218 Edr Jobs - Page 4

Job Title: IT Security Specialist Location: Mohali Job Type: Full- Time Key Responsibilities: • Server Hardening: Implement industry-standard server hardening practices to reduce vulnerabilities across critical servers and endpoints. • Network Hardening & Segmentation: Review firewall rules, apply secure network configurations, and implement logical segmentation to minimize the risk of lateral movement within the network. • Configuration & Patch Management: Define and maintain secure baseline configurations for IT assets. Ensure timely application of security patches and updates to mitigate known vulnerabilities. • Active Directory (AD) Hygiene: Perform regular audits to identify and remove stale user accounts, orphaned objects, and excessive privileges. Implement AD best practices to improve both security and compliance. • Endpoint Security Management: Deploy and manage antivirus software, EDR/XDR solutions, device control mechanisms, and full-disk encryption tools to safeguard endpoints across the enterprise. Qualifications: • Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience) • 2+ years of hands-on experience in IT security, system hardening, and endpoint protection • Strong understanding of Windows and Linux server environments • Experience with Active Directory and group policy management • Familiarity with security frameworks such as NIST, CIS Controls, or ISO 27001 • Working knowledge of EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender) • Excellent problem-solving skills and attention to detail

SOC Analyst - L3 Experience Range : 8 - 15 Years Position : Permanent Location : Chennai (Taramani) Project : Banking Shift : Rotational Notice : Immediate Joiners, Serving Notice Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Overview Experience:3-5 Years Location Hyderabad Analyst, Security Operations About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Security Operations at our Hyderabad office. This role is responsible for maintaining the confidentiality, integrity, and availability of personal information and company assets, ensuring compliance with Omnicom’s internal policies and standards. The Analyst will support the tools, technologies, and operational architecture that monitor and protect Omnicom’s physical and digital environments. This role plays a vital part in defending the organization’s infrastructure and data by executing daily operational security tasks and contributing to long-term strategic security initiatives. Key Responsibilities Manage and support cybersecurity tools and software that protect Omnicom’s digital and physical environments. Operate and maintain controls such as Web Access Firewall (WAF), Zero Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), Cloud Firewall (CFW), Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM) systems. Deploy and maintain software agents and intermediate nodes to facilitate secure operations across cloud and on-premises environments. Collaborate across internal Omnicom teams as well as with external support, accounting, and engineering teams from trusted security partners. Monitor environments for security threats and respond in accordance with incident response protocols. Support ongoing security posture improvement initiatives and assist in risk mitigation efforts. Qualifications Required Qualifications 3–5 years of experience in security operations, cybersecurity, or IT infrastructure. Working knowledge of security platforms such as WAF, CASB, ZTNA, CFW, EDR, and SIEM tools. Familiarity with incident detection, triage, and response processes. Experience in agent deployment and system integration for enterprise-wide security tools. Strong analytical and problem-solving skills with a proactive security mindset. Ability to coordinate across teams and manage third-party security service providers. Excellent communication skills and a detail-oriented approach to operational tasks. Preferred Qualifications Security certifications such as CompTIA Security+, GIAC, or equivalent. Experience with cloud security frameworks and zero trust architecture. Exposure to regulatory compliance environments (e.g., GDPR, HIPAA, ISO 27001).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies

Apply on company website- https://zrec.in/hIRJh?source=CareerSite

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

A Sr Information Security Engineer will be a part of the operations wing of Cybersecurity team at BMC. The Cybersecurity team at BMC is responsible for securing BMC IT infrastructure and assets from unauthorized access and to ensure countermeasures are in place against any cyber-attacks. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Security Engineering Participate in vendor identification and implement Cybersecurity tools for the team. Manage & maintain security tools & systems used for incident response. Create & maintain playbooks for responding to different types of security incidents. Security Monitoring Respond to escalations from the SOC on security alerts, eliminate false positives, triage significant security events based on impact and nature of the security incident, and escalate according to the established procedures. Continuously monitor and analyse security events & newly reported threats to proactively identify any opportunities for process enhancement. Review automated daily security reports of key security controls, identify anomalies and, escalate critical security events to the appropriate stakeholders and follow-up as required. Participate in internal & external security audits. Security Incident Response Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures. Participate in all the phases of security incident response process, including detection, containment, eradication, root cause analysis and post-incident reporting. Collaborate with cross-functional teams as well as external vendors/customers/partners for incident response as required. Record detailed Security Incident Response activities in the Case Management System. To ensure youre set up for success, you will bring the following skillset & experience: Bachelors Degree or equivalent in IT or Computer Science. Security Trainings/Certifications (e.g. SANS, CDAC-DITISS). 3+ years of relevant SOC IR experience. Should be ready to work in 24x7 rotating shifts. Strong analytical and reasoning abilities. Motivation to identify and solve problems. Hands-on experience with SIEM & other cybersecurity tools like AV, EDR, Firewall, SOAR. System & Network Log Analysis. Whilst these are nice to have, our team can help you develop in the following skills: Good verbal and written communication skills. Familiarity with various Cloud & OS environments. Scripting, malware analysis, vulnerability & threat analysis.

Designation: EndPoint Security Engineer Experience: 2-10 Years years Education: Any Graduate Location: Bengaluru Description: Trend Micro Antivirus, EDR (Endpoint Detection & Response)MDM (Mobile Device Management), DLP (Data Loss Prevention)Anti-Spam, Anti-APT (Advanced Persistent Threats)Vulnerability Management & PatchingKnowledge of ITIL Processes If you're passionate about securing endpoints and making a difference in cybersecurity, were looking for YOU!

Job Description We are seeking a skilled Azure Sentinel Logic App and Analytic Rules Engineer to join our cybersecurity team. The ideal candidate will be responsible for designing, implementing, and managing automated workflows using Azure Logic Apps and developing analytic rules within Azure Sentinel to enhance our security posture and incident response capabilities. Responsibilities Design and Develop Logic Apps: Create and manage Azure Logic Apps to automate responses to security incidents detected by Azure Sentinel. This includes configuring triggers, actions, and conditions based on specific security events. Implement Analytic Rules: Develop and optimize analytic rules in Azure Sentinel to detect potential threats and anomalies within the environment. This involves leveraging Kusto Query Language (KQL) to create effective queries that generate actionable alerts. Integrate Security Logs: Streamline the integration of security logs and data sources into Azure Sentinel using Logic Apps, ensuring that all relevant security data is captured and analyzed efficiently. Automate Incident Response: Build automated workflows that respond to alerts generated by Azure Sentinel, including actions such as sending notifications, creating tickets, or executing remediation scripts. Monitor and Optimize: Continuously monitor the performance of Logic Apps and analytic rules, making adjustments as necessary to improve detection rates and reduce false positives. Essential Skills Certifications in Azure, cybersecurity or related fields. Experience with additional security tools and technologies (e.g., firewalls, intrusion detection systems). This role is crucial for enhancing our security operations and ensuring a proactive approach to threat detection and response. If you are passionate about cybersecurity and have the required skills, we encourage you to apply. Proficiency in Kusto Query Language (KQL) for creating and optimizing analytic queries. Experience with Azure Logic Apps, including triggers, actions, and connectors. Familiarity with security frameworks and best practices, including incident response and threat hunting. 3+ years of experience in cybersecurity, with a focus on security operations, incident response, and SIEM platforms. 2+ years of hands-on experience with Azure Sentinel, including the development of analytic rules and Logic Apps. Additional Desired Skills Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Willingness to work in a job that involves 24/7 operations Education Requirements & Experience Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree Minimum of 2-6 years of experience in the IT security industry, preferably working in a SOC environment Certifications: GCIH, CCNA, CCSP, CEH

Role & responsibilities Preferred candidate profile

Job Title: L2 Security Specialist Job Summary: The L2 Security Specialist will take a proactive role in threat hunting, security assessments, and improving defensive measures. This role involves deeper technical analysis, security tool management, and incident response. Key Responsibilities: Perform Data Discovery & Classification to enforce data protection policies. Manage File Upload Security Solutions to prevent malware and data leaks. Conduct Attack Surface Management (ASM) to reduce exposure to threats. Execute Breach & Attack Simulation (BAS) and assist Red Team operations. and analyze Phishing Simulation campaigns to improve security awareness. Implement and audit Active Directory (AD) Security controls. Lead IT Governance, Risk & Compliance (GRC) initiatives (e.g., ISO 27001, NIST). Deploy and analyze Decoy (Honeypot) systems to detect advanced threats. Administer Mobile Device Management (MDM) security policies. Ensure Secure Data Backup & Recovery (Ransomware Protection) effectiveness. Configure and maintain Network Access Control (NAC) solutions. Required Skills & Qualifications: 35 years of experience in cybersecurity operations. Hands-on experience with SIEM, BAS, ASM, and NAC tools. Strong knowledge of phishing, ransomware defense, and AD security. Experience in GRC frameworks (ISO 27001, NIST, GDPR). Familiarity with honeypots, incident response, and threat intelligence. Certifications like CISSP, CISM, OSCP, or CASP+ preferred.

The Endpoint Security Engineer will design, implement, and manage endpoint security solutions across the organization. This role involves collaborating with cross-functional teams to deploy effective security measures while managing project timelines and stakeholder communications. Key Responsibilities Implementation : Design and deploy endpoint security solutions (e. g. , antivirus, EDR, DLP). Conduct security assessments and risk analysis to identify vulnerabilities. Configure and maintain endpoint security tools and policies. Evaluate and recommend new security technologies to enhance endpoint protection. Collaborate with vendors for the implementation of security tools. Project Management : Lead endpoint security projects from initiation to completion. Develop project plans, status reports, and risk management strategies. Monitoring Response : Respond to security incidents and breaches, performing root cause analysis and remediation. Develop and implement incident response plans tailored to endpoint security incidents.

Cloud Security Lead/Architect(L3) Experience architecting security in cloud platforms like AWS, Azure. Experience creating High Level Designing (HLD) - Low-level Designing (LLD), reviewing the technical requirement document (TRD) for cloud security. Define data security policies through AIP,DLP,Etc Thereat hunting experiences with XRD,EDR,SIEM tools. Experience integrating cloud components with SIEM Planning, implementing, designing and reviewing security policies and other compliances. Experience leading SecOps teams. Guide the team on appropriate prioritization of qualified incidents, Notification through standard communication channel and opening of corresponding incident tickets on Ticketing platform Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams Leading IR, Escalations towards closure. Responsible for automating security controls, data and processes to provide improved metrics and operational support Mandatory certifications on Azure,AWS platforms,CCSP,etc. Secondary skillset in Google cloud is Preferred.

Security Service Operations,IT Security Technologies,CISSP, CISM, CRISC, CISA,SIEM, EDR, Email Security Gateways, Vulnerability Management Software, Firewalls,security systems, user authentication and management

We are looking for a candidate who could join our Information Technology Team. Technical Skill Set: 1. Should have a knowledge and understanding of TCP/ UDP. 2. Clean and rigid understanding on what is an AV and whats an EDR solution 3. Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. 4. Understanding on EDR logs and log co-relation. 5. Should be able to understand and retrieve information from packet captures. 6. Should have a sane knowledge of SIEM solution. 7. Knowledge on Log parsing would be an added advantage. 8. Knowledge on Advisories, IOCs, IOAs, Adversories. What are these and how are these to be processed and why? 9. Understanding on actions to be done on receiving an advisory. 10. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: 1. Should be able to prioritize tasks while processing advisories, incidents, problems and events. 2. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. 3. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. 4. Work with the 3rd party solution provider for integration purpose. 5. Prepare documentation related to process and Knowledge base for future easy-reference. 6. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. 7. Vendor management skills. 8. Any earlier experience in crisis situation handling would be an added advantage.

Job Title: Lead SOC Analyst (Microsoft Sentinel Specialist) Location: Bangalore (Work from Office) Department: Security Operations Center (SOC) Reports To: SOC Manager / Head of Security Operations Job Summary: We are seeking a highly skilled and experienced Lead SOC Analyst with deep expertise in Microsoft Sentinel to join our Security Operations Center. The ideal candidate will be responsible for leading threat detection, incident response, and proactive threat hunting activities, with a primary focus on leveraging Microsoft Sentinel and its associated Microsoft Defender XDR ecosystem. Key Responsibilities: Lead day-to-day SOC operations, ensuring timely detection, triage, analysis, and response to security incidents. Design, develop, and fine-tune Microsoft Sentinel analytics rules (KQL) , workbooks, playbooks (Logic Apps), and automation rules. Oversee and improve threat detection use cases , MITRE ATT&CK coverage, and alert tuning in Microsoft Sentinel. Correlate events from Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud to drive enriched detections. Perform proactive threat hunting using Sentinel and other available tools. Guide and mentor SOC Analysts (L1/L2), provide technical escalation support and help develop their technical capabilities. Lead or participate in incident response efforts , including forensic investigation and root cause analysis. Maintain and update SOC documentation, playbooks, and SOPs. Collaborate with internal teams and customers to provide insights, reports, and continuous improvements. Stay updated on the latest cyber threats, vulnerabilities, and Microsoft security product enhancements. Required Skills & Experience: 5+ years of experience in cybersecurity, with at least 2 years of hands-on experience with Microsoft Sentinel . Strong command of Kusto Query Language (KQL) . Experience with Microsoft Defender suite (MDE, MDI, MDO, MDC) and integration with Sentinel. Solid understanding of SIEM/SOAR concepts , threat detection, incident response, and threat hunting. Familiarity with MITRE ATT&CK framework and NIST/ISO incident response process. Experience with Azure Logic Apps and automation in Sentinel is a plus. Hands-on experience in handling advanced persistent threats (APT) , phishing campaigns, lateral movement, and data exfiltration incidents. Preferred Certifications (one or more): Microsoft Certified: Security Operations Analyst Associate (SC-200) Certified SOC Analyst (CSA) Soft Skills: Strong communication and leadership skills. Ability to manage priorities and multitask effectively in a high-pressure environment. Analytical and detail-oriented with a proactive mindset.

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

Eligibility Criteria: Exp: Mini 3 years in SOC Location: Chennai Mode of Work: WFO Mode of Interview: F2F/Virtual Preferred: Immediate Joiner ( Male Candidate ) Required Skills: Work Experience in security tools like SIEM, Vulnerability and Assessment tools, EDR, Data loss prevention, Threat hunting tools. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc. Proficient in Incident Management and Response. Expertise in cyber security, firewalls, network security, application security, cloud security. Knowledge in SOC, HITRUST, ISO certifications, and HIPAA, NIST frameworks. Certifications: Cloud Security (Microsoft) CEH CompTIA Security+ (any of these) If Interested in the above Position, please forward your Updated CV - Email: Abdulmusafir.alavudeen@corrohealth.com Mobile: 9884023362

Exp. in a SOC, incident detection and response,SIEM platform and EDR. understanding of networking principles, TCP/IP, WANs, LANs, and Internet protocols (SMTP, HTTP, FTP, POP, LDAP). cloud security concepts & platforms (e.g., AWS, Azure, GCP).

We are seeking an experienced Associate skilled in Zscaler Proxy, Firewalls, Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) solutions. The successful candidate will play a pivotal role in ensuring the security, availability, and performance of our IT infrastructure by implementing both proactive and reactive measures to secure our network and endpoint environments. Key Responsibilities Zscaler Proxy Management Configure, manage, and optimize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Implement and enforce web security policies to ensure compliance with organizational standards. Troubleshoot and resolve Zscaler-related issues to ensure continuous internet and private application access. Conduct periodic health checks and performance tuning of the Zscaler infrastructure. Firewall Administration Manage and configure firewalls to secure internal and external network traffic. Create and maintain firewall rules, Network Address Translation (NAT) configurations, and VPN setups as per business requirements. Monitor and analyze firewall logs to detect and respond to potential security incidents. Regularly review firewall policies to ensure adherence to industry best practices and compliance standards. Endpoint and Data Protection Monitor endpoint activity for suspicious behavior and respond to threats promptly. Provide incident response support and recommend corrective actions for endpoint security incidents. Participate in vulnerability assessments and implement remediation plans. Collaborate with cross-functional teams to ensure seamless integration of security tools. Prepare and maintain technical documentation, configurations, and standard operating procedures.

About The Role Inside Sales ConsultantExperience 2 to 5 Years (B2B Sales) Location Mumbai (Malad West)- As an Inside Sales Consultant, you will play a critical part in our fast-growing Cyber Security business servicing our customers. You will be part of a smart, innovative team that is changing the way customers buy and manage their IT infrastructure. Candidates with high energy, entrepreneurial-spirited people who settle for nothing less than selling world class solutions & services. The successful candidate will be responsible for driving revenue growth by effectively engaging with prospects and nurturing relationships. - Lead Generation Researching potential customers and identifying decision-makers within target organizations. This involves using various tools and methods to generate leads such as cold calling, email campaigns, social media outreach, and leveraging inbound inquiries. - Qualifying Leads Assessing the viability of leads based on criteria such as budget, authority, need, and timeline (BANT). This helps prioritize efforts towards leads most likely to convert into customers. - Customer Relationship Management Building and maintaining strong relationships with customers throughout the sales process and beyond. This includes following up on sales inquiries, providing ongoing support, and ensuring customer satisfaction. - Sales Reporting and Analysis Tracking sales activities, pipeline development, and forecasting using CRM (Customer Relationship Management) systems. Analyzing sales data to identify trends, opportunities, and areas for improvement. - Collaboration with Other Teams Working closely with sales and technical teams to align sales strategies with overall business objectives. Providing feedback from customers to help improve products and services. - Continuous Learning and Improvement Staying updated on industry trends, market conditions, and competitive activities. Continuously improving sales techniques and product knowledge to enhance effectiveness in generating sales. Key Skills - Bachelor's degree/Master's Degree - preferably IT Industry - Excellent written and verbal communication skills. - Ability to multi-task, organize, and prioritize work. - Excellent presentation skills. - Ability to approach adversity with a positive attitude. Ideal Candidate - Minimum 2-5 years of B2B sales experience working with senior level decision makers (CTO, CIO, CISO and IT Managers) within key verticals, understanding of sales revenue cycle and buying behavior. - Preferred Experience in strategic/solution selling in technologies like Endpoint Security & EDR/XDR, Encryption, Gateway Security, Web Proxy Solution, Data Loss prevention Solution, Email Gateway Security, CASB, IRM/DRM, MDM etc. This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.

Key Responsibilities: • Administration and management support of CrowdStrike Next-Gen SIEM/EDR • Perform threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) to build detection requirements using an intelligence driven approach • Develop, test, and deploy actionable high fidelity CrowdStrike Next-Gen SIEM detection rules. • Collaborate with Security Analysts to create playbooks for triage and response for actionable high-fidelity detections • Collaborate with SIEM architects to develop and define best practices for parsing data and normalizing data to a common event schema • Build and maintain utilities and tools to enable the managed services team to operate quickly and at a large scale • Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents • Develop and maintain processes and documentation

Summary Lead Endpoint Security and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's Endpoint security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Role & responsibilities 1. Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. 2. Configuration, Monitoring & Troubleshooting of Antivirus, EDR, XDR, DLP, APT, Sandboxing, Secure Proxy, Endpoint Security, PIM,HIPS, FIM, Laptop/Desktop Encryption etc. 3.Provide resolution of issues escalated from L1 and L2. Handling Shift Operations across 24x7 4.Prepare HLD & LLD, generate configuration template etc for changes. 5. Ensure coverage and effectiveness of Security Solution, Report and Review incidents. 6. Ensure optimum security, availability, performance, and capacity of security solutions under management 7. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people 8. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. 9. Ensure hardening, latest stable version and security patches of security devices and solutions 10. Track EOL/EOS and ensre that there no technology obsolescence. 11. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. 12. Manage escalations and run the smooth operations of security solutions. 13. Ensure relevant processes are followed for change, incident & daily operations 14. Identify & analyse pain areas in existing security operations & implement improvements 15. Manage operational issues which require design/technical inputs. 16. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS 17. Publish the relevant dashboards and status updates. 18. Escalate deviations and violations in a timely manner. 19. Remain current with organizations security policies, latest security advisories/threats, industry best-practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Knowledge 1. Sound experience in managing Endpoint security technologies and operations in a large and complex environment. 2. Should have sound understanding & knowledge of various Operating system, security technologies & techniques like Anti-malware,APT, Sandboxing, Secure Proxy, Endpoint Security, PIM, NAC,HIPS, FIM, Laptop/Desktop Encryption etc. 3. Should have hands on experience on Antivirus, EDR, XDR, DLP and incident response techniques and technologies. 4. Should have knowledge & understanding of Cloud Technologies, IT infrastructure & networking technologies, operations and security principles. 5. Should have sound understanding about Threat Hunting, Mitigation and Response. 6. Strong understanding of Regulatory security guildelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. 7. Should be well versed with ITIL and ITSM practices. Preferred candidate profile 1. Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. 2. Strong leadership, negotiation, and conflict resolution skills. 3. Detail-oriented with a focus on quality and accuracy in project/service deliverables 4. Should have strong written, verbal and presentation skills. 5. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.