346 Edr Jobs - Page 3

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM), Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a proactive and detail-oriented SOC Analyst (Incident Response) to join our Security Operations Center (SOC) team. In this role, you will be responsible for detecting, analyzing, and responding to cybersecurity incidents using a combination of technology solutions and processes. Roles & Responsibilities:- Monitor security alerts and events from various sources (SIEM, EDR, firewall logs, IDS/IPS, etc.) to detect potential security incidents.- Triage, investigate, and respond to incidents following standard operating procedures (SOPs) and incident response playbooks.- Perform in-depth analysis of security incidents to identify root causes, scope, and impact.- Escalate complex incidents to appropriate stakeholders and support containment, eradication, and recovery efforts.- Work with internal teams and external partners to contain and remediate threats.- Contribute to continuous improvement of detection capabilities and IR processes.- Maintain incident documentation and provide detailed reports post-incident.- Stay current with emerging threats, vulnerabilities, and incident response best practices. Professional & Technical Skills: - 25 years of experience in a Security Operations Center (SOC) or similar cybersecurity role.- Strong understandin of security technologies such as SIEM, EDR, IDS/IPS, firewalls, and antivirus.- Experience with incident detection, triage, analysis, and response.- Familiarity with MITRE ATT&CK framework and other threat models.- Knowledge of operating systems (Windows/Linux), networking protocols, and cloud environments.- Strong analytical and problem-solving skills.- Excellent verbal and written communication skills.- Industry certifications such as CEH, GCIH, GCIA, or CompTIA Security+ are a plus. Additional Information:- The candidate should have minimum 3 years of experience in Splunk, QRadar or any SIEM tool.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Exp. in a SOC, incident detection and response,SIEM platform and EDR. understanding of networking principles, TCP/IP, WANs, LANs, and Internet protocols (SMTP, HTTP, FTP, POP, LDAP). cloud security concepts & platforms (e.g., AWS, Azure, GCP).

Position – Cyber Security Engineer Location - Gurgaon Experience – 4 - 6 Years Job Description :- Key skills required: • Azure AD knowledge - L3 level. • Az AD security - L3. • EDR Mandatory. • SAML / certificate mandatory.

Cyber Security Engineer | 4–6 Yrs Must-have: Azure AD (L3), Az AD Security (L3), EDR, SAML, SSL, SSO, Secret Key Mgmt, IAM, App Registrations, PAM, MFA, RBAC, vulnerability mgmt. Immediate joiners preferred. Drop CV at seijal@anprax.com.

Key skills required: • Azure AD knowledge - L3 level. • Az AD security - L3. • EDR Mandatory. • SAML / certificate mandatory.

Lead Consultant (Cyber Security) Job Summary: The Lead consultant for Cyber Security (B2B SOC MSS) provides the advance level of support for Product Implementation & Services in the Security Operations. In this position, the consultant will be to lead the project (technical) consultants team for successful migration/ implementation of the Cyber Security Products (and Services). Mini.2years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Consultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee Email Security Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Product certification from any of the above products will be added advantage Must be able to execute strategic and tactical direction for solutions offerings Experience in supporting a multiple customer base systems and network environments Provides timely and adequate response to threats/alerts, including off-hour support. Develop functional specifications for integrating/ adopting requirements into enterprise target state architecture or specific application Collaborate with business groups to help them to identify, classify, and secure high value data Provide feedback via periodic reports based on rule parameters; Ability to write regular expressions Ability to self- direct and work independently when necessary, and clearly articulate technical concepts/ issues to both technical and non- technical peers and management The ability to assess security events to drive to a resolution. Demonstrate Understand Critical Data Types such as PII, NPI, PCI, HIPAA, etc Demonstrate Understanding of Mass Storage, USB, Removable Media, for example allow charge but do not allow data copy Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Required Technical Expertise Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required Good communication skills Strong level of customer service required

Key skills required: • Azure AD knowledge - L3 level. • Az AD security - L3. • EDR Mandatory. • SAML / certificate mandatory. Contact = 9599321583

Dear Cybersecurity Professionals, We are thrilled to invite you to our upcoming AI in Cybersecurity User Group activity , happening on 26th July in Chennai . This is an excellent opportunity to connect, learn, and exchange insights on how AI is revolutionizing the cybersecurity landscape. Highlights of the event: Expert talks on AI-driven cybersecurity solutions Real-world case studies and practical insights Networking with industry peers and thought leaders Interactive sessions to discuss challenges & best practices Please note: Seats are strictly limited , and registrations will be accepted on a first-come, first-served basis. Date: 26th July 2025 Time: 10:30 AM 12:30 PM Location: Chennai (venue details will be shared upon confirmation) If youre interested in joining, please reply to this email or register through below link at the earliest to secure your spot. https://forms.cloud.microsoft/r/Qc57BKrBmQ Looking forward to your participation in building a vibrant AI in cybersecurity community!

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Min 3 Years exo in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Client's requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of EDR processes. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

As a Security Managed Services Engineer (L2) at NTT DATA, you will play a crucial role in ensuring the security of our clients" systems. You will be responsible for conducting regular assessments of deployed security solutions to identify vulnerabilities and recommending and implementing enhancements based on your findings. Your expertise in endpoint protection methods and cybersecurity technologies, including adaptive technologies, antivirus, firewalls, and intrusion detection systems, will be essential in this role. In this position, you will proactively monitor, identify, investigate, and resolve technical incidents and problems to restore service to clients efficiently. Your primary objective will be to review client requests or tickets, applying your technical and process knowledge to resolve them without breaching service level agreements (SLAs). Additionally, you will provide second-line support for incidents and requests with a medium level of complexity, ensuring that our clients receive timely and effective solutions. Your role may also involve contributing to or supporting project work as needed, further expanding your skills and expertise in the field of security managed services. You will be expected to demonstrate a strong knowledge and a minimum of 5 years of hands-on experience in at least 3 areas of security, such as Antivirus (EPP), EDR (Endpoint Detection & Response), Anti-APT (Anti-Advanced Persistent Threat), and Trellix/HIPS. As part of your responsibilities, you will install, configure, and maintain the software and hardware of EPP, EDR, HIPS, and Anti-APT solutions, responding to tickets in accordance with SLA guidelines. You will record, track, and document the request problem-solving process, including actions taken, and analyze and fix risk and scan logs. Moreover, you will assist in new hire training for basic IT needs and interact with OEM for any incident resolution. To be eligible for this role, you should hold a CCNA certification, while a CCNP in Security or PCNSE certification would be considered advantageous. Additionally, you should have a moderate level of relevant managed services experience in handling Security Infrastructure, knowledge of ticketing tools (preferably ServiceNow), working knowledge of ITIL processes, and experience collaborating with vendors and third parties. NTT DATA is an Equal Opportunity Employer that values diversity and inclusion in the workplace. Join our global team and continue to grow, belong, and thrive in an environment that encourages you to seize new opportunities and challenges, expand your skills, and prepare yourself for future advancements in your career.,

Job Summary: We are seeking a highly skilled and motivated SOC Analyst / Detection Engineer to join our Security Operations Center. This role requires expertise in developing advanced KQL and Splunk queries, detection engineering, and incident response within complex enterprise environments. The ideal candidate will bring hands-on experience with SIEM, EDR, cloud security, incident playbooks, and OSINT tools, while also showing a passion for mentoring junior team members. Key Responsibilities: Develop and fine-tune detection rules and analytics using KQL (Microsoft Sentinel) and SPL (Splunk). Lead threat hunting activities leveraging EDR telemetry, SIEM logs, and threat intelligence sources. Design and implement detections based on behavioral patterns and MITRE ATT&CK mappings. Investigate security alerts and incidents, triage threats, and provide detailed incident reports and root cause analysis. Build and maintain incident response playbooks, SOPs, and runbooks to streamline SOC operations. Collaborate with internal teams to continuously improve detection logic and incident workflows. Mentor and train junior analysts, promote knowledge sharing, and support SOC skill development. Develop integrations and use cases with various log sources from on-prem, cloud, and hybrid environments. Utilize OSINT tools and frameworks (e.g., VirusTotal, Shodan, Censys, MISP, AbuseIPDB, Whois, etc.) during threat investigation and enrichment. Drive automation and orchestration where applicable using SOAR technologies. Stay up to date on threat intelligence, emerging tactics, techniques, and procedures (TTPs). Technical Skill Requirements: Detection Engineering: Strong expertise in writing detection queries (KQL/SPL), developing use cases, and tuning alerts. SIEM: Hands-on experience with Microsoft Sentinel and Splunk (Enterprise Security). EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint. Cloud Security: Security monitoring in Azure, AWS, and GCP. Microsoft 365 Security: Defender for Office 365, Entra ID (Azure AD), Purview (compliance). Web Security Filtering: Experience or knowledge of Zscaler and similar solutions. Incident Response: Playbook development, SOPs, runbook creation, triage, and remediation. OSINT Tools: Practical usage of VirusTotal, URLScan.io, MISP, Shodan, Censys, GreyNoise, AbuseIPDB, Whois, etc. Log Analysis: Deep understanding of log formats from servers, network devices, cloud services, and applications. Automation/SOAR: Familiarity with automation frameworks (Logic Apps, Sentinel Playbooks, Splunk SOAR) is a plus. Scripting: PowerShell, Python, or equivalent scripting for enrichment and automation. Additional Expectations: Willingness to mentor and train junior SOC team members. Ability to work independently in a fast-paced SOC environment. Excellent analytical, communication, and problem-solving skills. Strong attention to detail and a proactive security mindset. Preferred Certifications (Nice to Have): SC-200: Microsoft Security Operations Analyst Splunk Core/Enterprise Security certifications CrowdStrike CCFR / CCFH Zscaler ZCCA/ZCCP Azure/AWS/GCP security certifications GIAC (GCIA, GCED, GCIH) or other relevant SANS certifications

Department: IT Permanent Payroll: - XP India. Location: Gurgaon Reports To: IT Manager / IT Head Employment Type: Full-time Job Summary: - We are seeking a skilled and proactive L2 IT Engineer specializing in IT Infrastructure and Cybersecurity to join our dynamic IT team. The ideal candidate will be responsible for managing, maintaining, and securing the organization's IT infrastructure. This includes providing advanced support for networks, servers, endpoints, and cybersecurity solutions, as well as assisting in implementing best practices for IT security and compliance. Key Responsibilities: IT Infrastructure: Provide Level 2 support for IT infrastructure (Windows/Linux servers, storage, virtualization, cloud). Monitor and manage network devices (routers, switches, firewalls, wireless controllers). Perform routine maintenance and troubleshooting of systems, servers, and network equipment. Assist with server patching, upgrades, and configuration changes. Support Office 365, Active Directory, DNS, DHCP, and VPN infrastructure. Collaborate with L1 support to resolve escalated issues. Manage backup and disaster recovery systems. Maintain inventory of hardware/software assets and license compliance. Cybersecurity: Monitor and respond to security alerts and incidents (EDR, SIEM, firewalls). Assist in implementing and maintaining security policies, standards, and procedures. Support vulnerability assessments and remediation activities. Administer security tools (antivirus, endpoint protection, firewalls, DLP, MFA). Conduct periodic access reviews and security audits. Support compliance efforts (ISO 27001, GDPR, etc.) and risk mitigation strategies. Required Skills & Qualifications: Bachelors degree in Computer Science, Information Technology, or related field. 35 years of experience in IT support with a focus on infrastructure and cybersecurity. Strong knowledge of Windows Server, Active Directory, Group Policies, and Office 365. Experience with network troubleshooting and configuration (LAN/WAN, VLANs, VPN). Familiarity with virtualization (VMware/Hyper-V) and cloud platforms (Azure/AWS). Hands-on experience with cybersecurity tools such as EDR, firewalls, SIEM, DLP. Understanding of cybersecurity frameworks and standards (NIST, ISO 27001). Strong problem-solving and analytical skills. Excellent communication and documentation skills.

RESG/GTS is the entity in charge of the entire IT infrastructure of Socit Gnrale. The RESG/GTS/SEC/SOC department, which corresponds to the Socit Gnrale SOC (SOC SG), is in charge of operational detection, incident response and prevention activities within the scope of GTS across the businesses. The mission of the SOC is to identify, protect, detect, respond and using the security platforms for the detection/reaction and prevention and resolution of security incidents. The SG SOC consists of Cyber Defense (incident management) Cyber Tools (management of SOC tools including the SIEM), Cyber Control (Prevention and Compliance) and Governance. This role is for a SOC L3(Lead Cyber Security Analyst) will be part of the GTS Security SOC team. In this role, you will involved in supporting India and global regional needs. The objectives of the Security Department (RESG/GTS/SEC) are to manage the strategy for all RESG/GTS in terms of security, technical standards, processes and tools, and thus to cover many cross-functional functions within the company and subsidiaries across all regions. Accountabilities Major Activities SOC Lead/L3 Lead and manage all high priority Critical Security Incidents including end to end incident mgmt. Support/help and guide the L1/L2 in managing complex issues/incidents Lead and engage in Study/POC of Tools and technologies aligning to the security roadmap Will be an expert in 1 or 2 key security technologies/tools globally and be part of the global SOC L3/Experts Example Areas: Threat Hunting, Forensic Analysis, IPS, EDR, DLP, etc. Contribution to the risk detection management approach, consistent with the SG MITRE Matrix approach and other industry standard relevant approaches Analysis support for complex investigations and improve reaction procedures/run book definitions/ enhancements Support for analyses on cybersecurity technical plans, analysis approach and incident management Identify different security tools and technologies to make security operations more effective. Identification of security gaps, mitigation strategy, implementation tracking till closure Work with various regional SOC and CERT teams on the security aspects an incidents where required Reporting to Function Head GTS SEC SOC

Role Proficiency: Manage a team of Threat Intelligence analysts who oversee delivering the hands-on service to customers and and act as an incident manager with highly technical skills during escalated cyber incidents. Responsible for developing the service to meet market standards. Develop forensic methodologies and dictate the threat hunting methodology to align with the changing cyber landscape and lead the forensic and proactive hunting disciplines into the most advanced techniques in the market. Develop the analysts' technical skills. Effectively communicate with stakeholder. Study the market and help expand the TI service. Outcomes: Stay on top of cyber security news from the clear deep and dark web daily. Pay attention to industry news security threats outside of their network and the intentions of potentially threatening entities. Mentor the team on best practice workflows and procedures to achieve their full potential and to increase level of security posture of customers. Solve complex forensics and hunting issues being escalated by team members and be the highest escalation point for all Operations teams. Define processes and workflows to optimize the work of the CTI analysts. Ensure documentation included in ThreatConnect/ CDC as predefined / agreed standards. Learn from review process for continuous improvement. Communicate and report appropriately as per defined process. Improve and automate response and hunting processes to increase efficiency of the services. Engage with sales teams to drive potential customers to purchase the services and increase CyberProof's margin goals Constantly strive to upgrade team workflows. Measures of Outcomes: CTI weekly recommendations tuning the hunting query etc. Number of threat intelligence finished reports including threat landscape and asset-based intelligence delivered by the analysts Customer satisfaction - upsells new customers customer engagement. Evidence of skill development including training certification etc. Ideas suggested that will help innovation and optimization of processes. Increased productivity and efficiency of the service by focusing on automating activities. Outputs Expected: Collection: Working with OSINT sources. Using WEBINT techniques to collect and enrich intelligence data. Develop and maintain deep web sources. Processing and analysis: Analyse the threat data into a finished report including technical recommendations MITRE ATT&CK mapping and valid IOCs. Complete documentation including annotation in ThreatConnect / CDC to ensure audit trail as per defined standards and quality requirements. In accordance with the defined process ensure that the defined reports are created and published to stakeholders. Continuous Learning innovation and optimization Ensure completion of analysts learning programs. Innovate new processes and workflows to deploy proactivity in all aspects to address complex threats and risks. Communicate with stakeholder: Effectively communicate with customers to deliver timely and accurate Threat Intelligence. Communicate with other teams to collaborate in the development of the Threat Intelligence service and the other offerings of the company. Present finished intelligence to team members management and clients. Learning and Development: Continuously learn new technologies and stay updated on cyber threats. Create innovative research reports (global trends cross clients collaboration with other teams in the company). Develop the analysts' technical skills Sales and service development: Understand the sales cycle and contribute to increase sales. Understand product development and influence on its design. Assist with Marketing efforts to showcase our Intelligence and research Actively help develop new services Skill Examples: User level skills in use of CDC ThreatConnect Sixgill IntSights VT Premium. Ability to manage incidents and collaborating several team activities in parallel streams to handle incident holistically. Excellent logical problem-solving ability and analytical skills for intelligence processing and analysis. Good time management skills Great oral and written communication skills. Presentation skills Sales skills to increase the uptake of services Designing skills for product development Programming languages such as Python and PowerShell Data analytics tools - SQL BI reports Knowledge Examples: Knowledge Examples Understanding of cybersecurity threat landscape and a deep understanding of computer intrusion activities incident response techniques tools and procedures. Understanding of enterprise IT Infrastructure including Networks OS Databases Web Applications etc. Deep and proven knowledge in baseline operating system internals network communications and user behavior. Thorough knowledge of digital forensics methodology as well as security architecture system administration and networking (including TCP/IP DNS HTTP SMTP) Experience conducting research in the areas of WEBINT OSINT social media platforms and virtual HUMINT. Experience with security assessment tools such as NMAP Netcat Nessus and Metasploit is a plus. Desirable - Training / Certification in Ethical Hacking etc. Additional Comments: Requirements: To be successful in this role, you should meet the following requirements: - 5+ years of technical experience in IT or IT Security, for example as a network or operating system administrator. - Expert level knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM), EDR, Email Protection, Case Management & other cyber security tools. - Expert level knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc. - Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google. - Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc. - Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. - Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. - Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards - Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation. - Formal education and advanced degree in Computer Science or similar and/or commensurate demonstrated work experience in the same. - CEH, EnCE, SANS GSEC, GCIH, GCIA CISSP or any similar Certifications. Required Skills Cyber Security,Anti Malware,Firewall,Proxies

Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements). Perform detailed analysis of threats and security events, using sound analytical skills, knowledge, and experience, with a clear narrative to support conclusions. Maintain records of security events investigated, detailed notes of security incident resolution, and incident response activities, utilizing ticketing systems. Make situational incident response recommendations based on best practice security policies that address the clients business need. Research and stay up to date with current security vulnerabilities, attacks, threat actors, security advisories and the MITRE Attack Framework. Manage, maintain, and monitor security alerting systems from remote communications sites to ensure company compliance. Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues. Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network. Open, track and close trouble tickets. Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes. Interface with client through email, phone calls, and meetings or Aspire field personnel to mitigate security incidents. Assist with the preparation of SOC reports, research papers, and blog posts. Investigate and provide technical analysis of various security incidents and possible compromise of systems. Works as Tier I/L1 support and will work directly with Tier II/L2 and TIER III/L3 and NOC Engineers for issue resolution. Provide direct communication to affected users and companies on security incidents and maintenance activities. Maintain customer technical information within defined documentation standards. Obtain/maintain technical/professional certifications applicable to position or as directed. Communicate with customers, peers, team, and managers regarding incident and change management. Provide emergency on-call support on a rotating schedule. Perform other duties as assigned. Technical Skills Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Nice-to-have skills Qualifications Bachelors degree in computer science, Information Technology, or a related field. Experience of 2 to 3 years relevant experience. 1+ year of professional work experience in cyber security field 1+ year of experience with Security Event / Alert Management, Incident Response, and Change Management Processes 1+ year of experience handling security events related to Malware Detection and Analysis, Indicators of Compromise (IOC), Email Phishing, Endpoint Detection and Response (EDR) Knowledge of Runbooks, Playbooks and following Standard Operating Procedures Possession of an Industry Certification (Security+, CySA+, Cisco Cyber-Ops Associate, NSE4, or similar) 1+ years of experience in Security Management. SIEM and Log Management (MS Sentinel , IBM QRadar ,Splunk, OSSIM, FortiSIEM, LogRhythm, etc.) Experience with Firewalls (Palo Alto Networks, Cisco Firepower Manager) Experience with Endpoint Security (Cisco Secure Endpoint, CrowdStrike Falcon, Carbon Black, Microsoft Advanced Threat Protection) Experience with Network Traffic Analytics (Cisco Stealthwatch Cloud, Darktrace) Experience with DNS Security (Cisco Umbrella, Forcepoint) 2+ years of experience with Ticket Management Tools (e.g., ConnectWise, ServiceNow)

Overview: We are looking for an experienced Security Delivery Manager to lead and oversee Security Operations. The ideal candidate will bring strong delivery management capabilities, excellent client-facing communication, and a track record of managing cross-functional teams in high-paced environments. Key Responsibilities: Serve as the primary point of contact for the Security Support Operations across on prem and cloud. Own end-to-end service delivery across functional and technical streams, ensuring adherence to SLAs and KPIs. Lead cross-functional teams of M365, Azure Cloud, End point security, Certificate Management, Threat and Vulnerability management to deliver high-quality support and continuous improvements. Manage the full incident lifecyclemonitoring, prioritization, root cause analysis, and resolution—with proactive trend analysis. Govern the Change Request (CR) process: from scoping and estimation to approvals, implementation, and closure. Collaborate with cross functional teams on Security, access controls, and landscape optimization. Define and enforce SOPs, escalation processes, and communication protocols for critical and high-impact issues. Oversee L1, L2, and L3 support delivery with 24x7 coverage through effective coordination between onshore and offshore teams. Drive ITIL-based processes for incident, problem, change, and release management. Monitor service performance via KPIs, SLAs, and dashboards, and lead continuous service improvement initiatives. Conduct regular service review meetings with stakeholders and ensure high levels of client satisfaction. Manage the pipeline for change requests in line with governance protocols. Provide regular status updates and executive reporting. Required Skills & Qualifications: 14+ years of IT experience with at least 6–8 years in Security Operations. Strong experience managing large-scale Security Operations, having good understanding of SOC compliance, AI Driven security automations and Compliance Governance Require very good understanding of Azure Security Center, Azure AD, Cloud App Security, Mimecast, McAfee, Symantec, M365 Exposure to Gytpol and SafeBreach is added advantage Expert level knowledge on Microsoft 365 Security Suite (Defender, Sentinel, Purview) Experience with SIEM, SOAR, and EDR/XDR platforms. Should have experience overseeing vulnerability scans and coordinate remediation effort, Compliance audits and Certificate management Excellent communication, stakeholder engagement, and escalation management skills. Experience working in hybrid onshore-offshore delivery models. Preferred Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200) Certified Ethical Hacker (CEH) GIAC Certified Incident Handler (GCIH) CompTIA Security+ / CySA+ CISSP or equivalent (preferred)

As a Zscaler L2 Security Engineer, you will play a crucial role in handling complex Zscaler-related issues, diagnosing and resolving security, networking, and performance challenges efficiently. Your responsibilities will include working closely with vendors and internal teams to manage critical security incidents, deploying, configuring, and optimizing Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions, and designing and implementing various security policies such as web filtering, SSL inspection, Data Loss Prevention (DLP), and sandboxing. You will be expected to optimize existing security policies, Access Control Lists (ACLs), and traffic forwarding methods to enhance security and performance, manage integrations with SIEM, EDR, and other security tools for comprehensive visibility and response capabilities, and analyze Zscaler performance metrics to ensure optimal network efficiency. Conducting deep packet inspection (DPI), log analysis, and enforcing zero-trust security principles across the organization's network architecture are also essential aspects of the role. Collaboration with SOC, NOC, and IT teams to align security policies with business requirements, creating detailed documentation for configurations and troubleshooting steps, providing training to support teams, and staying updated with cybersecurity threats and product features are key responsibilities. Your skills should include strong proficiency in Zscaler L2 Security, Zscaler Internet Access (ZIA), and Zscaler Private Access (ZPA), expert-level troubleshooting capabilities, hands-on experience with SIEM, EDR, and DLP systems, proficient packet capture analysis using tools like Wireshark and tcpdump, and a solid understanding of networking protocols and concepts. If you have a Master's qualification and 3-7 years of experience in a similar role, this position offers an opportunity to enhance your skills, contribute to the organization's security posture, and stay ahead of evolving cybersecurity challenges.,

The Pre-Sales Engineer plays a crucial role in collaborating with the Sales team to offer technical expertise throughout the Sales Cycle. Understanding the unique technical requirements and business challenges of potential clients is a primary responsibility. Crafting solutions tailored to meet these needs and effectively communicating the value proposition of the company's products or services are key tasks. Industry exposure in Distribution, System Integrators, GSI, Retail, Service Providers, or OEMs is required. Hands-on experience with Cybersecurity Solutions like Perimeter Security (Firewall), Endpoints (AV, EDR, EPP), and IDAM (SSO, MFA, PIM/PAM) is essential. Key responsibilities include collaborating with clients to comprehend their technical needs, developing industry-specific product demonstrations and presentations, and conducting Proofs of Concept. Training Sales and Pre-Sale teams of Partners in the technical aspects of the product is also a significant part of the role. An in-depth understanding of technical concepts is necessary to deliver successful Demos and POCs and configure solutions according to clients" Network Architectures. Experience with Vendor solutions such as Cisco, Palo Alto Networks, Forcepoint, Netskope, CrowdStrike, or CyberArk, in addition to Industry-recognized certifications like CCNA, CCNP, CCIE, AWS, or Azure, is highly advantageous. Key Attributes: - Excellent communication, presentation, and interpersonal skills - Strong problem-solving abilities - Customer-oriented mindset - Effective time management, team collaboration, and multitasking skills This is a Full-time, Permanent position offering benefits such as Paid time off, and Provident Fund. The work schedule is during the Day shift, and the work location is in person.,

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

About the Company Tata Communications is a leading global provider of telecommunications solutions, committed to delivering innovative and secure connectivity solutions to businesses worldwide. Our mission is to empower businesses with the technology and services they need to thrive in a digital world, fostering a culture of inclusivity and collaboration. About the Role The role requires a highly skilled professional with a strong background in information security and identity management. You will be responsible for optimizing system performance, ensuring security, and supporting the development of security awareness training materials. Responsibilities Experienced in Symantec Endpoint protection, Cortex XDR, EDR. Monitors systems activities and fine-tunes system parameters and configuration to optimize performance and ensure security of systems. Install and test new hardware and software releases. Evaluate and install patches (on devices in scope), perform system upgrades and resolve security issues. Action on advisories. Strong background in supporting the development of information security awareness training materials. Ability to ensure the adoption and governance of standard operating procedures. Perform assessments and make recommendations to improve security tools operations and performance with developed quarterly status reports. Perform lifecycle maintenance of security tools and stay up to date on new features and enhancements in coming releases. Develop reports and alerting within the security tools to ensure agent coverage. Review endpoint policies for effectiveness at mitigating current threats. Provide technical expertise/support for health assessment on the products in scope & implementing health assessment recommendations. Support audit and assessment processes for IT including ISMS audit, IT general controls review, and any other audits or assessments of security and general IT controls. Develop, maintain, test, and troubleshoot policies and rule sets. Create an exceptional end-user identity experience across the organization by integrating systems, applications, services, and platforms with the Identity solution. Install, integrate, configure, and deploy IAM solutions and systems to facilitate User Life-Cycle Management, Identity and Access Governance, Automated Provisioning, Single Sign-On, Federation, Privileged Account Management. Creating and fine-tuning Rules, Solutions/Device Configurations. In-depth understanding of communication protocols (mainly TCP/IP) and expertise in networking firewall concepts and configuration. Good knowledge of continuous improvement initiatives. Knowledge of information security concepts, OWASP web application vulnerabilities, and web-based attacks. Remediation of VA & Application Security Testing (e.g. Appscan) fail points on application & database servers. Providing monthly reports on incidents, escalated incidents, RBAC, age analysis of pending incidents, dormant accounts, vulnerabilities, etc. Performing full backup & incremental backup on a regular basis. Performing security solution DR Drill activities like Failover & Fall-back. Qualifications Minimum 7 years relevant experience with BCA/BSc-IT or 5 years relevant experience with B.E/B.Tech/MCA qualification. Required Skills CEH/ CHFI/ GSEC/ GMON/ ITIL certification. Experience with Symantec Endpoint protection, Cortex XDR, EDR. Strong background in information security. Ability to develop and maintain security policies and procedures. If interested please share your updated resume to janani.k1@tatacommunications.com.,

Come and join a 10-year-old, Fastest Growing, IT Managed Services. We have open positions at various levels throughout the organization. About TeamLogic IT Assist Were a 100-person, $22M managed services provider operating across PA, NJ, NC and FL. Our culture is built on Empathy, Transparency, and Data-Driven Decision-Making, and our mission is simple: Make fans of clients, coworkers, and vendors. For three years running weve been named a Best Place to Work in PA, and we maintain a 98% CSAT and 89 NPS. Our Motto is simple yet powerful: MAKE FANS OUT OF OUR CLIENTS MAKE FANS OUT OF OUR VENDORS MAKE FANS OUT OF EACH OTHER We pride ourselves in creating a family-oriented culture and creating a career path for every employee. We invest all our energy in making sure that you achieve your career goals. We are proud of our Glassdoor Review of 5.0 of employee testimonials. Check it out yourself. https://www.glassdoor.com/Reviews/TeamLogic-IT-Newtown-Reviews- EI_IE222125.0,12_IL.13,20_IC1152654.htm Company Website: https://www.teamlogicit.com/ Position Name - NOC & Security Specialist I Department : Security Operations Reports To : Director of Technology Employment Type : [Full-time] Job Location - India (Remote) Overview: The Network Operations & Security Specialist I serves as a first line of defense for security events while also supporting key NOC functions such as daily monitoring, incident response, network performance assurance, and system uptime. This hybrid role is critical to early threat detection, initial incident response, and proactive infrastructure monitoring to prevent critical outages or breaches. The ideal candidate will be hands-on with tools and platforms in both the cybersecurity and network operations domains and play a key role in maintaining service reliability and security for our clients. Key Responsibilities: Security Operations: Monitor alerts and events from SIEMs, EDR/MDR platforms, and other security tools. Perform initial triage and classification of security incidents. Investigate low-severity alerts and perform response and remediation activities where applicable. Escalate high-risk or complex security incidents to senior Security Advisors and Management. Collaborate with partner MDR and SOC vendors to collect additional context or execute recommended actions. Assist in onboarding, tuning, and maintaining security platforms (e.g., EDR, MDR, SIEM). Maintain detailed documentation for security incidents and actions taken. Support the development and enforcement of internal SecOps policies and procedures. Stay current on emerging threats, vulnerabilities, and mitigation strategies. Network Operations Center (NOC): Monitor the health and performance of client environments using RMM and NOC monitoring tools. Proactively identify and respond to service degradations, outages, and other network/system issues. Perform basic troubleshooting of hardware, network, and system-related problems. Communicate status updates for incidents to internal teams, clients, and management. Ensure tickets are properly documented, prioritized, and resolved within defined SLAs. Prepare standard daily, weekly, and monthly operations and availability reports. Coordinate with team members to ensure smooth handoffs and coverage across shifts. Position Requirements: Education : An associate degree in computer science, information technology, cybersecurity, or a related field. OR- 2 or more years of professional experience in an equivalent position. Technical Skills : Foundational knowledge of cybersecurity principles, threats, and vulnerabilities. Familiarity with: Firewalls, antivirus software, EDR/MDR platforms. SOC/SIEM tools and IDS/IPS systems. Network infrastructure, IP networking, and common protocols (TCP/IP, DNS, DHCP, etc.). Experience working with: PSA and RMM tools (e.g., Autotask, NinjaOne, ConnectWise, etc.) BCDR tools and SaaS environments. Microsoft Windows (desktop and server) and virtualized environments. Additional Skills : Excellent customer service and communication skills, with a strong focus on customer satisfaction. Ability to work independently and manage a flexible schedule. Strong documentation skills to record activities and solutions thoroughly and accurately. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work in a fast-paced and dynamic environment. Willingness to work rotational shifts, including nights and weekends. Preferred Qualifications : Relevant certifications such as CompTIA Security+ or equivalent. Work experience for a Managed Services Provider services multiple client environments Physical Requirements : None Work Environment : This is a fully remote role Application Process : Interested candidates should submit their resume and a cover letter detailing relevant experience and qualifications. TeamLogic IT is committed to creating a diverse environment and is proud to be an equal opportunity employer. We do not discriminate based on race, color, religion, national origin, age, sex, disability, genetic information, veteran status, sexual orientation, gender identity, or any other status protected under applicable federal, state, or local laws. We encourage all qualified candidates to apply and join our inclusive and welcoming team.

As a Junior Security Engineer, you will work closely with senior engineers to ensure the security of an organization's systems and data. Your responsibilities will include monitoring networks, identifying vulnerabilities, and implementing security measures with guidance. You will be involved in various areas such as Vulnerability Management, XDR, EDR, Zero Trust, and DLP technologies. In the realm of Vulnerability Management, you will assist in identifying and assessing vulnerabilities in systems and applications. You will also support the remediation process for these vulnerabilities by utilizing vulnerability scanning tools and reporting on findings. For XDR/EDR, you will be tasked with monitoring security alerts from these platforms and aiding in the investigation of security incidents that are identified. Additionally, you will contribute to the tuning and optimization of XDR/EDR solutions. In the domain of Zero Trust, your role will involve supporting the implementation of Zero Trust principles, including least privilege access, and helping in the configuration of network segmentation and access controls. Regarding DLP, you will monitor data loss prevention alerts and incidents, participate in the development and implementation of DLP policies, and assist in identifying and protecting sensitive data. Your day-to-day responsibilities will encompass monitoring security systems and alerts, analyzing security data to detect potential threats, responding to security incidents, maintaining accurate records of security events, generating reports on security posture, vulnerabilities, and incidents, implementing security solutions and controls, collaborating with other teams to ensure security best practices, and continuously learning about new threats and security technologies. Overall, as a Junior Security Engineer, you will play a crucial role in supporting the overall security posture of the organization and contributing to the ongoing protection of systems and data.,

Position: Presales Engineer (Strong Technical knowledge of Cyber Security Threats, Endpoint Security, EDR / XDR, MDM, ZTUA / ZTNA, DLP, Data Privacy solutions & Network Security solutions). Experience: 5+ Year Job Description Develop a deep understanding of cybersecurity products and solutions offered by Seqrite. Stay updated on industry trends, emerging threats, and advancements in cybersecurity technologies Deliver compelling and persuasive presentations to clients, showcasing the benefits and features of our cybersecurity solutions. Conduct product demonstrations and simulations to illustrate the effectiveness of our solutions. Meet or exceed monthly, quarterly, and annual sales targets and quotas set by the organization by providing full Technical assistance to Sales Team. Initiate and maintain proactive communication with prospective clients. Conduct initial discovery calls to understand client requirements and pain points. Build and maintain strong relationships with potential customers, fostering trust and confidence in our solutions. Collaborate with the sales team to deliver compelling and customized presentations, demonstrating how our solutions meet the specific security requirements of potential clients. Conduct product demonstrations sessions to showcase the effectiveness of our solutions, addressing client concerns and objections. Coordinate and conduct product demonstrations and proof of concepts for potential clients. Manage POC projects from initiation to successful completion, ensuring customer satisfaction. Provide valuable feedback to the organization regarding market trends, client needs, and competitive positioning. Work closely with the sales, marketing, and technical teams to ensure a unified approach to client engagement. Provide feedback from clients to inform product development and improvements. Provide training sessions to clients & Partners for Seqrite solutions. Prepare and maintain detailed records of client interactions and opportunities in the CRM & SharePoint Trackers. Generate reports and analysis to track the progress of presales activities and identify areas for improvement. Analyze competitor solutions and market trends to position our products effectively. Differentiate our offerings by highlighting unique features and benefits. Required Skills: Strong Technical & Communication skills to effectively communicate with Customers & Partners. Strong Technical knowledge of Cyber Security Threats, Endpoint Security, EDR / XDR, MDM, ZTUA / ZTNA, DLP, Data Privacy solutions & Network Security solutions. Focuses on Understanding desired outcomes and showing value for Seqrite Partners & Customers. Develop a deep understanding of our products and services. Provide technical expertise to clients and answer their questions regarding our solutions. Excellent verbal and written communication skills to articulate cybersecurity solutions to clients in a clear and understandable manner. Active listening skills to understand client needs and propose solutions accordingly. Collaborate with the sales team to understand client requirements and objectives. Conduct in-depth consultations with clients to identify cybersecurity challenges and pain points. Willingness to travel as needed to meet with clients and attend industry events. Proficiency in using CRM software to manage leads, opportunities, and customer interactions throughout the sales process. Comfortable with learning and presenting technical information about cybersecurity products and services. Collaborative mindset to work effectively with cross-functional teams, including marketing, product, sales, and technical teams.

Administering and maintaining Deep security systems to ensure the security of IT Infrastructure Monitoring and analysing security alerts to identify potential threats. Ensure proper integration with existing system Troubleshooting and debugging of Problems related to TrendMicro Deep security manager and agent TrendMicro Deep Security Agent management (Agent Installation, Reconciliation, Troubleshooting etc. Fine-tuning of policies in Deep security features such as FIM, Log Inspection, IPS, Firewall, A Developing and updating security policies and procedures related to Deep security (SOP, SCD, NDA etc.) Anti-malware module etc Log monitoring and incident investigation. Maintaining, generating & analysing all deep security related reports Manager version upgradation and capacity management. Should take up with OEM in case of any Deep security related issue reported Ensuring compliance with industry standards, regulations and best practice Mandatory Skills: Antivirus Microsoft EDR XDR Experience : 5-8 Years.