17 Endpoint Detection Jobs

As a Security Analyst I at ConnectWise, you will play a crucial role in safeguarding client data sources from security threats and breaches. Your responsibilities will include: - Providing support to the Security Services team with meticulous attention to detail. - Researching, analyzing, and documenting findings related to security incidents. - Assisting in the analysis of events from various cybersecurity systems. - Monitoring for breaches, suspicious activities, and malicious behavior. - Collaborating with colleagues to understand processes and deliverables. - Adhering to relevant security policies, procedures, and standards. - Prioritizing customer satisfaction and aiding in partner communications and escalations. - Following escalation procedures for interfacing with other SOC teams. In order to excel in this role, you should possess the following knowledge, skills, and abilities: - Ability to work independently with close supervision. - Broad theoretical knowledge of the relevant work area. - Flexibility to adapt to new technologies and processes. - Strong verbal and written communication skills. - General IT knowledge and troubleshooting abilities. - Capacity to thrive in a fast-paced environment with patience. - Excellent organizational and multitasking skills. Qualifications and Experience: - Bachelor's degree in a related field or equivalent business experience. - 1+ years of relevant work experience. - Preferred certifications: Network+, Linux+, Security+, CySA+, or similar. Working Conditions: - Hybrid work model (Three days a week in the office). - Shift work required, including 24/7 availability. Please note that the above description summarizes the key responsibilities and qualifications for the Security Analyst I role at ConnectWise. If you are passionate about cybersecurity, possess the necessary skills, and thrive in a dynamic environment, we invite you to consider this opportunity to make a difference at ConnectWise.,

Role Overview: As a Manager, Detection and Response at Synchrony, you will be a part of the Synchrony Joint Security Operations Center (JSOC) and will play a crucial role in cyber detection of information security alerts and assisting in the investigation and reporting of major information security incidents across all business units. Your responsibilities will include operating the detection and response program, handling escalated incidents, and ensuring the security of both traditional on-premise and cloud management plane. You will be expected to have a strong understanding of communication technologies, emerging cloud security practices, and building relationships within the organization. Key Responsibilities: - Respond to security incidents by mitigating and containing impacts, coordinating remediation efforts, and providing recommendations for improvements to senior management. - Utilize security technologies such as Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and other tools to proactively detect security threats. - Collaborate with the Cyber Intelligence team to develop threat detection logic and enhance Detection and Incident Response processes. - Document findings, create detailed reports, enumerate risks, and prioritize mitigation efforts based on business priorities. - Act as a subject matter expert on incident response tasks and coordinate IT resources effectively. - Identify and recommend process improvements to enhance overall security posture. Qualifications Required: - Bachelor's degree in Computer Science or related discipline with a minimum of 4 years of work experience in information security or related technology, or a High School Diploma/GED with equivalent work experience. - Minimum 2 years of experience in cyber security, incident response, or security operations related to detection, analysis, containment, eradication, and recovery from cyber security incidents. - Strong verbal and written communication skills. - Ability to perform logical problem-solving. - Experience working in high-performing teams and understanding teamwork dynamics in a SOC environment. - Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security Specialty, and other cybersecurity certifications are a plus. Company Details: Synchrony (NYSE: SYF) is a premier consumer financial services company with a focus on delivering digitally enabled product suites across various industries. Recognized for its employee-friendly policies and career advancement opportunities, Synchrony offers flexibility, choice, and best-in-class employee benefits to promote work-life integration and overall well-being. Grade/Level: 09 Work Timings: Rotational shifts,

The role involves translating customer needs into technical systems solutions and leading projects at the architecture level. It requires determining and developing architectural approaches for solutions and conducting business reviews. The ideal candidate should have 8-10 years of experience with a strong technical background in system and applications solution architecture design. Additionally, experience in designing solutions using appropriate platforms and system technologies is essential. A degree in Computer Science and Engineering is preferred. Key responsibilities include analyzing the client's needs and translating them into system and architecture requirements to ensure that the design meets the client's needs. Evaluating the client's system specifications, work practices, and business nature is crucial. Developing a solution concept design in alignment with enterprise architecture and business requirements is also a key aspect of the role. Analyzing the impact of solutions on the client's overall business processes and systems to mitigate business risks is another important responsibility. The ideal candidate for the Cyber Security Architect position should have at least 18 years of IT experience, with 10 years specifically in Cybersecurity Project Experience. Key requirements include proven experience in Cybersecurity architecture, focusing on Threat Hunting, Threat Adversaries, Offensive Security activities, and the Mitre ATT&CK framework. Expertise in delivering enterprise-level defensible security architecture and industry-specific cyber architecture framework for multiple customer projects is essential. In-depth knowledge of cybersecurity principles, practices, technologies, and methodologies is required. Hands-on experience with Cybersecurity tools and technologies such as SIEM platforms, threat intelligence platforms, endpoint detection and response (EDR) solutions, etc., in the past five years is necessary. A strong understanding of offensive security techniques, including penetration testing, Red Teaming, and Ethical Hacking, is also important. Expertise with security compliance and the ability to develop security controls adhering to security frameworks and agile practices for a leading global organization are key requirements. Candidates for this role must possess one or multiple advanced security certifications from accredited bodies, such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), CompTIA Advanced Security Practitioner (CASP+), or Certified Information Security Manager (CISM). The location for this role is Bangalore/Ahmedabad.,

As an IT Security Analyst in our Security Operations Center (SOC) team based in Noida (Hybrid), you will play a crucial role in safeguarding our organization's digital assets and infrastructure from cyber threats. Your responsibilities will include working in rotational night shifts, administering and troubleshooting security infrastructure devices, managing service tickets, detecting and responding to security incidents, monitoring system logs, and collaborating with internal teams to enhance security measures. You will need to stay updated on emerging threat vectors, contribute to refining SOC playbooks and SOPs, and possess a strong foundation in cybersecurity principles. To excel in this role, you should have at least 3 years of experience in IT Security, particularly within a SOC environment, and be well-versed in information security principles and networking fundamentals. Hands-on experience with security tools like SIEM platforms, EDR tools, IDS/IPS, firewalls, VPNs, and antivirus solutions is essential. Additionally, familiarity with network traffic analysis, vulnerability triage, malware identification, and phishing detection will be beneficial. Your ability to analyze compromise indicators, work efficiently in fast-paced settings, think critically under pressure, and possess relevant certifications like CompTIA Security+ or CEH will be highly valued. Key competencies for success in this role include meticulous attention to detail in documentation, strong written and verbal communication skills, effective team collaboration, the ability to remain composed and make decisions during high-stress situations, and a proactive mindset focused on continuous improvement. If you are a passionate IT Security professional with a proactive approach and a commitment to enhancing cybersecurity measures, we encourage you to apply for this challenging and rewarding opportunity.,

As a Cyber Security Incident Management Operations professional at Standard Chartered Bank, you will be responsible for monitoring, detecting, and responding to potential security threats and risks to the organization using the available technology toolset. Your role will involve correlating and consolidating alerts, reports, anomalies, and other intelligence sources to determine the urgency and priority of events/incidents and initiating an appropriate response. You will continuously work on improving the accuracy and relevance of the bank's detection tools and capabilities to keep pace with changing environments and regulatory/compliance requirements. It will be essential to adhere to defined security monitoring processes and procedures while also driving improvements to enhance maturity and relevance. Tracking and reporting the remediation of cybersecurity threats and risks, as well as providing domain expertise during remediation to the appropriate support groups, will be part of your responsibilities. You will track and document cybersecurity incidents from initial detection through final resolution and operate within established standard operating procedures to handle security incidents effectively. As part of your duties, you will research trends and countermeasures in computer/network vulnerabilities, exploits, and malicious activity. You will support senior incident handlers during cybersecurity incident response activities, perform root cause analyses, and present findings to relevant stakeholders for remediation. Collaborating closely with other support groups to assess risk and provide recommendations for enhancing the bank's security posture will also be a key aspect of your role. In addition to your primary responsibilities, you will be expected to work within a 24x7 shift model and provide after-hours rotational coverage when required. You will play a crucial role in ensuring all potential security threats across the bank are monitored, detected, and responded to promptly to maintain a secure environment. To excel in this role, you should be well-versed in Cybersecurity Incident Analysis and Response as well as Cybersecurity Defensive Operations. A strong understanding of core Enterprise Information Technology and Computer Networking concepts is essential. Exposure to Security Information and Event Management solutions, Endpoint Security tools, and Endpoint Detection and Response tools is desirable. Ideally, you should possess a diploma or higher educational qualification in Engineering, Computer Science/Information Technology, or a relevant discipline. Certifications such as EC Council Certified Ethical Hacker (CEH), SANS GIAC Certified Incident Handler (GCIH), and ITIL v3 Foundation would be advantageous. At Standard Chartered, we value diversity, inclusion, and continuous learning. If you are passionate about making a positive difference in the realm of cybersecurity and are committed to upholding the highest standards of ethics and compliance, we welcome you to join our team and contribute to our purpose of driving commerce and prosperity through unique diversity.,

At Dark Matter Technologies, you are at the forefront of a tech-driven revolution in loan origination. The commitment to cutting-edge AI and origination technology solutions is reshaping the industry landscape, illuminating a path towards seamless, efficient, and automated experiences. Driven by Empower, the cutting-edge all-in-one LOS, and a suite of innovative Origination Technologies, end-to-end solutions are provided that fully serve the mortgage origination process. Dark Matter Technologies is owned by Constellation Software Inc. (TSX:CSU). As a SOC Lead with 8+ years of experience, your responsibilities will include monitoring and investigating security alerts, maintaining and tuning security tools under InfoSec purview, researching and providing gap analysis of current security event processes, identifying opportunities for improvements, acting as a subject matter expert and mentor to junior team members, and driving root-cause analysis to common security events. To qualify for this role, you should have an associate or bachelor's degree in computer science, Information Technology, System Administration, or a closely related field, or equivalent work experience. A minimum of 10+ years of experience working in a Security Operations Center (SOC) and demonstrating an increased level of responsibilities is required. Additionally, you should possess sound working knowledge of security operations and security investigation best practices, experience monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events, experience monitoring and handling Microsoft Defender portal and Purview alerts and events, exceptional customer service skills, strong project management skills, strong team management skills with a history of managing direct reports, high self-motivation with keen attention to detail, ability to work within a diverse geographically distributed team, willingness to adjust work schedule to accommodate business needs, ability to perform in cross-functional teams, ability to adapt to different cultures with varying degrees of physical living standards, accommodations, and environments, ability to sit at a computer workstation for extended periods and fully utilize the PC monitor, keyboard, mouse, and required programs, ability to be on-call and work extended hours as needs arise, ability to work on a modified schedule that aligns with the US Eastern time zone (8 am to 5 pm), and strong English written and verbal skills. If you believe you meet the qualifications and are excited about the opportunity to work in a dynamic and innovative environment, we look forward to receiving your application documents (Resume, Salary details, and references) stating the earliest date you could start. Get empowered by Dark Matter Technologies!,

Work Experience : 8+ Years Time Zone : Should be flexible working in PST/EST hours Deliverables Key Responsibilities o Manage and successfully deliver ISSQUARED SOC services to external customers in a shared or dedicated model. o Leadership and Management of the SOC team including hiring, developing & retaining personnel, workload assignment, process development, project management o Work with sales and pre-sales teams to develop and present the SOC and other cyber security offerings to potential customers. o Develop standard operating procedures and other appropriate documents to enforce quality and consistency of Security services being delivered. o Stay in touch with the latest exploits and fixes and be tuned to lead the team on effective zero-day exploit situations. o Analyse event streams from the SIEM tools and recommend/implement optimum tuning features to ensure that analysts and agents are not loaded with a high number of false positives. o Able to technically design, manage & configure SIEM tools like QRADAR, Crowdstrike, FortiSIEM, Microsoft Sentinel. Firewalls & IDS/IPS solutions VAPT tools and processes o Adherence to all SLAs and committed to the principle of zero events being missed. o Setup, lead and drive to closure SSIRT calls, lead forensic analysis activities with on-shore counterparts and other technical managers/leads. o Work closely with other teams like the NOC, L3 escalation support teams to drive cohesive responses to major issues. o Identify custom reporting requirements, translate requirements into SIM technical specifications. o Ensure shifts are staffed appropriately and right resources are recruited as per business needs. o Contribute to improving the delivery processes and metrics. o Contribute to training and development of documentation required to support the service. o Work closely with engineering teams to refine the monitoring solutions and processes deployed leading to efficiencies. o Be able to create dashboards and reports, set up calls with customers and present daily, weekly and monthly trends and performance statistics. Essential Attributes and Skills Needed: o Fluency in spoken and written English with minimal or no MTI influence. o Bachelors degree in Science or higher. (B.E/B.Tech preferred). o In-depth knowledge of security concepts such as Cyber-attacks and techniques, threat vectors, risk management, incident management etc. o Experience in security device Management and SIEM tools o Knowledge of applications, databases, middleware to address security threats against the same. o Proficient in preparation of reports dashboards and documentation. o Good Analytical skills, problem solving and Interpersonal skills. o Solid and demonstrable comprehension of information security including malware, emerging threats, attracts, and vulnerability management o Experience with reviewing raw log files, data correlation, and analysis (i.e firewall, network flow, IDS, system logs) including integration and workflow experience with Security automation and orchestrations platforms. o Subject matter expert(SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, firewalls, intrusion detection, Endpoint Detection and Response, threat detection analysis and /or information risk management.

As a SOC L3 Analyst, you will be responsible for leading the investigation and response to complex security incidents, engineering advanced detection content, and optimizing security tools and processes. With a strong focus on Splunk, content engineering, Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and Response (SOAR), you will enhance the SOC's capabilities to detect and mitigate advanced cyber threats. Collaborate with other SOC analysts, threat intelligence teams, and IT departments to improve overall security posture. Provide mentorship and guidance to L1 and L2 analysts, sharing knowledge and best practices. In this role based in Pune/Hyderabad, you will have 8 to 11 years of experience in cybersecurity, focusing on SOC operations, incident response, and security engineering. You will lead the investigation and response to high-severity security incidents, develop advanced detection rules in Splunk, and utilize EDR tools such as CrowdStrike. Additionally, you will play a key role in developing and maintaining automated workflows and playbooks on the SOAR platform to streamline incident response processes. Your responsibilities will also include conducting proactive threat hunting activities, collaborating with other teams to enhance security posture, optimizing security tools, and documenting incident response activities in detail. Persistent Ltd. fosters diversity and inclusion in the workplace, inviting applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. The company offers a competitive salary and benefits package, talent development opportunities, employee engagement initiatives, annual health check-ups, and insurance coverage. With a focus on creating an inclusive environment, Persistent Ltd. provides hybrid work options, flexible working hours, and accessible facilities for employees with physical disabilities. Join us to accelerate growth, impact the world with the latest technologies, enjoy collaborative innovation, and unlock global opportunities to work and learn with the industry's best. Let's unleash your full potential at Persistent.,

As a SOC Analyst I EDR at NCG, located in Noida, you will be instrumental in safeguarding the organization's digital assets and ensuring the integrity of information systems. Your role involves monitoring and responding to security incidents to mitigate risks and enhance the overall security posture. Working within a dynamic Security Operations Center (SOC) team, you will collaborate with other analysts and IT professionals to detect, analyze, and respond to cybersecurity threats in real-time. This position offers significant growth opportunities to develop skills in endpoint detection and response (EDR), incident response, and threat intelligence. Key responsibilities include actively monitoring CrowdStrike Falcon EDR alerts and other security tools to identify potential threats, investigating endpoint incidents, collaborating with cross-functional teams for a cohesive security approach, maintaining incident records, contributing to incident response process development, and engaging in continuous training for professional development. The ideal candidate will hold a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with 2-3 years of experience in a Security Operations Center or similar role focusing on endpoint detection and response. Proficiency in CrowdStrike Falcon EDR and familiarity with SIEM tools, incident response methodologies, EDR fundamentals, Windows and Linux operating systems, and networking fundamentals are required. Experience with threat intelligence and vulnerability management tools is considered a plus. NCG (NetConnect Global) is a prominent digital transformation, engineering, and professional services company that collaborates with global enterprises and technology companies to deliver innovative solutions. Established in 1997, NCG enables organizations to reimagine their business models through digitalization strategies. Specializing in Cloud and Infrastructure Solutions, Cybersecurity, Artificial Intelligence & Machine Learning, and Advanced Data Analytics, NCG is committed to operational excellence and ethical standards. With a workforce of over 2,000 employees and a global alumni network exceeding 22,000 professionals, NCG shapes the future of digital enterprises worldwide. NCG offers a comprehensive benefits package to support employees and their families, including family-friendly benefits, robust medical coverage, financial security, and personal support through the Employee Assistance Program. This full-time position requires 2-3 years of experience as a SOC Analyst I EDR with CrowdStrike, based in Noida.,

As a SOC Analyst I EDR at NCG, located in Noida, you will play a crucial role in protecting our digital assets and ensuring the integrity of our information systems. Your expertise in monitoring and responding to security incidents will be instrumental in mitigating risks and bolstering our security posture. Working within a dynamic Security Operations Center (SOC) team, you will collaborate closely with other analysts and IT professionals to detect, analyze, and respond to cybersecurity threats in real-time. This role presents ample opportunities for growth, allowing you to enhance your skills in endpoint detection and response (EDR), incident response, and threat intelligence. Your key responsibilities will include actively monitoring CrowdStrike Falcon EDR alerts and other security tools to identify potential threats and vulnerabilities. You will investigate endpoint incidents, perform initial threat triage, and escalate as necessary for timely response and resolution. Collaborating with cross-functional teams, including IT and compliance, will ensure a cohesive approach to security and incident management. Maintaining accurate incident records, providing detailed reports to management, and contributing to post-incident reviews are also crucial aspects of your role. Additionally, you will participate in developing and optimizing incident response processes and procedures to enhance the overall effectiveness of the SOC. Engaging in ongoing training and professional development is essential to staying current with industry trends, tools, and best practices in cybersecurity. To be an ideal match for this role, you should hold a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. With 2-3 years of experience in a Security Operations Center or similar role focusing on endpoint detection and response, you should be proficient in using CrowdStrike Falcon EDR and have familiarity with other SIEM tools. A strong understanding of incident response methodologies and EDR fundamentals, along with knowledge of Windows and Linux operating systems and networking fundamentals, is required. Experience with threat intelligence and vulnerability management tools is considered a plus. NCG (NetConnect Global) is a leading digital transformation, engineering, and professional services company that collaborates with global enterprises and technology companies to deliver cutting-edge, future-ready solutions. Specializing in Cloud and Infrastructure Solutions, Cybersecurity, Artificial Intelligence & Machine Learning (AI/ML), and Advanced Data Analytics, NCG is committed to operational excellence and ethical standards. The company boasts a Great Place to Work Certification and a workforce of over 2,000 full-time employees, with a global alumni network exceeding 22,000 professionals. NCG's commitment to quality management, service delivery, responsible business practices, and cybersecurity governance is evident through its certifications and ratings. At NCG, a comprehensive benefits package awaits you, designed to support you and your family through every stage of life. Family First Benefits include generous maternity and paternity leave, while robust medical coverage, financial security measures, and personal support programs ensure your health and well-being are prioritized. The company's commitment to employee welfare is evident through its Employee Assistance Program, providing confidential support and guidance to navigate personal and professional challenges, ultimately fostering a culture of collective success and well-being.,

The Threat Response Analyst position at Applied Systems, Inc. within the Corporate IT team requires a skilled professional with a background in security threat response activities. As a Threat Response Analyst, you will be responsible for conducting threat response activities, leveraging SIEM tools for security event analysis, and utilizing endpoint detection and response solutions. To qualify for this role, you must hold a BE or BTech degree and have a minimum of 5-6 years of experience, with at least 3 years specifically focused on threat response activities. You should possess a strong working knowledge of security log parsing, networking fundamentals, and information security incident investigation and response skillset. Key responsibilities include using a logging platform for security analytics, contributing to the creation of threat and incident response runbooks, and automating detection, analysis, and response actions using SOAR and platform integrations. Additionally, you will participate in the Security Incident Response Team on-call rotation, collect and analyze threat intelligence reports, and assist in the development of project plans and process documentation. The ideal candidate will be able to author threat intelligence reports based on our security operations team's incidents, analysis, and adversary engagements, as well as analyze event feeds and collected malware for trends and correlations. You will also be responsible for triaging and handling/escalating security events and issues as needed. If you are a proactive individual with a passion for cybersecurity and a desire to contribute to a high-energy, fast-paced environment in Bengaluru, we encourage you to apply for the Threat Response Analyst position at Applied Systems, Inc.,

As a Security Engineer at Expedia Group, you will be part of the Security Solutions Engineering team responsible for designing and implementing critical security systems and services. Your role will involve working on key initiatives from conceptualization to deployment, requiring a deep understanding of complex technical environments and the ability to develop effective security solutions. Your responsibilities will include: - Implementing Endpoint Detection and Response (EDR) solutions such as Anti-malware Agents and Data Loss Prevention - Managing Web Content Filtering for seamless Internet protection using on-premise and cloud-based web proxies - Overseeing Vulnerability Management for DC and cloud assets, including patching and compliance - Utilizing Threat Intelligence feeds from sources like Recorded Future - Conducting Threat detection through User Behavior Analysis and investigation - Integrating SIEM & SOAR solutions and managing Container security - Implementing Network security measures including Web Application Firewall, Intrusion Prevention, and Anti-malware detection - Maintaining, monitoring, and enhancing systems and security posture with a focus on service excellence - Collaborating with cross-functional teams to solve complex problems and influence engineering practices To qualify for this role, you should have: - A Bachelor's or Master's degree in a Technical field or equivalent professional experience - At least 3 years of experience in security engineering and operations support in a mission-critical environment - Hands-on experience with AWS Cloud services and security - Proficiency in various security technologies such as Web Content Filtering, Web Application Firewalls, Intrusion Detection Systems, and SIEM - Strong analytical skills and the ability to correlate and analyze security-related data - Programming experience in languages like Java, Python, Perl, or C++ - Excellent organizational and communication skills - A proactive and innovation-driven mindset with the ability to thrive in a fast-paced environment If you require any accommodations during the application process, please contact our Recruiting Accommodations Team. Join us at Expedia Group and be part of a diverse and inclusive community that values your contribution to shaping the future of travel.,

You are a proactive and knowledgeable IT Security Specialist being sought to join our IT Security team in Brussels, Belgium. Your primary focus will be on Incident Response and Identity & Access Management (IAM), involving the active monitoring, management, and remediation of security events and access control processes across the organization. Your responsibilities will include monitoring, detecting, and analyzing security incidents across IT systems and applications. You will be responsible for leading and coordinating incident response processes, conducting detailed documentation of incidents, and managing recertifications for tools such as Web Proxies and Endpoint Detection & Response (EDR) platforms. Additionally, you will be supporting the identification and remediation of IAM issues and exceptions and collaborating with cross-functional teams to ensure alignment and response consistency. To excel in this role, you should have at least 1 year of experience with Endpoint Detection and Response (EDR) tools (3 years preferred). You must possess a solid understanding of incident management and security operations practices and be familiar with IAM technologies such as SailPoint IIQ, OpenID Connect, OAuth, and CyberArk. Strong communication skills in English, with proficiency in French or Dutch, are essential, along with the ability to work effectively as part of a cross-disciplinary team. Join us in this exciting opportunity to contribute to our IT Security team and make a positive impact on our organization.,

You have the opportunity to join as a Splunk Enterprise Security specialist with 5-8 years of experience in Hyderabad. You will be responsible for integrating Splunk with various security tools and technologies across different domains such as Process Control Domain/OT and Operations Domain/IT. Your role involves administering and managing the Splunk deployment to ensure optimal performance, implementing Role-Based Access Control (RBAC), and developing custom Splunk add-ons for log management. Collaboration with the SOC team is crucial as you will work together to understand security requirements and objectives, and implement Splunk solutions to enhance threat detection and incident response capabilities. Your tasks will include integrating different security controls and devices like firewalls, EDR systems, Proxy, Active Directory, and threat intelligence platforms. You will be responsible for developing custom correlation searches, dashboards, and reports to identify security incidents, investigate alerts, and provide actionable insights to SOC analysts. Additionally, creating efficient custom dashboards for various teams to support security risk investigations and conducting threat hunting exercises using Splunk will be part of your role. Furthermore, you will contribute to the development and refinement of SOC processes and procedures by leveraging Splunk to streamline workflows and enhance operational efficiency. Implementing Splunk for automations of SOC SOP workflows will also be within your responsibilities. To excel in this role, you should have experience in designing and implementing Splunk Enterprise Security architecture, integrating with security tools and technologies, security monitoring, incident response, security analytics, and reporting. Collaboration, communication, and the ability to manage Splunk Enterprise Security effectively are essential requirements. You will also be involved in migrating/scaling the Splunk Environment from Windows to Linux to improve performance, reliability, and availability. Moreover, you will implement and integrate the SOAR platform (Splunk Phantom) and User Behavior Analytics (Splunk UBA/UEBA) with the existing Splunk Infrastructure to enhance operations with automations.,

You have an exciting opportunity to join our team as a Splunk Enterprise Security Specialist in Hyderabad. You should have 5-8 years of experience and expertise in Splunk ES architecture. Your responsibilities will include integrating Splunk with various security tools and technologies across different domains like Process control Domain/OT and Operations Domain/IT. You will be administering and managing the Splunk deployment for optimal performance, implementing RBAC, and developing custom Splunk add-ons for ingesting, parsing, and filtering incoming logs. Collaborating with SOC team members, you will understand security requirements and objectives, implementing Splunk solutions to enhance threat detection and incident response capabilities. You will integrate different security controls and devices such as firewalls, Endpoint Detection and Response (EDR) systems, Proxy, Active Directory (AD), and threat intelligence platforms. Your role will involve developing custom Splunk correlation searches, dashboards, and reports to identify security incidents, investigate alerts, and provide actionable insights to SOC analysts. You will also create highly efficient custom dashboards for different teams to facilitate security risks, threat, and vulnerability investigations. Additionally, you will conduct threat hunting exercises using Splunk to proactively identify and mitigate potential security threats and vulnerabilities. You will assist in the development and refinement of SOC processes and procedures, leveraging Splunk to streamline workflows and enhance operational efficiency. Your responsibilities will also include implementing Splunk for various automations of SOC SOP workflows. To be successful in this role, you should have experience in designing and implementing Splunk ES architecture, integration with security tools and technologies, security monitoring, incident response, security analytics, and reporting. You should also have strong collaboration and communication skills. Additionally, you will be responsible for the implementation and management of Splunk Enterprise Security, migration/scaling of the Splunk Environment from Windows to Linux, and enhancing the performance, reliability, and availability. You will also implement and integrate the SOAR platform (Splunk Phantom) and User Behavior Analytics (Splunk UBA/UEBA) with the existing Splunk Infrastructure, supporting and enhancing operations with automations wherever possible.,

At Dark Matter Technologies, you are at the forefront of a tech-driven revolution in loan origination. The commitment to cutting-edge AI and origination technology solutions is reshaping the industry landscape, illuminating a path towards seamless, efficient, and automated experiences. Driven by Empower, the cutting-edge all-in-one LOS, and a suite of innovative Origination Technologies, you provide end-to-end solutions that fully serve the mortgage origination process. Dark Matter Technologies is owned by Constellation Software Inc. (TSX:CSU). As a SOC Lead with 8+ years of experience, your job location will be in Hyderabad & Bhubaneswar with shift timings from 5:30 PM to 3:00 PM IST. Your responsibilities will include monitoring and investigating security alerts, maintaining and tuning security tools under InfoSec purview, researching and providing gap analysis of current security event processes, acting as a subject matter expert and mentor to junior team members, and driving root-cause analysis to common security events. To qualify for this position, you should have an associate or bachelor's degree in computer science, Information Technology, System Administration, or a closely related field; or equivalent work experience. A minimum of 10+ years of experience working in a Security Operations Center (SOC) is required, along with sound working knowledge of security operations and security investigation best practices. Experience in monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events, as well as experience monitoring and handling Microsoft Defender portal and Purview alerts and events, is crucial. Exceptional customer service, strong project management, and team management skills are necessary, with a history of managing direct reports. You should be highly self-motivated and directed, with keen attention to detail, able to work within a diverse geographically distributed team, willing to adjust work schedules to accommodate business needs, perform in cross-functional teams, adapt to different cultures, be on-call, work extended hours as needed, align with the US Eastern time zone (8 am to 5 pm), and possess strong English written and verbal skills. If you believe you are the ideal candidate for this position, we look forward to receiving your complete application documents (Resume, Salary details, and references) at sreedevi.choudhury@dmatter.com. Get empowered by Dark Matter Technologies!,

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile. Reporting to the Director of SOC Engineering, a Sentinel is primarily responsible for the build development and maintenance of the Sentinel SIEM. The engineer will participate in installing, configuring, and maintaining Microsoft Sentinel; design and develop detections; implement operational and technical security controls; and adhere to organisational security policies and procedures. About the team The engineering team provides a number of services to internal and external stakeholders including: Working on onboarding new clients to the service on the Microsoft Sentinel SIEM platform Working closely with a large SOC to maintain adequate connectors and analytics. Working with clients for the development of new detections bespoke to client use cases, threats and environments. Assist on internal SOC quality of life or process improvement projects. As part of a small team you will experience diverse days, find yourself hands on building and developing as well as handling client tickets or SOC queries. Engineering: Analyze and define data requirements and specifications. Oversight of data system performance, capacity, availability, serviceability, and recoverability. Analyze and plan for anticipated changes in data capacity requirements. Install, configure and support data system components. Raise/manage/close vendor support cases. Develop and facilitate data-gathering methods. Manage the compilation, cataloguing, caching, distribution, and retrieval of data. Provide a managed flow of relevant information to represent data in creative formats. Part of Data and Security Engineering escalation roster for critical alerts. Data Analysis Analyze data sources to provide actionable recommendations and strategic insights. Assess the validity of source data and subsequent findings. Conduct hypothesis testing using statistical processes. Develop strategic insights from large data sets. Develop data standards, policies, and procedures. Client facing Interface with customers to address concerns, issues, or escalations; track and drive to closure any issues that impact the service and its value to clients. Work with product owners to onboard additional data sources. Present technical information to technical and non-technical audiences. Professional Experience: Experience working with Microsoft Sentinel. Experience writing SIEM queries, constructing alert logic, and building dashboards. Experience integrating custom log sources into Microsoft Sentinel. An understanding of the information technology marketplace including modern security operations and Digital Forensics/Incident Response. Demonstrate a high level of flexibility and resourcefulness, being able to adapt to change and challenges. Experience communicating with a high level of professionalism. Previous technical experience owning and delivering complex, technical bodies of work. Evidence of working with or in the Enterprise market. A demonstrable track record of success. Ideally, experience working in or with a cyber security team. Ideally, experience working with Endpoint Detection and Response products such as Microsoft Defender ATP. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.