346 Edr Jobs - Page 6

Job Description: Threat Hunting analyst performs a wide variety of security duties with a primary focus on threat actor-based tactics, techniques, and procedures. The ability to manage multiple simultaneous threat hunts spanning several platforms with various TTPs is a key function of this role. Knowledge sharing and mentoring of team members is a critical and necessary skill. Must have the ability to operate under pressure and influence the team dynamic when responding to incidents. Should be able to work to enhance and improve the team and processes over time in a well-established manner. Roles and responsibilities : Perform hypothesis-based threat hunts using popular MITRE attack framework Perform intel-based threat hunting Conduct threat simulation exercises to test current security control Create diamond models to model threat activity Work directly with leadership to develop and improve existing internal processes Develop new processes that will add value to threat hunting team Provide proactive assistance to junior analysts to help them develop their skillset Develop advanced correlation rules for threat detection using CQL (CrowdStrike Query Language) Create and utilize threat intel report to conduct manual hunts across available data sources Perform static and dynamic analysis of malicious files Work proactively on critical security incidents Perform vulnerability review and risk assessment Core experience with Crowdstrike or SPLUNK L3 level experience into investigation, recommendation and take decisions related to Security Incident Investigation, Worked with Leadership Manage End-2-End Security Incident Investigation Experience in creating MITRE Attack Framework Knows basics of Vulnerability Analysis & Risk Assessment Manual Hunt Actively search for threats that may not have been detected by automated security tools. Detect hidden or undisclosed threats using advanced techniques and tools. Develops hypotheses about potential threats based on threat intelligence and industry trends. Performs an in-depth analysis of the network and system to uncover IOCs and APTs. Works closely with other cybersecurity teams to improve detection capabilities and share findings. Have a high level of knowledge in scripting (e.g. Python, PowerShell) to automate threat hunting tasks. Deeply analyze the tactics, techniques, and procedures (TTPs) of the attacker. Advanced Threat Detection Scripting and Programming Knowledge Advanced PowerShell, Bash, and Cmd Analysis Threat Intelligence, Malware Analysis, Vulnerability Analysis, Cloud Security, Data Analysis Required skills : Ability to perform threat hunting using MITRE attack framework Ability to identify/detect/explain malicious activity that occurs within environments with high accuracy/confidence level Ability to develop advanced correlation rules for threat detection. Must be expertise in creating queries using SPL (Search processing language used by Splunk) or CQL (CrowdStrike Query language) Ability to create threat intelligence reports based on available threat intel Ability to perform static and dynamic analysis of possible malicious files Ability to perform Vulnerability analysis and risk assessment Should have strong log analytical skills Should be able to demonstrate good incident response skills in case of critical security incidents Moderate understanding of Windows and Linux operating systems, as well as command line tools Strong verbal as well as written communication skills Basic understanding of malware analysis Year of Experience : 5+ years (Security Operations + Threat Hunting - [Minimum 2 years should be in threat hunting]) Tools - CrowdStrike, Splunk, Logscale Humio Certification : GIAC / Offensive Security certifications preferred CTHP (CTHP (Certified Threat Hunting Professional): An advanced certification for threat hunters.) , C|TIA (Certified Threat Intelligence Analyst), GIAC Certified Threat Intelligence (GCTI), Certified Threat Hunting Professional (CTHP). One of this is a must have. Programing language - Python (Good to have) Qualification : Bachelor of Engineering in any stream

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

As a Senior Security Analyst/Engineer, you will be responsible for supporting the security operations of our organization by assisting in the monitoring, detection, and response to security incidents. This role offers a blend of security analysis and engineering tasks. This position offers a progression from foundational knowledge to more advanced responsibilities, allowing you to contribute significantly to the organization's cybersecurity efforts. Qualifications and Skills: Bachelor's degree ( Bachelor of Engineering / Bachelor of Technology) in Information Technology , Computer Science, Information Security, or related field 8-12 years of experience in a cybersecurity role with progressively increasing responsibilities Strong understanding of cybersecurity principles, threat landscape, and attack methodologies Proficiency in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners Excellent analytical, problem-solving, and decision-making skills Effective communication and stakeholder management abilities Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent are a plus. Experience Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment Hands-on experience with security tool optimization, security assessments, and penetration testing Proven track record of incident response efforts and effectively managing security incidents from detection to resolution.

Role & responsibilities Cyber Security Engineer Preferred candidate profile EDR /XDR , PAM , VA Specialist , MDM would be added advantage , Good knowledge of SIEM.

SOC Analyst Exciting opportunity at hashtag#Corrohealth Infotech Private Limited in Chennai! We are seeking a SOC Analyst with a minimum of 3 years of experience in SOC. Immediate joiners preferred. Eligibility Criteria: - Minimum 3 years in SOC - Any Degree -WFO(Flexibility shift) Certifications: - Cloud Security (Microsoft) - CEH - CompTIA Security+ (any of these) Required Skills: - Work Experience in security tools like SIEM, Vulnerability and Assessment tools, EDR, Data loss prevention, Threat hunting tools - In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc. - Proficient in Incident Management and Response - Expertise in cyber security, firewalls, network security, application security, cloud security - Knowledge in SOC, HITRUST, ISO certifications, and HIPAA, NIST frameworks How to Apply: Interested candidates can contact: RESHMA (HR) Phone: 9361279443

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling.

Incident Response - security incidents detection platforms SIEM, IDS/IPS, endpoint tools Threat intelligence - Collect, analyze, and process from internal and external sources to identify and track emerging threats Monitor cyber threat trends Required Candidate profile 6+ years exp Cybersecurity, incident response threat intelligence. Attack frameworks MITRE ATTACK, Diamond Model, Unified Kill Chain APT actors and their TTPs Threat intelligence platforms

ELIGIBILITY: MCA / B Tech (CS/IT) / BE (CS/IT) Work Experience: 7-10 Years of total work experience. 4+ Years experience of managing SOC. Roles & Responsibilities Manage the SOC operations and related activities Lead SOC team to SOC/SIEM implementation, Log aggregation, Detection & Prevention rules. Direct the functions, processes, and operations of the SOC and ensure standard SOPs are followed. Lead the continuous monitoring related operations of the SOC to ensure optimal identification / resolution of security incidents and enhance security. Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic Actively participate in security incident management and document security/incident response playbooks Review SOC Roster and SOC team performance. Ensure compliance of SLA and adherence of related processes with review of improvement opportunities to meet operational objectives. Lead SOC threat hunting team and create new detection rules Create and publish reports, dashboards, metrics for SOC operations and presentation to customers and management. Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques. Optimization of rules, alerts as per severity of threat perceived from any specific events. Build use cases and correlation alerts in the SIEM for continuous security monitoring Periodic Rules/configuration review as per standard procedure / CIS. SKILLS: Hands-on experience of security tools that include SIEM, SOAR and EDR/XDR, experience in Microsoft Sentinel and IBM Qradar preferred. Familiar with MITRE ATT&CK framework Familiar with multiple Operating System platforms such as Windows, Linux and Unix. Familiar with popular commercials / open source tools and techniques used by hackers Knowledge of Security testing methodology, and other international industry recognised standards and guidelines including CIS controls in depth. Experience in creating detection rule creation using KQL and Regex Aware of general cyber security practices needed by computer and internet user Strong written and verbal communication skills expected - ability to communicate security and risk-related scenarios to both technical and non-technical stakeholders Strong knowledge of Word, Excel and PowerPoint for professional documentations. Ability to work at nights and/or weekends as per urgency / requirement.

Role Name: Sr. Project Manager Job Description : Airtel Business is looking for Sr. Project Manager (Project Director), for managing the Cybersecurity & Managed Security Services to keep our fast-growing MSS portfolio on track. Location : Gurgaon Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of Information security professionals responsible for managing Own 812 concurrent security projects, covering SIEM, SOAR, XDR, firewall management, and cloud security. This position is to be part of a global team, reporting to the Program Head. Be the face of delivery for CXOstranslate tech into business impact, run QBRs, and make renewals feel obvious. Keep us audit-ready (ISO 27001, PCI-DSS, RBI, IRDAI, GDPR, etc.) and drive root-cause fixes. Champion automation and shift-left security, bagging at least two efficiency wins every quarter. Responsibilities: An information security director is responsible for leading and overseeing the information security function. They are entrusted with protecting the confidentiality, integrity, and availability of the Customer information assets. The information security director develops and implements comprehensive strategies, policies, and procedures to identify and mitigate risks, ensure compliance with industry regulations, and respond effectively to security incidents. They work closely with stakeholders across the organization to promote a culture of security and to align information security practices with Client business objectives. Security operations director is responsible for managing the day-to-day activities of the security operations center (SOC) or incident response team. He/She oversee the monitoring of security events, investigations of security incidents, and coordination of incident response efforts. He/She work closely with other Bank teams to ensure timely detection, response, and resolution of security issues. In addition to strategic planning and risk management, the information security director plays a vital role in establishing governance frameworks and ensuring regulatory compliance. Some Common duties and responsibilities include: Strategic Planning: Develop and implement the organization's information security strategy, aligning it with business objectives and risk tolerance. Identify and prioritize security initiatives, establish security goals, and create a roadmap for their implementation. Risk Management: Conduct regular risk assessments to identify and evaluate potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls, policies, and procedures. Monitor and manage security risks through ongoing assessments and the implementation of appropriate safeguards. Stakeholder Management – Sync with Sales, Pre-Sales, Finance, HR, and tech partners so everyone’s rowing in the same direction. Policy and Procedure Development: Establish and enforce information security policies, standards, guidelines, and procedures. Ensure that they align with industry best practices and regulatory requirements. Communicate and educate employees on security policies, promoting a culture of security awareness and compliance. Compliance and Regulatory Requirements: Stay abreast of relevant laws, regulations, and industry standards pertaining to information security. Ensure that the organization's security practices and controls are in compliance with applicable requirements. Liaise with regulatory bodies, auditors, and stakeholders to address compliance issues and maintain regulatory alignment. Incident Response and Management: Develop and maintain an incident response plan to address and manage security incidents effectively. Establish protocols for detecting, responding to, and recovering from security breaches or other security-related incidents. Coordinate with relevant teams to investigate incidents, implement remediation measures, and report on the outcomes. Security Awareness and Training: Develop and deliver security awareness and training programs for employees at all levels of the organization. Ensure that employees understand their role in maintaining information security and are equipped with the knowledge to identify and respond to security risks. Vendor Management: Assess and manage the security risks associated with third-party vendors and suppliers. Establish security requirements and standards for vendor contracts, conduct security assessments of vendors, and monitor ongoing compliance. Security Governance: Establish and maintain security governance frameworks and structures to ensure effective oversight and accountability. Participate in security committees and provide regular updates to executive leadership and the board of directors on the organization's security posture, risks, and compliance status. Security Incident Reporting and Communication: Develop and implement processes for reporting and communicating security incidents to appropriate stakeholders, including executives, legal counsel, and regulatory bodies. Ensure that incident reports are timely, accurate, and comprehensive. Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and technologies in the information security field. Continuously evaluate and enhance the organization's security posture, controls, and processes through regular reviews, audits, and testing. Travel – Up to 10 % across India Technical Skills: 15+ years in IT services with 8+ steering large, multi-tower security or ITOM programs; PMP or Agile cert helps. Strong knowledge in network & Information security Fundamentals. Deep, hands-on exposure to SIEM, SOAR, EDR/XDR, firewall and IPS/IDS stacks. Solid experience with AWS, Azure, or GCP controls, logging, and compliance tooling. Experience in handling large team of Information Security Professionals (>25 nos.) OT/ICS security, GenAI in SOC workflows, or experience with Scaled Agile frameworks. Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Comfortable running ITIL-aligned ops, SLAs, and continual-service-improvement cycles. Good extensive Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS, SOX, CMMi etc.) Mandatory Security Certification (either of CISA, CISM, CISSP, CIPP/R etc.)

PURPOSE OF ROLE In this position you will find yourself responsible for the achievement of the revenue targets and revenue growth for the Cyber Security division of Brennan. Your primary responsibility will be to identify, support, develop and close new business opportunities in line with the companys sales and marketing strategies. Your role will be to work in close collaboration with the existing Account Managers, Business Development Managers and Solutions Architects to prioritise activities, qualify opportunities, ensure consistent engagement experience and ensure we are developing compelling, commercially sound winning propositions. This role is specifically recruited to both support the existing Brennan account management teams uncover, develop and prosecute cyber security opportunities. You will work closely with the Cyber Security Practice to qualify opportunities and ensure we have the most suitable pre-sales support for each qualified opportunity uncovered by the account management team and to drive new logo sales via the state based Brennan Business Development Managers to identify and close new logos. As the intersect between the market and Brennan you will play a key role in the development of our GTM capabilities and offerings in conjunction with our Cyber Security Practice to ensure we are relevant and differentiated in market so as to maximise the opportunity across our Cyber Security portfolio of offerings and capability. Key to this is not only ensuring our growth strategy is achieved in Cyber Security from a revenue and profit perspective but also we align with the business strategy and drive recurring revenue growth. To be successful in this role, you will need to be highly motivated with a consultative approach to solution sales and demonstrate a strong commitment to both prospects and customers. You will have a self-starter mindset and thrive on engaging and talking to all levels of customer stakeholders. Focus on strong business management will be an important part of the role, including planning, forecasting, revenue achievement and customer satisfaction. You will also have a well-structured sales approach to new business development opportunities, pipeline management, and leveraging your existing relationships in the industry to drive new business and channel partnerships. Also to be successful, you will need to be able to work with the greater Brennan business. ROLE RESPONSIBILITIES Whilst your day-to-day activities will vary to meet your roles mission, KPIs and the operational requirements of the job, we envisage the following key activities being required to achieve success in the position Engage & Collaborate [10%] This will grow as the team grows but initially will be a small part of the role. Your success can only be achieved through the success of others. Coach, mentor, guide and train the Sales team on an ongoing basis. Work with the Solutions Architect Team and Cyber Security team to allocate the right resources to the right opportunities, manage the account management territory and ensure proper bid management and opportunity qualification is undertaken. Contribute to the development of new business strategies, policies and best practices through participation in management meetings and other direct contributions. Adhere to proper escalation and change control procedures. Prepare, maintain and submit activity/progress reports and management reports in accordance with published procedures. Supporting & Enabling [20%] Working with the Cyber Security practice to ensure our solutions are fit for purpose and fit for market Working with the Account Management team to identify and uncover new opportunities in existing customers and training them on how to do that effectively Working with partners to articulate the Brennan Cyber Security capabilities and derive new opportunities from the partner channel Selling [65%] Act as our senior sales resource for the Cyber Security division, working on the largest and most complex opportunities - including responding to customer requests for information, developing and planning solution presentations and demonstrations, technical/product guidance in meetings etc. Helping the customer understand the proposed technical solution to the business problem under applicable constraints Leading discussions with customer audiences up to CxO level on the use of Brennan related technologies. Training the broader Brennan Sales Teams on various technologies and solutions with a constant focus on teaching the sales team to self-service these solutions. Develop and cultivate strong customer relationships ensuring a ''Customer for Life'' relationship. Stay current on features and benefits for the Brennan portfolio, industry products and solutions through professional associations, trade journals, networking, and associated training and seminars. Administration [5%] Construction and maintenance of portfolio plans. Weekly activity reporting. Reporting of customer issues, account satisfaction status, exec sponsor summaries. Liaising with Sales Operations regarding all incoming contracts and changes to contracts. Liaising with Service Delivery for provision of services once contract received. Attendance at the weekly sales meeting and a weekly one on one review with your Leader. KEY COMPETENCIES To succeed in this role, you will have the following experience and competencies. Understanding the Customer Consistently demonstrates high levels of understanding of customer's business and their key profitability and other performance drivers. Demonstrates strong levels of awareness about customers' decision making and political landscapes. Builds and maintains a strong network of relationships within the customer base (including C-level) to increase knowledge, intimacy, loyalty and trust. Communication Consistently handles customer push back, complaints and other issues in a professional, empathetic and constructive manner. Questioning & listening - Is highly effective in the skills of questioning and listening to really understand the customers' situation and needs. Communicating value - Displays high levels of expertise in developing and presenting the company's products, services and solutions in a manner that is clearly differentiated from the competition. Time Management Consistently maximises time and resources by applying activity management tools and processes. Prospecting and Pipeline Is highly disciplined in regularly reviewing the sales pipeline - evaluating current opportunities, developing new prospects, and following up work with current customers. Coping and resilience Remains resilient, recovering quickly from setbacks and unexpected obstacles, responding with a positive and constructive attitude under pressure. Pitching Consistently follows a defined process for pursuing and winning competitive pitches. Stakeholder involvement Consistent identification and involvement of stakeholders who need to be consulted in the decision-making process. KEY PERFORMANCE INDICATORS Delivering high performance is a key part of our culture. You will be provided with your specific KPIs / targets / goals once you commence to provide clarity on where to focus your efforts. NOTE: These KPIs/targets/goals are indicative only and will be confirmed with your Leader when you commence the role. Your official and measurable KPIs/targets/goals will be recorded in your Performance Plans. Any future changes to your KPIs/targets/goals will be updated in IntelliHR Key Experience Essential Minimum 10 years ICT sales experience A successful track record in complex Cyber Security sales A successful track record of achieving sales targets. Consultative sales experience and approach Demonstrated ability to position and present at a C-suite level Demonstrated ability to lead and collaborate with a multi-disciplined team Demonstrated ability to manage the sales process and pipeline Demonstrated skills in negotiation, organisation, and time management Strategic thinking with get-up-and-go attitude Professional appearance and presentation A willingness to work and adapt to a fast growing & changing environment. Self-sufficiency and a high degree of autonomy. Ability to perform and work well under pressure. Ability to work within a team and achieve results through others Excellent verbal and written communication skills Desirable Tertiary qualification or relevant sales experience Technical industry certifications. A good knowledge of: SOC & SIEM services and capabilities Technical controls such as EDR, Email Security, Network Security and Cloud Security Proactive services such as Vulnerability Management, Dark Web Monitoring and Security Awareness Training Industry frameworks including ISO27001, NIST, Essential 8 and SMB1001 GRC and Advisory services Offensive Security capabilities KEY ATTRIBUTES The following personal attributes are important for the success of this role: Displays a sense of purpose Displays a sense of urgency Confidence Conviction Curiosity Grasps new concepts and ideas quickly and are able to articulate back accurately Resilience Optimism Business acumen Integrity SPECIAL REQUIREMENTS The staff member (employee and contractor) is responsible to understand, adhere with and deliver services in accordance with the information security requirements identified in the Brennan Information Security Policy, its supporting security procedures and guidelines. Any deviations from these security requirements will be dealt in accordance with the Code of Conduct and the Disciplinary Actions Policy.

Role & responsibilities Handled exposure preparation for the bank. Handled regulatory returns such as CRILC, NeSL, RBS, EDR, PSL and SLBC reporting, SIBC Handling and closure of audit observations Handled Capital adequacy calculation Various Internal and Management reporting/MIS including Board note submissions Handle statutory/Internal/RBI and concurrent audit as well as closure of audit/LFAR observations Support to all automation activities including discussion with vendor on finalization of BRD requirement, handling UAT and subsequently managing production run Support and Back up to Early warning signal system wherever required (Preferably) Support to stakeholders as per requirement of the job

Novo Nordisk Global Business Services ( GBS) India DepartmentGlobal Information Security Advisory Are you passionate about IT security and eager to make a difference in safeguarding critical sys-temsDo you thrive in a global, collaborative environment where your exper-tise can help protect a leading healthcare organisationIf so, we invite you to join us as a Security Operations Analyst at Novo Nordisk. Read on and apply today for a life-changing career! About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets. The position As a Cybersecurity Analyst I, you will play a pivotal role in enhancing and maintaining the IT security posture at Novo Nordisk. Your responsibilities will include: Effectively monitor and manage IT security incidents by analyzing logs, identifying vulnerabilities, managing unauthorized user activity, and handling security notifications from users and regional teams to ensure timely resolution and ad-herence to SLAs. Analyzing and responding to suspicious and malicious emails received through the Phish alarm solution. Provide support to the Vulnerability Management Office (VMO) in the Critical Vul-nerability Response (CVR) process while collaborating with the GSO Data Analyt-ics team to en-hance the SIEM system's accuracy by reducing false positives, demonstrating strong analytical skills and a commitment to cybersecurity excel-lence Managing the Global Intrusion Defense (GID) system, ensuring services like log collection, intrusion detection, and vulnerability assessment are operational. Actively participates in incident response drills and the Major IT Security Incident Response Process (MSIRP), while engaging stakeholders to communicate risks, facilitate vulnera-bility remediation, and support global security initiatives. Qualifications Bachelor of Engineering with relevant IT experience and business experience. Overall 5+ years of core IT security experience with at least 3+ years in relevant security tool. Demonstrated proficiency in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms, coupled with expertise in Windows Operating Systems and enterprise network security. Solid knowledge of Security Operations Center (SOC) operations with Standard Operating Procedure (SOP). Familiarity with forensics, Email Analysis and Cloud. Coordinate with internal teams and external stakeholders to manage the incident response process and collaborate cross-functionally to ensure adherence to secu-rity policies and procedures. Respond to and investigate security incidents such as data breaches, malware in-fections, and unauthorized access attempts while analyzing incidents to deter-mine root cause, scope, and impact. Develop and implement comprehensive incident response plans and procedures for timely and effective responses to security incidents. Security certifications like CEH etc (Good to have). About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets.

Key Skills: Cyber security compliance, EDR, Cyber Security, Threats, Cyber Threat, SIEM Roles and Responsibilities: Operational Maturity: Develop clear documentation for processes, metrics, and outcomes, ensuring adherence to SLAs and compliance requirements. Foster continuous improvement in threat detection and SIEM management. Threat Detection Leadership: Provide technical leadership across threat detection and SIEM, with a focus on enhancing incident handling processes, detection engineering, threat interdiction capabilities and metrics. Security Tool Operations: Own and manage security tool alerts, ensuring comprehensive coverage and effectiveness across the enterprise while continuously improving detection and prevention mechanisms. Cloud and DevOps Security: Drive security capabilities by embedding security into DevOps workflows, leveraging cloud-native tools, and advancing automation for detection and response. Continuous Improvement: Stay current and share best practices on how to use modern methods to address security gaps. Leverage artificial intelligence to reduce manual work. Performance Metrics: Facilitate and monitor key performance metrics and reporting frameworks to ensure the efficiency and effectiveness of the program, facilitating resource allocation and increasing the maturity of the security. Change Management: Follow change management process in managing security platforms Collaboration: Collaborate with cross-functional teams to ensure security solutions meet operational and cultural goals. Collect and analyze feedback to continuously refine tools, platforms, and support processes. Skills Required: 5+ years of experience in cybersecurity, with a focus on threat detection and SIEM. Hands-on experience with CrowdStrike Platform; NG SIEM an advantage Strong knowledge of IT security principles and compliance standards. Proven ability to balance strategic vision with hands-on implementation. Exceptional communication, and problem-solving skills. A driven and self-starting individual who can work independently and take initiative. Experience working across multiple countries and time zones is an advantage. Education: Bachelor's degree in Cyber Security, information technology or related field

Role Proficiency: Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution and/or provide mentorship (Hierarchical or Lateral) to junior associates Outcomes: 1) Update SOP with updated troubleshooting instructions and process changes2) Mentor new team members in understanding customer infrastructure and processes3) Perform analysis for driving incident reduction4) Escalate high priority incidents to customer and organization stakeholders for quicker resolution5) Contribute to planning and successful migration of platforms 6) Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution7) Provide inputs for root cause analysis after major incidents to define preventive and corrective actions Measures of Outcomes: 1) SLA Adherence2) Time bound resolution of elevated tickets - OLA3) Manage ticket backlog timelines - OLA4) Adhere to defined process - Number of NCs in internal/external Audits5) Number of KB articles created6) Number of incidents and change ticket handled 7) Number of elevated tickets resolved8) Number of successful change tickets9) % Completion of all mandatory training requirements Outputs Expected: Resolution: Understand Priority and Severity based on ITIL practice resolve trouble ticket within agreed resolution SLA Execute change control tickets as documented in implementation plan Troubleshooting: Troubleshooting based on available information from previous tickets or consulting with seniors Participate in online knowledge forums reference. Covert the new steps to KB article Perform logical/analytical troubleshooting Escalation/Elevation: Escalate within organization/customer peer in case of resolution delay. Understand OLA between delivery layers (L1 L2 L3 etc) adhere to OLA. Elevate to next level work on elevated tickets from L1 Tickets Backlog/Resolution: Follow up on tickets based on agreed timelines manage ticket backlogs/last activity as per defined process. Resolve incidents and SRs within agreed timelines. Execute change tickets for infrastructure Installation: Install and configure tools software and patches Runbook/KB: Update KB with new findings Document and record troubleshooting steps as knowledge base Collaboration: Collaborate with different towers of delivery for ticket resolution (within SLA resolve L1 tickets with help from respective tower. Collaborate with other team members for timely resolution of tickets. Actively participate in team/organization-wide initiatives. Co-ordinate with UST ISMS teams for resolving connectivity related issues. Stakeholder Management: Lead the customer calls and vendor calls. Organize meeting with different stake holders. Take ownership for function's internal communications and related change management. Strategic: Define the strategy on data management policy management and data retention management. Support definition of the IT strategy for the function's relevant scope and be accountable for ensuring the strategy is tracked benchmarked and updated for the area owned. Process Adherence: Thorough understanding of organization and customer defined process. Suggest process improvements and CSI ideas. Adhere to organization' s policies and business conduct. Process/efficiency Improvement: Proactively identify opportunities to increase service levels and mitigate any issues in service delivery within the function or across functions. Take accountability for overall productivity efforts within the function including coordination of function specific tasks and close collaboration with Finance. Process Implementation: Coordinate and monitor IT process implementation within the function Compliance: Support information governance activities and audit preparations within the function. Act as a function SPOC for IT audits in local sites (incl. preparation interface to local organization mitigation of findings etc.) and work closely with ISRM (Information Security Risk Management). Coordinate overall objective setting preparation and facilitate process in order to achieve consistent objective setting in function Job Description. Coordination Support for CSI across all services in CIS and beyond. Training: On time completion of all mandatory training requirements of organization and customer. Provide On floor training and one to one mentorship for new joiners. Complete certification of respective career paths. Performance Management: Update FAST Goals in NorthStar track report and seek continues feedback from peers and manager. Set goals for team members and mentees and provide feedback Assist new team members to understand the customer environment Skill Examples: 1) Good communication skills (Written verbal and email etiquette) to interact with different teams and customers. 2) Modify / Create runbooks based on suggested changes from juniors or newly identified steps3) Ability to work on an elevated server ticket and solve4) Networking:a. Trouble shooting skills in static and Dynamic routing protocolsb. Should be capable of running netflow analyzers in different product lines5) Server:a. Skills in installing and configuring active directory DNS DHCP DFS IIS patch managementb. Excellent troubleshooting skills in various technologies like AD replication DNS issues etc.c. Skills in managing high availability solutions like failover clustering Vmware clustering etc.6) Storage and Back up:a. Ability to give recommendations to customers. Perform Storage & backup enhancements. Perform change management.b. Skilled in in core fabric technology Storage design and implementation. Hands on experience on backup and storage Command Line Interfacesc. Perform Hardware upgrades firmware upgrades Vulnerability remediation storage and backup commissioning and de-commissioning replication setup and management.d. Skilled in server Network and virtualization technologies. Integration of virtualization storage and backup technologiese. Review the technical diagrams architecture diagrams and modify the SOP and documentations based on business requirements.f. Ability to perform the ITSM functions for storage & backup team and review the quality of ITSM process followed by the team.7) Cloud:a. Skilled in any one of the cloud technologies - AWS Azure GCP.8) Tools:a. Skilled in administration and configuration of monitoring tools like CA UIM SCOM Solarwinds Nagios ServiceNow etcb. Skilled in SQL scriptingc. Skilled in building Custom Reports on Availability and performance of IT infrastructure building based on the customer requirements9) Monitoring:a. Skills in monitoring of infrastructure and application components10) Database:a. Data modeling and database design Database schema creation and managementb. Identify the data integrity violations so that only accurate and appropriate data is entered and maintained.c. Backup and recoveryd. Web-specific tech expertise for e-Biz Cloud etc. Examples of this type of technology include XML CGI Java Ruby firewalls SSL and so on.e. Migrating database instances to new hardware and new versions of software from on premise to cloud based databases and vice versa.11) Quality Analysis: a. Ability to drive service excellence and continuous improvement within the framework defined by IT Operations Knowledge Examples: 1) Good understanding of customer infrastructure and related CIs. 2) ITIL Foundation certification3) Thorough hardware knowledge 4) Basic understanding of capacity planning5) Basic understanding of storage and backup6) Networking:a. Hands-on experience in Routers and switches and Firewallsb. Should have minimum knowledge and hands-on with BGPc. Good understanding in Load balancers and WAN optimizersd. Advance back and restore knowledge in backup tools7) Server:a. Basic to intermediate powershell / BASH/Python scripting knowledge and demonstrated experience in script based tasksb. Knowledge of AD group policy management group policy tools and troubleshooting GPO sc. Basic AD object creation DNS concepts DHCP DFSd. Knowledge with tools like SCCM SCOM administration8) Storage and Backup:a. Subject Matter Expert in any of the Storage & Backup technology9) Tools:a. Proficient in the understanding and troubleshooting of Windows and Linux family of operating systems10) Monitoring:a. Strong knowledge in ITIL process and functions11) Database:a. Knowledge in general database management b. Knowledge in OS System and networking skills Additional Comments: Job Title: Threat Hunter | VAPT Analyst Role Overview: We are seeking a versatile cybersecurity professional who will serve as a Threat Hunter, and VAPT Analyst, responsible for proactively identifying cyber threats, assessing security vulnerabilities, and mitigating email-based attacks. This role requires expertise in threat hunting, and penetration testing, combining advanced technical skills with strong analytical capabilities. The ideal candidate will play a pivotal role in strengthening the organization's cybersecurity posture. Responsibilities: Threat Hunting - Proactively hunt for undetected threats within the organization's networks, systems, and endpoints using threat intelligence and behavioral analysis. - Identify patterns, TTPs (Tactics, Techniques, and Procedures), and anomalies that indicate potential threats or APT activity. - Leverage threat intelligence feeds and MITRE ATT&CK framework to create detection use cases and hypotheses. - Work closely with SOC teams to improve detection rules and accuracy. - Perform forensic investigations and root cause analysis of incidents and suspicious activities. - Develop custom scripts and queries to automate hunting activities (e.g., with EDR, SIEM, XDR tools). - Generate threat hunting reports, indicators of compromise (IOCs), and actionable recommendations. Vulnerability Assessment and Penetration Testing (VAPT) - Conduct vulnerability assessments and penetration tests on systems, applications, and networks. - Identify and analyze critical vulnerabilities, and deliver detailed, actionable reports. - Use automated tools (e.g., Nessus, Burp Suite, Nmap, Metasploit) and manual testing techniques. - Ensure VAPT processes align with compliance and internal policies. - Perform regular and ad-hoc assessments, including web apps, databases, wireless, and APIs. - Provide recommendations for remediation and validate fixes through re-testing. - Maintain up-to-date knowledge of evolving vulnerabilities and attack methods. Qualifications: - Bachelor's degree in Computer Science, Information Security, or related discipline. - 5+ years of experience in a cybersecurity role encompassing threat hunting, and VAPT. - Expertise in VAPT tools and methodologies (e.g., Nessus, Burp Suite, Metasploit, OWASP Top 10). - Strong experience with SIEMs, EDR platforms, threat intel, and threat hunting frameworks (MITRE ATT&CK). - Proficiency in scripting (Python, PowerShell, Bash) for automation and analysis. - Excellent problem-solving, investigative, and reporting skills. - Strong communication and interpersonal skills. - Certifications such as OSCP, CEH, GIAC (GCIH/GPEN/GWAPT), CISSP, or CESM are highly preferred. Required Skills Soc,TTP,Troubleshooting

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.A 15 year full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role is crucial in safeguarding information and maintaining the integrity of business processes in a constantly evolving threat landscape. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Min. 2.5 years of experience in Security Operations Center. Experience in monitoring and alert handling in QRadar SIEM. Security incident handling and reporting. Experienced in EDR alert analysis, preferably SentnelOne. Should be flexible to work in 24/7 rotational shifts. Should possess good communication skills. Mandate skills: Qradar SIEM tool with latest version. Immediate joiners would be preferred.

The Lead Analyst, Cybersecurity Operations will be part of the Cybersecurity team that analyzes, implements, monitors, troubleshoots, and audits the cybersecurity of the Frontier network infrastructure. The analyst provides timely and comprehensive intelligence on internal/external threats for detection, monitoring, threat hunting, and incident response. The scope of environment includes system-monitoring platforms, anti-virus, DLP, URL filtering, and PCI environments. The analyst will be responsible for performing alert analysis, incident response, digital forensics, and supporting penetration remediation on applications/systems. Essential Functions Monitor, investigate, analyze, respond, and report to cyber incidents identified through detection/response platforms. Lead support to Management in detecting and responding to cybersecurity alerts and incident activity. Responsible for engaging and escalating incidents to Cyber Operations Management and other Cyber Incident Response Team members. Actively support incident response activities, efforts, and training exercises (e.g., incidents, tabletops, threat simulations) and be the lead incident response analyst. Actively drive risk reduction efforts for known cyber security vulnerabilities and known attack traffic patterns/indicators of compromise (IOC). Actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, provide proactive threat research, and recommend mitigation strategies. Evaluate and determine if/when cybersecurity violations have occurred through examination of network/application logs, open-source research, vulnerability and configuration scan data, and user provided reports. Proactively conduct investigations, analysis, and evaluation of projects to determine cybersecurity risk and feasibility as required. Administer, maintain, tune, and perform heath checks on cybersecurity products and services (such as: secure mail gateway, SIEM, IDS/IPS, EDR, vulnerability management, brand monitoring, threat intelligence, security rating, DDoS, web proxy, file integrity monitoring (FIM), data loss prevention (DLP), User Entity Behavioral Analytics (UEBA), and other). Provide and implement recommendations for new technical controls to help mitigate security vulnerabilities. Responsible for leading the vulnerability management program functions including hosting weekly meetings with Stakeholders and the operations team, creating and tracking tickets for all vulnerabilities, holding stakeholder teams to meet SLAs, and reporting to the Manager of Cybersecurity on a weekly basis. Actively perform threat hunting activities in the environment to detect cyber threats in the network. Coordinate and support purple, red, and blue team engagements. Provide cybersecurity technical assistance when needed by system/application owners. Support multiple day-to-day cybersecurity tasks and projects efforts. Provide regular status updates to Management on projects and remediation efforts. Solid understanding of cybersecurity policies and procedures, ability to draft, modify and create standard operating procedures (SOPs) for use of other team members. Support organizational Security Awareness Training efforts (suggest training topics, coordinate phishing campaigns, enable awareness to end-users in support of incidents). Support vulnerability assessments functions (such as: enterprise pen testing, application pen testing, static/dynamic testing, scorecard assessments). Participate and support afterhours/on-call rotation requirements for cybersecurity incidents. Responsible for developing, monitoring, and tracking cyber security metrics on a recurring basis, including creating Powerpoint slide decks for presentations. Coordinate response and remediation efforts across various departments in a cooperative and beneficial manner. Responsible for maintaining Incident Response documentation and auditing member contact information on at least a semi-annual basis or as needed. Responsible for attending all vendor meetings and acts as the point of contact for our Cybersecurity vendors. Demonstrate ownership and understanding of tasks when engaging with other team members. Provide leadership, guidance and partnership to Analyst(s) and Senior Analyst(s). Responsible for the onboarding and training of new analysts to the Cybersecurity Operations team. Provide support to management team. Qualifications Bachelors degree in computer science, technology, or equivalent combination of education and relevant experience (required). 6+ years of relevant IT/Cybersecurity experience (required). 5+ years in security operations with hands-on experience with enterprise cybersecurity products, such as Qualys, SentinelOne, Proofpoint, Office365, Microsoft Defender for Cloud, Microsoft Defender for Identity (required). 5+ years of SIEM (security information and event management) platform experience (required). 4+ years supporting adversary tactics and techniques based on MITRE attack framework (required). Knowledge of cyber security standards and frameworks such as ISO 27001, NIST CSF, NIST-800- 53, PCI DSS ASV (highly desired). Hands-on experience with tools like PowerShell, Vulnerability Management suite, Wireshark, and NMAP (required). Position Description Industry cybersecurity certification: CompTIA: Security+ or Pentest+, CEH, CISSP, OCSP, SANS: GCIH or GSEC, CISSP, ISACA: CISA or CISM, Security+, SSCP, or CCNA (required, or willing to attain within 3 months of start date). Hands-on Cloud infrastructure (Azure/AWS/GCP) cybersecurity remediation experience (desirable). Hands-on experience with next-gen endpoint detection/response (EDR), Enterprise Firewall, IPS, Log Management, Cisco, and Checkpoint experience (desirable). URL Filtering (web proxy) and troubleshooting experience (desirable). Solid

Role & responsibilities Must Have: 3 + years hands-on experience with cybersecurity Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), antivirus (AV), Identity and Access Management (IDAM), Security Information and Event Monitoring (SIEM) Security Orchestration and Automation (SOAR) platforms Key Ask for the discussed role: Candidate should be able to support for security related incidents Troubleshooting experience is essential. Should be able to identify and applies mitigation controls (where possible) to remediate alerts Good to have Skills: Cybersecurity certifications including CompTIA Network+, Security+, Cloud+, Ethical Hacker, EnCE, GCFE, GCFA, GNFA, GDAT, GCIH, GREM, CISA, CISM, CISSP, and/or similar cybersecurity certifications

Description: Client is looking for a skilled and versatile Security Engineer (NOT Analyst) to drive the advancement and growth of our detection and automation initiatives. Reporting to the Senior Manager of Security Engineering and Operations, this role will collaborate with cross-functional teams and external partners to mitigate risks and implement security measures that safeguard sensitive data and systems against infiltration and cyber-attacks. The position will also lead our incident response efforts and the development of threat detection platforms. Must Have Skills to Qualify (Atleast 5+ Years): Building automation workflows from scratch Owning SOAR playbook architecture Hands-on Python scripting for integrations Deploying detection logic across hybrid environments Has managed and maintained CASB, EDR, and or an Email Security platform. Developed and enforced security policies across corporate security tools. Designed and built automation workflows in our SOAR platform. Create and maintain custom integrations and scripts using Python. Troubleshoot and resolve issues across security tools and automation pipelines. Is knowledgeable in at least one cloud environment. Knows Terraform or any Infrastructure as Code