342 Edr Jobs

As a Senior Specialist in Cyber Security Operations at AB InBev GCC, you will have the exciting opportunity to be a part of a growing team of top professionals dedicated to protecting AB InBev from sophisticated threats. Your role will involve working as a Cyber threat hunter, investigating security alerts, and responding to incidents within defined timelines. You will collaborate with incident responders in a 24x7 shift model and utilize your deep knowledge of security tools and platforms to monitor threats and new attack techniques. Key tasks and accountabilities include monitoring, responding, and processing security alerts triggered from various SOC tools deployed across on-premises and cloud environments. You will investigate events, create incident storylines, and communicate necessary remediation steps. Additionally, you will co-relate different log sources, own incidents till completion, adhere to SLAs, and collaborate with internal teams for automation and process improvements. In this role, you will act as an Incident commander during critical incidents, prepare incident reports, create incident response SOPs, and seek opportunities to drive efficiencies. Your ability to effectively communicate complex technology to non-tech audiences, collaborate with stakeholders, and ensure client satisfaction will be crucial. Moreover, you will continuously enhance your threat hunting skills, stay updated on security standards, and work towards improving defensive controls. To qualify for this role, you should ideally have a Bachelor's degree in Computer Science or Information Systems, along with 6+ years of experience in incident response, CISRT, and SOC operations. You should possess expertise in EDR, SIEM, log analysis tools, and cloud security solutions. Security certifications such as CEH, CHFI, or CompTIA Security+ would be a plus. Your strong analytical skills, knowledge of operating systems, and networking concepts will be essential for success in this role. If you have a passion for cyber security, a desire to excel in a global team environment, and an undying love for beer, then this role at AB InBev GCC is the perfect opportunity for you to dream big and create a future with more cheers.,

You will be joining Marvell as a CyberSecurity Analyst, where you will play a crucial role in identifying and responding to threats against Marvell data and systems. As part of the Security Operations Center (SOC), your responsibilities will include providing primary triage, analysis, and operational support for security events and alerts. You will utilize various security analytics tools, log aggregators, and threat intelligence repositories to perform correlation and investigate security incidents. Your role will involve real-time incident handling, intrusion correlation, threat analysis, and system remediation to support deployable Incident Response. Additionally, you will participate in analyzing the nature of attacks, conducting root cause analysis of incidents, and monitoring external data sources proactively to identify potential security issues that may impact the enterprise. Furthermore, you will document and publish incident findings, techniques, and reports to relevant stakeholders within Marvell. You will also contribute to improvement tasks such as false positive reduction and use case refinement, while effectively communicating both verbally and in writing updates on alerts and incidents. To be successful in this role, you should have at least 4 years of experience as a SOC Analyst, preferably in a large enterprise environment. You must possess strong communication skills and the ability to tailor your message to various audiences, ranging from technical subject matter experts to company executives. A deep understanding of MITRE ATT&CK framework, proficiency in technical writing, and the ability to solve problems in ambiguous situations are essential. Moreover, you should have experience working with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners. Industry security certifications like C|EH and relevant GIAC certifications are highly desirable, along with experience in IT service management and infrastructure operations in an enterprise-level organization. Marvell offers competitive compensation and benefits, fostering an environment of collaboration, transparency, and inclusivity. You will have access to resources and support to succeed in impactful work and opportunities for growth and development within the company. To learn more about working at Marvell, you can visit our Careers page.,

As an L3 Network Security Senior Engineer at our company located in Thane, you will be responsible for leading technical delivery and managing client engagements in post-sales cycles. With over 10 years of experience in Network Security/Cyber Security and a total of 12-15 years in the industry, you will conduct deep-dive security incident analysis to derive actionable insights. Your role will involve handling and configuring various security infrastructure components such as Firewalls, VPN, DLP, Proxy, PIM/PAM, Load Balancers, EDR, WAF, SIEM, IDAM, NAC, ZTNA, and CASB. Additionally, you will work on virtualization and server operating systems including Windows, Redhat Linux, and other Linux distributions. Collaboration with OEMs, vendors, and internal teams will be essential for seamless implementation and support. You will be expected to draft HLD/LLD documentation, understand the Scope of Work (SOW), and execute Proof of Concepts (POC) for proposed security solutions. Monitoring, managing, and ensuring adherence to SLAs and KPIs across security services will also be part of your responsibilities. Remaining updated on evolving threats and technologies to implement best practices across deployments is crucial. You will conduct presentations, prepare detailed technical/executive reports, and engage with various tools including Microsoft Office, Excel, Word, PowerPoint, Visio, and Project. In terms of technical skills, proficiency in Network Security tools like Firewall, VPN, DLP, Proxy, PIM/PAM, Load Balancers, Websense, Zscalar, CASB, NAC, EDR, WAF, and SIEM is required. Networking knowledge encompassing Switches, Routers, TCP/IP, DNS, DHCP, Routing & Switching is essential. Experience with Public Cloud and On-Prem Private Cloud security, along with operating systems like Windows, Redhat Linux, and other Linux distributions, is necessary. Familiarity with Backup Software, SAN Fabric, External Storage, HCI, and AD will be beneficial. Preferred certifications include CCNA/CCNP, CCSA, Redhat Certified, Microsoft Certified, ITIL 4, PMP, or equivalent. This is a full-time, permanent position with benefits such as health insurance and Provident Fund. The work schedule is on a fixed shift basis from Monday to Friday, with rotational shifts required in the office setting.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We are counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and a better working world for all. As a CMS-TDR Senior at EY, you will work as a Senior Analyst within our cyber security team. Your role will involve assisting clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. Your key responsibilities will include: - Operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR (CrowdStrike, Defender, Carbon Black), and NSM (Fidelis, ExtraHop) for multiple customers. - Specializing in second-level incident validation and detailed investigations. - Performing incident coordination and communication with clients to ensure effective containment, eradication, and recovery. - Providing SIEM support activities, including ad hoc reporting and basic troubleshooting. - Advising customers on best practices and use cases to achieve customer end-state requirements. - Providing near real-time analysis, investigating, reporting, remediating, coordinating, and tracking security-related activities for customers. Skills and attributes for success include: - Customer service orientation, meeting commitments, and seeking feedback for improvement. - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a security analyst's perspective. - Troubleshooting issues associated with SIEM solutions. - Ability to work with minimal supervision. - Exposure to IoT/OT monitoring (Claroty, Nozomi Networks) is a plus. - Experience in security monitoring and cyber incident response. - Knowledge in ELK Stack, network monitoring technology platforms (Fidelis XPS, ExtraHop), and endpoint protection tools (Carbon Black, Tanium, CrowdStrike, Defender). To qualify for this role, you must have: - A B.Tech./B.E. degree with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Minimum 3 years of hands-on experience in SIEM/EDR/NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certifications such as CCSA, CEH, CISSP, GCIH, GIAC. Working at EY offers: - Inspiring and meaningful projects. - Education, coaching, and personal development opportunities. - Support, coaching, and feedback from engaging colleagues. - Opportunities for skills development and career progression. - Freedom and flexibility to shape your role according to your needs. EY is dedicated to building a better working world by creating long-term value for clients, people, and society and building trust in the capital markets. Our diverse teams across 150 countries provide trust through assurance and help clients grow, transform, and operate in various sectors. We ask better questions to find new answers for the complex issues facing our world today.,

Organization: At CommBank, we never lose sight of the role we play in other peoples financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things. Job Title: Senior Platform Engineer Location: Bangalore, Manyata Tech Park Business & Team: The role of Platform Engineers is to Design, Build, Run & Evolve tools, infrastructure, templates and capabilities that our other engineers use to deliver business value, and to write code that automates running our infrastructure and environments. The Cybersecurity Engineering group safeguards the organization by delivering secure, scalable, and high-performing systems that protect critical infrastructure and sensitive data. Our mission is to support cybersecurity objectives through innovative engineering solutions and secure operational practices. This exciting opportunity is for someone that can bring strong full cycle platform engineering expertise with a focus on learning and developing new skills across cyber security and security engineering. Impact & Contribution: As a Senior Platform Engineer, youll be reporting directly to the Engineering Chapter Lead, a part of our wider Cyber Engineering Chapter, developing the scalability, reliability, and security of our various platforms. Your work will involve the delivery of complex security initiatives across the groups platforms and systems. Our mandate is to protect the business platforms, systems, data, digital assets, and reputation across our cloud and datacentre infrastructure. You will work in a DevSecOps environment, with a strong focus on automation, IaC, observability, and automated cyber defense security tools. Roles & Responsibilities: Bring hands on experience working with Infrastructure as Code using tools such as Terraform, CloudFormation, CDK etc. In depth experience using scripting/programming languages such as PowerShell, Bash & Python, as well as good Windows & Linux Server experience. Strong knowledge of CI/CD and automation tools like GitHub, GitHub Actions, TeamCity, CI/CD pipeline desirable. Automation of observability logs and metrices, including dashboard, monitoring and alerting. Incident management, post incident reviews, problem management. Demonstratable experience in solving complex problems. Essential Skills: We use a broad range of tools, languages, and frameworks. We dont expect you to know them all but experience or exposure with some of these (or equivalents) will set you up for success in this team. Cyber Defense Tools (SOAR, EDR, Atlassian products like JIRA, Confluence etc) AWS infrastructure 8-12 years of IT experience Python, PowerShell, Bash - optional Experience with and knowledge of CI/CD and automation tools like GitHub, GitHub Action, TeamCity, CI/CD pipeline desirable Exposure to GenAI models, agents, MCP. Automation tools such as Terraform, Ansible. Source control, and CI/CD tooling such as GitHub, GitHub actions, Jenkins, Octopus Python and scripting languages such as Bash & PowerShell. Infrastructure as code pipelines and automation. Observability with Grafana and Prometheus. Devops / decsecops Education Qualification: Bachelors degree or masters degree in engineering in Computer Science/Information Technology If you&aposre already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you&aposll need to apply through Sidekick to submit a valid application. Were keen to support you with the next step in your career. We&aposre aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 30/08/2025 Show more Show less

As an experienced Information Security professional with 8+ years of experience, you will be responsible for planning, implementing, managing, and maintaining security systems such as antimalware solutions, vulnerability management solutions, and SIEM solutions. Your role will involve monitoring and investigating security alerts from various sources, providing incident response, and identifying potential weaknesses within the organization's network and systems to recommend effective solutions. Additionally, you will take up security initiatives to enhance the overall security posture of the organization. You will be required to document Standard Operating Procedures (SOPs), metrics, and reports as necessary, provide Root Cause Analyses (RCAs) for security incidents, and collaborate with different teams and departments to address vulnerabilities, security incidents, and drive security initiatives. Moreover, researching and monitoring emerging threats and vulnerabilities, understanding current industry and technology trends, and assessing their impact on applications will be crucial aspects of your role. Your qualifications should include industry-recognized professional certifications such as CISSP, GCSA, CND, or similar certifications. Demonstrated experience in computer security with a focus on risk analysis, audit, and compliance objectives is essential. Proficiency in Network and Web Security tools like Palo Alto, ForeScout, and Zscaler, as well as experience in AWS Cloud Environment and Privileged Access Management solutions, will be advantageous. Familiarity with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts is desired. The ideal candidate will possess strong decision-making and complex problem-solving skills under pressure, along with a high degree of creativity and "out-of-the-box" thinking. The ability to manage multiple projects simultaneously in fast-paced environments, a service-oriented approach, and excellent communication, presentation, and writing skills are key requirements for this role. You should also be adept at sharing knowledge, collaborating with team members and customers, and adapting to a fast-paced, ever-changing global environment. Strong organization, time management, and priority-setting skills are essential, along with a proactive approach to achieving results. In summary, this role offers an exciting opportunity for an experienced Information Security professional to contribute to the enhancement of the organization's security posture, collaborate with diverse teams, and stay abreast of emerging threats and industry trends.,

As a Junior Security Analyst at Cyncly based in Pune, India, you will play a crucial role in the day-to-day operations of the enterprise's security solutions and the handling of security events and incidents. Your responsibilities will include supporting senior analysts in maintaining security solutions, staying updated on IT security industry trends, enhancing existing security solutions, deploying new security solutions, ensuring secure device configurations, monitoring security solutions, and participating in security incident response activities, vulnerability assessments, and audits. You will be expected to have at least 2 years of experience in IT operations and 1 year of experience in IT security. Additionally, knowledge of security products in public cloud providers, experience with various security solutions such as NDR/IDS, EDR, SIEM/SOAR, WAF, IAM, and familiarity with network administration protocols like IP, TCP/IP, and DNS will be beneficial. Experience in Security Incident Response Team or SOC will also be a valuable asset. To qualify for this role, you should hold a college diploma or university degree in computer science or possess equivalent work experience. Furthermore, having certifications such as ISC2 CC, CompTIA Security+, SC-200: Microsoft Security Operations Analyst, or SC-300: Microsoft Identity and Access Administrator Associate will be advantageous. Joining Cyncly means becoming part of a global team that values collaboration, diversity, and innovation. With a focus on nurturing talent and promoting autonomy in the workplace, Cyncly offers a supportive environment where employees are encouraged to grow both personally and professionally. By embracing a diverse range of backgrounds and skills, Cyncly aims to lead the industry with a bold and customer-centric approach. If you are passionate about IT security, eager to work in a dynamic and inclusive environment, and dedicated to making a difference in the industry, we invite you to join us at Cyncly.,

Job Description Manage all aspects of cloud computing (including networking, compute, storage, and services), ensuring that the appropriate technology and methodologies are applied when translating business requirements into technical and functional solutions. Collaborating internally and across the organization in driving cloud adoption of security technologies. Stay current with industry trends, best practices, and emerging technologies related to DevOps and cloud computing. Extensive collaboration with technical and business facing stakeholders to engineer solutions which exceed customer expectations and drive significant business value. Implement and monitor security standards across development, testing, and production environments. Design solutions and processes to monitor, test for, and strategically deploy product updates. Identify opportunities for automation and efficiency improvements, implement from end-end. Utilize futuristic tools, technology, and frameworks for enhancing business experience. Participate in the development of a healthy product backlog, ensuring agile practices are followed. Proactively identify opportunities to improve and automate existing technologies. Support strategic vision for new infrastructure and systems by providing input on roadmaps/value maps in partnership with business stakeholders that aligns with the overall corporate strategy. Support organizational wide Disaster Recovery and Business Continuity plans and strategy so the organization is prepared for potential events. Support 24x7 security operations as needed. Responsibilities Basic Qualifications: Bachelors degree in Computer Science, Cyber Security, or Information Systems. 2+ years of proven hands-on experience with IT security and Devops cloud engineering. Microsoft Azure certifications such as: AZ-104, AZ-305, or AZ-400 Strong knowledge of Azure DevOps tools and services, including Azure Pipelines, Repos, Artifacts, and Boards. 2+ years with engineering expertise with Full stack, hands-on expertise with infrastructure including IaC such as Terraform or ARM templates. 2+ years of experience developing end-end using APIs and/or scripting languages such as Powershell, Python, YAML, JSON, NodeJS, etc. 1+ years leading projects and implementations. Preferred Qualifications: Technical Skills: Understanding, with hands-on experience, of IT Security and Security Engineering technologies such as CASB, CSPM, Email Security Gateways, SIEM/SOAR, Endpoint Protection, EDR/XDR, DLP, etc. Strong technical backgrounds (ideally building highly scalable platforms, products, or services) with the ability to proactively identify and mitigate technical risks throughout delivery life-cycle Hands-on experience solving security technical challenges. Deep technical knowledge of cloud platforms: Azure is strongly preferred. Experience engineering reusable tools and self-service capabilities with automated infrastructure operations Experience in creating frontend components that support accessibility Proven experience in engineering solutions that improve the developer or user experience and productivity. Hands-on experience setting up CI/CD pipelines. OpenShift Tekton, or GitHub Actions, or alike Knowledge of secure coding practices Experience setting up serverless functions using GCP Cloud Run or Cloud functions, and configuring the respective cloud provider for scaling Robust knowledge of system design principles including reliability, availability, and scalability Understanding of security frameworks Experience setting up logging and monitoring services (Dynatrace, GCP Ops Suites) Proven ability to implement and prove out POCs with speed, vision and quality Strong consulting and analytical skills and a risk management mindset. Qualifications Other Skills: Demonstrates the ability to be highly collaborative with peers across the organization. Possess a high tolerance for ambiguity and ever-changing technology environment. Possess a strong bias for action. Naturally curious and stays on top of emerging trends and threats. interpersonal skills, with the ability to communicate effectively at all levels of the organization. Familiarization with agile concepts. Ability to thrive in working in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities. A sense of intellectual curiosity and a burning desire to learn. You may not check every box, or your experience may look a little different from what we&aposve outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! Show more Show less

We are looking for an experienced Information Security professional with certifications like CISSP or CISA, and a strong background in leading compliance initiatives for SOC 2 Type II, ISO 27001, PCI DSS, and IOCFR. Direct experience working with RBI regulations and auditors is mandatory . The ideal candidate should have hands-on knowledge of AWS cloud security, and familiarity with tools such as GuardDuty, Wiz/Orca, Splunk, Crowdstrike, and Vanta. Experience in fast-paced sectors like FinTech, E-commerce, or Payment Solutions is a strong plus. What You&aposll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What Were Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology. Show more Show less

We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience: Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep technical expertise in: Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications: Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Required Skills Email Security, EDR, Threat hunting, SIEM

Role & responsibilities 5 to 7 years of work experience in cyber security /Information security project, with security posture. Assessment At least one technical certification required (CEH, CompTIA Security+, CBCA, CSA etc.) Should have at least one cyber security certification (CISM, CCIR, ECSA, GCIH etc.) Lead and manage advanced threat detection and response efforts using carbon black EDR across our clients endpoints. Investigate and analyze sophisticated security alerts and events to determine root cause, scope and impact of security incidents. Provide technical expertise and guidance to junior analysts (L1, L2s), assisting with incident investigations, analysis and resolution Develop and implement advanced detection and response strategies using Carbon Black EDR to enhance our overall security posture. Lead incident response efforts, including coordination with cross-functional teams and external stakeholders. Conduct in-depth analysis of endpoint data and logs to identify indicators of compromise (IOC) and advanced attack techniques. Collaborate with threat intelligence teams to stay updated on emerging threats and tactics used by threat actors. Develop and maintain security playbooks, procedures and response plans for incident response and threat hunting. Assist in the tuning and optimization of Carbon Black EDR policies, SIEM rules and custom queries to improve detection efficacy. Contact Person: Ackshaya Email ID: ackshaya@gojobs.biz

Function Goal : To support the organization's information security efforts by assisting with the monitoring and initial analysis of security threats, providing support in risk management activities, and helping ensure compliance with security policies to protect the organization's information assets. Key Result Areas : Assist in the development, review, and maintenance of security policies and procedures and provide support for security-related documentation to ensure robust security frameworks are in place. Ensure compliance with relevant security standards and regulatory requirements and participate in internal and external security audits to ensure the organization meets all necessary guidelines. Assist in the development and implementation of new security initiatives and technologies. Provide support for security-related projects, including planning, execution, and monitoring. Coordinate with project teams to ensure security requirements are met. Monitor and assess the effectiveness of security training programs. Promote best practices and educate staff on security policies and procedures. Create and distribute security awareness materials, such as security bulletins, phishing simulations and posters to ensure all employees are well-informed and vigilant and have a high level of security awareness. Assist in identifying potential security risks and vulnerabilities within the organization's systems and processes. Participate in the evaluation of risks by analyzing the likelihood and potential impact of security threats. Use tools and techniques to document identified risks and share findings with senior team members for further analysis to ensure proactive risk management. Participate in training and development opportunities to enhance security skills and knowledge. Provide feedback on existing security processes and suggest improvements to enhance effectiveness and to ensure continuous improvement of security measures.

Role & responsibilities Handled exposure preparation for the bank. Handled regulatory returns such as CRILC, NeSL, RBS, EDR, PSL and SLBC reporting, SIBC Handling and closure of audit observations Handled Capital adequacy calculation Various Internal and Management reporting/MIS including Board note submissions Handle statutory/Internal/RBI and concurrent audit as well as closure of audit/LFAR observations Support to all automation activities including discussion with vendor on finalization of BRD requirement, handling UAT and subsequently managing production run Support and Back up to Early warning signal system wherever required (Preferably) Support to stakeholders as per requirement of the job

We are seeking a Cloud Engineer to design, implement, and maintain cloud infrastructure (AWS, Azure, GCP). Key responsibilities include cloud architecture, system administration, automation, security, cost management, and documentation. Experience with migrating Exchange and SharePoint to cloud solutions is required. Collaborate with, cross-functional teams to design, implement, and maintain cloud infrastructure solutions. Provide technical guidance and support to resolve complex issues related to cloud services, Cyber Security, Networks. Perform regular assessments and audits to ensure the security, reliability, and efficiency of cloud environments. Participate in planning and executing cloud migration projects, including workload assessments, resource provisioning, and data migration strategies. Work as a Technical Consultant for Various Microsoft Technologies and its Security products. Hosted Exchange and Online Exchange Migration SharePoint and OneDrive Migration Teams, Enterprise Roaming Profile and Intune Deployment Spam Filters and Endpoint Security, EDR, XDR, NDR, MDR Work with Pass-through, Federated auth, SSO, Hybrid access, Cloud Sync, Delegation, Self Service. MFA, Conditional Policies, PIM, Vulnerabilities and risk assessment. Encryption, Risk Asses, Incidence management, VA, Penetration test, IDS/IPS, compliance

You have an exciting opportunity to join Omnicom Global Solutions as an Analyst, Security Operations in Hyderabad. As part of Omnicom Group, a global marketing and corporate communications company, Omnicom Global Solutions provides a wide range of services to clients worldwide. In India, OGS plays a crucial role in delivering products and services across various domains such as Creative Services, Technology, Marketing Science, Analytics, Market Research, Media Services, and more. With a growing team of over 4000 talented professionals in India, we are eager to welcome individuals like you to contribute to our journey. As an Analyst, Security Operations, you will be tasked with safeguarding personal information and company assets, ensuring compliance with internal policies and standards. Your responsibilities will include managing and supporting cybersecurity tools, maintaining controls such as WAF, CASB, ZTNA, CFW, EDR, and SIEM systems, deploying software agents for secure operations, collaborating with internal and external teams, monitoring security threats, and contributing to security posture improvement initiatives. To qualify for this role, you should have 3-5 years of experience in security operations or IT infrastructure, a solid understanding of security platforms, incident detection and response processes, agent deployment, and system integration. Strong analytical skills, proactive security mindset, ability to coordinate across teams, and excellent communication skills are essential. Preferred qualifications include security certifications, experience with cloud security frameworks, and exposure to regulatory compliance environments. If you are passionate about cybersecurity, possess the required skills and qualifications, and are ready to take on the challenges of defending an organization's infrastructure and data, we encourage you to apply for this role and be part of our dynamic team at Omnicom Global Solutions.,

Job Description: As an L2 DLP Resource, you will be an integral part of our cybersecurity team located at a client site in BKC, Mumbai. Your primary responsibility will be to oversee and provide support for DLP, XDR, and EDR platforms, manage incident escalations at L2 level, and ensure the implementation of robust data protection measures. Your duties will include managing and troubleshooting DLP, XDR, and EDR security platforms, conducting root cause analysis for escalated incidents, and maintaining comprehensive technical documentation and incident reports. You will collaborate closely with compliance and IT teams to uphold data protection policies and may also be involved in operating and administering Forcepoint DLP solutions. The ideal candidate for this role should possess hands-on experience with DLP, XDR, and EDR technologies, demonstrate proficiency in incident handling and security operations at L2 level, and exhibit excellent documentation, communication, and analytical skills. Prior experience with Forcepoint or other enterprise-grade DLP tools would be advantageous. Additionally, flexibility for occasional travel to deployment locations such as Chennai, Hyderabad, or Lucknow is required for this full-time, onsite position based at the client's office in BKC, Mumbai. The job entails day and morning shifts, and the work location is in person. This is an excellent opportunity for a skilled professional to contribute to a dynamic cybersecurity environment and play a crucial role in ensuring effective data protection practices. Job Types: Full-time, Permanent,

As a Security Admin Engineer at Luminar Technologies, you will play a crucial role in designing, building, monitoring, and enforcing the security infrastructure of a rapidly growing US public company. Your responsibilities will revolve around ensuring the security, confidentiality, integrity, and availability of company data and systems. Collaborating with various functions within the organization, you will be at the forefront of designing security solutions to protect information from threats, ensuring business continuity, and regulatory compliance. A key aspect of your role will involve designing and implementing a Unified Security and Observability Platform (USOP) architecture, including forwarders, indexers, and search heads, to cater to the company's security and operational needs. You will configure and manage USOP applications, develop data ingestion strategies, and create dashboards, reports, and alerts to facilitate security monitoring and incident response. Additionally, you will design and implement architectures like UEM, MDM, CNAPP, EDR, and ZTNA to meet security and operational requirements, ensuring the secure monitoring and control of all endpoints. Your expertise will be crucial in analyzing security incidents, identifying vulnerabilities, and recommending strategies to enhance the company's security posture. Furthermore, you will collaborate with cross-functional teams to mitigate security risks, deploy and configure security tools, and maintain security policies, procedures, and standards in compliance with regulations and best practices. Staying abreast of the latest security trends and technologies, you will continuously assess and improve the company's security posture while providing 24x7 support for critical security incidents as part of an on-call rotation. To qualify for this role, you should possess a Bachelor's Degree in computer science, cybersecurity, or a related discipline, along with at least 7 years of relevant work experience. Your technical proficiency in designing and maintaining enterprise-level security infrastructure, knowledge of security concepts and principles, and familiarity with industry standards and regulatory requirements will be essential. Strong problem-solving skills, attention to detail, self-motivation, and excellent communication skills are also key attributes for success in this position. Preferred qualifications include advanced experience in security engineering roles, knowledge of advanced security tools and automation, familiarity with agile methodologies, and experience in Automotive, Finance, or High-Tech industries. Experience with autonomous vehicles or connected cars would be an added advantage, highlighting your potential to excel in this dynamic and innovative environment at Luminar Technologies.,

CYFIRMA is a threat discovery and Cyber intelligence platform company that offers industry-disrupting solutions in the cybersecurity and threat intelligence category with innovative ways of deciphering threats. The company applies Cyber intelligence across all layers, including business controls. As a Cyber Threat Intelligence Lead/Manager at CYFIRMA, you will be responsible for conducting in-depth research on nation-state threat actors, campaigns, and malware from various sources, including public and dark/deep web. Your primary task will be to generate predictive and relevant threat intelligence for clients. Additionally, you will be required to outline risk scenarios and recommend actions based on the threat landscape to help clients make informed decisions regarding threat intelligence information consumption. You will also be expected to present research findings, reports, and advisories in both public conferences/seminars/blogs and private client meetings. Collaboration with international teams to enhance research, service operations, and service platform development is a crucial aspect of this role. The ideal candidate for this position should possess at least 10-12 years of experience in cyber threat intelligence research, incident response, forensic analysis, malware research, or EDR/SIEM event analysis (tier 2 or higher). Additionally, a minimum of 10-12 years of experience in OSINT or the usage of paid/private security analysis tools such as Shodan, Censys, BinaryEdge, Spiderfoot, Domain tools, Virus Total, Hybrid Analysis, EDR, SIEM, IDS/IPS, etc., is required. Proficiency in creating and enhancing the strategy for threat intelligence research, process automation, knowledge sharing, and training other team members is essential. Moreover, the ability to develop and write scripts/programs from scratch using at least one programming language such as python, perl, ruby, php, javascript, C, C++, C#, etc., is highly desirable. Strong communication skills are a must for writing and presenting technical documents, blogs, reports, and papers in both public conferences and private client meetings. A flexible mindset and a willingness to collaborate with various teams, including pre-sales, partner alliances, marketing, customer success, product management, etc., on local and international levels, are essential for success in this role. Proficiency in English, including reading, writing, and speaking, is required. This is a client-facing role that will be conducted remotely. The qualification required for this position is a Bachelors's degree in computer science/IT or an equivalent field, along with a security certification (GCTI, CHFI, CEH, Security +, etc.). The relevant experience expected for this role is 10 to 12 years, and the position will report to the Vertical SVP or a similar authority. Join CYFIRMA and be a part of a team dedicated to revolutionizing cybersecurity and threat intelligence solutions.,

As a Security Engineer at Pluang based in Gurgaon, you will play a crucial role in enhancing the investment experience for users by ensuring state-of-the-art security and reliability of the platform. Your responsibilities will include collaborating with software engineering teams, defining security requirements, participating in architecture discussions, and maintaining a vulnerability management program to identify security risks across various systems. Your expertise will be utilized in designing and developing automated solutions for security processes, implementing perimeter security measures, application security practices, cloud security controls, and threat detection mechanisms. Additionally, you will support compliance and regulatory requirements, work with third parties to enhance information security governance, and contribute to security projects as necessary. Required qualifications for this role include a minimum of 3 years of experience in Vulnerability Assessment & Penetration Testing for web and mobile applications, as well as infrastructure. You should be familiar with threat detection tools such as EDR and WAF, possess experience with cloud-based microservice architectures, and have conducted application security reviews and code analysis. Collaboration with product managers and software engineering teams to enhance security throughout the software development lifecycle is also essential. Desirable skills for this position include experience in a fast-paced environment, implementing SAST and DAST technologies, and working with Container Security. Pluang offers an attractive compensation package, opportunities for career growth, a healthy work environment, and policies promoting work-life balance and team building. Join Pluang to be part of a team that aims to empower millennials to achieve financial freedom through a diverse range of investment options. With a focus on providing access to financial products in a simple and inclusive manner, Pluang utilizes robust technology to facilitate financial investments with high returns. As an affiliate of PG Berjangka with a trading license from Bappebti, Pluang is committed to making financial markets accessible to individuals from all backgrounds.,

Our Company Were Hitachi Digital, a company at the forefront of digital transformation and the fastest growing division of Hitachi Group. Were crucial to the companys strategy and ambition to become a premier global player in the massive and fast-moving digital transformation market. The team: We are the Global Cyber team, part of Global Information Security at Hitachi Digital. Our mission is to protect the company's and its customers' vital information systems and data while responding to attacks, intrusions, and other security incidents. As passionate advocates of information security, we are a team of out-of-the-box thinkers, innovators, and collaborative problem-solvers. We continuously seek new and better ways to enhance our practices and strive for nothing less than excellence in our cybersecurity operations. We are looking for highly motivated individuals with a positive attitude who want to be part of something exceptional. The role: As a Sr. Security Engineer, you will be working as an individual contributor to work with a dynamic team of Threat hunters working 24x7. Your role will include: Responsible for working in a 247 Security Operation Centre (SOC) environment. Handle technical escalations from the L1 SOC team and resolve them within SLA. Create and manage the SOPs, runbooks and Asset inventory with risk classification Provide threat and vulnerability analysis as well as security advisory services Send and receive notifications to the SMEs about the vulnerabilities discovered along with remediation and also follow up on the closure within SLA. Administration of SIEM environment (e.g.deployment of the solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, writing parsing rules with Regex, change management, report management, managing backup and recovery etc) Investigation, Triage, remediate and find RCA of Compromised accounts, e-mail threats, and abuse reports from various sources. Investigate, document, and report on information security issues and emerging trends. Contribute significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Mentor, Guide and share information with other analysts and other teams Always be curious and keep growing your skills and capabilities and emerging trends. What youll bring: 7 years of experience in working in a 24x7 Security Operation Center (SOC) environment. Proficient in Incident Management and Response, handling escalations, SIEM Alerts, EDR alerts, DLP, WAF alerts; Knowledge of Cloud Infrastructure, and Cloud Security (GCP, AWS, Azure) Knowledge of MITRE ATT&Ck, Cyber Kill Chain, Threat Hunting & Attack Forensics. Knowledge of Email security, DMARC, SPF, DKIM, (Mimecast Email Security) Knowledge of various operating system flavors including but not limited to Windows, MacOS, Linux. CertificationsSecurity certifications such as GSEC, CEH, CySA, are advantageous. Strong problem-solving and troubleshooting skills include performing root cause analysis for preventative investigation. Communication and TeamworkStrong ability to articulate complex concepts clearly, be a collaborative team player, admit mistakes, support your statements with data and analysis, and continuously seek growth opportunities. About us Were a global, 1000-strong, diverse team of professional experts, promoting and delivering Social Innovation through our One Hitachi initiative (OT x IT x Product) and working on projects that have a real-world impact. Were curious, passionate and empowered, blending our legacy of 110 years of innovation with our shaping our future. Here youre not just another employee; youre part of a tradition of excellence and a community working towards creating a digital future. #LI-RR1 Championing diversity, equity, and inclusion Diversity, equity, and inclusion (DEI) are integral to our culture and identity. Diverse thinking, a commitment to allyship, and a culture of empowerment help us achieve powerful results. We want you to be you, with all the ideas, lived experience, and fresh perspective that brings. We support your uniqueness and encourage people from all backgrounds to apply and realize their full potential as part of our team. How we look after you We help take care of your today and tomorrow with industry-leading benefits, support, and services that look after your holistic health and wellbeing. Were also champions of life balance and offer flexible arrangements that work for you (role and location dependent). Were always looking for new ways of working that bring out our best, which leads to unexpected ideas. So here, youll experience a sense of belonging, and discover autonomy, freedom, and ownership as you work alongside talented people you enjoy sharing knowledge with.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities:- SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization.- Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows.- Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools.- Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization.- Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations.- Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: - Proficiency in scripting and programming Python to develop custom playbooks and integrations.- Strong understanding of security operations, incident response, and threat intelligence workflows.- Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools.- Ability to troubleshoot complex integration and automation issues effectively. Additional Information:- Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent.- Experience with cloud-native SOAR deployments and hybrid environments.- Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001.- A 15 year full-time education is required- 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Job Description CyberSecOn is looking for a talented and dedicated Cyber Security Analyst who can work remotely. A Cyber Security Analyst is responsible for maintaining the security and integrity of data. The security analyst must possess knowledge of every aspect of information security to protect company assets from evolving threat vectors.The main responsibilities will include: Monitor and investigate security events and alerts from various sources, such as logs, network traffic, threat intelligence, and user reports. Conduct proactive and reactive threat hunting campaigns to uncover hidden or emerging threats on the cloud environment. Perform root cause analysis and incident response to contain and remediate cloud abuse incidents. Document and communicate findings, recommendations, and lessons learned to relevant stakeholders and management. Develop and update cloud abuse detection rules, indicators, and signatures. Research and stay updated on the latest cloud abuse trends, tactics, techniques, and procedures (TTPs) of threat actors. Provide guidance and training to other security teams and cloud users on best practices and standards for cloud security. Manage multiple client environment cyber security infrastructure and applications. Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc. Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable. Responsible for managing and improving the defined patch management & configuration review process and activities. Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with companys compliance requirements. Skills & Experience: 4 years + years of experience in a security analyst role, preferably in a SOC environment. Good knowledge on security analyst, engineering, and project management experience Experience in client management for security projects. Knowledge and hands-on experience with SIEM technologies such as Microsoft Sentinel, Rapid7 Insight IDR, Wazuh, etc. Create play books and automation on Microsoft sentinel is desirable. Strong experience in Virtualisation, Cloud (Azure, AWS, other service providers) design, configuration, and management. Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines. Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools. Experience and ability to perform Phishing campaign and/or similar social engineering exercise. Subject matter expert in one or multiple areas as Windows, Unix, Linux OS. Vendor or Security specific certifications is preferred. Demonstrated analytical, conceptual and problem-solving skills. Ability to work effectively with limited supervision on multiple concurrent operational activities. Ability to communicate effectively via email, report, procedures in a professional and succinct manner. Preferred : Candidates who can join immediately or within 15 days.

Key Responsibilities: Design, develop, and deploy advanced threat detection strategies to identify and mitigate sophisticated cyber threats. Analyze tactics, techniques, and procedures (TTPs) used by threat actors and translate them into actionable detection use cases. Utilize the MITRE ATT&CK framework to develop and refine detection methodologies. Collaborate with cross-functional teams to ensure the integration and effectiveness of detection strategies. Continuously improve detection capabilities by staying updated with the latest threat intelligence and industry best practices. Conduct regular assessments and tuning of detection mechanisms to ensure optimal performance. Develop response procedures for detections and collaborate with the automation and engineering teams to implement automated responses. Provide expert guidance and mentorship to junior team members on threat detection and response. Qualifications: 3-9 years of experience in cybersecurity , with a focus on threat detection and response . Proven experience in designing and implementing threat detection strategies . Deep technical knowledge in analyzing cyber threat tactics, techniques, and procedures (TTPs) . Expertise in the MITRE ATT&CK framework and its application in threat detection . Strong analytical and problem-solving skills with the ability to think critically and creatively. Excellent communication and collaboration skills to work effectively with cross-functional teams. Relevant certifications such as CISSP , GIAC , or equivalent are a plus. Preferred Skills: Experience with security information and event management (SIEM) systems. Familiarity with common security solutions like EDR , CASB , DLP , Firewall , IDS/IPS , etc. Knowledge of scripting and automation to enhance detection capabilities. Understanding of network security principles and technologies.

Responsibilities: Drive growth by identifying new cybersecurity clients in India. Build pipelines, close deals, and manage enterprise accounts. 3+ years B2B sales, strong cybersecurity knowledge, excellent communication, and CRM skills required.

The position available at Novamesh Ltd (TATA Communications Ltd) in Jaipur is for an L2/L3 Threat Hunter/TIP Admin. As a Threat Hunter, your primary responsibility will be to conduct threat-hunting activities to identify security threats, including zero-day threats. You must possess strong skills in network forensic analysis, packet capture, and reconstruction, along with knowledge of Threat Intelligence Platform (TIP), Anti APT, and EDR. To excel in this role, you should be certified in any threat hunting certification or its equivalent. Your duties will include hunting for security threats, identifying threat actor groups and their techniques, and understanding the APT lifecycle, tactics, techniques, and procedures (TTPs). Familiarity with the MITRE ATT&CK framework and mapping threats to techniques is essential. You will provide expert analytic investigative support to L1 and L2 analysts for complex security incidents and analyze security incidents to enhance rules, reports, and AI/ML models. Proficiency in malware behavior analysis, sandboxing, and the analysis of various security logs and sensors is crucial for this role. Additionally, you will be responsible for incident response for identified threats and proactively identifying potential threat vectors to enhance prevention and detection methods. Hands-on experience with Trellix (formerly McAfee) APT solutions, EDR, and Threat Intelligence, along with familiarity with security monitoring tools like SIEM, SOAR, and Threat Intelligence Platforms (TIPs), is required. The ideal candidate should hold a degree in B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology and have a minimum of 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification in CSA/CEH would be an added advantage.,