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions. • Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration. • Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents. • Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture. • Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents. • Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology. • Provide mentoring and enablement of junior analysts globally to expand and extend UKG’s GSOC capabilities and experiential capacities. Qualification (Experience, Education, Certification, License and Training): • Bachelor's degree in computer science or a related discipline • CISSP, CCSP, GIAC or other relevant cyber security certifications • Working professional with 9+ years of relevant Security/SOC experience Required Qualifications: • Knowledge of the common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). • Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). • Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions. • Experience with Splunk, Google Chronicle, Elastic Search, EDR solutions, email security tools, and cloud environments (GCP, Azure). • Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities. • Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability. • Knowledge and experience in Security Information and Event Management (SIEM) use case and content development techniques and objectives. • Knowledge and experience in conducting and participating in security audits and assessments. • Understanding and experience in developing, and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program. • Communicate in English: write clearly and speak authoritatively to different audiences (business leaders and engineers). Preferred Qualifications: • Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors. • Knowledge and experience in designing, executing, and reporting threat hunting activities. • Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment. • Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements.

Company Description Samartha InfoSolutions, founded in 2006, aims to be the world leader in providing simplified innovative IT solutions. The company focuses on progressive IT solutions to help customers achieve their core business objectives effectively. Specializing in OSS/NMS/ITSM solutions, IT infrastructure support, and application development & support, Samartha InfoSolutions boasts a team of experienced professionals dedicated to delivering exceptional services in various sectors. Role Description This is a full-time on-site role for a Mobile Forensic Engineer at Samartha InfoSolutions in Bengaluru. The Mobile Forensic Engineer will be responsible for forensic analysis, forensic engineering, analytical skills application, failure analysis, and structural engineering tasks. The role involves day-to-day activities related to mobile forensic investigations and analysis. Qualifications Forensic Analysis and Forensic Engineering skills Analytical Skills and Failure Analysis expertise Strong background in Structural Engineering Proficiency in digital forensics tools and techniques Experience in mobile device forensics Excellent problem-solving and critical thinking abilities Strong attention to detail and accuracy Bachelors Degree/Masters Degree. Information Technology Cybersecurity Digital Forensics,

JOB DESCRIPTION About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. i. BE/B. TECH/BCA/B.SC/M.SC/MCA/M. Tech-(Computers/Electronics/IT) ii. Minimum one certification such as CEH/OSCP and/or equivalent. iii. Having at least 5+ years of post-qualification relevant work experience including appearance before court of law while presenting the extracted cyber evidence. iv. Experience in all kinds of digital forensic work- Computer, macbook, Mobile, Cloud APIs, CCTV and AV, Database, Network etc including reporting v. Experience in analysis of malware, incident response, email and log analysis, threat modeling and assessments vi. Experience in Ethical Hacking, VAPT, OSINT etc. vii. Experience in handling cyber- crime cases, website defacement, email and VOIP analysis, image and video forensic viii. Dynamic and Static Malware analysis QUALIFICATIONS Graduation from premier institutes is preferred. Proficiency in Marathi language is must. Knowledge of IT Act, DPDP Act, CrPC, IPC, etc, laws is preferred,

Responsibilities: * Train teams on cyber security best practices * Conduct regular threat hunting exercises * Develop & deliver CEH-certified training programs * Collaborate with IT department on incident response plans

We are seeking a qualified and passionate Assistant Professor in the field of Information Security and Digital Forensics. This full-time faculty role involves a dynamic mix of teaching, research, mentoring, and academic leadership, aimed at equipping students with cutting-edge knowledge and practical skills in the cybersecurity and digital forensics domains. Key Responsibilities: 1) Teaching & Curriculum Development 2) Design and deliver engaging lectures in Information Security and Digital Forensics. 3) Develop and continuously update curriculum to align with current industry standards and emerging technologies. 4) Supervise undergraduate and postgraduate student projects and theses. 5) Research & Innovation 6) Student Mentorship & Engagement 7) Mentor and guide students academically and professionally. 8) Organize and lead weekly training programs and workshops in information security and digital forensics at HQ. Industry Tools & Technologies Maintain proficiency in and teach the use of modern digital forensics and cybersecurity tools, including: FTK, EnCase, Cellebrite, XRY (Forensics) VA/PT tools, Nmap, Splunk (Security assessment and monitoring) Continuous Learning & Contribution Stay current with advancements in the field and integrate emerging trends and tools into teaching and research activities. Participate in academic committees, accreditation processes, and departmental development initiatives.

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling.