643 Edr Jobs

About The Role Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security Implementation Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security engineer, you will be focused to lead the design, implementation, and management of endpoint security controls across enterprise environments. You will play a crucial role in protecting critical assets such as Server Work stations, and ICS equipments. Roles & Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trellix)-Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT&CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity.Professional & Technical Skills: -experience in endpoint security engineering or cybersecurity operations, with experience in OT/ICS environments will be added advantage. -Experience with endpoint security scripting and automation using Python, Powershell Or API.-Familiarity with industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum 5 years of experience in Operational Technology (OT) Security.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Level - L2 Monitoring & Reporting: Continuously monitor, report, and manage compliance status of all discoverable assets within the enterprise IT ecosystem Remediation Coordination: Collaborate with primary owners of compliance tools to remediate non-compliant systems and machines Geo-Level Guidance: Provide guidance to teams across different geographies on methods to fix non-compliance and ensure closure of open cases Security Expertise: Possess strong understanding of security controls including:Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) Encryption Endpoint Detection and Response (EDR) Network Access Control (NAC) Automation & Scripting: Develop and deploy scripts to automate remediation of compliance issues Tools and Technologies Systrack, Intune, Antivirus installed on laptops/Desktops)

Level - L2 Monitoring & Reporting: Continuously monitor, report, and manage compliance status of all discoverable assets within the enterprise IT ecosystem Remediation Coordination: Collaborate with primary owners of compliance tools to remediate non-compliant systems and machines Geo-Level Guidance: Provide guidance to teams across different geographies on methods to fix non-compliance and ensure closure of open cases Security Expertise: Possess strong understanding of security controls including:Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) Encryption Endpoint Detection and Response (EDR) Network Access Control (NAC) Automation & Scripting: Develop and deploy scripts to automate remediation of compliance issues Tools and Technologies Systrack, Intune, Antivirus installed on laptops/Desktops)

Level - L2 Monitoring & Reporting: Continuously monitor, report, and manage compliance status of all discoverable assets within the enterprise IT ecosystem Remediation Coordination: Collaborate with primary owners of compliance tools to remediate non-compliant systems and machines Geo-Level Guidance: Provide guidance to teams across different geographies on methods to fix non-compliance and ensure closure of open cases Security Expertise: Possess strong understanding of security controls including:Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) Encryption Endpoint Detection and Response (EDR) Network Access Control (NAC) Automation & Scripting: Develop and deploy scripts to automate remediation of compliance issues Tools and Technologies Systrack, Intune, Antivirus installed on laptops/Desktops)

Level - L2 Monitoring & Reporting: Continuously monitor, report, and manage compliance status of all discoverable assets within the enterprise IT ecosystem Remediation Coordination: Collaborate with primary owners of compliance tools to remediate non-compliant systems and machines Geo-Level Guidance: Provide guidance to teams across different geographies on methods to fix non-compliance and ensure closure of open cases Security Expertise: Possess strong understanding of security controls including:Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) Encryption Endpoint Detection and Response (EDR) Network Access Control (NAC) Automation & Scripting: Develop and deploy scripts to automate remediation of compliance issues Tools and Technologies Systrack, Intune, Antivirus installed on laptops/Desktops)

Level - L2 Monitoring & Reporting: Continuously monitor, report, and manage compliance status of all discoverable assets within the enterprise IT ecosystem Remediation Coordination: Collaborate with primary owners of compliance tools to remediate non-compliant systems and machines Geo-Level Guidance: Provide guidance to teams across different geographies on methods to fix non-compliance and ensure closure of open cases Security Expertise: Possess strong understanding of security controls including:Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) Encryption Endpoint Detection and Response (EDR) Network Access Control (NAC) Automation & Scripting: Develop and deploy scripts to automate remediation of compliance issues Tools and Technologies Systrack, Intune, Antivirus installed on laptops/Desktops)

Job Title: Senior Network Security Engineer Job Summary The Senior Network Engineer Cloud Focus (AWS/Azure) is a pivotal role that blends traditional network engineering with modern cloud-native practices. This individual is responsible for designing, implementing, and maintaining secure, scalable, and high-performance networking solutions across hybrid and multi-cloud environments, particularly within Amazon Web Services (AWS) and Microsoft Azure platforms. In addition to cloud networking, this role entails the deployment and support of enterprise-grade data and telecommunication infrastructures. The Senior Network Engineer is expected to manage complex networking projects, troubleshoot advanced issues, and provide technical leadership to junior staff. Essential Job Duties Job Duty Deisgn & Deployment of cloud-based network solutions on AWS and Azure platforms, including configuration and management of VPCs, VNets, VPNs, Direct Connect, ExpressRoute, load balancers, firewalls, and network gateways. Ensure seamless integration between on-premises and cloud environments, enabling robust support for hybrid and multi-cloud architectures. Develop, manage, and maintain network infrastructure using Terraform, enabling consistent, repeatable, and automated provisioning of cloud resources. Build automated workflows and integrate Terraform with CI/CD pipelines to streamline network changes, testing, and deployments. Utilize tools such as CloudWatch, Azure Monitor, and third-party platforms (e.g., Datadog, Splunk) to monitor network performance, detect issues, and perform root cause analysis. Undserstand and execute technical documentation in the functional network for deployments. Configure and install network softwares on virtual machines, routers and other network devices. Deep undersatanding of networking protocols and packet encapsulation methods to identify and troubleshoot network performance issues. Automate network functions and monitor their effectiveness. Deploy, maintain and test device security and business continuity measures such as access authentication and disaster recovery. Suggest improvements to network performance, capacity and scability. Communicate with users on various solutions as needed. Execute network releases & infrastructure changes in a pre-approved maintenance window in a highly available, multi data centers corporate IT and public facing services environment. Assist in evaluation of network products and service for new development in the networking industry. Manage network infrastructure and connectivity to Amazon Web Service virtual private network. Mentor junior network menebers as needed. Job Qualifications Required Education, Experience, Certification/Licensure Bachelors Degree in Computer Science, Information Technology or similar. Masters degree (optional but advantageous) in Cybersecurity, Cloud Computing, or Systems Engineering. A minimum 7 years of full-time experience with a solid background in network administration and architecture Cloud platform certifications (AWS & Azure) such as professional or expert level in Network & solution architecture. Network industry standard professional certifications such as CCNP, CCDP, FCNSP, CheckPoint, A10. Indepth understanding of communication protocols (mainly TCP/IP) and routing protocols (eg BGP, OSPF) Familiarity with access control model and network security Knowledge of coding languages for scripting (eg python, perl) Experience with network diagnostic, monitoring and analysis tools (e.g. SolarWinds network tools) Solid understanding of network operating systems (JUNOS, Cisco IOS) Sharp troubleshooting skills Organizational and mentoring skills Systems: Windows, Cisco Systems, Linux Must be flexible with schedule. Must be honest, responsible, self-motivated and very willing to learn. Knowledge, Skills and Abilities (KSAs) Perform all work and activities with honesty and integrity. Ability to work overtime/extended hours as required. Will be required to provide after-hours support for infrastructure related emergencies, as needed, and occasional weekend maintenance. Effectively communicate (and listen) clearly, professionally, politely and persuasively in all situations; respond well and in a reasonable, timely manner. Challenge conventional practices and use creativity and information to lead, innovate, problem solve, and implement ideas to contribute to the growth of the organization. Support and meet company/department goals and core values. Collaborate with co-workers to achieve common goals. Take personal responsibility for productivity, quality and timeliness of work. Problem Solving/Analysis. Technical Capacity. Time Management.

Sound Knowledge of platform and operations related to infosec domain. Should have good understanding of core EDR platform with threat hunting capabilities. Should have good understanding of Firewall, EDR,WAF & DNS Technologies.

Job Description: We are seeking a highly skilled Security Engineer with extensive experience in Microsoft Defender by Endpoint, including Data Loss Prevention (DLP). The ideal candidate will also have a strong background in Microsoft Defender, particularly for Endpoint, and Azure entra ID. This role requires proficiency in using Microsoft Word/Excel for reporting purposes and general understanding of security compliances like NIST, ISO, GDPR. Key Responsibilities: Configure and maintain Microsoft Defender for Endpoint policies to ensure robust security measures. Should have an experience in DLP (Data Loss Prevention). Develop and enforce security policies and procedures to protect sensitive information. Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Collaborate with cross-functional teams to integrate security solutions into existing systems. Provide technical support and guidance on security-related issues. Prepare detailed reports and documentation using Microsoft Word and Excel. Stay updated with the latest security trends and technologies to ensure the organizations security posture remains strong. Qualifications: 4 years of relevant experience in Microsoft security technologies. Understanding of Microsoft Purview capabilities, including Information Protection and DLP. Proficiency in Microsoft Defender for Endpoint and cloud apps, Azure Entra ID, . Fair understanding of compliances like NIST, ISO, GDPR and similar. Proficiency in Microsoft Word and Excel for reporting and documentation purposes. Comfortability in scripting tools like PowerShell. Work Mode- Work From Office (Noida) Interested candidates can share their resume at sakshi.bahuguna@crestechsoftware.com with following details- Current CTC. Expected CTC. Current Location. Notice Period. Candidates who can join us within a month will be preferred.

Broad understanding of cloud (AWS, Azure, GCP, VMware, OpenStack) and data centre services. Familiarity with managed security (SOC, SIEM, EDR, NDR), backup/DR, ITSM, observability, and automation tools. Required Candidate profile Strong experience in proposal writing, RFP/RFI response, solution costing, and service scoping. Ability to articulate business value of managed services to CXO-level stakeholders.

Position - MS Defender - Endpoint (MDE) Specialist Job location :- Ghansoli Shift:- Rotational shift We are seeking a highly skilled and experienced L3 for handling EDR operations to our dynamic security team. The Ideal candidate will play a key role in advance threat detection, Incident response and responding to critical security incident and enhancing our endpoint security capabilities with EDR tools. Roles & Responsibilities Investigate and analyse sophisticated security alerts and events to determine root cause, scope and impact of security incidents. Provide technical expertise and guidance to junior analysts (L1, L2s), assisting with incident investigations, analysis and resolution. Develop and implement advanced detection and response strategies using Carbon Black EDR to enhance our overall security posture. Lead incident response efforts, including coordination with cross-functional teams and external stakeholders. Conduct in-depth analysis of endpoint data and logs to identify indicators of compromise (IOCs) and advanced attack techniques. Collaborate with threat intelligence teams to stay updated on emerging threats and tactics used by threat actors. Develop and maintain security playbooks, procedures and response plans for incident response and threat hunting. Assist in the tuning and optimization of Carbon Black EDR policies, SIEM rules and custom queries to improve detection efficacy. Stay abreast of industry best practices, emerging technologies and trends in endpoint security and threat detection. Provide regular reports and updates on security incident trends, analysis findings and mitigation efforts to stakeholders. Personal & TECH Skills: Good Team player. Possess Positive and learning attitude. Good Verbal and Written communication skills. Sense of Ownership, Priorities and Autonomous. At least one technical certification required (CEH, CompTIA Security+, CBCA, CSA etc.) Should have at least one cyber security certification (CISM, CCIR, ECSA, GCIH etc) Knowledge of banking business and information technology practices and trends in banking sector. Understanding of technology-related issues and how they might impact business; Ability to communicate effectively, both orally and in writing. Knowledge of banking business and information technology practices and trends in banking sector. Qualifications Graduation/Post graduation in, Computers, Information Systems, Computer Science, or Information. technology systems Experience:- Relavant 5 - 7 years of work experience of MS Defender in cyber security /Information security project, with skills including SIEM,SOAR, Endpoint Detection work experience with security posture. Assessment. Interested candidate can share our updated cv in mgs.rec@mizuho-cb.com if above details are matching to your current role. Preferred Candidates From Mumbai under 20 Kilometers Mizuho Global Services India Pvt. Ltd. 11th Floor, Q2 Building Aurum Q Park,Gen 4/1, Ttc,Thane Belapur Road ,MIDC Industrial Area, Ghansoli, Navi Mumbai- 400710.

Role Overview: You will be joining the EY cyber security team as a CMS-TDR Senior, where you will work as a Senior Analyst assisting clients in detecting and responding to security incidents using SIEM, EDR, and NSM solutions. Your role will involve operational support, incident validation, coordination, and communication with clients to ensure effective containment, eradication, and recovery of security incidents. Key Responsibilities: - Provide operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR (CrowdStrike, Defender, Carbon Black), and NSM (Fidelis, ExtraHop) for multiple customers. - Specialize in second-level incident validation and detailed investigation. - Perform incident coordination and communication with clients for effective containment, eradication, and recovery. - Conduct SIEM support activities including adhoc reporting and basic troubleshooting. - Advise customers on best practices and use cases to achieve end-state requirements. - Provide near real-time analysis, investigation, reporting, remediation, coordination, and tracking of security-related activities for customers. Qualifications Required: - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Demonstrate technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Minimum 3 years of hands-on experience in SIEM/EDR/NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification - CCSA, CEH, CISSP, GCIH. Additional Details: At EY, you will have the opportunity to work on inspiring and meaningful projects, receive support, coaching, and feedback from engaging colleagues, develop new skills, progress your career, and have the freedom and flexibility to handle your role in a way that suits you. EY is dedicated to building a better working world by creating long-term value for clients, people, and society, and building trust in the capital markets through diverse teams in over 150 countries.,

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Endpoint Protection Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security consultant, you will focus to lead the design, implementation, and management of endpoint security controls across enterprise /OT environments, will play a crucial role in protecting critical assets such as Server, Workstations, and ICS equipment. Roles and Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, Sentinel One, Microsoft Defender for Endpoint, Trellix, Carbon Black, Symantec Endpoint Protection)-End to end platform management activities such as upgradation of servers and clients, signature updates and compliance, groups management, Access management etc. -Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT4CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity.Professional and Technical Skills: - Over 8 years of experience in deploying or managing large-scale endpoint security, with at least 2+ years in OT/ICS environment. -Experience in multi-vendor Endpoint Protection tools - CrowdStrike, Microsoft Defender for Endpoint, Carbon Black etc.- Certifications on the vendor products will be added advantage -Experience with endpoint security scripting and automation using Python, PowerShell or API.-Familiarity with OT security and industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum 2 years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15-year full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SOAR Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps SOAR playbooks for security use cases, such as phishing incident response, vulnerability triage, or threat hunting on Google SecOps based on specific threat models.Integration of Google SecOps SOAR with other security capabilities and tools such as SIEM, EDR, NDR threat intelligence platform, and ticketing systems.Design testing and conduct validation of SOAR playbooks before deployment to live environment.Write custom actions, scripts and/or integrations to extend SOAR platform functionality.Monitor performance and perform timely actions to scale SOAR deployment, especially in a high-volume security environment.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Develop SOAR playbooks to provide case handling and Incident response as per triage needsCreation of SOAR assets such as reports etc.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Google SecOps SOAR experience in the areas of responsibility for at least 1 yearCoding experience in one or more general purpose languages.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SIEM experience of 1 year in integration of log sources, extension of pre-built UDMs and creation of custom parsers, creation of dashboards, creation of custom rules using YARA-L 2.0 etc.Knowledge and experience in SOAR platformsKnowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSPExperience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC.Demonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 years of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a Google SecOps Platform Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Spearhead the architecture and implementation of Google SecOps environment on GoogleCloud Platform for large scale deployments and migration.Strategic design and implementation of data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of Google SecOps customers.Design, plan and implement data migrations from existing SIEM SOAR platforms of customers to Google SecOps.Hardening of critical infrastructures and platform services leveraged by Google SecOps.Integration of Google SecOps with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend Google SecOps platform functionality.Monitor performance and perform timely actions to scale Google SecOps deployment, especially in a very high-volume security environment.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Bachelors degree in computer science, Engineering or related technical field or equivalent practical experience.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience in architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityDemonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English, and the ability to develop high-quality technical documentation and presentation materials.Google SecOps experience in the areas of responsibility for at least 1 year.Ability to be located in Mumbai, India for at least 1 year.Hands on and deep knowledge of security principles.Demonstrated experience in Cloud Security delivered within the context of customer facing roles. Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.10+ years' experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : Security Information and Event Management (SIEM) Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SIEM Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps data ingestion from diverse sources, various mechanisms for integration and normalization of logs.Extension of pre-built UDMs in Google SecOps and creation of custom parsers were required for log sources.Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend SIEM platform functionality.Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment.Creation of SIEM assets such as detection rules using YARA-L, dashboards, parsers etc.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards.Design and implement solutions to handle alert fatigue encountered in SIEM correlation.Creation of custom SIEM dashboards to meet customer requirements.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Debug and solve customer issues in ingestion, parsing, normalization of data.Develop SOAR playbooks to provide case handling and Incident response as per triage needs.Professional & Technical Skills: SIEM experience in the areas of responsibility for at least 1 year.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SOAR experience of 1 year in creation of playbooks, testing and validation of playbooks, integration with custom actions using bespoke scripts, or other SOAR platformsKnowledge and experience in SIEM platformsDemonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English and the ability to develop high-qualitytechnical documentation and presentation materials.Knowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP.Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Network Security Implementation Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security consultant, you will focus to lead the design, implementation, and management of endpoint security controls across enterprise /OT environments, will play a crucial role in protecting critical assets such as Server, Workstations, and ICS equipment. Roles and Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, Sentinel One, Microsoft Defender for Endpoint, Trellix, Carbon Black, Symantec Endpoint Protection)-End to end platform management activities such as upgradation of servers and clients, signature updates and compliance, groups management, Access management etc. -Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT4CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity.Professional and Technical Skills: - Over 5 years of experience in deploying or managing large-scale endpoint security, with at least 1+ years in OT/ICS environment. -Experience in multi-vendor Endpoint Protection tools - CrowdStrike, Microsoft Defender for Endpoint, Carbon Black etc.- Certifications on the vendor products will be added advantage -Experience with endpoint security scripting and automation using Python, PowerShell or API.-Familiarity with OT security and industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have 1 minimum years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15-year full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Endpoint Protection Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior IT/ OT Endpoint Security consultant, you will focus to lead the design, implementation, and management of endpoint security controls across enterprise /OT environments, will play a crucial role in protecting critical assets such as Server, Workstations, and ICS equipment. Roles and Responsibilities:-Lead the deployment, management, and optimization of endpoint security tools. (e.g., CrowdStrike, Sentinel One, Microsoft Defender for Endpoint, Trellix, Carbon Black, Symantec Endpoint Protection)-End to end platform management activities such as upgradation of servers and clients, signature updates and compliance, groups management, Access management etc. -Monitor, detect, and respond to endpoint-related security incidents and vulnerabilities.-Using MITRE ATT4CK framework improve threat hunting.-Integrate EDR telemetry with SIEM/SOAR platforms and tune detection rules, policies, and behavioral indicators.-Perform real-time threat hunting and investigation using EDR consoles, log data, and forensic artifacts.-Implement host-based control policies, and privilege management solutions.-Monitor and analyze endpoint alerts, triage suspicious activity, and escalate incidents based on impact and severity.Professional and Technical Skills: - Over 8 years of experience in deploying or managing large-scale endpoint security, with at least 2+ years in OT/ICS environment. -Experience in multi-vendor Endpoint Protection tools - CrowdStrike, Microsoft Defender for Endpoint, Carbon Black etc.- Certifications on the vendor products will be added advantage -Experience with endpoint security scripting and automation using Python, PowerShell or API.-Familiarity with OT security and industrial protocols and vendor protocols (Modbus, DNP3, OPC, etc.) is added advantage.-Working experience with Patch and Vulnerability Management of end point device with coordination with IT team. Additional Information:- The candidate should have minimum years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15-year full time education is required. Qualification 15 years full time education

While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth. If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi! Role: Senior Cyber Security Engineer Experience Level: 3+ Years Work location: Mumbai, Bangalore & Trivandrum Role & Responsibilities: Develop a complete understanding of a company's technology and information systems. Design, build, implement and support enterprise-class security systems. Identify and communicate current and emerging security threats Plan, research and design robust security architectures for any IT project. Perform or supervise vulnerability testing, risk analyses and security assessments. Create solutions that balance business requirements with information and cybersecurity requirements. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements. Set up and support code security and infrastructure security activities of DevSecOps Pipeline. Must have experience in cloud concepts and perform assessment and implementation of new technologies within the cloud. Use current programming language and technologies to write code, complete programming and perform testing and debugging of applications. Provide supervision and guidance to development and security teams. Define, implement and maintain corporate security policies and procedures. Respond immediately to security-related incidents and provide thorough remedial solutions and analysis. Required Skills: Experience in automating security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices. Experience in working in a high paced DevSecOps or SecOps environment with hands-on experience in Docker, Kubernetes and Cybersecurity tools like IDS, SIEM, SAST/DAST Scanners, EDR Experience in conducting and facilitating security reviews, threat modelling including deep design reviews throughout the development lifecycle to identify all the threats the systems are exposed to and recommended mitigations controls to address those threats. Hands-on knowledge in Cloud Security and AWS / GCP / Azure (good hands-on experience in at least one of them preferably GCP) Experience in performing penetration testing activities on Internal and large scale cloud infrastructure Hands-on experience in performing threat modelling and web application security assessments Experience in evaluating and implementing industry leading third party security tools and software Hands-on experience in performing vulnerability assessment and management via automation Effective communication skills with all the stakeholders involved. Skills to communicate clearly about complex subjects and technical plans with technical and non-technical audiences. Ability to identify risks associated with business processes, operations, technology projects and information security programs

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, LogRhythm, Splunk, QRadar, Wazuh etc.) Develop, implement, and maintain SOC processes, procedures, and playbooks to ensure effective incident response. Perform threat hunting and proactive analysis to identify emerging threats. Manage and mentor SOC analysts, providing training and professional development. Conduct root cause analysis and prepare detailed incident reports and recommendations. Drive continuous improvement in SOC capabilities through adoption of new tools and technologies. Participate in security audits, assessments, and vulnerability management initiatives. Stay up-to-date with the latest threat trends, vulnerabilities and regulatory requirements. Required Qualifications: Minimum 12 years of professional experience in cybersecurity, with at least 8 years in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting. Preferred Certifications: CISSP, GCIA, GCIH, CEH, OSCP, Security+, CySA+ or similar. SIEM-specific certifications (e.g. Azure Sentinel, LogRhythm, Splunk etc). Education: BE CSE/IT or a related field, MCA with 60%+ throughout the academics.

Level - L3 Reports to: SOC Lead Position Summary: The Senior SOC Specialist will be the subject matter expert (SME) and support the Security Operations Centre (SOC) operations. The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical for ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Manage advanced threat detection, incident triage, investigation and response activities. Serve as a subject matter expert (SME) for SOC tools and processes. Perform in-depth analysis of complex security events and indicators of compromise (IOCs). Develop and maintain playbooks, runbooks, and incident response procedures. Mentor and train junior SOC analysts and foster a collaborative team environment. Collaborate with IT, risk management, compliance and business units during investigations and threat assessments. Tuning and optimization of SIEM platforms (e.g. Azure sentinel, LogRhythm, Splunk, QRadar, Wazuh etc.) and threat detection rules. Integrate threat intelligence feeds and contextual analysis to enrich SOC capabilities. Support red team/blue team exercises and vulnerability assessments. Ensure timely and accurate incident reporting and documentation. Required Qualifications: Minimum 8 years of professional experience in cybersecurity, with at least 5 years in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Experience in handling security incidents, ransomware, phishing campaigns and zero-day exploits. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting. Preferred Certifications: CISSP, GCIA, GCIH, CEH, OSCP, Security+, CySA+ or similar. SIEM-specific certifications (e.g. Azure Sentinel, LogRhythm, Splunk etc). Education: BE CSE/IT or a related field, MCA with 60%+ throughout the academics.

Exp: Above 12yrs, relevant should be 7yrs L3 Roles and responsibilities. Education criteria: Mtech, Btech only Mandatory skills to be check- AV/EDR M365 Technologies Active Directory Azure AD Compliance Security Configurations, well versed with tackling vulnerabilities and act as advisor to fill the recommended gaps, Security assessment of the Active Directory, Windows Servers, End Points using various tools JD for MS Defender: Provide Platform Security Strategy for the organization. Security Advisory role in design of platform tools. Advisory role from security perspective in selection, design, and configuration of endpoint security, Microsoft technologies, like O365, Intune, Active Directory, AV/EDR etc. and formulate policies and processes to manage risk and interoperability. Assist in defining Security Policies & Standards for Server Security including for OS, Database, based on global security best practices including CIS benchmarks, OEM hardening guidelines, NVD etc. Provide overall security expertise and advise on secure deployment of servers. Strategize and formulate high and low-level monitoring mechanism for platform security technology and best practices, manage the organisations platform security strategy & controls and keep abreast of new technologies and capabilities. Strategize and formulate high and low-level monitoring mechanism for security posture of platform technology deployments and advise measures to improve them. Possess and maintain in-depth technical and business knowledge of aspects of endpoint security, Microsoft technologies like O365, Intune, Active Directory, AV/EDR etc Possess and maintain broad technical and business knowledge of aspects of security technologies including Cryptographic technologies, basics of networking etc. Provide Security advisory role during technology acquisition and project origination to assess security requirements and controls. Provide Security advisory role in implementation of platform technology procured. Taking proactive measures for enhancing the security posture of the Bank's platform technologies by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERT, CSITE, CISA etc. Ensure service metrics relating to security and assurance that Infrastructure technology configurations are compliant. PowerShell scripting/reporting/ Automation experience would be good to have. Coordinate closely with the infrastructure security monitoring team to Strategize and formulate high and low-level monitoring mechanism for the security posture and to ensure implementation of security best practices.

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT datas Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills and Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; andWorking Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.