218 Edr Jobs - Page 7

Minimum 6+ years of experience in Cyber Security engineering and development Expertise in tools like SIEM,EDR, Vulnerability Management, Email security, etc. knowledge of Cloud Platform, network security. Apply - surinderkaur.rimpac@gmail.com

Dear Candidates, Greetings from Fujitsu, Your Profile has been shortlisted from Naukri. Apply Here: https://r.ripplehire.com/s/csxbX PFB the JD for your reference. Role: Security Technician Experience : 7-9 Years Location: Pune Shift: UK Shift Requirement : Endpoint Detect and Respond (EDR), Cortex XDR. Responsibilities: The Candidate should be able to communicate with Customers and understand the problem statement and act on it, Experience in CyberArk Privileged Account Security and supporting L2 support. Investigate and resolve complex technical issues related to PAM, especially those involving CyberArk products like CyberArk Privileged Access Security. Create and maintain technical documentation, knowledge base articles, and guides to help customers and internal teams. Manage and escalate critical support issues, when necessary, while maintaining clear communication with customers to manage expectations.Ensure that customer issues are resolved in a timely and satisfactory manner, striving for high levels of customer satisfaction. Ensure that customer issues are resolved in a timely and satisfactory manner, striving for high levels of customer satisfaction. Stay updated on evolving cybersecurity threats, industry compliance requirements, and emerging technologies. Implement monitoring and reporting solutions to proactively identify and address potential security risks and issues. Note : Please apply on the above given link.

(1) JD for DLP Engineer - L2: Experience: 5-10 years Qualification: Graduation (Computer Science), Endpoint Certification Location: Mumbai, Chennai Job Responsibilities: Log source integration and troubleshooting. Management/ maintenance of DLP and data classification solutions deployed by bidder. Implementation of any new policies with respect to DLP and data classification with help of bidder offsite team/OEM. Handling all incidents reported by solutions until closed. Co-ordinate with all Teams for follow-up for open tickets & activities. Daily administrative tasks, reporting (including daily system health report), and communication with the relevant departments in the organization. Coordinate with OEM team in Incident Validation, Incident Analysis, Solution Recommendation, Resolve Escalations, Escalation point for device issue resolution, Resolve user queries. Monitor quality and risk related activities on solutions under bidder. The implementation of solutions on additional agents after UAT signoff of the solution. Integration of additional third-party (Network/Security/cloud or on [1]prem solutions) solutions with Deployed solutions. Job Requirements: Minimum 5 years of total IT experience. 3 years of experience in implementation of DLP and data classification solutions. Qualification in full time B.E./ B.Tech/ MCA/ MSc (IT/CS)/ B.Sc. (IT/CS). Experience on DLP Forcepoint Certified from any reputed Endpoint Protection Platform. Preference will be given to candidates having certification on the proposed solution Willing to work for long-term. (2) JD for DLP Engineer - L1: Experience: 2-4 years Qualification: Graduation, Endpoint Certification Location: Mumbai Key Responsibilities: Implement and manage DLP policies to prevent data breaches. Deploy and optimize EDR & XDR solutions for threat detection & response. Monitor security incidents, conduct forensic analysis, and mitigate risks. Enforce endpoint security best practices and ensure compliance. Collaborate with IT/security teams to strengthen defenses. Requirements: 1-3 years of experience in DLP, EDR, XDR solutions. Strong knowledge of network security, threat detection, and incident response . Certified from any reputed Endpoint Protection Platform.

Dear Candidate, We are looking for a skilled Cyber Security Engineer to design, implement, and maintain security solutions that protect systems, networks, and data from cyber threats. You will be responsible for threat detection, vulnerability assessments, incident response, and security compliance . If you have expertise in network security, endpoint protection, cloud security, and risk management , we'd love to hear from you! Key Responsibilities: Design and implement cybersecurity frameworks to protect IT infrastructure and applications. Conduct risk assessments, vulnerability scans, and penetration testing to identify security weaknesses. Implement and maintain firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM solutions . Develop and enforce security policies, procedures, and best practices . Investigate and respond to security incidents, breaches, and cyber threats . Perform log analysis, threat intelligence, and forensic investigations . Manage identity and access management (IAM) , multi-factor authentication (MFA), and privilege access controls. Secure cloud environments (AWS, Azure, GCP) and implement cloud security best practices . Conduct security awareness training for employees to mitigate cyber risks. Collaborate with DevOps teams to ensure secure coding and DevSecOps practices . Stay up to date with emerging threats, vulnerabilities, and cybersecurity trends . Required Skills & Qualifications: Strong knowledge of network security, firewalls, VPNs, and IDS/IPS solutions . Experience with SIEM tools (Splunk, IBM QRadar, ArcSight, ELK Stack). Hands-on experience with endpoint security solutions (CrowdStrike, Symantec, Microsoft Defender). Proficiency in penetration testing tools (Burp Suite, Metasploit, Kali Linux, Nmap). Understanding of encryption, authentication protocols (TLS, SSL, AES, RSA, PKI, OAuth, SAML) . Familiarity with cloud security best practices (AWS Security Hub, Azure Security Center, GCP Security Command Center). Experience with compliance frameworks (NIST, ISO 27001, CIS, SOC 2, GDPR, HIPAA). Knowledge of identity and access management (IAM, MFA, SSO, LDAP, Active Directory) . Ability to analyze security logs, alerts, and forensic data for threat detection. Strong scripting and automation skills (Python, PowerShell, Bash). Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

SecurityHQ Security Engineer L2 - General Duties (Experience 3 - 5 years) Security Monitoring and Incident Response : Review and address incidents flagged by the SOC. Collaborate with the corporate IT team, Firewall management, advisory, and EDR teams to implement appropriate responses and remediation actions. Hands-on experience will be an added advantage with tools such as SIEM platforms, EDR solutions, identity and access management systems, cloud environments, email security gateways, web application firewall (WAF) solutions, network firewalls, Zero Trust Network Access (ZTNA) technologies, and enterprise password management systems. Security Configuration and Threat Hunting : Continuously review and assess security configurations across the infrastructure to identify potential gaps. Conduct threat hunting to uncover potential weaknesses in configurations and ensure gaps are addressed with appropriate countermeasures. Vulnerability Assessment, Penetration Testing, and Patch Management (VAPT, TRI) : Oversee and ensure the timely execution of vulnerability assessments and penetration testing (VAPT), Threat and Risk Identification (TRI), and patch management processes. Drive the resolution of identified vulnerabilities and gaps through collaboration and follow-up actions. Security Policy Enforcement : Assist in the creation and enforcement of security policies and procedures in line with recognized standards, including ISO, NIST, Cyber Essentials Pulse, SOC 2 Type 2, and the Essential Eight Maturity Model (AU). Reporting and Documentation : Prepare detailed reports and presentations on security configurations, incident response actions, and change management reviews. Maintain comprehensive documentation to demonstrate how security initiatives align with operation and organizational goals. Training and certification: CEH, ECIH, CCSP, CompTIA Security+ and security audits experience/certifications will be added advantage. This dedicated L2 resource who will help with day-to-day activities and can ensure timely closure of security issues. Also, to document IT security policies and ensure enforcement of it across the organization.

Presales Support: Engage with sales teams and clients to understand project requirements, pain points, and technical needs. Provide solution demonstrations during client meetings, identifying key business drivers, and assisting in product/service selection. Collaborate with stakeholders to create clear, compelling, and customer-focused value propositions that align with client objectives. Proposal Writing: Lead the creation and management of responses to RFPs (Requests for Proposal), RFIs (Requests for Information), and other client inquiries. Write, edit, and produce well-structured, customized proposals and presentations that clearly articulate the value of our solutions. Ensure proposals meet client requirements, technical specifications, and legal standards while adhering to deadlines. Strong end-to-end knowledge in the design, engineering, and operation of a comprehensive DLP solution set. Information Security processes, practices, and solutions Data marking and classification schemes Enterprise DLP solutions Network and SaaS DLP solutions Experience using DLP tools to secure data within an enterprise 6+ years of experience with DLP in a global environment. Experienced Cyber Security Professional for Cyber Security solutions like End User Security Solutions like Endpoint Security- Endpoint Detection & Response - EDR/XDR, Cloud Security, Server Security, Data Loss Prevention, Device Encryption, Web Proxy, Email Security

Trellix (formerly known as Fireeye) Seasoned Endpoint Security resource with minimum 6 8 years of relevant experience working in Endpoint security domain. Should have extensive hands on knowledge in Endpoint Security Solutions including but mot limited to installation, configuration, and troubleshooting. MUST have hands on experience managing Trellix EDR (Endpoint Detection and Response) and Sentinel One EDR. Should be able to manage operations for Endpoint Security solutions like EDR, XDR Browser control etc. Hands on experience deploying and troubleshooting EDR clients as well as EDR console setup. Hands on experience on Configuring EDR clients, Recommendations for configuring clients, create a custom policy, Configure a policy Configure EDR advanced features, Single Sign On/MFA to log on EDR console, configure users, add and assign roles to users and respond to security incidents like Ransomware, Malware, virus outbreak. Monitoring EDR logs Excellent verbal and written communication skills Should have knowledge on change management, problem management, ITIL process, SLA management. Should be able to raise CR and implement the policies in Trellix, Sentinel One and other similar EDR products as per approved CR Excellent Team player with good analytical skills. Good to have certification CEH, Cyber Security Fundamentals

Regular Shift Require experience in Administration 30% hike What you will do day to day: CyberSecurity Analyst (CA) has a wide variety of skills, including performing intrusion analysis, a deep understanding of the 18x5 security monitoring environment, and performing administrative tasks. The CA is an important role IT Security Department. The CA role requires defense against cyber threats by identifying and triaging security incidents. The ideal person in this role brings experience in investigating network and endpoint intrusions, as well as experience handling security incidents within the Security Operations Center (SOC). The SA will triage event, perform escalations and coordinate incident response procedures. This role must be able to solve complex problems independently and know when to escalate issues to senior IT Security Leads and Managers. This individual will work with multiple technology platforms and interface with other groups within IT Security Operations. The CyberSecurity Analyst (CA) for the SOC will be responsible for responding to critical threats that impact information security. This individual's role includes the following functions. Roles and Responsibilities: Hands-on experience of implementing EDR policies, Rules creation, and Incident/alert management. Good experience on security Incident response and investigation to identify the root cause of security breaches and gather evidence. Hands-on experience in log Ingestion, fine-tuning on reducing false positives, Event correlation, and analysis. Hands-on experience with Automation (SOAR) and Custom KQL queries. Develop and update incident response plans and playbooks to ensure effective handling of various types of incidents. Good experience in developing and implementing email security policies and best practices to safeguard against threats such as phishing, malware, and data breaches. Design and enforce DLP policies and rules to prevent unauthorized data access, sharing, and transmission. Deep technical knowledge of vulnerability management and administration Collect and analyze threat intelligence to stay informed about emerging threats and vulnerabilities relevant to the organization. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, Malware investigation, web Proxy and network concepts etc. Engage in research and development of security solutions, testing new tools and methods for potential implementation. Knowledge on automation and scripting areas. Creating metrics for a Security Operations Center (SOC) measuring its effectiveness and identifying areas for improvement. Who we are looking for: Minimum Qualification: A university degree in Computer Science Engineering Information Security, or a related field is highly desirable Between 5 to 8 years of experience in the Information security domain along with Incident response, Threat analysis Additional Qualifications: Exceptional troubleshooting and problem-solving skills required. Security +, CEH or SANS GIAC certifications are preferred Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes Cyber Threat and Intelligence gathering and analysis Knowledge of Automation and AI (Artificial Intelligence) integration in Security Operations center. Should have worked in security operations and has a practical approach to analyzing incidents and security alerts from different security tools and platforms Strong communication skills Highly self-motivated

Minimum 6+ years of experience in Cyber Security engineering and development Expertise in tools like SIEM,EDR, Vulnerability Management, Email security, etc. knowledge of Cloud Platform, network security. Apply - surinderkaur.rimpac@gmail.com

Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF Knowledge on Cloud Security Experience working in a technical support or helpdesk role is preferred Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required Ability to prioritize and manage multiple tasks simultaneously Strong problem-solving skills and a methodical approach to troubleshooting Adaptability and willingness to learn new technologies and processes Commitment to providing exceptional customer service and support.

Company Website : https://www.yotta.com/ Work Mode- Work from Office. Job Location Chennai, Noida. Rotational Shift - 5 Days working. Job Scope: Security L2. The Team Member Security L2 will be expected to work in multi-vendor network security infrastructure specifically on Data Center infrastructure environment. The desired candidate should have proficiency in managing runtime environment of Data center security infrastructure. Job Responsibilities Manage runtime environment of Data center security infrastructures comprises of Firewall, IDS/IPS, AV, Patch Management, WAF Configurations of Firewall/IPS Rules and Policies Management. Configuration of NAT/PAT, IPSEC and SSL VPN. Taking backup of Security devices Updating IPS signature as guided by security L3, blocking of unwanted traffic, Antivirus updates, Patch updates. Managing day to day run time security infrastructure. Required to support for Problem and Change Management Process. Troubleshoot and fix issues, execute regular changes on security infrastructure. Health and alert monitoring for security devices Follow & commit with Yotta’s Policy statements (eg. QMS/EMS/OHS/ISMS/PIMS/ITSM etc) Undertake applicable training as communicated from time to time. Participation in Risk assessment process, contribute in achieving departmental & management system objectives & Assist in maintaining PIMS controls throughout personal data lifecycle. Must Have Skill: Good Hands-on Experience on perimeter firewall like Checkpoint, Cisco ASA/Firepower, Fortinet, Palo Alto, etc. Experience with IDS/IPS, DDOS and WAF technologies Experience in IPsec Site to Site/Client to site and SSL VPN configuration and troubleshooting. Experience in working antivirus technologies like Symantec, MacAfee, TrendMicro etc. Strong understanding of network (LAN and WAN, routing and switching etc.) Knowledge on Routing (RIP, EIGRP, OSPF, MPLS and BGP) Conceptual knowledge on Cloud security Awareness on Environmental, Health and Safety, Energy, Information Security, Quality, Service Management, Business continuity and other management systems of the organization Firewall : Checkpoint, FortiGate & Palo Alto Monitoring : AlgoSec & Forti Analyzer Proxy: Zscaler & Netskope LB: Radware, F5 & Array Ddos WAF Firewall EDR PAM Good to Have Skill: Cloud Security VA/PT and security hardening Strategic planning & Management capabilities Good analytical and problem-solving skills Excellent communication & interpersonal skills Ability to handle high pressure situations A formal security industry accreditation would be an advantage e.g., CISSP, CISM, CEH, SABSA SCF, etc. Awareness on Environmental, Health and Safety, Energy, Information Security, Quality, Service Management, Business continuity and other management systems of the organization Behavioral Attributes: Action Orientation & Accountability Art of Skillful Conversation Creativity & Problem Solving Business Acumen Dealing with ambiguity Learning on the fly Building Trust Customer Focus Intellectual Horsepower Prioritizing, Planning & Organizing Process–Quality Excellence Listening, Sensing, Observing Building Collaborative Relationships Qualification and Experience: Relevant bachelor’s degree Minimum 5-8 years of experience covering enterprise IT security and Data Center company CCNA/CCSA, SANS or any other relevant network security certification

Role & responsibilities the endpoint protection infrastructure • Provide direction and support in the implementation of leading-edge endpoint antivirus, EDR, application control, DLP, secured web gateway, email protection, privilege management security technologies utilizing a risk-based approach for conducting demo, proof of concept and deployment to customers. • Provide engineering solutions to address new threats leveraging implemented endpoint tools and identify gaps where improvement and/or new controls are needed. • Take part in the design, build, and run of a variety of endpoint and network security implementations in a diverse and complex environment, taking ownership of each initiative and producing successful outcomes. • Work within a team of security engineering professionals responsible for planning, design, implementation, attack prevention and mitigation and ongoing support of security systems of high complexity to fulfil security requirements without impacting business needs. • Implement security and threat protection controls protect data and applications using a diversity of cloud and on-prem Endpoint security tools. • Managing system performance, capacity, and service quality • Troubleshooting of problems with platforms • Client transitions and handovers Preferred candidate profile BE / BTECH or equivalent qualification with 6-8 years of experience with good communication Hand-on knowledge in implementation of end point security, EDR, ATP, Web Proxy, Encryption , DLP , Email security products Having good knowledge in implementation of Broadcom, Trend Micro, Force Point, McAfee, Sophos products Having exposure in both on-premises as well as cloud implementations Able to design the solution, suggesting optimal products and implementation of the same. Having worked in presales and post sales with any of our competitors. Certification on any of the OEMs like Broadcom, Trend Micro, Force Point, McAfee, Sophos products

SIEM (Microsoft Sentinel, Wazuh, Splunk, QRadar multi-cloud environments (AWS, Azure, GCP) SOAR, Azure Sentinel Note: Sentinel One not required

Experience: Minimum 10 years of experience in implementing and handling security related products & services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management Skills: Experience in 5 or more areas of security like (Antivirus (EPP) / EDR (Endpoint Detection & Response) and Anti-APT (Anti-Advanced Persistent Threat): Trellix / HIPS: Trend Micro / Mobile Device Management (MDM) - Separate resource for MDM: VMWare Work place one / Centralised Log Management Solution (CLMS): Microfocus or IBM / Information Rights Management (IRM): Seclore / Privileged Identity Management (PIM) - Separate resource for PIM: Arcon Important / Anti-Phishing and Anti-Malware)

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Description JD for Azure Security Engineer. Bachelors degree in Computer Science, Information Technology, or related field (or equivalent work experience). Minimum 6 years of industry experience. Proficiency in cloud services and tools Specific to Azure and strong understanding of Azure Cloud Security Services. Proven experience as Azure security Engineer with azure EntraID Identity and Access Management RBAC, ID governance, PIM/PAM, Conditional Access Policies, ID protection, MFA Access Reviews. Work under the guidance of security Architect team and help in Designing security Standards. Collaborate with engineering and architecture teams to identify security risks and recommend mitigating controls. Hands on Experience with Design/test/Implementation of Azure policies Covering infra/resource security. Hands on Experience with configuring Azure Security Services - MDC, Key Vault azure monitor and Log Analytics Workspace. Participate in creation and maintenance technical security policies, standards, configuration baselines, benchmarks, guidelines, and SOPs. Expertise in Azure technologies including CSPM, CWPP, EDR, SIEM/SOAR and CIEM with experience in Integration, Configuration and troubleshooting. Develop and execute information security plans, procedures, and policies Deep understanding of cloud security principles and best practices, with experience implementing security controls in Azure infrastructure services. Implement security best practices and ensure compliance with industry standards and regulations Such as MCSB, CIS, NIST, SOC in Azure infrastructure services. Collaborate with Enterprise Operations, Engineering, and IT teams to implement security standards and ensure standards are followed. Experience assessing and implementing security controls in all relevant areas (including access management, encryption methods, vulnerability management, network security, application security, etc.) Experience with security tools MDC , Wiz, CrowdStrike, Defender 365, Microsoft Entra, along with managing and troubleshooting issues in CrowdStrike, and Microsoft Defender. Excellent communication, collaboration interpersonal and relationship skills are required. Ability to work as a team player and as an individual contributor. Must be willing to learn, adapt, and work in fast paced, dynamic environment Azure certifications (e.g., Azure Security Engineer Associate AZ500, Security Operations Analyst Associate SC-200 and relevant certifications SC100 or Etc., are a plus. Advanced industry certification in relevant field (e.g., Ethical Hacker, CISM, CISSP). Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills Azure Cloud Services Languages RequiredENGLISH Role Rarity To Be Defined

Security Response Coordinator Role Overview Experience- 4 to 6 years Location - Hyderabad & Pune willing to work in a 24X7 rotational shift model, including night shift. Key-skills: Endpoint Security, SOC, Basics of Malware, Incident Management, EDR, and Antivirus. As a Security Response Coordinator, you will play a critical role in ensuring the effective management and response to security incidents within our organization. You will collaborate with cross-functional teams and stakeholders to develop and implement incident response plans, coordinate incident investigations, and drive the resolution of security incidents in a timely manner. The ideal candidate will possess excellent communication skills, strong problem-solving abilities, and a deep understanding of security incident management. Responsibilities: Collaborate with key stakeholders to identify potential security threats and vulnerabilities. Regularly review and refine incident response procedures based on industry best practices and lessons learned. Coordinate incident response efforts: Serve as the primary point of contact for all security incidents, ensuring timely response and resolution. Establish and maintain communication channels with internal teams and external partners to facilitate incident response activities. Coordinate and lead cross-functional incident response teams, providing clear guidance and direction. Investigate security incidents: Conduct thorough investigations into security incidents, including data breaches, system intrusions, and policy violations. Collect and analyze evidence, identify the root cause of incidents, and provide recommendations to prevent future occurrences. Document incident details, actions taken, and lessons learned for post-incident analysis and reporting. Incident escalation and reporting: Assess the severity and impact of security incidents and escalate as necessary to senior management or executive leadership. Prepare comprehensive incident reports and communicate findings to relevant stakeholders. Provide regular updates on incident response activities, metrics, and key performance indicators (KPIs) to management. Continuous improvement: Stay abreast of the latest security trends, emerging threats, and industry best practices. Contribute to the enhancement of security policies, procedures, and guidelines. Participate in tabletop exercises, drills, and simulations to test and improve incident response capabilities. Requirements: Bachelors degree in computer science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM, GIAC) are a plus. Proven experience in security incident management, preferably in a fast-paced and complex environment. Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR). Familiarity with incident response tools, technologies, and forensic techniques. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders. Strong analytical and problem-solving abilities, with a keen attention to detail. Ability to work effectively under pressure and meet tight deadlines. Demonstrated ability to lead and coordinate cross-functional teams. Ethical mindset and commitment to maintaining the confidentiality, integrity, and availability of sensitive information.

This role requires hands-on experience with ISO 27001 implementation and a strategic approach to securing the organization’s technology environment along with managing IT Infrastructure.Technically implement and rollout IT policies and SOP Required Candidate profile Windows Server: AD, DHCP, DFS, SSO, GPO, WSUS O365, DMS, CMS, VMS, EDR, XDR, NextGen Firewall. Backup solutions, VMware, HCI Manage & Deployment Application Servers

Summary The role requires providing expertise and leadership for Incident Response capabilities including good understanding of cyber incident forensics. It requires providing both subject matter expertise and project management experience to serve as the point person” of client engagement in domain. The candidate shall pertain efficient incident response and remediation skills to minimise the impact of cyber risks. The individual will oversee and support security monitoring operations team and assist them during security incidents and ensure incidents are managed and responded effectively including and reporting to stakeholders. This role primarily consists of leading team of the Incident responders, Incident managers and stakeholders (including client, vendors, etc.) and to conduct thorough response activities on behalf of a wide variety of clients across sectors. Candidate is required to work in complex security environments and alongside SOC team to design, communicate and execute incident response, containment and remediation plans. Candidate is required to have hands-on experience of incident management and investigation tools and shall be comfortable leading teams on challenging engagements, communicating with clients, providing hands-on assistance with incident response activities, and creating and presenting high-quality deliverables. Designation / Role: Role: Incident Response Leader Level: AD Responsibilities Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation. Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection. Recommend and document specific countermeasures and mitigating controls with post incident analysis findings Develop comprehensive and accurate reports and presentations for both technical and executive audiences Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals Mature the Security Incident Response process to ensure it meets the needs of the Clients Interact with Client’s CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services Possess the experience, credibility and integrity to perform as an expert witness. Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunities Assist with research and distribute cyber threat intelligence developed from Incident Response activities Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice. Skills required 10-14 years Information Security experience with at least 5 year of Incident Response experience. Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain. Understanding of Threat Hunting and threat Intelligence concepts and technologies Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis. Deep experience with most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems (ext3.4, NTFS, HFS+, APFS, exFAT etc) Proficiency with industry-standard forensic toolsets (i.e. EnCase, Axiom/IEF, Cellebrite/UFED, Nuix and FTK) Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc.. Experience of malware analysis and understanding attack techniques. CISSP, ECIH v2, GCFA, GCIH, EnCE or equivalent DFIR certification. Ability to work in time-sensitive and complex situations with ease and professionalism, possess an efficient and versatile communication style Good verbal and written communication skill, excellent interpersonal skills Abilities: Strong English verbal, written communication, report writing and presentations skills. Ability to multitask and prioritize work effectively. Responsive to challenging tasking. Highly motivated self-starter giving attention to detail. Strong analytical skills and efficient problem solving. Capable to operate in a challenging and fast-paced environment.

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Presales Support: Engage with sales teams and clients to understand project requirements, pain points, and technical needs. Provide solution demonstrations during client meetings, identifying key business drivers, and assisting in product/service selection. Collaborate with stakeholders to create clear, compelling, and customer-focused value propositions that align with client objectives. Proposal Writing: Lead the creation and management of responses to RFPs (Requests for Proposal), RFIs (Requests for Information), and other client inquiries. Write, edit, and produce well-structured, customized proposals and presentations that clearly articulate the value of our solutions. Ensure proposals meet client requirements, technical specifications, and legal standards while adhering to deadlines. Strong end-to-end knowledge in the design, engineering, and operation of a comprehensive DLP solution set. Information Security processes, practices, and solutions Data marking and classification schemes Enterprise DLP solutions Network and SaaS DLP solutions Experience using DLP tools to secure data within an enterprise 6+ years of experience with DLP in a global environment.

*Bachelors degree in computer science, Information Technology, Information Security, or related field (or equivalent experience) *Knowledge on Splunk, Firewall, and any Security tools along with CloudFlare WAF *Knowledge on Cloud Security * Experience working in a technical support or helpdesk role is preferred * Familiarity with enterprise security tools such as SIEM, IDS/IPS, EDR, web application firewall, identity and access management solutions, etc. * Basic understanding of networking concepts and protocols (TCP/IP, DNS, DHCP, etc.) * Proficiency in at least one scripting language (e.g., Python, PowerShell) is a plus * Certifications such as CompTIA Security+, CISSP, CCSP or GIAC are advantageous but not required * Ability to prioritize and manage multiple tasks simultaneously * Strong problem-solving skills and a methodical approach to troubleshooting * Adaptability and willingness to learn new technologies and processes * Commitment to providing exceptional customer service and support

Your Role and Responsibilities The Endpoint Privilege Management Specialist is responsible for designing, implementing, and maintaining effective endpoint privilege management solutions. This role focuses on minimizing security risks by enforcing the principle of least privilege, ensuring that users and applications have only the necessary permissions to perform their tasks. The ideal candidate will have a strong understanding of endpoint security, operating systems, and privilege management tools. Key responsibilities: Endpoint Onboarding and Configuration: Beyond Trust EPM on all designated endpoints with minimal disruption to daily operations. This includes: Responsibilities: Design, implement, and maintain EPM solutions across the organization. Develop and enforce privilege management policies and procedures. Configure and manage EPM software, including policy creation, application control, and reporting. Monitor and analyze privileged access activity and identify potential security risks. Troubleshoot and resolve technical issues related to EPM. Conduct regular security audits and compliance checks. Collaborate with IT and security teams to ensure seamless integration of EPM solutions. Stay up-to-date with the latest EPM technologies and best practices. Document EPM configurations, policies, and procedures. Directory Services Integration: Aligning EPM with customers directory services for synchronized user data and controlled access to privileged resources. Role-Based Access Control (RBAC): Defining role-specific policies that enforce least-privilege principles and control application privileges per user role. User Privilege and Application Management: Integration of EPM with customer’s directory to streamline user lifecycle management, provisioning, and DE provisioning. Privilege Assignment: Customized privilege levels based on job role, with access limited to necessary applications and functionalities. Application Control: Enforcement of application policies to restrict unauthorized software, thereby reducing risk from potentially harmful or unapproved applications. Just-In-Time (JIT) Privilege Management: Establish JIT access for applications requiring elevated privileges. JIT privileges will only be granted for specific, approved applications and only for the necessary time period to enhance security. Access Review and Auditing: Continuous monitoring of user activities and application access, generating regular and ad-hoc reports for compliance and audit purposes. Reporting and Compliance Checks: Scheduled reporting to maintain visibility over privilege usage and application access, with detailed logs for audit trails and compliance purposes. Required Skills: Proficiency in EPM solutions Beyond Trust Privilege Management, Strong understanding of Windows, macOS, and Linux/Unix operating systems. Knowledge of Active Directory/LDAP. Understanding of endpoint security concepts (antivirus, antimalware, EDR). Knowledge of security auditing and compliance requirements. Strong problem-solving and analytical skills. Excellent communication and collabor Band: U3 Competency : CSRM

Role & responsibilities SEPM Task 1. Administrator and manage SEPM server and Upgrade application. 2. SEPM policy creation and modify existing policies. 3. SEP client agent upgrade with latest version in all Systems. 4. Manage USB access via SEPM. 5. Manage file, folder, and application exception via SEPM. 6. Manage Compliance and make sure all system is updated with latest policy and security signature. 7. Share weekly compliance report with customer. Crowd strike Tasks 1. Create new policies and modify existing policies in Crowd strike. 2. Create new Custom rules for Crowd strike. 3. Manage Mobile USB access via Crowd strike. 4. Manage Crowed strike Sensor compliance and make sure all systems are running with latest Sensor version. 5. Manage Machine Learning Exclusions and IOC management via Crowd strike. 6. Handling Crowd strike detections incidents and track till closer those incidents. Symantec WSS\Web filtering 1. Handling URL filtering Symantec WSS. 2. Create new policy and rules and modify existing policy and rules in Symantec WSS. 3. Resolved service-now tickets for WSS web filtering issue. 4. Upgrade and manage for WSS Auth connector. 5. Manage and add Domain controllers and groups in WSS Auth connector. DLP Tasks 1. Administrator and manage Symantec DLP servers and Upgrade application. 2. Create new policy and rules and modify existing policy and rules in Symantec DLP. 3. Resolved service-now tickets for DLP issue. Band: U3 Competency : CSRM

Role & responsibilities Trellix (formerly known as Fireeye) Seasoned Endpoint Security resource with minimum 6-8 years of relevant experience working in Endpoint security domain. Should have extensive hands-on knowledge in Endpoint Security Solutions including but mot limited to installation, configuration, and troubleshooting. MUST have hands on experience managing Trellix EDR (Endpoint Detection and Response) and Sentinel One EDR. Should be able to manage operations for Endpoint Security solutions like EDR, XDR Browser control etc. Hands on experience deploying and troubleshooting EDR clients as well as EDR console setup. Hands on experience on Configuring EDR clients, Recommendations for configuring clients, create a custom policy, Configure a policy. Configure EDR advanced features, Single Sign-On/MFA to log on EDR console, configure users, add and assign roles to users and respond to security incidents like Ransomware, Malware, virus outbreak. Monitoring EDR logs. Excellent verbal and written communication skills Should have knowledge on change management, problem management, ITIL process, SLA management. Should be able to raise CR and implement the policies in Trellix, Sentinel One and other similar EDR products as per approved CR. Excellent Team player with good analytical skills. Good to have certification CEH, Cyber Security Fundamentals Band: U3 Competency : CSRM