346 Edr Jobs - Page 8

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules-Work on RFPs and estimations related to SOC solutions-Good knowledge on popular EDR tools such as CrowdStrike and Microsoft Defender Professional & Technical Skills: -Experience working in SOC/SIEM-Incident handling, use case management development, risk assessment, playbook recommendation, fine-tuning -7+ years SIEM/SOC operations experience for very large enterprises-Act as a single POC for any major security incident-Knowledge on MITRE/CKC framework implementation-Security Analytical skills-Should have excellent customer handling skills-Basic understanding of Incident Response and other security technologies -User behavior/Malware Analysis, Knowledge on ServiceNow and Splunk Admin Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title: Security Lead Department: IT Location: Navi Reporting To: Global IT Infra Lead Role Overview The Security Lead is responsible for managing security incident response and readiness within a 24x7 Security Operations Centre (SOC), supporting IT Infrastructure and Operations. The role includes overseeing vulnerability management, operating security tools, and ensuring rapid threat identification and remediation. Key Responsibilities Lead and coordinate security incident response and lifecycle management of on-premises and cloud-based security solutions. Manage and respond to security incidents and operational requests, ensuring swift identification, containment, and remediation. Develop and maintain incident response playbooks and procedures. Conduct regular vulnerability assessments, prioritize remediation, and collaborate with IT teams for patching and updates. Operate and monitor security tools (HIDS, NIDS, IPS, SIEM, etc.) to identify and address threats and vulnerabilities. Analyze security events, determine root causes, and recommend mitigation actions. Support audits, compliance reviews, and participate in industry forums. Monitor and communicate relevant security trends and developments. Qualifications & Experience Bachelors degree in Computer Science, Information Systems, Cyber Security, or related field. Minimum 10 years of relevant cyber security experience. Strong knowledge of IT operations (cloud, systems, infrastructure) and security assessment (audit, VAPT, pen testing). Hands-on experience with security products (EDR, WAF, DLP, SIEM, SOAR). Familiarity with frameworks such as ITIL, ISO, PCI-DSS, NIST. Relevant security certifications (e.g., CISSP, CISM, CISA, CEH) preferred. Excellent communication skills, with experience presenting to senior management. Project management certifications (e.g., PMP, PRINCE2) are an advantage. Interested candidate can share their cv at piyali.saha@parkconsultants.in

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.

Responsible for implementing and managing endpoint security solutions to protect enterprise networks. Tasks include malware analysis, intrusion detection, policy enforcement, and security incident response. Experience with EDR solutions and cybersecurity frameworks is required.

Sales Executive - Cyber Security Location: Hyderabad, Bangalore, Mumbai No. of Vacancies: 5 Work Experience 2 - 7 years Roles and Responsibilities Identify and develop new business opportunities in the cyber security sector. Build and maintain relationships with prospective and existing clients. Understand client needs and propose suitable cyber security solutions. Collaborate with technical teams to tailor solutions to client requirements. Prepare and present proposals, quotes, and contracts to clients. Negotiate terms and close sales agreements. Keep abreast of industry trends, competitors, and new technologies. Requirements: Proven experience in cyber security sales or related field. Strong understanding of cyber security products, services, and solutions. Excellent communication and negotiation skills. Ability to work independently and as part of a team. Bachelors degree in Business Administration, Marketing, or a related field (preferred). Relevant certifications (e.g., CISSP, CISM) are a plus. How to Apply: Interested candidates should submit their resume to padma@blusapphire.com

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Process Improvement & Documentation: Document all incident response procedures and lessons learned. Contribute to the continuous improvement of our detection and response capabilities. Proactive Security Measures: Participate in threat hunting and purple team exercises to enhance overall security preparedness. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling. Excellent written and verbal communication skills, with the ability to document and convey technical details clearly to both technical and non-technical stakeholders.

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

We are looking for a Lead Cybersecurity Engineer with deep technical expertise and leadership experience to drive innovative threat detection solutions and lead a team of security engineers. The ideal candidate will bring hands-on experience in research & development (R&D) , demo environment creation , endpoint security , SIEM operations , and cloud-native tools such as Azure Sentinel and the Microsoft Defender suite . This role will play a strategic part in shaping our security detection roadmap and mentoring a high-performing team. Key Responsibilities: Technical Leadership & Strategy Lead a team of cybersecurity engineers in R&D, detection engineering, and solution design. Define detection strategies and oversee implementation of new use cases across tools. Collaborate with security architects, threat intel, and SOC teams for end-to-end threat coverage. R&D & Security Innovation Drive continuous improvement through security research, PoCs, and new technology evaluations. Analyze evolving threats and proactively build defense strategies and custom detections. Lead the development of security content aligned with frameworks like MITRE ATT&CK. Demo Environment & Simulation Lab Design and lead the creation of demo/test environments to simulate real-world threats. Automate environment deployment for testing security tools, rules, and threat scenarios. Build reusable assets and playbooks for internal enablement and customer-facing demos. Endpoint & SIEM Security Lead implementation and optimization of Microsoft Defender for Endpoint , Defender for Identity , and Defender for Cloud . Oversee the configuration and tuning of Azure Sentinel , including custom KQL queries, analytics rules, and automation via playbooks. Ensure integration of diverse log sources and enrichment for advanced threat detection. People & Process Management Mentor junior engineers and promote skill development across the security engineering team. Establish standards and documentation for security engineering best practices. Drive cross-functional collaboration with IT, Cloud, Compliance, and SOC stakeholders. Required Skills & Experience: 8+ years in cybersecurity roles, with 3+ years in a leadership or senior engineering position . Strong hands-on experience with: Azure Sentinel (KQL, workbooks, playbooks) Microsoft Defender for Endpoint, Identity, and Cloud Endpoint security, EDR, and threat detection Security lab/demo environment setup Excellent understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Strong scripting and automation skills (PowerShell, Python, etc.). Experience managing or mentoring technical teams and delivering complex security projects.

Position: Security Incident Analyst- L3[SOC- L3] Company: CyberAssure www.cyberassure.one Location: @ Client site - Cyber city ,Gurgaon Experience : 5- 8 yrs + Salary range: 12-13 lacs max. Joining time: ASAP max 30 days Shift: Rotational Shifts Key Responsibilities 1. Incident Response and Management: נLead the response to high-severity security incidents such as data breaches, malware outbreaks, and targeted attacks. נRespond to incidents escalated from SOC Level 1 and Level 2 analysts, providing guidance and expertise for effective containment and remediation. 2. Advanced Threat Analysis: נPerform detailed analysis and triage of alerts from security tools such as SIEM (Security Information and Event Management), EDR (Endpoint Detection & Response), firewalls, and network traffic monitoring systems. 3. Security Tools & Monitoring: נManage and fine-tune security tools (SIEM, IDS/IPS, EDR, etc.) to optimise threat detection and response. נCreate, update, and improve security use cases, detection rules, & playbooks for automated incident handling. 4. Collaboration & Knowledge Sharing: נProvide guidance and mentorship to junior SOC analysts (L1 and L2), helping to develop their skills and improve the overall SOC capability. נLead post-incident reviews (PIR) to evaluate incident response performance , refine processes & procedures. Job Requirements: Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: Minimum 5 years of experience in a security operations center (SOC) or incident response role . Technical Skills: Expertise in network security, endpoint security, cloud security, and application security. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools such as QRadar. Hands-on experience with security tools such as SIEM (Splunk, QRadar, etc.), EDR (CrowdStrike, Carbon Black, etc.), IDS/IPS, and firewalls. Strong understanding of threat intelligence sources, including open-source intelligence (OSINT) and commercial threat feeds. Ability to translate threat intelligence into actionable security measures. Qualifications: Bachelor's degree in computer science, Cybersecurity, or a related field. Share Ur latest C.V. with details like- 1. Ctc 2. Expectation 3. Notice period Regards, Rajesh Kumar AAYAM CONSULTANTS Cell: - 9311232179/ 7011595674 Email id: - [HIDDEN TEXT]

Min 4 years of exp in pre-sales or consulting roles within the cyber security industry. Strong knowledge of cyber security technologies, frameworks, with knowledge in areas such as network security, application & cloud security and data protection.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks. As our Network Support Specialist, you'll be working in a complex, multi-vendor environment, and will use your analytical skills to identify and resolve network issues, make configuration changes, and implement security policies. This role requires someone who can think on their feet, test and apply corrective actions (including emergency changes), and participate in change reviews as needed. And with the ever-changing nature of technology, you'll be constantly learning and growing in your role. You will work alongside a talented team of experts to plan and execute routine network changes, troubleshoot and solve network issues and outages, and maintain excellent communication with our end customers, project managers, and service engineers. You’ll be responsible for maintaining network components, monitoring network performance, and maintaining network security. You will also be providing user support for network-related issues, ensuring that our customers receive the highest level of support possible. If you're ready to take on a fast-paced and rewarding role in the world of network support, apply to join the Kyndryl team today! Key Responsibilities: Security Operations & Support: Handle L2-level troubleshooting and resolution of network security incidents. Manage and support firewalls, IDS/IPS, VPNs, proxies, and endpoint security solutions . Perform log analysis and security event monitoring to detect potential threats. Assist in firewall rule changes, ACL modifications, and access reviews . Work with SOC/NOC teams to escalate critical security events. Incident Management & Monitoring: Investigate and respond to malware infections, phishing attacks, and network intrusions . Assist in DDoS mitigation, security patching, and vulnerability management . Escalate complex security issues to L3 engineers or security architects . Network Security Administration: Maintain and configure firewalls (Cisco ASA/FTD, Palo Alto, Fortinet, Check Point, Juniper SRX) . Support VPN configurations, endpoint protection, and network access control (NAC) . Ensure compliance with security policies and industry standards (ISO 27001, NIST, PCI-DSS, etc.) . Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Technical Skills & Qualifications: Experience: 5+ years in network security Hands-on experience with firewalls, IDS/IPS, and endpoint security solutions. Good understanding of networking protocols (TCP/IP, VPN, VLAN, BGP, OSPF, NAT, SD-WAN). Familiarity with CrowdStrike , SIEM, DLP, WAF, EDR/XDR, and NAC tools . Experience with cloud security (AWS, Azure, GCP) is a plus. Certifications preferred: CCNA Security, Fortinet NSE 2-4, PCNSA, CEH, CompTIA Security+, or equivalent. Basic knowledge of Python, PowerShell, or Ansible for automation is a plus. Soft Skills: Strong analytical and troubleshooting skills. Ability to work in a fast-paced environment and handle escalations efficiently. Good communication and teamwork skills. Experience working in a SOC/NOC environment is an advantage. Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Job Description: Cyber Security Threat Analysts (Level 1 and Level 2) Our organisation is currently hiring Cyber Security Threat Analysts (Level 1 & Level 2) with zero to four (4) years experience. Cyber Security Threat Analysts Job Description (1) Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Respond to alerts from information security tools in accordance with defined Service Level Agreements (SLAs) for clients. (2) Perform ongoing monitoring security logs, develop SIEM content, and deployment of security tools in various environments. (3) Research security trends, new methods and techniques used in unauthorized access of data to pre-emptively eliminate the possibility of system breach. (4) Assess threat and vulnerability information from all sources (Threat Intelligent database or Feeds) and promptly apply applicable mitigation techniques initiating indications and warnings. (5) Assist in producing daily / weekly / monthly reports of security monitoring reports (6) Perform identification, remediation, and documentation of network intrusions and computer system compromises, advance malware analysis and forensic analysis of n/w activity, disks, and memory. (7) The Employee is required to work on a rotating shift of Morning Shift, Afternoon Shift and Night Shift. Requirements: 1. Level 1 Analysts : Require one year experience or more. Fresh graduates with international professional certificates are encouraged to apply. Required certificate (at least 1) : EC-Council Certified Ethical Hacker // EC-Council Certified Security Analyst // CCNA Cyber Security Operations // CompTIA Cybersecurity Analyst (CySA+) // CREST Certificates Fresh graduates with the above professional certificates are encouraged to apply. 2. Level 2 Analysts : 2 to 4 years experience required Required certificate (at least 1) : EC-Council Certified Ethical Hacker // EC-Council Computer Hacking Forensic Investigator // EC-Council Disaster Recovery Professional // Offensive Security Certified Professional (OSCP) // Certified Red Team Operator (CRTO) // CompTIA Cybersecurity Analyst (CySA+) // CREST Certificates 3. Must have knowledge in SIEM, security event analysis, EDR, networking, operating systems and enterprise integrations, firewalls, routers, VPN devices Soft-skills: Good leadership skill and team player, Independent and Decisive Excellent presentation skills Excellent written and oral communication skills in English is important. Ability to articulate technically and non-technically is an advantage. If you are interested, email joanna.woonsc@akati.com the following documents: Your most recent CV, reflecting your latest experiences and achievements Transcripts of your Bachelor's degree (if available, and Masters), including the results for each subject as individual files (Do not send google link or zipped folders). PDF copies of your Cybersecurity Professional Certificates. Please note we kindly request that you refrain from sending links and instead attach the certificates directly If you are currently employed, please provide your pay-slips from the last three months.

Job Title: SOC Manager Company: AKATI Sekurity The Role AKATI Sekurity is seeking a strategic and highly technical SOC Manager to lead our 24/7 Security Operations Center. This is a senior leadership role for an individual who can combine deep technical expertise in security operations with proven team management capabilities. You will be responsible for the overall direction, performance, and maturation of our SOC, ensuring the timely detection, analysis, and response to sophisticated cyber threats while acting as a key security partner to our clients. Key Responsibilities Leadership & Team Management Lead, mentor, and manage a 24/7/365 team of SOC analysts (Tier 1-3). Drive team performance, ensuring adherence to Service Level Agreements (SLA) and fostering a culture of continuous improvement and technical excellence. Oversee incident response activities, acting as a senior escalation point for critical security incidents involving network infrastructure, and other enterprise systems. Technical Operations & Strategy Direct the SOC's threat management program, including threat modeling, intelligence integration (e.g., MISP), and the development of advanced detection use cases. Oversee the SIEM/SOAR platform strategy, guiding the architecture, integration, and optimization of tools to enhance detection and response capabilities. Ensure the SOC's operational readiness by maturing processes based on frameworks like MITRE ATT&CK and the Cyber Kill Chain. Client Management & Reporting Act as the primary technical liaison between the SOC and client stakeholders. Develop and present clear, insightful reports, dashboards, and metrics on SOC operations, security posture, and incident trends to client leadership. Required Qualifications & Experience Experience: 5-7 years in Security Operations, with at least 2+ years in a leadership or management capacity (e.g., SOC Lead, SOC Manager). SIEM Expertise: Expert-level knowledge of SIEM technology and architecture, with hands-on experience managing at least two enterprise-grade platforms (e.g., Splunk, QRadar, Sentinel). Security Frameworks: Deep understanding of modern security frameworks and concepts, including MITRE ATT&CK, Cyber Kill Chain, SOAR, and UEBA. Technical Breadth: Strong foundational knowledge of networking, operating systems, WAF, malware detection, large enterprise platform builds, and threat intelligence platforms. Leadership: Proven ability to lead, discipline, and motivate a technical team, with experience managing performance and adhering to strict client SLAs. Communication: Exceptional written and verbal communication skills in English, with a demonstrated ability to articulate complex technical concepts to both technical teams and non-technical executive stakeholders. Preferred Security Certifications One or more of the following are highly desirable: CISSP, CISM, CISA, OSCP, OSCE, CEH. To Apply: Please send your resume and a cover letter to careers@akati.com

SOC Analyst / Security Engineer - Vacancies for FRESHERS (Level-1 / Those who completed the courses or learnt on their own) & EXPERIENCED (Level-1 & Level-2 / Those who have experienced in Cyber Security Domain only) SOC Analyst / Security Engineer who is familiar or interested to work with Windows, Linux, and cloud environments technical skills. Any courses/certification like CompTIA Security+, GSEC, EC-Council Certified SOC Analyst (CSA), Microsoft SC-200(Security Operations Analyst Associate), Cisco Cyber Ops Associate, Splunk Core Certified User / Analyst are preferable. Responsibilities Capable of understanding the training & Nature of works on Job Responsibilities. Monitor and assess alerts generated by security monitoring systems such as SIEMs and EDR platforms. Analyze logs, network activity, and endpoint behavior to detect suspicious or malicious activity. Execute initial incident triage and escalate complex threats to senior teams as needed. Collaborate with internal teams on containment, eradication, and recovery processes. Maintain detailed records of security events and actions taken in internal tracking systems. Continuously fine-tune detection rules and alert thresholds to improve incident accuracy. Stay informed on the latest tactics, techniques, and procedures (TTPs) used by threat actors. Support proactive initiatives like threat hunting and vulnerability assessments. Contribute to red/blue team simulations and post-incident reviews. Help develop and refine operational playbooks and standard response workflows. Capable for Rotational shifts (Morning / Forenoon / Evening / Night) as its 24 X 7 organization & Adoptable for the working environment & Night Shifts. Maintain the System Security, identify threats and install / configure Software. Solid grasp of network protocols, endpoint defenses, and common attack vectors. Familiar with one or more SIEM solutions (e.g., Splunk, Sentinel, QRadar). Comfortable navigating both Windows and Linux environment. knowledge of cloud platforms & Malware analysis is a plus. Understanding of TCP/IP, DNS, HTTP, and common attack vectors Understanding of cybersecurity frameworks such as MITRE ATT&CK or NIST. Strong Interpersonal and Oral/Non-Oral English Communication skills to Handle Chats & Mails if needed. 1 to 3 years of experience in a SOC or technical security role is an added advantage. To be Sincere and Honest towards the Job Responsibilities. Perks and Benefits Other Allowances Negotiable Based on Availability & Experience. For clarification Contact - HR +91 87543 01002 jobs@oryon.in

Req ID: 125023. Remote Position: Hybrid. Region: Asia. Country: India. State/Province: Chennai. City: Guindy, Chennai. Summary. The Senior Specialist, IT Solutions is a key role that evaluates, implements, and manages Security solutions to protect Celestica's systems and data. Responsibilities include implementing automation technologies, performing risk assessments, contributing to automation policies and standards, and advising on automation best practices. This role also mentors junior team members and provides advanced technical support for automation solutions.. Detailed Description. Performs tasks such as, but not limited to, the following:. Maintain security infrastructure for operational efficiencies. collaborate with other IT infrastructure, application and network teams to ensure seamless integrations of tools and technology.. Develop and implement playbooks for security automation and orchestration to respond to security events and incidents.. Design and implement integrations between security tools such as EDR, SIEM, and ServiceNow, to automate incident response and threat intelligence sharing.. Automate security processes, such as vulnerability scanning, patching, and user provisioning, using scripting and configuration management tools.. Develop custom scripts and tools, such as parsers and data enrichment scripts, to automate repetitive security tasks and integrate disparate security data sources.. Create and maintain comprehensive documentation and runbooks for security automation processes and integrations.. Collaborate with other security team members, such as threat intelligence analysts and incident responders, to identify automation opportunities and implement effective security automation solutions.. Stay up-to-date on emerging security threats and technologies to proactively identify and address potential security risks through automation.. Knowledge/Skills/Competencies. Expert knowledge of information security principles, practices, and technologies.. Expert knowledge of EDR, SIEM, and ServiceNow. Strong understanding of data integration and API development. In-depth knowledge of information security standards and regulations (e.g., ISO 27001, NIST).. Strong understanding of software design processes and data modeling.. Excellent problem-solving and analytical skills.. Strong leadership, mentoring, and communication skills.. Ability to work independently and as part of a team.. Physical Demands. Duties of this position are performed in a normal office environment.. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.. Typical Experience. 6 to 8 years of experience in information security, with a proven track record of evaluating, implementing, and managing security solutions.. Typical Education. Bachelor's degree in Software Engineering, Computer Science, Information Security, or a related field.. Relevant industry certifications (e.g., CISSP, CISM) are highly desirable.. Notes. This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).. At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.. Company Overview. Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.. Celestica would like to thank all applicants, however, only qualified applicants will be contacted.. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.. Show more Show less

Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona’s products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona’s global headquarters is located in Charlotte, North Carolina, USA. The company’s shares are listed in the United States on NASDAQ under the symbol XRAY.. Bringing out the best in people. As advanced as dentistry is today, we are dedicated to making it even better. Our people have a passion for innovation and are committed to applying it to improve dental care. We live and breathe high performance, working as one global team, bringing out the best in each other for the benefit of dental patients, and the professionals who serve them. If you want to grow and develop as a part of a team that is shaping an industry, then we’re looking for the best to join us.. Working At Dentsply Sirona You Are Able To. Develop faster with our commitment to the best professional development.. Perform better as part of a high-performance, empowering culture.. Shape an industry with a market leader that continues to drive innovation.. Make a difference -by helping improve oral health worldwide.. Scope. The Senior Security Analyst is responsible for maintaining security systems, implementing process automation, and responding to security incidents. They must have a thorough understanding of both cloud-based and on-prem environments and threats. They serve as an escalation point for incident response and the support of security toolsets. They must be capable of working on multiple projects and alerts with general supervision.. Key Responsibilities. Administer, monitor, and maintain cloud-based and on-prem security systems.. Coordinate the implementation and upgrade of security systems.. Administer, monitor, and maintain automated security response tools.. Develop and maintain automated security processes and workflows.. Investigate and remediate security related alerts for both cloud-based and on-prem systems.. Investigate and remediate security policy violations.. Research threat actors, tactics, techniques, procedures, malware, and other IOCs.. Engineer and tune custom alerts for security systems.. Research emerging security technologies and make recommendations to influence security initiatives.. Assist with documentation and training related to security systems.. Act as an escalation point and mentor for junior analysts.. Act as an escalation point and oversee relationship with hosted SOC.. Act as a technical point of contact during security incidents.. Prepare security reports for benchmarking security efficiency.. Collaborate with cross-functional teams to support security initiatives of varying complexity.. Typical Background. Education: BS/BA Degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience. Certifications/Licensing: COMPTIA Security+, CEH, CISSP, GIAC Security Essentials, CCNA Security, Google Professional Cloud Security Engineer. Years and Type of Experience: 6+ years of experience in Information Systems with at least 2 years of formal experience in Cyber Security.. Excellent English written and spoken communication skills with the ability to explain technical information to non-technical people.. Key Required Skills, Knowledge And Capabilities. Experience with the Microsoft Suite of Security Tools.. Experience with configuration and management of security solutions for Google Cloud, Microsoft Azure, and/or Amazon Web Services.. Experience with configuration and management of endpoint security solutions including EDR and DLP.. Experience with process and security automation.. Experience with SIEM configuration, alert tuning, and KQL.. Experience with configuration and management of Office 365 services and security solutions.. Experience with incident response.. Must have excellent technical writing and research skills.. Experience with Microsoft Windows, Linux, and macOS.. Willing to work non-standard hours and be on-call.. Team player.. Ability to work with ambiguity.. Resilience to change.. Communication skills.. Integrity.. Open minded, respectful, empathetic ability to work in a multicultural environment.. Analytical thinking, problem solving.. DentsplySirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in DentsplySirona.. If you need assistance with completing the online application due to a disability, please send an accommodation request to careers@dentsplysirona.com. Please be sure to include “Accommodation Request” in the subject.. Show more Show less

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!. Who We Are. Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.. Deepwatch Recognition Includes. 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified. 2024 Military Times Best for Vets Employers. 2024 US Department of Labor Hire Vets Gold Award. 2024 Forbes' America's Best Startup Employers. 2024 Cyber Defense Magazine, Global Infosec Awards. 2023 and 2022 Fortress Cybersecurity Award. 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners. 2022 Cybersecurity Excellence Award for MDR. Position Summary. This role is 100% onsite in Bengaluru. The shift for this position is Monday Friday, 7:30AM 3:30 PM.. Deepwatch is looking for a highly motivated, self-driven, technical analyst dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. The Deepwatch Squad and Security Operations Center offers opportunities to expand your skill set through a wide variety of experiences, detecting and responding to incidents as they occur in real-time for our customers.. The Deepwatch squad is a unique approach to how we support our customers and ultimately provide an experience not found anywhere else. You’ll be an integral part of supporting our customers by understanding their bespoke environment, needs and challenges. You will be playing a key role in supporting some of the top organizations in the world, and have the opportunity to develop your skills by working with the best responders in the industry, your team and your Squad.. The Analyst I is focused on providing descriptive analysis. They will answer questions such as the who, what, when, and where of events. Analysts are curious individuals who actively work to develop a better understanding of the environments they are assigned. Using cybersecurity best practices, you will monitor and secure complex customer environments utilizing industry leading technology such as Splunk, xSOAR, CrowdStrike and more.. In This Role, You’ll Get To. Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS. Monitor a queue of security events generated by the Deepwatch platform SOAR, triage events based on their criticality, and escalate validated security events to customers. Document and manage incident cases in our case management system. Keep up-to-date with information security news, techniques, and trends. Identify and report any gaps in log collection or reporting as soon as possible to the customer and Deepwatch Engineering. Become proficient with Splunk, ServiceNow and other third-party threat intelligence tools as required. Perform security detection analysis and investigations using SIEM and SOAR technologies, leverage Deepwatch proprietary tooling and intelligence and maintain SLA’s. Act as the first line of defense during security events by triaging and investigating alerts within a customer’s environment. Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner. Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program. To be successful in this role, you’ll need to:. A basic understanding of cyber security principles, concepts and practice with a focus on SOC operations, alert triage and investigations. Know your way around SIEM platforms (Splunk preferred), how to perform queries and leverage various log sources to perform investigations. Articulate the process involved in pivoting to other log sources, cloud systems, or consoles to perform a comprehensive analysis from multiple data sources. Have a basic understanding of modern EDR, email security and cloud identity platforms. Review SIEM alerts and make a determination for what other sources or intelligence is needed to make a determination, relying on peers to help improve your skills and capabilities. A strong understanding of all basic ports and protocols. Familiarity with Windows, Mac, and Linux file path structure.. Familiarity with OSINT, TTPs and IOCs. Strong written and verbal communication skills with the ability to produce well-written reports and analysis that’s thorough, accurate and complete.. Provide the customer with a complete understanding of the investigation. CEH, CySA, GSEC, Sec+, or equivalent certification preferred. A college degree in Information Security or IT, related training, certifications or on-the-job experience. Life At Deepwatch. For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional. growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.. In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to. creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida;. and Bengaluru, India.. What We Offer. At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.. We Partner With Plum Benefits To Provide. ? Group Health Insurance – Comprehensive medical coverage for you and your dependents.. ? Group Accidental Insurance – Financial protection in case of accidental injuries.. ? Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.. For additional details, refer to the benefits guide provided by Plum.. Payroll & Compensation. ? Pay Cycle: Salaries are processed monthly and paid on the last day of each month.. ? Pay Slips & Reimbursements: Delivered via email.. ? Payroll Processing: Managed by BCL Chartered Accountants through GreytHR, which provides tax and payment-related details.. Show more Show less

WHAT YOU DO AT AMD CHANGES EVERYTHING. We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives.. AMD together we advance_. The Staff Information Security Analyst will be responsible for identifying and defining requirements and engineering solutions to solve the existing threats and security issues of a global organization. This role will initial focus heavily on data protection, leading advancements in data loss prevention, and changing how AMD protects data going forward.. The Person. The ideal candidate will possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cyber-criminals. They should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. You will use your critical thinking and sense of ownership to focus on long term quality IT security solutions. Are you self-motivated and a team player with proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry? If so, this is a great career opportunity!. Key Responsibilities. The Staff Information Security Analyst responsibilities include, but are not limited to:. Building and growing AMD’s data security capabilities to keep AMD data secure regardless of location.. Identifying, monitoring, and defining the requirements to reduce the overall risk to AMD data, systems, and infrastructure.. Implementing hardware and software solutions to help mitigate a wide variety of information security risks.. Collaborating with other IT teams to align initiatives across the company.. Preferred Experience. Minimum of 5 years of IT security related experience.. Professional experience as a Security Engineer with demonstrated successful leadership and delivery of data protection solutions.. Experience as a customer-facing technical lead, including working with both management-level and development teams.. Senior/advanced related IT or security experience working in one or more Security Domains.. Experience with CASB, DLP, CSPM, Web Proxy.. Hands on experience with Data Classification policies and technologies to address data leakage.. Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML). Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment.. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.. Experience with cloud services (AWS, Google, Microsoft) and associated networking, as well as collaboration and integration with O365 products.. Hands on experience with Enterprise Linux platforms.. Experience with EDR solutions is a plus.. DLP, CASB. Nice to have: Client proxy, SIEM, File and Removable Media Protection [FRP]. It Would Be Nice If You Also Had. Experience with scripting language (python, PowerShell, etc.).. Strong documentation skills.. Academic Credentials. BS CS preferred but not required.. CISSP, CISA, CISM, CCSK. Benefits offered are described: AMD benefits at a glance.. AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.. Show more Show less

Picture Yourself at Pega: As a Senior Cloud Security Operations Analyst, you will play a critical role in ensuring the confidentiality, integrity, and availability of Pega's commercial cloud infrastructure and assets. You will be key in the continuous monitoring and protection of all global cloud security operations at Pega as well as an active participant in incident response efforts. As a key member of a team consisting of highly capable and talented problem-solving analysts and engineers, you'll help develop processes that drive proactive, automated detection and incident response tactics to support the quick resolution of cloud security events and incidents. You will accomplish this by collaborating with cross-functional teams including other security analysts, threat detection engineers, vulnerability analysts, security engineers, system administrators, and developers to proactively identify potential security risks and vulnerabilities within our cloud environment. You will leverage your strong analytical skills to assess and prioritize threats, applying your knowledge of industry best practices and cloud security frameworks. As a Senior Cloud Security Operations Analyst at Pega, you'll contribute to the success of our globally recognized brand. Your efforts will directly impact the security and trust our clients place in us, as we help them transform their business processes and drive meaningful digital experiences. So, picture yourself at Pega, where your expertise in cloud security is valued, and your passion for protecting data is celebrated. join us in shaping the future of secure cloud operations and make a lasting impact on the world of technology. What You'll Do at Pega: Perform security monitoring of Pega Cloud commercial environments using multiple security tools/dashboards Perform security investigations to identify indicators of compromise (IOCs) and better protect Pega Cloud and our clients from unauthorized or malicious activity Actively contribute to incident response activities as we identify, contain, eradicate, and recover Contribute to standard operating procedure (SOP) and policy development for CSOC detection and analysis tools and methodologies Assist in enhancing security incident response plans, conducting thorough investigations, and recommending remediation measures to prevent future incidents. Perform threat hunts for adversarial activities within Pega Cloud to identify evidence of attacker presence that may have not been identified by existing detection mechanisms Assist the threat detection team in developing high confidence Splunk notables focused on use cases for known and emerging threats, based on hypotheses derived from the Pega threat landscape Assist in the development of dashboards, reports, and other non-alert based content to maintain and improve situational awareness of Pega Cloud's security posture Assist in the development of playbooks for use by analysts to investigate both high confidence and anomalous activity Who You Are: You have an insatiable curiosity with an inborn tenacity for finding creative ways to deter, detect, deny, delay, and defend against bad actors of all shapes and sizes. You have been in the security trenches and you know what an efficient security operations center looks like. You have conducted in-depth analyses of various security events/alerts, contributed to incident response efforts, and developed new methods for detecting and mitigating badness wherever you see it. You bring a wealth of cloud security experience to the table and are ready to harness that expertise to dive into cloud-centric, technical analysis and incident response to make Pega Cloud the most secure it can be. You have a history of success in the information security industry. Your list of accolades include : SANS, Offensive Security, or other top-tier industry recognized technical security certifications focused on analysis, detection, and/or incident response Industry recognition for identifying security gaps to secure applications or products What You've Accomplished: Minimum of 6+ years of industry-relevant experience, with a demonstrated working knowledge of cloud architecture, infrastructure, and resources, along with the associated services, threats, and mitigations. Minimum of 4+ years in operational SIEM (Security Information and Event Management) roles, focusing on analysis, investigations, and incident response, with experience in Google Chronicle SIEM being an added advantage. 3+ years of operational cloud security experience preferably AWS and/or GCP including knowledge and analysis of various cloud logs such as CloudTrail, Cloud Audit, GuardDuty, Security Command Center, CloudWatch, Cloud Ops, Trusted Advisor, Recommender, VPCFIow, and WAF logs. 4+ years of operational experience with EDR/XDR platforms and related analysis and response techniques Operational experience performing investigations and incident response within Linux and Windows hosts as well as AWS, GCP, and related Kubernetes environments (EKS/GKE) Solid working knowledge of MITRE ATT&CK framework and the associated TTP's and how to map detections against it, particularly the cloud matrix portion Familiarity with the OWASP Top 10 vulnerabilities and best practices for mitigating these security risks. A solid foundational understanding of computer, OS (Linux/Windows), and network architecture concepts, and various related exploits/attacks Experience developing standard operating procedures (SOPs), incident response plans, runbooks/playbooks for repeated actions, and security operations policies Experience with Python, Linux shell/bash, and PowerShell scripting is a plus Excellent verbal and written communication skills, including poise in high pressure situations A demonstrated ability to work in a team environment and foster a healthy, productive team culture A Bachelor's degree in Cybersecurity, Computer Science, Data Science, or related field

Develop and refine threat hunting techniques and tools. Experience in monitoring and alert handling in QRadar SIEM. In-depth knowledge of advanced persistent threats (APTs) and attack vectors. Collaborate with threat intelligence teams to integrate new threat data into hunting processes. Security incident handling and reporting. Experienced in EDR alert analysis, preferably Sentinel One. Preferred candidate profile Bachelor's degree in computer science, Information Security, or related field. Should be flexible to work in 24/7 rotational shifts. Should possess good communication skills.

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Onboarding, Log ingestion, writing rules and polices in SIEM/EDR/DLP/Antivirus/XDR/Firewall/MDR/SOAR tool Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.