346 Edr Jobs - Page 7

Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience and Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If youre interested please share below mention details for the same. Location Are you willing to relocate to Guwahati : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:[HIDDEN TEXT] Regards,

Must-Have Skills: Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities: Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Required Skills L3 SOC Analyst, Qradar OR Sentinel OR Splunk or Google Chronicle) - Any 2 of the SIEM tools required EDR tools (Crowdstrike OR Defender OR SentinelOne) - Any 2 of the EDR tools required

The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 6+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Exp in L1, L2 and L3 mandatory. Looking for a candidate who can join company within 30 Days For more details feel free to call Jyoti Tiwari 9819589998

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Global Cyber Defense Security Operations Center What can you expect We are looking for someone to join and grow in our Security Operations Center (SOC) in a technical analyst role on various daytime business hours shifts. As an Analyst, you will be responsible for analyzing security event data, assessing the potential impact of events, and creating recommendations to defend against emerging threats. You will follow security events through the triage and response lifecycle and document all processes in a centralized knowledgebase. In this role, you will participate in ongoing security incidents and continuous SOC initiatives, such as new content development and enrichment. Additionally, you will collaborate across multiple teams on various efforts to continue to strengthen the security posture of Marsh & McLennan Companies. What is in it for you Be able to work with a global team with a company with a strong brand and strong results to match. Be part of an organization with a culture of internal mobility, collaboration, valued partnership from the business and drive for innovation in data & analytics, including the latest AI technology Grow your career with direct exposure to Senior Technologists, Business Leaders, and s which provide access relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations. Competitive pay (salary and bonus potential), Full benefits package starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account.) Entitled to vacation, floating holidays, time off to give back to your community, sick days, and national holidays. We will count on you to: Analyzing network traffic, endpoint security events, and other various log sources to identify threats, assess potential impact, and recommend mitigations Supporting other security functions and teams to ensure the holistic implementation of security controls, technologies, practices, and programs Contributing to the development and improvement of response processes, documentation, tool configurations, and detection logic Assisting in additional Security Operation Center initiatives, including playbook development and documentation, new rule creation, and tool evaluations Maintaining an operational knowledge of global threat trends, known threat actors, common tactics, techniques, and procedures (TTPs), and emerging security technologies Collaborating on Security Operation Center team training opportunities and other cross training opportunities Operating as a subject matter expert on various security topics across multiple domains Supporting 24x7 operations by assisting in ongoing incidents during non-standard hours What you need to have Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience 2+ years of information security experience and/or 2-4 years of experience in security analysis in a non-security focused role Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences Demonstrated experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies Knowledge in one or more of the following domainsNetwork Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography What makes you stand out Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously Knowledge of common attacks, current threats, threat actors, and industry trends Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework Professional or technical certifications, such as Security+, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or other related certifications Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Must Have Skills Windows Servers | Domain Controllers | Active Directory | Azure Active Directory | Group Policy Enterprise Proxy Solution - Preferably Zscaler or Netskope. Inline CASB, Web DLP. Zero Trust Platform (Zero Trust Application Access / Zero Trust Remote VPN) Privilege Access Management (PIM/PAM) Basics of hardware, networking, IP addressing, VLAN, LAN, WAN, MPLS Endpoint Security Management. Preferably EDR/XDR CS Falcon, Sentinel One, MS Defender for Endpoint, DLP, ATP, Web Security. Good in Soft skills, logical and analytical thinking, troubleshooting and problem management, ticketing systems, SLA Management, Good to have Azure information protection Microsoft Enterprise Mobility and Security Office 365 Security administration Cloud Computing Basics with Azure / AWS Security administration Web Application Firewall management. Qualifications Basic Graduation and Proficiency in technology areas mentioned. Professional Certifications would be an added advantage. Qualifications Basic Graduation and Proficiency in technology areas mentioned. Professional Certifications would be an added advantage. Additional Information 100% Work from Office (24 X7) Rotational shifts Current office location is Vikhroli however team will move to Thane (GB) in few months Job Location

Role & responsibilities Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred.

Job Description . Lead with consultative customer conversations and proactively identify cyber security sales opportunities in company's existing account base & new accounts. • Own, develop and execute all areas of the sales cycle for cyber security opportunities. • Understand and map customer business objectives, IT strategy, technical and commercial requirements to relevant technology solutions. • Clearly articulate how security solutions can deliver customer business value. • Collaborate with cross-functional teams like coverage, pre-sales, delivery teams etc. for overall success of business. • Contribute to the development and growth of the company's cyber security proposition. Requirements Minimum of bachelor's degree in engineering and MBA or equivalent Minimum 5+ Years of experience managing sales of cybersecurity solutions across OEM or Systems Integration organizations. Existing relationships with CIO/CISO/Security decision-makers and with key cybersecurity OEMs Ability to develop strategy, be creative, have technical aptitude, solve problems, and adapt. Enthusiastic and self-motivated. Excellent interpersonal, verbal and written communication skills

LTI Mindtree hiring EDR Researcher role. 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred. ***Willing to work in rotational shift timings.// To be added if required Job Location: Pan India Experience: 3 to 5 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

Managing GRC, IT/IS audits, Data Privacy SEBI/RBI Cyber security framework, Data privacy, GDPR Data privacy, DPDPA, ISO NCIIPC guidelines, NIST framework Information Technology Infrastructure, Information Security Compliance/regulatory requirements Required Candidate profile Experience in Information Technology Infrastructure, Information Security. Experience in managing GRC, IT/IS audits, Data Privacy Exposure on SEBI/RBI Cyber security framework, Data privacy, GDPR

Endpoint Security Specialist Job Title : Endpoint Security Specialist Location : Chennai, Hyderabad, Bangalore Experience : 0-3 Role Summary: Protects endpoint devices (laptops, servers, mobile) from cyber threats. Key Responsibilities: Design and implement endpoint protection strategies. Monitor and manage antivirus, EDR, and DLP tools. Respond to endpoint-related incidents. Maintain awareness of emerging threats Skills Required: Knowledge of Windows/Linux OS security. Experience with endpoint protection platforms (CrowdStrike, Sentinel One). Familiarity with encryption and certificate management. Qualifications: Bachelors in IT or Cybersecurity. Certifications: CISSP, CEH, or GIAC.

At Holiday Inn Club Vacations, we believe in strengthening families. And we look for people who exhibit the courage, caring and creativity to help us become the most loved brand in family travel. Were committed to growing our people, memberships, resorts and guest love. Thats why we need individuals who are passionate in life and bring those qualities to work every day. Do you instill confidence, trust and respect in those around you? Do you encourage success and build relationships? If so, we’re looking for you. POSITION DESCRIPTION: Holiday Inn Club Vacations seeking a Cybersecurity Engineer plays a critical role in designing, implementing, and maintaining security solutions to protect the organization’s digital assets, infrastructure, and guest data. As part of the Emerging Technology and Cybersecurity team, this role focuses on assessing new technologies for secure adoption, engineering forward-looking cybersecurity capabilities, and ensuring that security is embedded into innovation initiatives across the business. This role supports a secure, resilient technology ecosystem for a fast-paced, timeshare organization. This position is ideal for individuals passionate about cybersecurity, and ready to contribute to protecting the digital infrastructure of a timeshare organization that serves thousands of vacation owners and guests. KEY RESPONSIBILITIES Design, implement, and manage security solutions (e.g., firewalls, endpoint protection, identity management, cloud security tools). Evaluate emerging technologies and support secure integration into enterprise environments (e.g., AI, IoT, automation platforms). Provide expertise for risk assessments, security architecture reviews, and threat modeling for new systems, services and applications. Collaborate with IT, development, and business teams to ensure security-by-design principles are followed. Automate security operations through scripting and integration of tools (e.g., SOAR, CI/CD pipelines). Assist in the development of security standards, policies, and best practices. Support vulnerability and patch management processes, including scanning, prioritization, and remediation coordination. Investigate and respond to complex security incidents, working closely with SOC and incident response teams. Stay current with the cybersecurity landscape and recommend relevant tools or strategies to strengthen security posture. Contribute to strategic cybersecurity initiatives and compliance efforts, including PCI-DSS, GDPR, and NIST CSF, where applicable. Participate in red/blue team exercises, tabletop simulations, and continuous SOC capability improvement. Other duties as required QUALIFICATIONS: Education & Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field; or equivalent professional experience. 3–6 years of experience in cybersecurity engineering, systems security, or related discipline. Strong knowledge of security technologies including firewalls, SIEM, EDR, MFA, DLP, CASB, and cloud security controls. Experience with securing cloud platforms (AWS, Azure, GCP) and hybrid environments. Familiarity with DevSecOps principles, container security (e.g., Docker, Kubernetes), and automation tools (e.g., Terraform, Ansible). Hands-on experience with scripting (Python, PowerShell, or Bash) for automation and tool integration. Certifications (preferred but not required): Microsoft SC-100/200, Certified Information Security Manager (CISM) GIAC (GSEC, GCIA, GCSA) CISSP or equivalent KEY COMPENTENCIES Strong problem-solving and analytical skills. Proactive and innovative mindset with the ability to assess and integrate new technologies securely. Excellent communication skills for working with both technical and non-technical stakeholders. Ability to prioritize and manage multiple projects in a dynamic, fast-paced environment. High attention to detail and documentation standards. Strong understanding of regulatory requirements and industry standards (e.g., NIST, ISO 27001, CIS).

Qualifications • BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. • Security certifications like CEH or equivalent preferred. Experience and Skillset • Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). • In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. • Proficient in Incident Management and Response. • Basic knowledge of Windows and Unix environments. • Knowledge of OSI Model, TCP/IP Protocols, network security. • Knowledge about other security tools like – Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities • Responsible for working in a 24x7 Security Operation center (SOC) environment. • Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. • Monitor various dash boards from different security solutions on shift basis. • Work with the engineering team for Sensor and SIEM rules fine-tuning. • Prepare various management reports from SIEM and other security solutions. • Provide analysis and trending of security log data from a large number of heterogeneous security devices. • Provide threat and vulnerability analysis as well as security advisory services. • Analyze and respond to previously undisclosed software and hardware vulnerabilities. • Investigate, document, and report on information security issues and emerging trends. • Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. • Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If you’re interested please share below mention details for the same. Location Are you willing to relocate to Guwahati? : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:ashwini.chakor@ril.com Regards,

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on Internal SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Greetings from TCS! Dear Professional, This is Deepa Natarajan, part of Strategic hiring team of Tata Consultancy Services. Hope you and your family are doing good. Role : Crowdstrike Analyst/SME Desired Experience Range : 4-15 years Joining Location : Pan India We are currently planning to do an In-person Drive on 5th July 2025 at the below mentioned locations. Date : 5th July 2025 Venue Details : Hyderabad: TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore: TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai: TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai: TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida: TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata: TCS Gitanjali Park | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India Pune : Tata Consultancy Services, Sahyadri Park SP1, S3 Builiding, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune 411057 Kindly fill in the below details and revert to deepa.natarajan3@tcs.com (with Updated CV). - Very Important to consider the profile. (Note: The details are collected to do a basic HR screening to initiate discussion for your candidature) Minimum Qualification: 15 years of full-time education Highest Fulltime Graduation: Current Location: Preferred Location: Current Organization: Total Years of exp: Relevant years of exp: Current CTC: Expected CTC: Notice Period: Any gaps/breaks in career/Education: Do you attend any interviews recently with TCS (YES/NO): Willing to attend in-person interview at the above-mentioned locations (YES/NO): If yes, mention the location you are planning to report on the day of interview:

Role Summary: Protects endpoint devices (laptops, servers, mobile) from cyber threats. Key Responsibilities: Design and implement endpoint protection strategies. Monitor and manage antivirus, EDR, and DLP tools. Respond to endpoint-related incidents. Maintain awareness of emerging threats Skills Required: Knowledge of Windows/Linux OS security. Experience with endpoint protection platforms (CrowdStrike, Sentinel One). Familiarity with encryption and certificate management. Qualifications: Bachelors in IT or Cybersecurity. Certifications: CISSP, CEH, or GIAC.

LTIMindtree Hiring for EDR Researcher. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Pune Note-Willing to work in rotational shift timings. if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred.

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Onboarding, Log ingestion, writing rules and polices in Cloud Security/SIEM/EDR/Antivirus/XDR/Firewall/MDR/SOAR tool Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Accountabilities Job Description Develop, enhance, and operationalize IT Security processes Lead, coach, and mentor a high-performing, highly engaged team, supporting initiatives covering Information Security, Incident Management, and Vulnerability Management Develop, measure, analyze, and maintain the internal and external service metrics for Security Service Operations, providing timely reports to leadership teams Lead, coordinate, and train others on effective management of security incidents and operational responses Collaborate across various business units to deliver the most Resource work in shifts 2:30AM till 10:3APM or 10:30AM to 7:30PM IST comprehensive security response Implement security and risk programs to ensure operational efficiency and auditability Understand business needs and intuitively recommend secure solutions Lead and manage IR issues and provide timely feedback to management and supervisor Provide guidance to the IT security team members Assign tasks and projects to team members based on their skills and expertise Assess and prioritize security risks and vulnerabilities and develop mitigation strategies Lead the response to security incidents, including breaches, attacks, and data breaches Conduct post-incident reviews to identify lessons learned and improve incident response processes Monitor security alerts and events, and coordinate appropriate responses Collaborate with other IT teams, departments, and business units to integrate security measures and requirements Provide regular reports to Leadership on the productivity, Team performance Maintain comprehensive documentation of security procedures, incident responses, and configurations Develops and maintains a productive work teams by hiring qualified personnel, training, and managing performance Manages teams with integrity, ethical business practices, and in accordance with Mouser policies, procedures, and practices Customarily and regularly directs the work of two or more full-time employees or their equivalent Makes suggestions and recommendation for these employees regarding performance, including hiring, transfer, advancement, and termination Manages daily operations to meet department and company objectives Works with minimum supervision and makes independent judgments Flexible to meet the changing needs of the business and willingness to take on new responsibilities and assignments Initiates, establishes and maintains highly effective relationships with internal and external business contacts of various cultures, and at all levels Extremely confidential and trustworthy Demonstrates knowledge, experience and understanding of critical job functions of the team Assists management with development of results oriented strategies Regular attendance at work is an essential part of the job Skills & Certifications Extensive knowledge of key IT Security Technologies Preferred to have an Industry respected Certification (CISSP, CISM, CRISC, CISA) Maintain current and extensive knowledge of emerging security threats Possess excellent verbal, interpersonal and written technical and non-technical communication skills Education & Experience Bachelors Degree in any field, or minimum of 3 years prior work experience that is relevant to the team you will supervise Including: Internal candidates: Minimum 1 year as a highly performing Lead/Coordinator or a total of 2 years as a highly performing Mouser employee External candidates: Minimum 2 years as a supervisor or higher-level management position 6+ years of experience working with SIEM, EDR, Email Security Gateways, Vulnerability Management Software, Firewalls, etc 6+ years of experience working with security systems, user authentication and management 3+ years of leadership and project management experience Additional Information At Tietoevry, we believe in the power of diversity, equity, and inclusion We encourage applicants of all backgrounds, genders (m/f/d), and walks of life to join our team, as we believe that this fosters an inspiring workplace and fuels innovation ?Our commitment to openness, trust, and diversity is at the heart of our mission to create digital futures that benefit businesses, societies, and humanity Diversity,?equity and?inclusion (tietoevry com)

Cloud Engineer II (Security+M365) Shift-24*7(Rotational shift) strong focus on Microsoft 365, Purview, Microsoft Entra, and Defender. About the team: Our team consists of skilled and experienced professionals who are committed to delivering high-quality work in cloud migration, DevOps, FinOps, datacenter migrations, AD migration and Infrastructure security across multi-cloud. Engage with clients to understand their business objectives and technical requirements. Strong understanding of cloud security frameworks and architectures. Collaborate with development, operations, and security teams to ensure seamless integration and deployment of cloud services. Be AmbITious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. Desired Candidate Profile Engage with clients to understand their business objectives and technical requirements. Minimum of 3-5+ years of experience in cloud engineering and consulting, with a strong focus on Security services including Microsoft Purview and Defender. Hands-on experience with Microsoft Purview for data governance, compliance, and information protection. Hands-on experience with Microsoft Defender for Endpoint for security threat detection and remediation. Strong knowledge of Microsoft Defender Suite including Defender for Office 365, Identity, and Endpoint. Expertise in Office 365 Security & Compliance Center for threat management and incident response. Experience implementing Endpoint Security solutions across hybrid environments. Ability to design and enforce security policies aligned with organizational risk and compliance goals. Strong understanding of cloud security frameworks and architectures. Collaborate with development, operations, and security teams to ensure seamless integration and deployment of cloud services. Understanding of Zero Trust security models and their application within modern workplace solutions. Monitor and optimize cloud performance, cost, and security. Stay up to date with the latest cloud services, features, and best practices. Excellent problem-solving skills and attention to detail. Knowledge and experience working with ServiceNow and the ITIL Service Management Framework. Qualifications: Bachelors degree in computer science, Information Technology, or a related field. Minimum of 3-5 years of experience in cloud engineering and consulting, with a strong focus on Microsoft 365, Purview, Microsoft Entra, and Defender. Exceptional problem-solving skills and strategic thinking abilities. Excellent communication and interpersonal skills, with the ability to articulate complex technical concepts to diverse audiences. Relevant certifications such as Microsoft Certified: Implement Information Protection in Microsoft 365 are highly desirable Behavioral Skills Email Communication, Presentation, Public Speaking Strategic Thinking, Transactions Processing, Planning Analytical Thinking, Scientific Temperament Interpersonal Skills, Nurturing Relationships Customer Service Orientation, Business Appreciation About Insight: Founded in 1988, Insight is headquartered in Chandler, Arizona, USA and has more and has more than 13000+ Teammates worldwide with global presence in Canada, United Kingdom, Germany, Australia, India, Singapore and many more. With offices in the prime location -Gurgaon, Noida and Bangalore we have 1000+ teammates operating from India. As a Fortune 500-ranked global provider of Digital Innovation, Cloud Data Center Transformation and Supply Chain Optimization solutions and services, we help clients successfully manage their IT today while transforming for tomorrow, recognized for its excellence. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Today's talent leads tomorrow's success. Learn about careers at Insight: https://www.insight.com/en_US/careers/india.html

Scope of Position: The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness. RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced SOC Lead to manage security operations, lead incident investigations, and handle client interactions. The ideal candidate has hands-on expertise with Microsoft Sentinel, strong knowledge of the MITRE ATT&CK framework, and experience with EDR, SOAR, and network log analysis. Roles & Responsibilities:-Lead day-to-day SOC operations and manage a team of analysts.-Perform in-depth investigations using Sentinel SIEM, SOAR tools, and threat intel.-Analyze logs from EDR, firewalls, and network devices.-Apply MITRE ATT&CK to enhance threat detection and response.-Design and tune Sentinel analytics, playbooks, and automation workflows.Collaborate directly with clients on incident response, reporting, and recommendations.-Mentor team members and improve SOC processes. :-6+ years in SOC, 2+ in a lead role.-Strong Sentinel and SOAR hands-on experience.-Solid grasp of EDR tools, threat hunting, and log analysis.-Excellent client communication and stakeholder management skills.-Certifications like SC-200, AZ-500, GCIH, or similar are a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks. Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical Skills: -68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education\ Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education