218 Edr Jobs - Page 9

XDR and SIEM alerts analysis. (Worked on multiple SIEMs - good to have ) Good Understanding of Attacks and its patterns, IOA Good understanding of Security devices logs and its analysis Good in Email communication and proactive in work. Good analytical skills with capability to perform detailed analysis for security events/incidents. Deep dive analysis on EDR platform and well versed with Multiple EDR/XDR platform

Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: Addresses the requirement for engineering practitioners in cybersecurity functions. Protects vital electronic systems and data from attack, as well as outsmarting and responding appropriately to sophisticated cyber-attacks. Maintains and applies working knowledge of industry standard cybersecurity frameworks and standards to analyze and prioritize cybersecurity risks across the enterprise and recommend treatment options. Researches attempted or successful efforts to compromise application, system, network or data security and designs countermeasures. Identifies, designs, implements, executes and assesses technical and procedural capabilities to effectively identify, prevent, detect, and respond to evolving cyber threats which threaten company electronic information, devices, applications, and data. Minimum Qualifications: "¢ Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of cybersecurity-relevant work experience. OR High school diploma or equivalent and 4+ years of cybersecurity-relevant work experience. Physical Requirements: "¢ Frequently transports and installs equipment up to 40 lbs. Job Summary: We are seeking a highly skilled and experienced Cyber Security Incident Response, Detection & Threat hunting professional to join our team. The primary focus of this role will be on CSIRT, Detection Management & Threat Hunting along with providing in-depth investigation and support for incidents escalated from CyberSOC Tier 1 and Tier 2. Key Responsibilities: Conduct threat hunting and manage CSIRT incidents. Provide in-depth investigation and support for incidents escalated from SOC Tier 1 and Tier 2. Own and drive the Cyber Security Incident process. Utilize strong knowledge and hands-on experience in detection management frameworks to onboard detections in multiple SIEM or EDR solutions. Perform detailed analysis of various security-related events, including social engineering attacks, malware outbreaks, DDoS, ransomware, and more. Communicate with key business units to make recommendations on mitigation and prevention techniques. Recommend and document acceptable mitigating controls. Liaise with Incident Managers to engage other ISRM stakeholders and the rest of the business. Contribute to the improvement of SOC operations through the identification, development, and maintenance of new use cases. Monitor security blogs, articles, and reports to stay current on the latest security risks, threats, and technology trends. Develop custom content for the SIEM platform. Create, publish, and communicate dashboards to be monitored by the Security Operations Center. Be available on call 24x7, including weekends and off-hours. Qualifications: Strong knowledge and hands-on experience in detection management frameworks and onboarding detections in SIEM or EDR solutions. Expertise in malware analysis and the ability to conduct detailed analysis of various security-related events. Excellent communication skills for interacting with key business units and making recommendations on mitigation and prevention techniques. Experience in liaising with Incident Managers and engaging other ISRM stakeholders. Proficiency in developing custom content for SIEM platforms and creating dashboards for the Security Operations Center. Availability for on-call responsibilities 24x7, including weekends and off-hours. Preferred Skills: Detection development on multiple EDR and SIEM solutions. Hands-on on Threat Hunting & handling CSIRT. Familiarity with the latest security risks, threats, and technology trends. Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced and dynamic environment.

About The Role : Development processes to ensure proper visibility and monitoring of the environment and solutions within the customer environment. Lead the day to day functions within the SOC. Supervise and Manage SOC analysts. Develop and report status of SOC and security posture to Management and customers. Provide technical and functional guidance to the team members regarding event monitoring and incident analysis and response Manage SOC operational responsibilities and task of the team members. Act as the escalation point for all security incidents that require attention and timely response. Provide regular coaching, mentoring and ensuring staff are cross trained on the various SOC tools. Primary Skills Splunk Incident Response EDR Network Security Vulnerability Management Secondary Skills Excellent written and verbal communication skills. Ability to multi task, prioritize, coordinate, work well under pressure and meet deadlines.

Dear Candidates, Greetings from Fujitsu, Your Profile has been shortlisted from Naukri. Apply Here: https://r.ripplehire.com/s/cqljv PFB the JD for your reference. Role: Technical Services Engineer Expert Experience : 7-9 Years Location: Pune. Shift: 24x7 Shift Requirement : Endpoint Detect and Respond (EDR), Architect Level quality, Endpoint Detect and Respond (EDR),Antivirus, CrowdStrike. Responsibilities: The ideal candidate should have experience in designing, implementing, and managing endpoint security, including MS Defender for Endpoint (EDR) and Microsoft BitLocker. They should be a quick learner, capable of understanding the clients IT environment and services, and able to initiate assigned tasks effectively. Strong problem-solving skills are required, along with the ability to troubleshoot complex technical issues. The candidate must be able to work independently, manage multiple priorities, and adapt to changing requirements and deadlines.The role requires flexibility to work across different time zones and off-peak hours, particularly during critical issues or priority tasks. Excellent communication and interpersonal skills are essential to collaborate effectively with stakeholders at all organizational levels. The candidate should also be proficient in documenting support activities, change management processes, and preparing Root Cause Analysis (RCA) for major incidents.A solid understanding of security and compliance requirements, including data protection and relevant laws and standards, is crucial. The candidate will collaborate with cross-functional teams, including IT, security, and compliance, to ensure that services align with organizational policies and regulatory requirements. Must-Have Skills:Endpoint securityMS Defender for Endpoint (EDR)Microsoft BitLockerGood-to-Have Skills:MS Defender for OfficeMS Defender for Cloud Responsibilities:Manage endpoint security for desktops, laptops, and servers within the existing customer environment. Design and implement endpoint security as needed, based on requests.Handle incidents, service requests (SRs), and changes assigned to the endpoint security queue for both infrastructure and workplace.Participate in security investigation discussions when required and take part in bridge calls.Collect evidential information to support investigations into security incidents.Monitor Defender compliance, investigate non-compliant devices, and take corrective actions.Maintain and update service documentation and standard operating procedures (SOPs).Conduct regular assessments of the endpoint security posture and implement enhancements as necessary.Prepare weekly/monthly compliance reports and share them with the ISM.Track SOC ticket processes with other teams and drive issues toward resolution.Participate in internal and customer meetings, representing endpoint security, and collaborate with cross-functional teams.Assist the SD team with progressing security-related tickets when technical assistance is needed and provide training on request.Audit security tickets and publish weekly reports.

Job description The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 8+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Experience in L1, L2 and L3 mandatory. For more details feel free to call Jyoti Tiwari 9819589998

Job responsibilities Design, implement, and maintain cloud security architecture and solutions across AWS, OpenStack, Azure, or GCP to ensure data protection, privacy, and security in the cloud environment. Monitor and protect cloud-based infrastructure, virtual networks, containers, and serverless applications from security vulnerabilities and attacks. Configure, manage, and optimize Web Application Firewalls (WAFs) to protect cloud-hosted web applications from common threats like SQL injection, XSS, and DDoS attacks. Implement and manage identity and access management (IAM) policies, ensuring the principle of least privilege and secure access to cloud resources. Lead and manage cloud-related security incidents, from detection to mitigation and post-incident analysis, ensuring continuous improvement of security posture. Perform risk assessments and threat modelling for cloud environments and applications, identifying vulnerabilities and potential attack vectors in the cloud infrastructure. Ensure cloud environments are compliant with relevant security standards and regulations (e.g., ISO 27001, SOC 2, PCI DSS). Set up and maintain continuous security monitoring and logging for cloud environments to detect anomalies, security threats, and vulnerabilities. Collaborate with development and DevOps teams to integrate cloud security best practices into the SDLC and CI/CD pipelines (DevSecOps). Educate internal teams on cloud security best practices, WAF configuration, and security controls to foster a security-first mindset across the organization. Conduct regular cloud security audits and vulnerability assessments and recommend security enhancements as needed. Experience with threat hunting and using advanced analytics tools to detect security anomalies. Skills Strong knowledge of securing cloud environments (AWS, OpenStack, Azure, GCP) with hands-on experience implementing cloud-native security solutions. Extensive experience configuring, tuning, and managing Web Application Firewalls (WAFs) such as AWS WAF, Azure WAF, or third-party WAFs to protect against OWASP Top 10 threats. Experience with IAM management in the cloud, including configuring roles, policies, and multi-factor authentication (MFA) for secure access to cloud resources. Familiarity with cloud security tools and services (e.g., AWS Security Hub, Azure Security Centre, GCP Security Command Centre) to monitor, detect, and respond to threats. Experience in cloud penetration testing, vulnerability scanning, and risk assessments to identify and remediate security flaws in the cloud infrastructure. Knowledge and experience in managing and mitigating cloud security incidents and breaches, including performing forensic analysis and developing incident response plans. Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automating cloud security tasks, vulnerability scanning, and incident response. Ability to enforce cloud security best practices such as data encryption, network segmentation, secure API practices, and the secure configuration of cloud services. Deep understanding of cloud networking security, including firewalls, VPNs, security groups, VPCs, and private/public cloud configurations. Expertise in deploying DDoS protection services and tuning WAFs for optimal protection against both common and advanced web application attacks. Qualifications 5+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant. Relevant certifications such as AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), or other cloud security certifications are preferred.

Job responsibilities Assist in the design, deployment, and management of cloud environments (AWS, OpenStack, Azure, GCP) to ensure scalability, security, and high availability. Implement and maintain cloud security best practices, including Identity and Access Management (IAM), data encryption, and access controls to safeguard cloud environments. Support SOC activities by integrating cloud infrastructure with security monitoring tools such as CrowdStrike EDR, Proofpoint, and email security solutions to detect and respond to security incidents. Respond to and investigate security incidents in cloud and on-premises environments, using CrowdStrike EDR for endpoint threat detection and Proofpoint for email-related threats. Develop and implement automation scripts using tools like Terraform, CloudFormation, or Ansible to streamline cloud provisioning, security management, and incident response processes. Leverage SOC tools (CrowdStrike, Proofpoint) to continuously monitor cloud environments for potential threats, anomalies, and vulnerabilities. Configure and manage security alerts and events generated by CrowdStrike EDR and Proofpoint, ensuring rapid identification and mitigation of threats across cloud services and email systems. Work closely with development and operations teams to ensure seamless integration of cloud environments and security solutions into applications and services. Assist in migrating on-premises applications and services to the cloud, ensuring secure migration and minimal operational disruption. Assist in educating teams about cloud security best practices, security operations processes, and how to leverage security tools such as CrowdStrike and Proofpoint to safeguard against threats. Stay informed on emerging threats, new security tools, and best practices for securing cloud environments and managing SOC operations. Skills Experience with one or more cloud platforms (AWS, Azure, GCP) and their core services such as compute, storage, networking, and security. Familiarity with SOC tools, particularly CrowdStrike EDR (for endpoint detection and response), Proofpoint (for email security and threat protection), and other security monitoring and incident response platforms. Strong understanding of cloud security best practices, including IAM (Identity and Access Management), secure APIs, encryption, and protecting data in transit and at rest. Proficiency in using cloud automation and Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or Ansible to manage and provision cloud resources and integrate security operations. Knowledge of cloud networking concepts, including VPCs, subnets, security groups, and firewalls, with a focus on securing the cloud network. Experience with email security solutions like Proofpoint, including configuring, managing, and monitoring for phishing attempts, spam, and malware. Hands-on experience with security incident response processes, including investigation, mitigation, and reporting, using CrowdStrike EDR and other SOC tools. Familiar with performing vulnerability scans and collaborating with relevant teams on vulnerability remediation efforts. Qualifications 2+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant. CEH (Certified Ethical Hacker), or other relevant security certifications.

Job responsibilities Design, implement, and maintain secure cloud infrastructures across public and private cloud environments (AWS, OpenStack, Azure, GCP), ensuring the integration of best security practices and alignment with business goals. Develop and execute a comprehensive cloud security strategy that integrates security requirements into cloud architecture and development processes, focusing on continuous improvement and threat mitigation. Architect and implement robust network security solutions, including firewalls, intrusion detection systems (IDS/IPS), VPNs, and secure remote access, ensuring the confidentiality, integrity, and availability of cloud-based assets. Design, configure, and manage Web Application Firewalls (WAF) to protect web applications from external threats such as DDoS, SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities. Conduct regular security assessments, penetration testing, and vulnerability assessments to identify and mitigate security risks in cloud environments and network infrastructure. Lead the automation of security processes, implementing infrastructure-as-code (IaC) for secure and compliant cloud deployments using tools such as Terraform and CloudFormation. Ensure compliance with industry standards and regulations (e.g., SOC 2, ISO 27001, GDPR, NIST). Establish incident response protocols for cloud environments, leading investigations and remediating security incidents across cloud and network infrastructures. Manage and integrate cloud security tools, including identity and access management (IAM), encryption solutions, cloud-native security services (e.g., AWS Guard Duty, Azure Security Centre), and third-party solutions like WAF and EDR. Provide guidance and mentorship to junior security engineers and other stakeholders on cloud security best practices, threat intelligence, and network security design. Maintain thorough documentation of cloud security architectures, configurations, incident response actions, and risk assessments. Regularly report to senior management on security posture and improvements. Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques, especially for cloud security and network infrastructure. Proactively design solutions to combat emerging threats. Skills Extensive experience in designing and implementing secure cloud infrastructures and services, with proficiency in one or more cloud platforms (AWS, OpenStack, Azure, Google Cloud). Deep understanding of network security concepts and practices including firewalls, VPNs, proxy servers, IDS/IPS, and network access control in cloud environments. Hands-on experience in implementing, configuring, and managing WAF solutions (e.g., AWS WAF, Azure WAF) to protect applications from external attacks, including DDoS, XSS, and SQL injections. Expertise in configuring and managing IAM policies, roles, and permissions in cloud environments to enforce least-privilege access and mitigate insider threats. Strong knowledge of security standards and frameworks such as ISO 27001, SOC 2, NIST, GDPR, and PCI-DSS, and experience ensuring compliance in cloud and network security projects. Experience with cloud-based security monitoring tools (e.g., AWS Guard Duty, Azure Sentinel) and leading incident response efforts for cloud security incidents. Experience conducting vulnerability assessments, penetration tests, and security audits to identify weaknesses and implement remediation strategies in cloud and network environments. Deep understanding of security architecture principles and designing systems with a Security by Design” mindset to safeguard cloud and network infrastructure. Knowledge of data encryption techniques for data-at-rest and data-in-transit and securing data storage and communication in cloud environments. Ability to lead and mentor teams of security engineers, fostering collaboration across security, DevOps, and network engineering teams. Should be comfortable working with different teams and have good communication skills. Qualifications 8+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant or architect role. Prior experience as a team lead or role mentoring junior team members. AWS, CEH, OSCP, AWS Certified Security Specialty or CISSP Certifications preferred.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Threat Hunting Good to have skills : Threat Intelligence Operations Minimum 7.5 year(s) of experience is required Educational Qualification : Sec-Network Threat Protection -Impl Summary :As a Security Delivery Lead, you will be responsible for leading the implementation and delivery of Security Services projects, leveraging our global delivery capability. Your typical day will involve leading the team, conducting security threat hunting, and ensuring the successful delivery of projects. Roles & Responsibilities: Lead the implementation and delivery of Security Services projects, leveraging our global delivery capability. Conduct security threat hunting to identify and mitigate potential security threats. Collaborate with cross-functional teams to ensure successful project delivery. Provide technical guidance and mentorship to team members. Stay updated with the latest advancements in security threat hunting and integrate innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Strong experience in security threat hunting. Must To Have Skills:Experience in leading security delivery projects. Good To Have Skills:Experience with security tools such as SIEM, IDS/IPS, and EDR. Good To Have Skills:Knowledge of security frameworks such as NIST, ISO, and CIS. Strong understanding of security threat hunting methodologies and techniques. Experience in conducting security assessments and penetration testing. Excellent communication and leadership skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in security threat hunting. The ideal candidate will possess a strong educational background in computer science, information security, or a related field, along with a proven track record of delivering impactful security solutions. This position is based at our Bengaluru office. Qualification Sec-Network Threat Protection -Impl

We are seeking a dynamic and experienced Business Development Manager with a deep understanding of cybersecurity, specifically in SOC and MDR services, XDR,MSS

We are seeking a Cloud Engineer to design, implement, and maintain cloud infrastructure (AWS, Azure, GCP). Key responsibilities include cloud architecture, system administration, automation, security, cost management, and documentation. Experience with migrating Exchange and SharePoint to cloud solutions is required. Collaborate with, cross-functional teams to design, implement, and maintain cloud infrastructure solutions. Provide technical guidance and support to resolve complex issues related to cloud services, Cyber Security, Networks. Perform regular assessments and audits to ensure the security, reliability, and efficiency of cloud environments. Participate in planning and executing cloud migration projects, including workload assessments, resource provisioning, and data migration strategies. Work as a Technical Consultant for Various Microsoft Technologies and its Security products. Hosted Exchange and Online Exchange Migration SharePoint and OneDrive Migration Teams, Enterprise Roaming Profile and Intune Deployment Spam Filters and Endpoint Security, EDR, XDR, NDR, MDR Work with Pass-through, Federated auth, SSO, Hybrid access, Cloud Sync, Delegation, Self Service. MFA, Conditional Policies, PIM, Vulnerabilities and risk assessment. Encryption, Risk Asses, Incidence management, VA, Penetration test, IDS/IPS, compliance

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Microsoft 365 Security & Compliance Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability. You will be responsible for ensuring the successful execution of projects, utilizing our method, tools, training, and assets. Your role will involve managing and coordinating the team, making key decisions, and collaborating with multiple teams to provide solutions to problems. You will contribute to the overall success of the projects and ensure the delivery of high-quality security services. Roles & Responsibilities: Expected to be an SME in Microsoft 365 Security & Compliance. Collaborate and manage the team to perform effectively. Responsible for team decisions and ensuring their successful execution. Engage with multiple teams and contribute to key decisions. Provide solutions to problems for their immediate team and across multiple teams. Ensure the delivery of high-quality security services. Manage and coordinate the team to meet project objectives. Identify and mitigate risks to ensure project success. Professional & Technical Skills: Must To Have Skills:Proficiency in Microsoft 365 Security & Compliance. Strong understanding of security principles and best practices. Experience in implementing and managing security solutions. Knowledge of security frameworks and standards. Hands-on experience with security tools and technologies. Good To Have Skills:Experience with cloud security solutions. Professional & Technical Skills: Must To Have Skills:Experience in Microsoft 365 Security & Compliance, Microsoft Defender for Endpoint, EDR, Threat Vulnerability Management, Qualys scanner Good To Have Skills:Experience in other security technologies such as SIEM, IDS/IPS, and firewalls. Strong understanding of security best practices and standards. Experience in leading security services projects. Excellent communication and interpersonal skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in Microsoft 365 Security & Compliance. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education

About The Role : Job Title- Engineer, Associate Location- Pune, India Role Description This role combines engineering expertise with operational excellence to enhance the security posture of DBs devices, servers, and cloud workloads. You will collaborate with cross functional teams to design strategies, deploy solutions, and address security challenges. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Manage and optimize tools EDR (e.g., Microsoft Defender for Endpoint, CrowdStrike etc.), Antimalware solutions, and Tanium Endpoint Platform. Lead POCs for new security tools and features, evaluating their effectiveness, compatibility, and scalability. Document finding and provide detailed recommendation for production deployment. Develop and enforce endpoint policies, ensuring alignment with DBs security standards. Maintain security for cloud workloads using platforms such as Prisma cloud or equivalent solutions. Ensure container image scanning, vulnerability management, and security configurations are in place for cloud workloads. Lead efforts in endpoint attack surface reduction and hardening initiatives. Monitor and respond to endpoint and cloud workload security alerts and incidents, collaborating with the threat operations and other teams for resolution. Perform root cause analysis and remediation for security related issues. Drive the resolution of audit findings by working with cross functional teams to implement required controls on endpoints. Provide updates, maintain documentation, and ensure alignment with regulatory standards. Create scripts(PowerShell, Python etc.) for testing, monitoring, and compliance-related tasks. Your skills and experience Required: 5+ years of experience in endpoint security engineering or operations roles Expertise in EDR, Tanium, Antimalware, Device Control and Attack Surface Reduction strategies. Strong scripting skills in PowerShell or Python for automation and compliance checks. Relevant certifications in cybersecurity or related fields. Excellent communication skills. Experience in a banking or financial services environment. Preferred: Familiarity with SIEM tools and other security technologies. Expertise in vulnerability management and risk remediation. Familiarity with cloud platforms (preferably GCP) How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Skill:-Web Application Firewall Experience:-5+Years Location:-Bangalore Notice Period:-Immediate Joiner - 30Days Interested Candidates can share your updated CV's-supriya.gantlappa@wisseninfotech.com Role & responsibilities In-depth knowledge and hands-on experience with Fortinet, Palo Alto, F5 WAF, Web Proxy, DLP (Forcepoint and McAfee ePO), Forescout NAC, TrendMicro EDR, and McAfee DAM. Monitor the logs and alerts for security incidents, investigate and respond to any identified issues. Manage and Troubleshoot issues faced along with the relevant team. Regularly update and patch the security appliances to ensure the latest security features and bug fixes are applied. Optimize performance and fine-tune rules to maximize efficiency while maintaining security. Expected to acquire expertise in one or more technologies to support the existing team. Stay updated with the latest trends in cyber security and networking by attending necessary training and pursuing relevant certifications

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information SOAR Developer JD- Client looking for a strong playbook developer resource for XSOAR/Splunk Phantom/Splunk SOAR who has SOC/CSIRT practical experience along with technical skills for developing playbooks. The resource would be helping to develop playbooks for our existing requirements and also work more directly with our analysts to leveraging their SOC/CSIRT experience to help come up with the best solution to solve the business need. This may require influencing process change on the SOC side to provide the best solution to meet their needs. Looking for well experienced (5+ yrs) XSOAR developer who understand SOC use cases and develop new playbook automations and work on enhancement requests. Palo XSOAR playbook development, Security Incident Response, SOC operations 2. Operation Manger- splunk JD- We are seeking an experienced Operations Manager to oversee and optimize our daily operations. The Operations Manager will be responsible for ensuring that our business processes run smoothly and efficiently, coordinating between various departments, managing resources, and driving continuous improvement initiatives. The ideal candidate will have strong leadership skills, a deep understanding of operational processes, and the ability to implement strategies that enhance productivity and profitability. Key Responsibilities: - Operations Management: - Oversee the day-to-day operations of the organization, ensuring that all processes are running efficiently and effectively. - Monitor key performance indicators (KPIs) to identify areas for improvement and implement strategies to enhance productivity. - Coordinate between departments (e.g., production, logistics, customer service) to ensure seamless operations and the timely delivery of products or services. - Resource Management: - Manage and allocate resources (e.g., personnel, equipment, budget) to optimize operational efficiency and meet organizational goals. - Develop and implement resource management plans to address current and future operational needs. 3. Splunk Content Developer L3 JD- C ontent Development: - Design and develop custom dashboards, reports, and alerts within Splunk to meet the needs of various business units, including IT operations, security, and business intelligence. - Create and optimize complex SPL queries to extract meaningful data and insights. - Develop and maintain data models, saved searches, and macros to streamline content creation and improve performance. - Requirement Gathering: - Work closely with stakeholders to understand their needs and translate business and technical requirements into effective Splunk content. - Collaborate with cross-functional teams to ensure the content aligns with organizational goals and objectives. 4. Splunk Analyst JD The Splunk Analyst will be responsible for the design, implementation, and maintenance of Splunk solutions. This role involves working with large datasets, creating dashboards, alerts, and reports to provide actionable insights, and supporting the organizations IT security, compliance, and operational monitoring needs. Key Responsibilities: - Data Onboarding & Management: - Collect, monitor, and analyze data from various sources by configuring and deploying Splunk forwarders and ingesting data into the Splunk platform. - Optimize Splunk data models and indexes for performance. - Ensure data integrity, proper parsing, and normalization of data. - Dashboard & Report Development: - Design, develop, and maintain Splunk dashboards, alerts, and reports to provide insights into system performance, security events, and operational metrics. - Collaborate with stakeholders to gather requirements and tailor reports/dashboards to meet business needs. - Monitoring & Alerting: - Implement and fine-tune Splunk alerts to proactively monitor for security incidents, performance issues, and anomalies. - Conduct regular system health checks to ensure the stability and performance of the Splunk environment. - Troubleshooting & Support: - Investigate and resolve issues with Splunk performance, data ingestion, and search/query errors. - Provide support to end-users, helping them to use Splunk effectively

About The Role : Position: SOC L1 Analyst (Cyber Threat Detection, Investigation and Response) Location: Bangalore (Sarjapur), Noida (GNDC), or Hyderabad (Manikonda Village) Shift: 24*7 Rotational Job Summary: The SOC L1 Analyst is a highly skilled cybersecurity professional responsible for identifying, investigating, and responding to complex security incidents and threats within the organization's IT environment. This role involves in analysis of security alerts, incident triage andworks closely with other members of the Security Operations Center (SOC) team, collaborating to enhance the organization's overall security posture. Responsibilities: Analyze and respond to complex security incidents, including advanced persistent threats, malware infections, suspicious or malicious activity and data breaches. Investigate and implement incident response plans and procedures to contain, mitigate, and eradicate security threats promptly. Working experience/ hands-on experience required on (security technologies we have) SIEM/ Next Gen SIEM, SOAR/Automation, XDR, EDR, Cloud Security (AWS, GCP, MS etc.), CSPM, CASB/MDCA/MCAS, NDR, ITDR, IDS/IPS, SPAM/Phishing Investigation, MS Exchange ATP, Service-Now, etc. Collaborate with cross-functional teams, including network engineers, system administrators, and application developers, to implement security best practices and remediate identified vulnerabilities. Conduct advanced threat-hunting activities to proactively identify security threats and vulnerabilities within the organization's network and systems. Awareness of NIST, MITRE & Attack framework, and its implementation in the operations. Document security incidents, including their timelines, findings, and remediation actions taken, in accordance with established procedures and regulatory requirements. Develop and maintain detailed documentation of incident response procedures, playbooks, and lessons learned. Stay up to date on the latest cybersecurity trends, threats, and vulnerabilities through continuous learning and professional development activities. Conduct quality reviews and internal audits for the governance of operations. Provide mentorship and guidance to junior analysts, assisting in their skill development and knowledge enhancement. Contribute to continuously improving SOC processes, technologies, and methodologies. Must be able to create dashboards, and reports based on the customer requirements on both- ServiceNow and SIEM platforms. #LI-AD3

Sales Manager/Sr Manager/Head of Sales- Cyber Security Services - Hyderabad/Mumbai/Delhi/Bangalore - 8-20years We are seeking a dynamic and experienced Cybersecurity Sales Account Manager to drive growth and deliver cutting-edge cybersecurity solutions. This role requires a proven track record in technology sales and a deep understanding of cybersecurity services, targeting clients in Hyderabad, Mumbai, or Delhi. Location: Hyderabad/Mumbai/Delhi/Bangalore Your Future Employer: A rapidly growing cybersecurity solutions provider, empowering organizations of all sizes with state-of-the-art AI-driven tools and services. Responsibilities Developing and maintaining strong relationships with CIOs, CTOs, and CISOs. Identifying and pursuing business opportunities to drive direct and channel sales. Consulting with clients to understand their cybersecurity needs and presenting tailored solutions. Delivering compelling presentations, demos, and workshops. Managing channel partners and driving regional engagement. Maintaining an updated Sales CRM for accurate revenue forecasting. Requirements Bachelors/Masters degree with 7+ years of experience in technology sales. 3+ years of sales management experience. Expertise in cybersecurity services like MDR, EDR, SIEM, Cloud Security, and Managed Security Services. Strong communication, presentation, and problem-solving skills. Passionate about cybersecurity and sales, with a creative and customer-first mindset. Whats in it for you? Opportunity to work with a leading cybersecurity provider. Exposure to cutting-edge technologies and innovative solutions. Growth and learning opportunities in a dynamic environment. Competitive salary and performance-based incentives. Reach Us If this opportunity aligns with your career aspirations, send your updated profile to payal.arora@crescendogroup.in . Disclaimer Crescendo Global specializes in senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with a memorable job search and leadership hiring experience. Crescendo Global does not discriminate based on race, religion, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a high volume of applications daily. If you do not hear back from us within a week, please assume your profile was not shortlisted. Your patience is highly appreciated. Profile Keywords : Cybersecurity Sales, Managed Security Services, Channel Sales, CIO/CTO/CISO Network, MDR, EDR, SIEM, Cloud Security, IT Solutions Sales, Hyderabad Sales Manager, Mumbai Sales Manager, Delhi Sales Manager.

Responsibilities Design and implement endpoint security solutions for data centres, disaster recovery sites, cloud environments, and branch offices. Develop and maintain Standard Operating Procedures (SOPs) and runbooks for endpoint security processes. Manage and update the knowledge base in IT Service Management (ITSM) tools. Implement and manage endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions. Conduct regular vulnerability assessments and remediation activities. Monitor and analyze security events and alerts to detect and respond to potential threats. Collaborate with other IT teams to ensure the security of endpoints across the organization. Provide training and support to end-users on endpoint security best practices. Stay updated with the latest cybersecurity trends and threats to enhance the organization's security posture. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field. Minimum of 3-5 years of experience in endpoint security, network security, or a related field. Proficiency in Windows and Linux operating systems. Knowledge of endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions. Experience with vulnerability management, malware analysis, and incident response. Strong understanding of networking fundamentals, firewall and proxy technologies, and encryption/cryptography. Relevant certifications such as CISSP, CEH, or CompTIA Security+ are preferred. Preferred technical and professional experience Good in to Endpoint Security and EDR Proven understanding on Email Gateway solution Understanding on disk encryption Excellent analytical and problem-solving skills. Strong communication and teamwork abilities. Ability to work independently and manage multiple tasks simultaneously. Detail-oriented with a focus on quality and accuracy. Proactive and adaptable to changing security landscapes.