344 Edr Jobs - Page 2

Responsibilities: Drive growth by identifying new cybersecurity clients in India. Build pipelines, close deals, and manage enterprise accounts. 3+ years B2B sales, strong cybersecurity knowledge, excellent communication, and CRM skills required.

The position available at Novamesh Ltd (TATA Communications Ltd) in Jaipur is for an L2/L3 Threat Hunter/TIP Admin. As a Threat Hunter, your primary responsibility will be to conduct threat-hunting activities to identify security threats, including zero-day threats. You must possess strong skills in network forensic analysis, packet capture, and reconstruction, along with knowledge of Threat Intelligence Platform (TIP), Anti APT, and EDR. To excel in this role, you should be certified in any threat hunting certification or its equivalent. Your duties will include hunting for security threats, identifying threat actor groups and their techniques, and understanding the APT lifecycle, tactics, techniques, and procedures (TTPs). Familiarity with the MITRE ATT&CK framework and mapping threats to techniques is essential. You will provide expert analytic investigative support to L1 and L2 analysts for complex security incidents and analyze security incidents to enhance rules, reports, and AI/ML models. Proficiency in malware behavior analysis, sandboxing, and the analysis of various security logs and sensors is crucial for this role. Additionally, you will be responsible for incident response for identified threats and proactively identifying potential threat vectors to enhance prevention and detection methods. Hands-on experience with Trellix (formerly McAfee) APT solutions, EDR, and Threat Intelligence, along with familiarity with security monitoring tools like SIEM, SOAR, and Threat Intelligence Platforms (TIPs), is required. The ideal candidate should hold a degree in B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology and have a minimum of 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification in CSA/CEH would be an added advantage.,

As a Pre-Sales Lead specializing in Cybersecurity at Embee, you will play a vital role in supporting Embee's cybersecurity sales initiatives by leveraging your technical expertise to create customized solutions. With over 10 years of experience, you will need a deep understanding of both Microsoft and non-Microsoft security solutions, covering areas such as Network Security, Application Security, Endpoint Protection, Data Protection, and Security Operations. Your responsibilities will include designing solutions, supporting sales efforts, responding to RFPs, and engaging with clients, particularly CISOs and IT teams. Your primary responsibilities will involve developing tailored cybersecurity solutions that integrate a mix of Microsoft and non-Microsoft technologies to address complex security requirements. You will provide detailed technical guidance on various cybersecurity products, including Next-Gen Firewalls, WAF, EPP & EDR, DLP, and SecOps. Collaborating closely with Business Development Managers and sales teams, you will contribute to creating compelling solution proposals, presentations, and demonstrations. Additionally, you will engage directly with enterprise clients to understand their needs and align proposed solutions with their security objectives. Leading the creation of RFP and RFI responses will also be a key part of your role, requiring you to outline technical architecture, project scopes, and solution documentation. To excel in this role, you will need at least 10 years of experience in cybersecurity pre-sales or solutions architecture, preferably within System Integrators or OEMs. Your technical proficiency should cover a wide range of cybersecurity solutions, both from Microsoft and other providers. Strong communication and presentation skills are essential for effectively conveying complex technical concepts to diverse audiences. You should also possess excellent problem-solving abilities to diagnose client requirements and design scalable cybersecurity solutions. Collaboration and relationship management skills will be crucial for working with cross-functional teams and ensuring client satisfaction. Furthermore, a commitment to continuous learning and staying updated on cybersecurity trends and advancements is essential for success in this dynamic role. Joining Embee as a Pre-Sales Lead in Cybersecurity presents an exciting opportunity to make a significant impact in a collaborative and innovative environment. With a supportive team and a focus on driving cybersecurity excellence, this role offers a rewarding experience for cybersecurity professionals seeking to advance their careers in a challenging yet fulfilling setting.,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

Job Role : Cyber Security Engineer--Work From Office Experience : 5 to 10 Yrs Key Skills: Security tools integration and management, Onboarding, Log integration, writing rules and polices in Cloud Security/SIEM/EDR/Antivirus/XDR/MDR/SOAR tool/IPS & IDS Notice Period : 0 to 15 days(Must) Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Grow your career at Qualys where innovation and talent thrive! About Qualys: Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance, and IT solutions with over 10,000 subscription customers worldwide, including most of the Forbes Global 100 and Fortune 100. We help organizations streamline and automate security and compliance workflows onto a single platform, delivering greater agility, stronger security outcomes, and substantial cost savings. As part of the evolving Qualys Enterprise TruRisk Platform, we are expanding into Cloud Detection and Response (CDR) helping organizations detect active threats, manage cloud risk, and respond quickly in cloud-native, multi-cloud, and hybrid environments. We are building deep capabilities around cloud log analysis, eBPF-based runtime security, network security, and Zero Trust enforcement integrating technologies such as Sysdig Falco, Tetragon, and advanced runtime behavioral analytics. We are seeking a dynamic and experienced Senior Product Manager to join our growing Cloud Detection and Response (CDR) team at Qualys. In this role, you will drive the strategy and execution for key areas of our CDR product line focused on cloud threat detection, investigation, and automated response capabilities. You will bring a strong background in cloud security, detection and response technologies, and a can-do attitude to help global enterprise customers secure their cloud infrastructure and containerized workloads. You will collaborate closely with engineering, product design, product marketing, sales, and solution engineering teams, and interface with product leadership in a globally distributed environment. This is an exciting opportunity to have a high-impact role at a company known for innovation and trusted by the worlds leading enterprises. Qualifications: - Bachelors degree in Computer Science, Engineering, Cybersecurity, or a related technical field (MBA or equivalent experience preferred). - 5+ years of experience in product management, or 8+ years in a technical leadership, security engineering, or solution architecture role in cybersecurity or cloud security. - Deep understanding of cloud security, cloud-native environments (AWS, Azure, GCP), Kubernetes, and containerized workloads. - Familiarity with Cloud Detection and Response (CDR), CNAPP, or adjacent technologies such as SIEM, XDR, EDR, or threat hunting platforms. - Hands-on experience or strong working knowledge of cloud telemetry (e.g., AWS CloudTrail, Azure Activity Logs), cloud audit logging, and event-based threat detection. - Knowledge of modern runtime security technologies, including eBPF-based monitoring, Sysdig Falco, Tetragon, and cloud-native network security techniques. - Understanding of Zero Trust architectures and least-privilege enforcement in cloud environments. - Experience working with cybersecurity concepts such as malware detection, file integrity monitoring, secure configuration management, and policy compliance. - Strong analytical, organizational, and technical writing skills, with a data-driven approach to decision-making. - Exceptional communication skills, both technical and non-technical, across geographically distributed teams and customer environments. - Experience collaborating across multiple time zones and managing complex projects in a fast-paced environment. Role and Responsibilities: - Define and execute product strategy and roadmap for cloud detection and response capabilities within the Qualys platform. - Gather and prioritize requirements based on customer feedback, industry trends, and competitive analysis. - Develop clear product themes, epics, and user stories as input to engineering and design teams. - Work closely with engineering teams to deliver high-quality product features on time and within scope. - Drive key initiatives in cloud log ingestion and analysis, runtime threat detection using eBPF/Falco/Tetragon, network security analytics, and Zero Trust policy enforcement. - Actively engage with enterprise customers to understand needs, gather feedback, and validate product direction. - Track product success through metrics and KPIs, iterating based on customer impact and business outcomes. - Support product marketing with positioning, messaging, launch readiness, and field enablement. - Collaborate with sales teams to support key customer opportunities and strategic accounts. Join Us: This is a highly visible and impactful role where you will be part of a passionate and collaborative product team shaping the future of cloud security. If you're excited about building next-generation security solutions, helping customers stay ahead of modern threats, and growing your career at a company known for excellence and innovation - we would love to hear from you.,

Roles and Responsibilities Conduct thermal calculations using tools like Aspen, HTRI, Perform heat exchanger sizing and selection for various applications. Design air cooled heat exchangers (ACHE) and Shell & Tube heat exchangers (STHE). Collaborate with cross-functional teams to ensure successful project execution. Work with consider standards TEMA ,ASME,API,IBR

Shift : 9x5 Job Description for Threat Hunter/TIP admin Skillset Must : Network forensic (Packet Capture andRe-Construction Capability), Knowledge on Threat Intelligence Platform (TIP)/Anti APT/ EDR Certified with any threat hunting certification,or equivalent . Responsible for conducting all threat-huntingactivities necessary for identifying the threats including zero day. Hunt for security threats, identify threat actorgroups and their techniques, tools and processes. Strong knowledge of APT lifecycle, tactics,techniques, and procedures (TTPs). Familiarity with MITRE ATT&CK framework andmapping threats to techniques. Provide expert analytic investigative support toL1 and L2 analysts for complex security incidents. Proficiency in malware behavior analysis andsandboxing. Perform analysis of security incidents forfurther enhancement of rules, reports, AI/ML models. Perform analysis of network packet captures,DNS, proxy, NetFlow, malware, host-based security and application logs, as wellas logs from various types of security sensors uncovering the unknown aboutinternet threats and threat actors. Analyse logs, alerts, suspicious malwaressamples from all the SOC tools, other security tools deployed such asAnti-Virus, Anti APT solutions, EDR, IPS/IDS, Firewalls, Proxies, ActiveDirectory, Vulnerability assessment tools etc. Using knowledge of the current threat landscape,threat actor techniques, and the internal network, analyze log data to detectactive threats within the network. Build, document and maintain a comprehensivemodel of relevant threats to customer. Proactively identify potential threat vectorsand work with team to improve prevention and detection methods. Identify and propose automated alerts for newand previously unknown threats. Incident Response for identified threats. Strong knowledgeof APT lifecycle, tactics, techniques, and procedures (TTPs). Hands-onexperience with Trellix (formerly McAfee) APT solutions, EDR, and ThreatIntelligence. Proficiency inmalware behavior analysis and sandboxing. Familiarity withMITRE ATT&CK framework and mapping threats to techniques. Experience withsecurity monitoring tools such as SIEM, SOAR, EDR, and Threat IntelligencePlatforms (TIPs). Solidunderstanding of network protocols, endpoint protection, and intrusiondetection systems. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification : CSA/CEH

Core Responsibilities Include: Work cross-functionally with Clients (Enterprise/MSSP/MSP) and Channel Partners. Achieve targets with delivery and support. Function as a subject matter expert on topics relevant to the cybersecurity ecosystem including various vendor solutions, platforms, integrations, and competitors Perform other duties as assigned or required. What We Need from You: Stay in Greater Noida only (near Pari Chowk) Proficient in English Min. 1 year of experience in Cyber Security Solutions Experience in Cybersecurity with strong technical knowledge of SaaS Platforms. Some experience with PowerShell and Bash scripting. Technically strong including support for: Added Advantage with some basic experience in XDR/EDR solutions Added Advantage with some basic experience in Agent-based Deployment (Installation / Implementation) Added Advantage if you have worked with VADs or SIs or as a System Admin Excellent verbal, written, and presentation communication skills Highly efficient, with strong attention to detail and proven ability to multi-task and meet tight deadlines Proficient in Microsoft Office: PowerPoint, Excel, and Word. Preferred: min. B.Tech in Computers

Responsible for conducting all threat-hunting activities necessary for identifying threats including zero day. Hunt for security threats, identify threat actor groups and their techniques, tools, and processes. Strong knowledge of APT lifecycle, tactics, techniques, and procedures (TTPs). Familiarity with MITRE ATT&CK framework and mapping threats to techniques. Provide expert analytic investigative support to L1 and L2 analysts for complex security incidents. Proficiency in malware behavior analysis and sandboxing. Perform analysis of security incidents for further enhancement of rules, reports, AI/ML models. Perform analysis of network packet captures, DNS, proxy, NetFlow, malware, host-based security and application logs, as well as logs from various types of security sensors uncovering the unknown about internet threats and threat actors. Analyze logs, alerts, suspicious malware samples from all the SOC tools, other security tools deployed such as Anti-Virus, Anti APT solutions, EDR, IPS/IDS, Firewalls, Proxies, Active Directory, Vulnerability assessment tools, etc. Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network. Build, document, and maintain a comprehensive model of relevant threats to the customer. Proactively identify potential threat vectors and work with the team to improve prevention and detection methods. Identify and propose automated alerts for new and previously unknown threats. Incident Response for identified threats. Strong knowledge of APT lifecycle, tactics, techniques, and procedures (TTPs). Hands-on experience with Trellix (formerly McAfee) APT solutions, EDR, and Threat Intelligence. Proficiency in malware behavior analysis and sandboxing. Familiarity with MITRE ATT&CK framework and mapping threats to techniques. Experience with security monitoring tools such as SIEM, SOAR, EDR, and Threat Intelligence Platforms (TIPs). Solid understanding of network protocols, endpoint protection, and intrusion detection systems.,

CYFIRMA is a threat discovery and Cyber intelligence platform company that provides industry-disrupting solutions in the cybersecurity and threat intelligence domain, focusing on innovative ways to decode threats across all layers, including business controls. We specialize in: - Providing multi-dimensional and actionable strategic, management, and tactical cyber threat visibility and intelligence. - Anticipating cyberattacks that are most likely to occur in your industry and IT environment. - Delivering potential cyber-attack insights at the planning stage rather than the execution and exploitation phase. - Employing a predictive and deep understanding of threats through our unique Outside-In approach. We are currently seeking a dynamic individual with hands-on experience in threat intelligence research, malware analysis, forensic investigation, and/or security consulting to join our research team in the role of Cyber Threat Intelligence Lead/Manager based in Bangalore. **Role and Responsibility:** - Conduct in-depth research on nation-state threat actors, campaigns, and malware from public and dark/deep web sources to generate predictive and relevant threat intelligence for clients. - Develop risk scenarios and recommend actions based on the threat landscape to assist clients in consuming threat intelligence information effectively. - Present research findings, reports, and advisories at public conferences, seminars, blogs, etc., as well as in private client meetings. - Collaborate with international teams to enhance research, service operations, and service platform development. **Skills & Experience:** - Minimum 10-12 years of experience in cyber threat intelligence research, incident response, forensic analysis, malware research, or EDR/SIEM event analysis (tier 2 or higher). - Minimum 10-12 years of experience in OSINT or paid/private security analysis tools such as Shodan, Censys, BinaryEdge, Spiderfoot, Domain tools, Virus Total, Hybrid Analysis, EDR, SIEM, IDS/IPS, etc. - Proficiency in creating and enhancing the strategy for threat intelligence research, process automation, knowledge sharing, and training other team members. - Ability to develop and script programs from scratch using programming languages like python, perl, ruby, php, javascript, C, C++, C#, etc. - Strong skills in writing and presenting technical documents, blogs, reports, and papers for public conferences and private client meetings. - Adaptable mindset with a keen willingness to collaborate with various teams such as pre-sales, partner alliances, marketing, customer success, product management, etc., locally and internationally. - Fluent in English language for reading, writing, and speaking. **Client Facing Role:** Remotely **Qualification:** - Bachelor's degree in computer science/IT or equivalent. - Security certification (GCTI, CHFI, CEH, Security +, etc.). **Industry:** Cyber Security **Relevant Experience:** 10 to 12 Years **Reporting to:** Vertical SVP or similar,

Role & responsibilities Design and develop XSOAR playbooks to automate repetitive tasks in Security Operations. Integrate various security tools and data sources with XSOAR using APIs, custom integrations, and out-of-the-box connectors. Collaborate with SOC analysts, incident responders, and other cybersecurity teams to identify automation opportunities. Maintain and enhance existing playbooks based on feedback and evolving security requirements. Develop custom scripts (Python) and integrations as needed. Troubleshoot and resolve issues related to XSOAR integrations and playbooks. Document processes, playbooks, and integration procedures for knowledge sharing. Ensure automation workflows comply with security policies, standards, and regulatory requirements. Provide training and mentoring to team members on XSOAR automation best practices. Stay up to date with the latest trends, threats, and technologies in security automation Preferred candidate profile Hands-on experience with Palo Alto Cortex XSOAR (mandatory). Strong knowledge of security operations, incident response, and SOC processes. Proficient in Python scripting (must-have for custom automations and integrations). Experience with RESTful APIs and JSON data format. Familiarity with SIEM, EDR, firewalls, threat intelligence platforms, and other security tools. Strong analytical, problem-solving, and troubleshooting skills. Excellent written and verbal communication skills. Ability to work collaboratively in a fast-paced team environment.

1 Role title: Cyber Security Architect Grade Required Qualifications Advanced degree in Computer Science 5+ years of cyber security engineering experience Any of the following: CISSP, CISM, CEH along with Azure, GCP or AWS certifications Experience with security tools and technologies (e.g., firewalls, IPS, Email Security, SOAR, Threat Intel, SIEM, DLP, EDR, encryption, etc.). Experience in global manufacturing, pharma, and/or a life sciences company Summary of Role Duration Key responsibilities Required skills The Security Architect role is a pivotal position within the Cyber Security Office, reporting directly to the Security Architecture Lead. This role offers an exciting opportunity to collaborate with cross-functional teams from IT, Cyber Security, and Business Units to architect and design robust security solutions that effectively protect organisation's enterprise networks from evolving cyber threats. As an individual contributor, you will focus on strategic design and innovation, ensuring that our security strategies align with industry standards and best practices such as TOGAF, SABSA, Purdue, and NIST frameworks. This role is designed for individuals who are passionate about cybersecurity, possess strong expertise in security, and are eager to make a significant impact on organisation's security posture Drive the strategic design and implementation of innovative security solutions and controls Stay at the forefront of industry standards, regulations, and best practices related to IT and OT security, ensuring continuous improvement Generate comprehensive documentation, certification, and testing protocols for the deployment of new security solutions Continuously monitor and analyze current cybersecurity threats, trends, and emerging technologies to inform strategic security initiatives Work closely with engineering and architecture teams to ensure security requirements are integrated into all phases of the system development lifecycle Define and implement advanced security configurations, policies, and procedures for IT and OT assets and systems Effectively communicate with stakeholders at all levels, translating complex technical concepts into actionable security strategies Support the development and implementation of security architectures across various domains, including data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, and platform security Conduct security assessments and gap analyses to identify and mitigate security risks Provide technical guidance and mentorship to security engineers and other team members Perform assessments of capabilities and tools to ensure alignment with GSK business and security needs Assist with product Proof of Concept (POC) evaluations to validate security solutions Create and execute test plans to rigorously evaluate security controls and document results to provide unbiased outcomes that demonstrate alignment with GSK business and security needs in a seamless manner Proven experience in developing security strategies and reference architectures Familiarity with TOGAF, SABSA, or Purdue Enterprise Reference Architecture Experience in designing and deploying network security controls and solutions Extensive knowledge of security technologies, including encryption, authentication, authorization, security protocols, data and privacy, AI/ML, and application development Strong communication and interpersonal skills, ability to effectively manage stakeholders Proficiency in writing, developing, and maintaining technical documentation, including security standards, strategies, and implementation plans Ability to prioritize and filter actions to focus on those with significant impact on the program Capability to work with multiple stakeholders to promote practical solutions to complex security problems Excellent problem-solving and analytical skills, with the ability to work under pressure Hands-on experience in at least three of the following security domains: data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, or platform security Experience with threat modeling and risk assessment methodologies Experience in security automation and orchestration Knowledge of AI and machine learning security considerations Understanding of regulatory requirements/industry standards (e.g., GDPR, HIPAA, PCI)

Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes • Roles and Responsibilities Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes •

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

As a Consultant (CSM) at CYFIRMA, you will play a crucial role in customer onboarding, technical support, account escalations, customer renewals, upsell campaigns, and establishing customer support practices. Your primary responsibility will be to ensure new customers are efficiently onboarded to CYFIRMA's products and services, guiding them to realize ROI promptly. In this role, you will need to have a deep understanding of CYFIRMA's product and service offerings to provide technical support and training to customers. Your focus will be on educating customers on the flexibility and capabilities of CYFIRMA's solutions, aligning them with their business needs and plans. Additionally, you will handle account escalations, ensuring timely responses to alerts, red flags, or feedback reported by customers. Moreover, you will be responsible for customer renewals, driving upsell campaigns to increase the lifetime value of CYFIRMA's customers. Periodic health checks of customer accounts will be necessary to ensure customer engagement and satisfaction. You will collaborate with international teams to enhance research, service operations, and platform development. To excel in this role, you should have at least 10 years of experience in managing customers and accounts in the cybersecurity domain. Proficiency in customer service practices, technical aptitude to learn CYFIRMA's offerings, and familiarity with OSINT or security analysis tools are essential. Knowledge of IT networking, internet technologies, firewalls, and cybersecurity tools, along with experience in CRM software like Salesforce, will be beneficial. A bachelor's degree in computer science or a related field is required, along with proficiency in the Microsoft Office Suite. Excellent communication skills in English, both written and verbal, are necessary as this role involves client-facing interactions remotely. Holding security certifications such as GCTI, CHFI, CEH, Security+, etc., will be an additional advantage. Join CYFIRMA's dynamic team as a Consultant (CSM) in Bangalore, and contribute to enhancing customer success through effective onboarding, support, and relationship management in the cybersecurity industry.,

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,

As a SOC Analyst (Incident Management) with 4+ years of experience, you will be based in Mohali, working strictly from the office with a 5-day work week and a 30-day notice period. Your role will be crucial in resolving cyber security incidents and collaborating with the IT Infrastructure and application teams to support daily SOC operations. Your responsibilities will include acting as a primary incident responder and coordinator, performing incident handling through effective communication and coordination efforts, triaging incidents, escalating security incidents to senior staff when necessary, tracking and analyzing incidents using a ticket management system, and engaging IT teams for remediation. You will also be responsible for planning and managing incident response procedures, documenting security incidents, and assisting in enhancing the operational efficiency of SOC platforms. To excel in this role, you should have familiarity with incident management principles and frameworks, knowledge of SIEM, AV, EDR, Next-Gen Firewalls, Cloud Platforms, and IT networking concepts. You should possess strong skills in monitoring and reporting security remediations, incident response activities, effective documentation, as well as verbal and written communication. Stakeholder management, experience in a complex matrix environment, and the ability to work in an international multicultural team are also essential. If you are looking to utilize your skills as a SOC Analyst in incident management, this role offers the opportunity to contribute to the resolution of cyber security incidents, improve SOC operational efficiency, and collaborate with diverse teams to enhance overall security posture.,

Role & responsibilities : Level 2 SOC Analyst Role Overview: A Level 2 SOC Analyst is responsible for more advanced threat detection and incident response. They handle escalated incidents from Level 1 analysts and perform in-depth analysis to mitigate security threats. Key Responsibilities: Monitor security alerts and notifications generated by security tools and escalated by L1 team Conduct in-depth analysis of security events and incidents to determine their impact and severity, and escalate as necessary according to established procedures Investigate and triage security incidents, including analyzing log data, network traffic, and other relevant information to identify indicators of compromise (IOCs) and determine the root cause Develop and maintain incident response playbooks, procedures, and documentation to ensure consistency and efficiency in incident handling processes Collaborate with threat intelligence analysts to stay informed about emerging threats, vulnerabilities, and attack techniques, and incorporate this knowledge into security monitoring and response activities Configure and manage security tools and technologies to enhance threat detection and response capabilities. Skills and Qualifications: Education: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 2-4 years of experience in SOC operations and incident response. Experience in CrowdStrike SIEM and EDR preferred. Google SecOps , Crowdstrike NGSIEM Analytical Skills: Strong ability to analyze complex security data and identify patterns or anomalies. Documentation: Maintain detailed records of incidents, including analysis, response actions, and lessons learned. Develop SOC Runbooks. Communication Skills: Excellent verbal and written communication skills for documenting incidents and collaborating with team members. Problem-Solving: Ability to think critically and solve complex security issues. Certifications (Preferred): Certifications such as CompTIA Security or Certified Ethical Hacker (CEH) or similar. Work Environment: Typically works in a security operations center. May require shift work to provide 24/7 monitoring.

Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Web Application Firewall (WAF) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary We are seeking a technically skilled and proactive Network Security Technical Lead to manage and enhance our enterprise security infrastructure. This role focuses on securing the network perimeter through the administration of Palo Alto Firewalls, Web Application Firewalls (WAF), Bot Protection, Email Security, Endpoint Detection and Response (EDR), and IPS/IDS systems.You will be responsible for firewall policy tuning, VPN support, DNS and IDS/IPS signature management, bot defense rule enforcement, and email threat protection. A key part of the role involves proactively identifying and addressing security gaps, ensuring compliance with internal standards, and continuous improvement through regular audits, service reporting, and cross-functional collaboration.Roles and ResponsibilitiesFirewall OperationsAdminister and support enterprise firewall systems, with a focus on Palo Alto platforms.Perform policy tuning and propose enhancements based on incident trends and evolving threat landscapes.Manage IDS/IPS signature updates, including additions, deletions, and modifications.Support URL filtering configurations and enforcement.Provide operational support for VPN services and troubleshoot connectivity issues.Identify security gaps and recommend remediation strategies as part of continuous improvement.Conduct quarterly firewall rule audits and generate compliance reports.Maintain and update operational runbooks and documentation.Manage patching activities for firewall infrastructure.Deliver regular service performance reports and participate in incident/problem/change management processes.Troubleshoot firewall configuration issues, including backup/restore and application break-fixes.Bot Protection SupportManage bot protection policies and rules using Cequence.Configure appropriate logging levels for bot traffic analysis.Perform troubleshooting and incident support related to bot activity.Apply and validate standard and emergency rule requests.Perform regular signature updates to maintain bot defense effectiveness.DNS SecurityFine-tune DNS policies and implement domain-based filtering using Cloudflare.Monitor and report on DNS threats weekly/monthly, including actions taken.Ensure DNS configurations align with enterprise security posture and compliance requirements. Professional & Technical SkillsFirewall Operations:Policy tuning, rule optimization, VPN support, and quarterly audit reporting using Palo Alto; incident-driven configuration backup, restore, and break-fix troubleshooting.Threat Prevention & IDS/IPS:Signature lifecycle management (add/update/delete), URL filtering enforcement, and patch management aligned with incident trends and continuous improvement goals.Bot Protection:Policy and rule management, logging configuration, incident triage, and signature updates using Cequence Bot Defense; validation of standard and emergency rule requests.DNS Security:DNS policy fine-tuning, domain-based filtering, and weekly/monthly threat reporting using Cloudflare DNS.Operational Excellence:Service reporting, runbook maintenance, and change/problem/incident management across firewall and bot/DNS security layers.Tools & Platforms:Palo Alto, Cequence (Bot Defense), Cloudflare (DNS).Must-Have Skills: Strong hands-on experience with Palo Alto firewalls and associated security features.Proficiency with Cequence for Bot protection and Cloudflare for DNS security.Solid understanding of network security principles, VPNs, IDS/IPS, and URL filtering.Familiarity with ITIL-based incidents, problems, and change management processes.Ability to analyze logs and traffic patterns to identify anomalies and optimize rules.Experience with patch management, service reporting, and compliance audits.Strong documentation skills and attention to detail.Good-to-Have Skills: Exposure to cloud-based firewall deployments and hybrid network environments.Experience in automation or scripting for firewall operations and reporting.Familiarity with Service Now ITSM Tool Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary We are seeking a technically skilled and proactive Network Security Technical Lead to manage and enhance our enterprise security infrastructure. This role focuses on securing the network perimeter through the administration of Palo Alto Firewalls, Web Application Firewalls (WAF), Bot Protection, Email Security, Endpoint Detection and Response (EDR), and IPS/IDS systems.You will be responsible for firewall policy tuning, VPN support, DNS and IDS/IPS signature management, bot defense rule enforcement, and email threat protection. A key part of the role involves proactively identifying and addressing security gaps, ensuring compliance with internal standards, and continuous improvement through regular audits, service reporting, and cross-functional collaboration.Roles and ResponsibilitiesFirewall OperationsAdminister and support enterprise firewall systems, with a focus on Palo Alto platforms.Perform policy tuning and propose enhancements based on incident trends and evolving threat landscapes.Manage IDS/IPS signature updates, including additions, deletions, and modifications.Support URL filtering configurations and enforcement.Provide operational support for VPN services and troubleshoot connectivity issues.Identify security gaps and recommend remediation strategies as part of continuous improvement.Conduct quarterly firewall rule audits and generate compliance reports.Maintain and update operational runbooks and documentation.Manage patching activities for firewall infrastructure.Deliver regular service performance reports and participate in incident/problem/change management processes.Troubleshoot firewall configuration issues, including backup/restore and application break-fixes.Bot Protection SupportManage bot protection policies and rules using Cequence.Configure appropriate logging levels for bot traffic analysis.Perform troubleshooting and incident support related to bot activity.Apply and validate standard and emergency rule requests.Perform regular signature updates to maintain bot defense effectiveness.DNS SecurityFine-tune DNS policies and implement domain-based filtering using Cloudflare.Monitor and report on DNS threats weekly/monthly, including actions taken.Ensure DNS configurations align with enterprise security posture and compliance requirements. Professional & Technical SkillsFirewall Operations:Policy tuning, rule optimization, VPN support, and quarterly audit reporting using Palo Alto; incident-driven configuration backup, restore, and break-fix troubleshooting.Threat Prevention & IDS/IPS:Signature lifecycle management (add/update/delete), URL filtering enforcement, and patch management aligned with incident trends and continuous improvement goals.Bot Protection:Policy and rule management, logging configuration, incident triage, and signature updates using Cequence Bot Defense; validation of standard and emergency rule requests.DNS Security:DNS policy fine-tuning, domain-based filtering, and weekly/monthly threat reporting using Cloudflare DNS.Operational Excellence:Service reporting, runbook maintenance, and change/problem/incident management across firewall and bot/DNS security layers.Tools & Platforms:Palo Alto, Cequence (Bot Defense), Cloudflare (DNS).Must-Have Skills: Strong hands-on experience with Palo Alto firewalls and associated security features.Proficiency with Cequence for Bot protection and Cloudflare for DNS security.Solid understanding of network security principles, VPNs, IDS/IPS, and URL filtering.Familiarity with ITIL-based incidents, problems, and change management processes.Ability to analyze logs and traffic patterns to identify anomalies and optimize rules.Experience with patch management, service reporting, and compliance audits.Strong documentation skills and attention to detail.Good-to-Have Skills: Exposure to cloud-based firewall deployments and hybrid network environments.Experience in automation or scripting for firewall operations and reporting.Familiarity with Service Now ITSM Tool Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a motivated and skilled Endpoint Security Engineer with 3 plus years of experience in managing and securing endpoints using Microsoft Defender for Endpoint, Symantec Endpoint Protection, and DLP solutions. The ideal candidate will play a critical role in enhancing the security posture of our endpoints across the enterprise. Roles & Responsibilities:- Configure, manage, and monitor Microsoft Defender for Endpoint and Symantec Endpoint Protection.- Implement, manage, and tune Data Loss Prevention (DLP) policies and rules across endpoints and email gateways.- Investigate, analyze, and respond to security alerts and endpoint incidents.- Coordinate with SOC and IT teams for triage and remediation of malware, ransomware, and other endpoint-based threats.- Conduct endpoint vulnerability assessments and patch validation in coordination with vulnerability management teams.- Maintain endpoint protection baselines and enforce policy compliance across user devices.- Generate reports on endpoint protection status, incident trends, and DLP violations.- Ensure continuous improvement of endpoint threat detection and response processes.- Participate in root cause analysis (RCA) of endpoint-related security events. Professional & Technical Skills: -Strong knowledge and hands-on experience with:-Microsoft Defender for Endpoint / Microsoft 365 Defender-Symantec Endpoint Protection (SEP)-DLP solutions (Microsoft Purview DLP, Symantec DLP, or equivalent)-Understanding of endpoint threat vectors, malware, and mitigation techniques.-Familiarity with SIEM tools and EDR workflows.-Basic scripting knowledge (PowerShell, Python, or batch scripting) for automation and investigation tasks.-Strong troubleshooting skills related to endpoint protection agents and policies. Additional Information:- The candidate should have minimum 2 years of experience in Endpoint Extended Detection and Response.- This position is based at our Pune office.- A 15 years full time education is required. Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field Preferred certifications:Microsoft SC-200 (Microsoft Security Operations Analyst) ,Symantec Endpoint Protection certification (if available) and CompTIA Security plus. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM), Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a proactive and detail-oriented SOC Analyst (Incident Response) to join our Security Operations Center (SOC) team. In this role, you will be responsible for detecting, analyzing, and responding to cybersecurity incidents using a combination of technology solutions and processes. Roles & Responsibilities:- Monitor security alerts and events from various sources (SIEM, EDR, firewall logs, IDS/IPS, etc.) to detect potential security incidents.- Triage, investigate, and respond to incidents following standard operating procedures (SOPs) and incident response playbooks.- Perform in-depth analysis of security incidents to identify root causes, scope, and impact.- Escalate complex incidents to appropriate stakeholders and support containment, eradication, and recovery efforts.- Work with internal teams and external partners to contain and remediate threats.- Contribute to continuous improvement of detection capabilities and IR processes.- Maintain incident documentation and provide detailed reports post-incident.- Stay current with emerging threats, vulnerabilities, and incident response best practices. Professional & Technical Skills: - 25 years of experience in a Security Operations Center (SOC) or similar cybersecurity role.- Strong understandin of security technologies such as SIEM, EDR, IDS/IPS, firewalls, and antivirus.- Experience with incident detection, triage, analysis, and response.- Familiarity with MITRE ATT&CK framework and other threat models.- Knowledge of operating systems (Windows/Linux), networking protocols, and cloud environments.- Strong analytical and problem-solving skills.- Excellent verbal and written communication skills.- Industry certifications such as CEH, GCIH, GCIA, or CompTIA Security+ are a plus. Additional Information:- The candidate should have minimum 3 years of experience in Splunk, QRadar or any SIEM tool.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Exp. in a SOC, incident detection and response,SIEM platform and EDR. understanding of networking principles, TCP/IP, WANs, LANs, and Internet protocols (SMTP, HTTP, FTP, POP, LDAP). cloud security concepts & platforms (e.g., AWS, Azure, GCP).