80 Endpoint Protection Jobs - Page 3

Experienced Data Analyst skilled in Python, Tableau, and Power BI with exposure to Intune/SCCM. Strong in IT/endpoint data reporting, compliance insights, and dashboarding. Suitable for hybrid Pune-based UEM analytics roles. Required Candidate profile Looking for a Data Analyst with experience in IT systems or Intune/SCCM. Must know Python, Tableau/Power BI. UEM or endpoint data experience is a plus.

About Us. At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.. What are we looking for?. If you’re passionate about enabling customer success through leading and facilitating successful deployments of our highest value accounts, this role is for you. SentinelOne is growing its Customer Success team and looking for a technically skilled project manager. Responsibilities include managing project milestones and timelines in coordination with the customer as well as with internal cross-functional resources in Technical Account Management, Product Management, and Professional Services. The role requires facilitating a partnership between our customers and internal teams to define and implement project KPIs and parameters that will realize optimal ‘time to value’ and enable long-term success and growth.. What will you do?. The key responsibility of this role will be to facilitate a partnership between customers and internal teams, creating an engaging and productive deployment experience for customers throughout their solution adoption phase. Additional responsibilities will include regular cadence reporting on key metrics as defined by CS leaders (ex, indicators of feature adoption or deployment progress), pre-sales support on services, and collaboration with service delivery teams to tailor service offerings to client requirements.. Onboard key customers through full deployment, with a focus on structured project management combined with white-glove relationship management.. Work cross-functionally within SentinelOne with Support, Product Management, Engineering & other teams to provide customers with insight while advocating for their needs. Communicate expectations, project timelines, requirements, and potential blockers to key stakeholders, both internal and external. Lead the deployment project teams in removing obstacles and addressing technical challenges when necessary, including ensuring issues are escalated and actively managed. Expand the client engagement by collaborating with key decision-makers and stakeholders to understand their requirements and continually position our services as the optimal solution for net new, upsell, and renewal opportunities.. Strategic Pre-Sales Support on Services: Collaborate with the Sales, Solution Engineering, & Customer Success Management and service leaders to help with the positioning of our Services offerings and meet sales targets while ensuring ‘right-fit’.. Achieving trusted advisor status by understanding all aspects of the Services portfolio, including MDR, DFIR, Threat Hunting, Strategic Advisory, and Deployment Services.. Demonstrate the value of service positions by executing compelling presentations and demonstrations of our services to prospective clients. Articulate the value proposition of our Services and how they address specific client needs and challenges.. Collaborate with the service delivery teams and customers to ensure alignment between sales, solution engineering, and service execution, and when relevant, provide initial scoping along with the Services team.. What skills and knowledge should you bring?. At least 7 years of prior experience at an enterprise software company (preference to those with Endpoint Protection experience) in related roles (Customer Success, Support, Training, etc.). Experience with managing highly complex implementations and technical engagements for a diverse set of customers, including identifying customer requirements. Customer-focused with experience in customer-facing roles (Customer Success, Support, Professional Services, Customer Onboarding, etc.). Experience with Salesforce and with project management tools like Asana/Atlassian.. Requirement for an existing understanding of customer IT/security architecture and continued learning related to the technical landscape and deployment specifics of SentinelOne product and service offerings. Knowledge of security technologies, architecture, and operations and experience in advising customers on best practices. Knowledge of Windows, MacOS and Linux operating systems as well as containerized environments. Display a talent for building strong relationships and managing customer expectations resulting in high customer satisfaction. Cross-functional excellence with a track record of getting teams to work together on accomplishing complex operational goals. Ability to lead, support, and drive on-going projects and meet deadlines in a complex and dynamic environment. Impeccable written and verbal communication skills. Thrives in a multitasking environment and can adjust priorities on-the-fly. Strategic and creative thinker with well-developed problem-solving and analytical skills. Experience with a structured project management methodology which may include; Agile Methodologies (Including Scrum or Kanban), Lean, Traditional Waterfall, Six Sigma, PMBOK, or a hybrid of these or other methodologies. Experience in the IT or Cybersecurity industry, especially Endpoint Security and SIEM, with host base (endpoint agent) security solutions is preferred. Why us?. You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.. Industry leading gender-neutral parental leave. Paid Company Holidays. Paid Sick Time. Employee stock purchase program. Disability and life insurance. Employee assistance program. Gym membership reimbursement. Cell phone reimbursement. Numerous company-sponsored events including regular happy hours and team building events. SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.. SentinelOne participates in the E-Verify Program for all U.S. based roles.. Show more Show less

Position Purpose The role of the Third-Party Technology Risk Management Analyst / Consultant is to implement the set of operational activities to be carried out within BNP Paribas (Group entities) to manage ICT Cyber risks for the beneficiaries of sourcing (Outsourcing, purchasing shoring) initiatives supported by ICT service providers and third parties involved in ICT projects or business projects with ICT components. She/he can operate within TPTRM scope governance, providers, beneficiaries SMEs spread throughout global region. As part of his role, she/ he will have to work closely with German stakeholders. Especially, she / he will help clients assess the risks associated to their arrangement and provide recommendations for managing those risks.. Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Direct Responsibilities Perform third-party technology risk assessments to help beneficiaries/contract owners identify and evaluate business and technology risks related to their arrangements, and provide recommendations for managing those risks Define the contractual ICT security requirements applicable to the arrangement to protect confidentiality, integrity and availability of Beneficiary data and systems Provide periodic status updates (KPIs/KRIs) including potential risks and delays to the project delivery to beneficiary project manager, conduct workshops wherever necessary Review thoroughly asset classifications and pre-existing asset related risks control responses ensuring sync with TPTRM assessments responses Select the requirements to include in the specific ICT due diligence questionnaires to be sent to the shortlisted suppliers and analyze the providers feedback Support the Beneficiary answering ICT Security questions from the provider as part of the contract negotiation process List of the risks that should be formalized in a risk management plan given the third party's answers and report on the third party's ability to manage risks Support the Beneficiary recording the arrangement data in the various Group registers (ServiceNow, RISK360, etc.) Ensure periodic review of ICT arrangements and contracted ICT services Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management, Security Policies and Procedures, Application Security Controls, Access Controls, Incident Response, Risk Management, Privacy and Data Protection, Encryption. Contributing Responsibilities Instruct the 5 European Bank Authority ICT risks categories and follow them throughout TPTRM assessments Participate in Initialization Committee/ Validation Committee Go-Live committee for Supporting specific arrangements and results Provide support to beneficiary / contract owner to implement residual actions Facilitate the business/sponsor/beneficiary/SME decision-making with deep analysis based on relevant flagged risk families Provide support to contract owners and coordinate/ assist to ensure proper assessments are done Manage TPTRM inventory with follow-up tracker management Contribute to process improvement, upkeep with new policies, regulations, standards guidelines Technical Behavioral Competencies Functional Skills Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation. Experience in the Finance IT industry with a strong exposure to IT Operations, Application Security, and/or network administration, IPS Demonstrate knowledge of Risk Compliance, cybersecurity, cyber risk, cyber threats, Third Party Technology Risk Management/ Vendor assessments Working knowledge of global regulations, frameworks and standards (ISO, NIST, COBIT, PCI-DSS, HIPAA) and conversant in the tactics, techniques and procedures used by Risk adversaries. Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Good IT knowledge Technical : - Good understanding of organizations and IT Businesses - Good technical understanding of infrastructures and IT Security Productions and Systems - IT risk /Third Party risk analysis and management methods and should have worked on Risk Management Tools like, ServiceNow etc. - Knowledge of Cyber Resilience, IT continuity and business continuity - GRC - Governance, Risk Management and Compliance Management. - Firewall and Internet technologies; Cloud Security, Banking Tools Technologies. - Secure access control mechanisms; Encryption and Key management technics Behavioral : - Strong Communication, Analytical and problem-solving skills. - Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills - Good documentation and reporting skills - Ability to work independently - Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back-office users - Good communication, technical writing/diagramming skills - Attention to detail and accuracy Specific Qualifications (if required) - One or more Industry-recognized information Security certifications such as CISSP, CISA, GCCC, CISM, CEH, CRISC, OSCP or Security+. - IT Security tools like Firewalls, IPS, WAF, Endpoint protection, Network security, etc. - IT Auditing (ISO27001/2, NIST 800 Series, ISO27005, ISO42001) - Regulatory Compliance MBA in Finance/Systems/IT, Masters in Technology, Bachelor of Commerce, Masters in Commerce, Bachelor in Science, Bachelor in Technology Skills Referential Behavioural Skills : (Please select up to 4 skills) Communication skills - oral written Attention to detail / rigor Ability to deliver / Results driven Creativity Innovation / Problem solving Choose an item. Choose an item. Choose an item. Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to manage a project Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Other/Specific Qualifications (if required) CISA/CISSP/CISM/CRISC

We are seeking a skilled Endpoint Security Specialist to join our team in India. The successful candidate will be responsible for protecting our organization's endpoints from security threats and ensuring compliance with security policies. Responsibilities Develop and implement endpoint security policies and procedures. Monitor endpoint security systems and respond to security incidents. Conduct risk assessments and vulnerability assessments on endpoints. Collaborate with IT and security teams to ensure compliance with security standards. Provide training and guidance to staff on endpoint security best practices. Evaluate and recommend endpoint security solutions and technologies. Skills and Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. 8-12 years of experience in endpoint security or related IT security fields. Strong knowledge of endpoint protection technologies (e.g., antivirus, EDR, DLP). Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST). Proficient in incident response and threat hunting techniques. Familiarity with network security concepts and practices. Excellent problem-solving skills and attention to detail. Strong communication skills, both verbal and written.

Role: Microsoft Defender/MAC Endpoint Vulnerability Management Specialist Role Summary: He/She will be responsible for managing vulnerability remediation activities using Microsoft Defender, with a strong focus on endpoint security and management. Additionally, should possess expertise in Mobile Device Management (MDM) solutions such as Intune, and demonstrate advanced troubleshooting skills at the Windows OS level. Scripting knowledge is considered a plus. Location: Bangalore Preferred Duration: 3 Months(Extendable Project) Date : Immediate Joining also preferred Key Responsibilities: - Review vulnerabilities report, analyze the solutions available and execute vulnerability remediation activities using Microsoft Defender. - Collaborate with the Security Team to assess vulnerabilities and implement mitigation strategies. - Manage endpoint security configurations and policies through Microsoft Defender. - Implement solutions through Mobile Device Management solutions, Intune/WS1/SCCM. - Develop policies as required in collaboration with Product Owners and Security team. - Provide L3 level support for Windows OS-related issues. - Diagnose complex system problems and work towards resolution swiftly. - Utilize scripting languages (e.g., PowerShell) to automate or deploy solutions as needed. - Develop scripts to enhance monitoring capabilities or streamline solution deployment processes. - Maintain comprehensive documentation of processes, incidents, resolutions, and changes implemented. Qualifications: - Proven experience in managing Microsoft Defender Endpoint solutions. - Expertise in MDM tools like Intune/WS1/SCCM. - Strong troubleshooting skills at the Windows OS level. - Proficiency in scripting languages such as PowerShell. - Excellent analytical skills with attention to detail. - Strong communication skills; ability to collaborate effectively with cross-functional teams. - Ability to work independently while managing multiple priorities efficiently. - Work experience with monitoring tools like Nexthink is an advantage.onsibilities

Work from office 09 am to 6 pm. We are looking for a motivated and enthusiastic Presales Engineer with minimum 5 years of experience, preferably in cybersecurity, to join our team. As a Presales Engineer, you will work closely with the sales team to provide technical expertise and assist in developing customized solutions to meet client needs. Key Responsibilities: Collaborate with the sales team to understand customer requirements and deliver tailored cybersecurity solutions. Assist in creating technical presentations, demos, and proof-of-concept (POC) for clients. Provide technical support during the sales cycle and address customer queries related to cybersecurity solutions. Help design and configure cybersecurity solutions, including SIEM, firewalls, and endpoint security products. Conduct product demonstrations to showcase the value and benefits of our cybersecurity solutions. Work with customers directly to understand their technical needs and propose effective security solutions. Participate in direct client visits to present and discuss solutions in person, ensuring customer satisfaction. Maintain a good understanding of the latest cybersecurity trends, technologies, and threat landscape. Collaborate with cross-functional teams, including sales and technical support, to ensure smooth project delivery. Required Qualifications/Skills: Bachelor's degree in Computer Science, Engineering, or a related field. Minimum years of experience in a presales, technical support, or cybersecurity-related role. Strong Knowledge of cybersecurity concepts, such as firewalls, SIEM, endpoint protection, and threat management. Ability to present technical solutions to both technical and non-technical audiences. Strong communication skills, both verbal and written. Willingness to travel for direct client visits and maintain a customer-focused approach. Ability to stay updated on the latest cybersecurity technologies and trends. Team player with the ability to collaborate effectively with cross-functional teams.

____________________________________________________________________________ - PLEASE SAVE WHATSAPP # 9315248639 - Nishant/Shreedevi is your POC from RexOreo Pvt Ltd. -Queries : All emails will come from id : team@rexoreo.com , so please keep an eye. _____________________________________________________________________________ Top Selection & Auto Elimination Criteria: Only Delhi NCR Candidates Need to apply as we need Only Immediate joiners (0-30 days) Rotational Shift Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Experience : 9-14 years Only Current L2/L2+ (more than 2 years) or L3 candidates need to apply Experience in QRadar is mandatory Total Open Positions (as of 16-June 5.30pm) : 5 EMAIL @ team@rexoreo,com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE ___________________________________________________________________________ Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

Endpoint Security Engineer Core Responsibilities Implement and manage endpoint security strategies to defend against malware , ransomware , and advanced persistent threats (APTs) . Deploy, configure, and maintain Endpoint Detection & Response (EDR) , antivirus (AV) , Mobile Device Management (MDM) , and Data Loss Prevention (DLP) tools. Monitor endpoint telemetry using SIEM platforms ; respond to security alerts and collaborate with incident response teams . Perform regular vulnerability assessments and ensure timely patching of endpoint systems. Conduct endpoint audits and enforce hardening standards across Windows , macOS , and Linux . Create, maintain, and enforce endpoint security policies and procedures . Coordinate with IT , cloud , and network teams to ensure end-to-end device security . Generate reports on endpoint posture , incidents , compliance gaps , and security trends . Mandatory Technical Skills & Tools Endpoint Protection & EDR Hands-on experience with at least two EDR platforms : Trellix , CrowdStrike , TrendMicro , SentinelOne Proficiency in endpoint protection suites : Trellix , Sophos , Kaspersky , TrendMicro Vulnerability & Patch Management Practical experience with vulnerability scanning and patching tools : Qualys , Tenable , SCCM , WSUS , BigFix Deep understanding of endpoint hardening techniques : Group Policy (GPO) , PowerShell , OS configuration lockdown Endpoint Monitoring & Incident Response SIEM experience for endpoint telemetry: Splunk , ELK Stack Proficient in root cause analysis and log interpretation : Event Viewer , Sysinternals , auditd Mobile Device & Data Protection MDM configuration and policy management: Microsoft Intune , AirWatch , MobileIron DLP deployment and monitoring: Symantec DLP , Microsoft Purview , Forcepoint Operating System Security In-depth knowledge of Windows endpoint internals and security configurations Experience with macOS and Linux hardening : Jamf , auditd , iptables , SELinux Endpoint Forensics & Malware Analysis Ability to investigate threats using forensic tools : FTK Imager , Volatility , Sysinternals Basic understanding of static and dynamic malware analysis Soft Skills Strong written and verbal communication to explain complex security concepts Ability to collaborate across infrastructure, cloud, and application teams Self-driven and detail-oriented , with strong independent execution capabilities

RESPONSIBILITIES Harden endpoint and server systems through baseline configurations and continuous validation. Manage and monitor PAM and PIM platforms, including session monitoring and access vaulting. Administer antivirus/EDR solutions, ensuring AV coverage, threat response, and policy compliance. Implement DLP controls (non-O365) across USB, endpoint, and file-sharing systems. Coordinate with SOC/MSSP for threat detection, log review, and incident containment. Lead patch management reviews and support monthly compliance validation. Review local admin rights, USB access, and enforce endpoint security controls. Contribute to GRC and audit efforts with evidence and dashboards. Maintain metrics for EDR alerts, patch status, and privilege usage trends REQUIRED SKILLS Strong technical understanding of EDR, AV, and DLP tools. Expertise in endpoint/server configuration and hardening (Windows/Linux). Experience with PAM solutions like CyberArk or BeyondTrust. Familiarity with incident response and threat remediation practices. Ability to collaborate with SOC and MSSP partners.

Our client is a global leader in Consulting, Technology and Outsourcing Business in the SW Services & Product arena. Client has impressive customers list in over 30 countries this includes some of the best known names across globe. With offices in every continent and development centres in practically every developed country, our client is known for their successful Delivery model. Our client is structured into Business Units and caters to the BFSI, Manufacturing, Infrastructure, System Integration, Retail, Engineering Services Industries/domains. Their foray into Banking Software products and Intellectual property has differentiated them from their competitors. Key Responsibilities: Design and develop secure network architectures for on-premises, cloud, and hybrid environments. Evaluate and recommend security solutions, tools, and technologies. Conduct risk assessments and vulnerability analyses of network infrastructure. Define and enforce security policies, standards, and procedures. Collaborate with IT and DevOps teams to integrate security into system and application design. Monitor network traffic for unusual activity and respond to security incidents. Lead penetration testing and red/blue team exercises. Ensure compliance with regulatory requirements (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide technical guidance and mentorship to security engineers and analysts. Stay current with emerging threats, vulnerabilities, and security trends. Required Qualifications: Bachelor s or Master s degree in Computer Science, Information Security, or related field. 8+ years of experience in network security or cybersecurity roles. Strong knowledge of firewalls, VPNs, IDS/IPS, SIEM, and endpoint protection. Experience with cloud platforms (AWS, Azure, GCP) and their security models. Familiarity with Zero Trust Architecture and Secure Access Service Edge (SASE). Proficiency in scripting and automation (Python, PowerShell, etc.). Relevant certifications (e.g., CISSP, CCSP, CISM, CEH).

Daily Monitoring and Investigation Monitor DLP alerts across email, endpoint, web, and cloud. Perform triage to determine false positives, true positives, and actual incidents. Document findings and escalate critical violations per SOPs. Incident Response Support Support incident response by providing evidence, logs, and context around DLP policy violations. Coordinate with IT, HR, and Legal teams for user engagement, awareness, and disciplinary action if necessary. Participate in Root Cause Analysis (RCA) for recurring or high-severity incidents. Policy Tuning and Optimization Analyse alert trends and false positive patterns to suggest and implement policy refinements. Work with business and security teams to validate policy changes and test updated rulesets before production deployment. Maintain documentation of policy changes, rationales, and approvals. Lifecycle Management Support onboarding business units, or geographies into DLP coverage. Maintain and update DLP dashboards and reporting structures. Stakeholder Communication Provide regular reports to CISO on DLP violations Interface with Data Owners, Business Units, and Compliance teams for policy alignment and exception management.

Job description Role Overview We are seeking an enthusiastic Security Researcher to join a growing organization that specializes in advanced malware analysis, exploit analysis, reverse engineering, and machine learning. Our global organization works in the areas of malware research, customer escalation response and system Engineering and development. Looking for security researchers specializing in malware analysis with a propensity for finding evil. The candidate must have the passion and experience necessary to turn research findings into practical threat detections in our Trellix Endpoint Security (ENS) product. Our team doesnt just analyze malware we find evil. You will be expected to learn the ins-and-outs of our daily malware escalation responses, routines and procedures. Additionally, you will help build platforms and automations, and author detection content which will help fight the bad guys. About the role: You will process incoming malware analysis and detection requests from customers, our first level Research team, and other teams within Trellix. You will proactively add detection for prevalent threats, and author proactive detection to provide enhanced protection. You will perform static and dynamic analysis of malware, including - infection, propagation, lateral movement, exploitation POCs, etc. You will extract malicious patterns from malware and author effective detection and repair signatures and test them before being utilized by our Trellix endpoint protection product. You will participate in the incident response process on an as needed basis and prepare analysis of the incident, remediation instructions, and assist customers. Using your coding skills, you will help develop automation framework for malware analysis and efficiency improvements. You will propose and create innovative solutions for problems that our customers are facing. You will share your most exciting research findings through blogs and internal presentations. You will work closely with colleagues in the same and other time zones, and attend a daily handover to the next region. You may be required to support on-call work during holidays and weekends as part of a team rotation. About you: You must have 5+ years of experience in a Malware Researcher role You must have experience with Python, C/C++, or other similar programming languages. You must have experience in reverse engineering, and proficiency in debugger usage (OllyDbg, IDA pro). You must understand file formats for Windows (PE), Linux (ELF), or macOS (APP, PKG) You must have knowledge of OS internals (memory, threads, processes, API, etc.) on Windows, Linux, or macOS You must have awareness of global threats, regional threats, and top adversaries / criminal groups focusing on malware including affiliate networks pertaining to Windows OSes. You must have experience with various malware analysis tools. You should have excellent problem-solving skills, be a fast learner, and be self-motivated to take on initiatives with a focus on achieving results in a timely manner. You should have a proven ability to translate insights into business recommendations. Ability to positively adapt to changes and multitasking in a fast-moving industry Additional Qualifications: Knowledge of networking protocols and experience with network traffic analysis tools (Wireshark, Fiddler). Knowledge of exploitation concepts such as Shellcode, Heap Spray, ROP, etc. Experience working for Endpoint Protection (AV) operations and SOC environments is a plus Experience with sandbox-based detection technologies

Advanced Technical Proficiency: Manage and troubleshoot endpoint security tools such as EDR, EPP, antivirus, and MDM solutions Conduct endpoint vulnerability assessments and drive remediation plans Support secured configuration management and endpoint encryption activities Automate routine monitoring and response tasks using scripting tools Strategic Oversight & Integration: Define and implement endpoint security policies and deployment strategies Monitor performance metrics and ensure alignment with enterprise security goals Collaborate with IT, compliance, and network security teams to ensure integrated defenses Incident & Breach Response: Participate in L2/L3 level response to endpoint-related security incidents Support root cause analysis and documentation of incidents and remediations Ensure timely containment and recovery of endpoint security breaches Communication & Documentation: Clearly communicate complex security issues and technical risks to stakeholders Document security events, investigations, configuration changes, and response outcomes Continuous Improvement & Learning: Stay current with evolving threat landscapes and industry best practices Recommend enhancements to endpoint security processes and tools Pursue relevant certifications and training to maintain technical excellence Leadership & Mentorship: Mentor junior analysts and support their technical growth Contribute to team knowledge sharing and cross-training efforts

Designation: Cloud security engineer location: Chennai/Hyderabad/Pune/Gurugram Shift: US Must-Have Skills:- 1. 5+ years in public cloud (AWS, Azure) 2. Strong cloud and network security knowledge 3. Experience with security tools (vulnerability scanners, IDS/IPS, firewalls, endpoint protection) 4. CI/CD and automated security testing 5. Proficient in scripting/programming (Python, Bash) 6. Experience with Unix/Linux and networking 7. Strong collaboration and communication skills Good-to-Have Skills:- 1. Cloud access provisioning & automation 2. Log management, SQL, dashboards, reporting 3. Security architecture review & recommendations 4. Database programming/administration 5. Experience with security process documentation 6. Ability to act as a security SME.

Must-Have Skills: Minimum 3 years of experience in EDR (End point security) Minimum experience of 3 years as L1 level Only look for L1 level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Requirements: Location: Patna/Bhopal/Mumbai/Kanpur/Kolkata./Delhi Notice Period: Immediate to 30 days Salary Range: 9 LPA (Including 5% variable) Job Type: Work from Office Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

????????? Job Opening: Network Engineer / IT Infrastructure Engineer ???? Location: Hyderabad | ???? Experience: 46 Years ???? Package: As per industry standards | ???? Field Work Mandatory ???? Key Responsibilities: Install & configure firewalls, SIEM, servers, and cloud infra (AWS/Azure/GCP). System integration, testing, and on-site commissioning. Provide L1/L2 support, troubleshoot networks & coordinate with vendors. Manage cloud & edge computing setups, VPN, endpoint security. Maintain documentation and use tools like ServiceNow/Jira. ? Required Skills: Networking (TCP/IP, VLANs), Linux/Windows, VMware/Hyper-V. Firewalls: Palo Alto, Fortinet, SonicWall, etc. Cloud: AWS, Azure, GCP | Scripting: Bash, PowerShell.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cloud Security Architecture Good to have skills : Managed Cloud Security Services Minimum 5 year(s) of experience is required Educational Qualification : Minimum 15 years of full time education Primary Skill :Design and implementation in NGFW (PA/Prisma/Fortinet/Checkpoint/cisco),Web Security( Zscaler, Symantec), in on-prem and Cloud, End point protection, Data center migration.Experience in AWS, Azure, GCP,Experience in Palo Alto/Cisco ASA/ Fortinet firewall / Prisma Access SASE / Zscaler SASE / Netskope / Cloudflare WAF / Email Security.Designing and Preparing HLD, LLD Viso diagrams.Palo Alto Networks Prisma Access SASE.Experience in designing infra security technology products (Panorama, PA NGFW, Prisma Cloud, Email security, Web Security in on-prem and cloud( Azure, AWS, GCP)A Good understanding of Palo Alto Prisma, Panorama, firewalls, App-ID, user-ID, content-ID and Global Protect B In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation Good understanding on cloud providers like AWS, Azure D Basic Knowledge on Operating Systems Windows, Unix, Linux"Hands-on experience in Azure/AWS / Email Security ProofPoint / WAF/ SASE (Zscaler/Palo Alto/Netskope)Build & configuration of various NGFW such as Paloalto, FortiGate, Checkpoint, Cisco, Prisma Cloud. Zscaler ZTNA, Netskope, Cloudflare WAFHands on experience and troubleshooting experience in NGFW such as Paloalto, Prisma, fortigate, Checkpoint, Cisco. Prisma Cloud. Zscaler ZTNA, Netskope, Cloudflare WAFHands on experience to skybox,firemon, Tufin Firewall rule review toolCheckpoint, Cisco, Palo alto Certifications, Cloud certificationExperince on Infra Security tools Assessment and security standards like (NIST, CIS, ISO HIPPA & PCI DSS )Professional skills :Quick learner, team player and self-starter.Good Articulation and presentation skills

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security professional, you will have the opportunity to work on multiple projects that help organizations manage and mitigate risk and maximize enterprise value. In this role, ensuring it meets the business requirements and performance goals. You have to closely work with Project Architect to implement the solution as well as Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards, follow all security best practices while implementing security solutions. Roles & Responsibility -Create and update all supporting documentation for security solutions, Configure and optimize policies to enforce security and compliance standards.-Follow all security best practices while implementing security solutions.-Responsible for team decisions.-Engage with multiple teams and contribute on key decisions.-Provide solutions to problems for their immediate team and across multiple teams.-Develop and implement security policies and procedures.-Stay updated on the latest security trends and technologies. Professional & Technical Skills:-Design and implementation in Zscaler SASE along with NGFW (PA/Prisma / Zscaler) Web Security (, Symantec), in on-prem and Cloud, End point protection, Data center migrationExperience in Zscaler SASE / Prisma Access SASE / Zscaler SASE / Netskope / Palo Alto/Cisco ASA/ Fortinet firewall / Cloudflare WAF / Email Security-Zscaler SASE cloud-Experience in designing infra security technology products (Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), Zscaler Digital experience (ZDX), deployment of Branch connector & Cloud connector, Remote browser isolation.-In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation-Good understanding on cloud providers like AWS, Azure D Basic Knowledge on Operating Systems Windows, Unix, Linux-Build, Design & configuration of various NGFW such as Palo Alto, FortiGate, Checkpoint, Cisco, Prisma Cloud.-Hand-on experience in Azure/AWS-Good Hands-on experience and troubleshooting experience in NGFW such as Palo Alto, Prisma, FortiGate, Checkpoint, Cisco.-Design and hands on experience to skybox, firemon, Tufin Firewall rule review tool, Firewall on-boarding-Checkpoint, Cisco, Palo alto Certification, Cloud certification-Experience on Infra Security tools Assessment and security standards like (NIST, CIS, ISO HIPPA & PCI DSS)NAC, Cisco ISE, Web security technologies as Zscaler, SymantecGood conceptual and working knowledge around Workflow, Approval process. Additional Information:-B.E or MCA or M.Sc with Good Computer Science Background with good academic records-15 years full time education is required. The candidate should have a minimum of 9 years of experience in SASE Tecnologies. Qualifications 15 years full time education

Top Selection & Auto Elimination Criteria: Rotational Shift, Only Immediate joiners (0-15 days ), Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

Job Title: IT Security Specialist Location: Mohali Job Type: Full- Time Key Responsibilities: • Server Hardening: Implement industry-standard server hardening practices to reduce vulnerabilities across critical servers and endpoints. • Network Hardening & Segmentation: Review firewall rules, apply secure network configurations, and implement logical segmentation to minimize the risk of lateral movement within the network. • Configuration & Patch Management: Define and maintain secure baseline configurations for IT assets. Ensure timely application of security patches and updates to mitigate known vulnerabilities. • Active Directory (AD) Hygiene: Perform regular audits to identify and remove stale user accounts, orphaned objects, and excessive privileges. Implement AD best practices to improve both security and compliance. • Endpoint Security Management: Deploy and manage antivirus software, EDR/XDR solutions, device control mechanisms, and full-disk encryption tools to safeguard endpoints across the enterprise. Qualifications: • Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience) • 2+ years of hands-on experience in IT security, system hardening, and endpoint protection • Strong understanding of Windows and Linux server environments • Experience with Active Directory and group policy management • Familiarity with security frameworks such as NIST, CIS Controls, or ISO 27001 • Working knowledge of EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender) • Excellent problem-solving skills and attention to detail

Role & responsibilities Deploy, configure, and manage endpoint protection solutions (e.g., EDR, antivirus, DLP). Monitor and respond to endpoint security alerts and events. Conduct regular endpoint vulnerability scans and assist in remediation efforts. Support incident response activities involving compromised endpoints. Analyze security incidents and recommend improvements to reduce risk. Collaborate with IT teams to ensure secure system configurations and patch management. Document processes, procedures, and security incidents. Assist in compliance efforts related to endpoint security. Keep up to date with the latest security threats and trends impacting endpoint devices.

Hi All, Greetings from Movate Technologies ( Formerly known as CSSCORP ), We are hiring for L2 Endpoint Security Engineer Role, Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills: 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

About the Role We are seeking a skilled Senior Security Analyst to join our SOC team. The ideal candidate will have a strong background in SOC operation and ensure that the SOC team is performing its functions as required and to trouble shoot incidents and events. As a Senior Security Analyst shall also act as the technical SME, and handle critical SOC task, Incident, guiding Level 1 and Level 2, customer communications. Key Roles & Responsibilities: Incident Response and Management Lead the investigation of high-severity security incidents and breaches. Provide expert analysis for complex incidents that L1 and L2 analysts cannot resolve. Develop and execute incident response procedures, including containment, eradication, and recovery. Ensure proper escalation processes are followed for incidents requiring higher expertise. Communicate with stakeholders, such as management and IT teams, to ensure appropriate handling of incidents. Threat Hunting and Analysis Perform proactive threat hunting activities to identify potential vulnerabilities, threats, and attacks before they happen using Splunk / QRadar SIEM. Use threat intelligence feeds to enrich SOC operations and identify emerging threats. Analyze large volumes of security data to detect patterns and anomalies. Security Tool Management Oversee and optimize the usage of security monitoring tools such as Splunk/ QRadar SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and endpoint protection systems. Configure, update, and fine-tune security tools to improve detection capabilities and reduce false positives. Recommend new security tools and technologies to improve SOC operations. Log and Event Analysis Review logs from various sources (network, endpoints, servers, etc.) to identify security incidents. Ensure accurate log data collection and retention practices are followed. Provide in-depth analysis of security alerts and generate reports. Vulnerability Management Conduct vulnerability assessments and prioritize remediation activities for critical vulnerabilities. Collaborate with the IT and development teams to address security flaws and implement patches. Collaboration and Escalation Serve as the point of escalation for L1 and L2 SOC analysts when complex issues arise. Collaborate with other security teams, such as network security, application security, and IT operations, to ensure a comprehensive defense strategy. Work with external partners, including Managed Security Service Providers (MSSPs), to coordinate incident management and threat intelligence sharing. Security Policies and Best Practices Review and recommend improvements to security policies, procedures, and best practices. Ensure that the organization's security policies are being followed and advise on improvements. Conduct regular security awareness training for SOC staff and the broader organization. Reporting and Documentation Generate detailed reports on incidents, security posture, and threats for senior management and relevant stakeholders. Maintain incident logs and documentation to comply with regulatory and internal policies. Ensure all incidents are well-documented with root cause analysis, remediation efforts, and lessons learned. Continuous Improvement Analyze the effectiveness of the SOC's operations and suggest improvements to processes, workflows, and technologies. Stay updated on the latest cyber threats, tools, and techniques. Assist with the development and execution of simulations, exercises, and training to improve SOC capabilities. Compliance and Regulatory Requirements Ensure compliance with SLAs for all projects. Ensure SOC operations meet industry compliance requirements (e.g., GDPR, HIPAA, PCI DSS). Help in audits and compliance assessments related to security operations. Mentoring and Training Provide mentorship and training to junior SOC analysts (L1 and L2). Share knowledge on advanced attack techniques, response strategies, and threat detection methods. Report deviations and concerns to the SOC Manager Basic Qualifications: B.E/B.Tech in Computer Science, Information Technology, Cybersecurity, or a related field. 5+ year of experience and strong foundational knowledge in security operations, SIEM, or IT security. Basic understanding of cybersecurity concepts, networking fundamentals, and security monitoring. Knowledge of IT infrastructure, networking, and cybersecurity principles. Communicate effectively with customers, teammates, and management Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills. Preferred Qualifications: Certifications in ECIH/GCIH/CISM/CISSP etc. Splunk Certified candidate Exposure to SIEM solutions, specifically Splunk, Qradar ,DNIF or similar platforms. Familiarity with security tools such as EDR, XDR, WAF, DLP, email security gateways, and proxy solutions. Enthusiasm for learning and a strong interest in cybersecurity as a career. Ability to work in a team and adjust to rotational shifts in a high-stakes environment. Knowledge of cloud security and platforms (e.g., AWS, Azure, GCP)

Job Title: Data Privacy & Protection Specialist (Technical Compliance) Key Responsibilities: Ensure compliance with global data protection regulations including GDPR, CCPA, and other relevant frameworks . Design, implement, and maintain data privacy and protection policies , procedures, and controls. Evaluate and implement technical security controls such as: Encryption and Cryptography Data Loss Prevention (DLP) Endpoint Protection Platforms (EPP) Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) . Provide guidance on data classification, retention, and secure data handling . Required Skills & Qualifications: Bachelors or masters degree in information security, Computer Science, Law, or a related field. 5+ years of experience in data privacy, protection, or compliance roles. Strong understanding of GDPR, CCPA, ISO 27001, NIST , and other data protection standards. Familiarity with SIEM, CASB, IAM, and other security technologies is a plus. Relevant certifications such as CIPM, CIPP/E, CISSP, CISM, or ISO 27001 Lead Implementer are highly desirable. Experience- 5 to 8 years Work location- Bangalore Shift- General Notice- 15 to 30 days.

Summary Lead Endpoint Security and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's Endpoint security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Role & responsibilities 1. Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. 2. Configuration, Monitoring & Troubleshooting of Antivirus, EDR, XDR, DLP, APT, Sandboxing, Secure Proxy, Endpoint Security, PIM,HIPS, FIM, Laptop/Desktop Encryption etc. 3.Provide resolution of issues escalated from L1 and L2. Handling Shift Operations across 24x7 4.Prepare HLD & LLD, generate configuration template etc for changes. 5. Ensure coverage and effectiveness of Security Solution, Report and Review incidents. 6. Ensure optimum security, availability, performance, and capacity of security solutions under management 7. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people 8. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. 9. Ensure hardening, latest stable version and security patches of security devices and solutions 10. Track EOL/EOS and ensre that there no technology obsolescence. 11. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. 12. Manage escalations and run the smooth operations of security solutions. 13. Ensure relevant processes are followed for change, incident & daily operations 14. Identify & analyse pain areas in existing security operations & implement improvements 15. Manage operational issues which require design/technical inputs. 16. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS 17. Publish the relevant dashboards and status updates. 18. Escalate deviations and violations in a timely manner. 19. Remain current with organizations security policies, latest security advisories/threats, industry best-practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Knowledge 1. Sound experience in managing Endpoint security technologies and operations in a large and complex environment. 2. Should have sound understanding & knowledge of various Operating system, security technologies & techniques like Anti-malware,APT, Sandboxing, Secure Proxy, Endpoint Security, PIM, NAC,HIPS, FIM, Laptop/Desktop Encryption etc. 3. Should have hands on experience on Antivirus, EDR, XDR, DLP and incident response techniques and technologies. 4. Should have knowledge & understanding of Cloud Technologies, IT infrastructure & networking technologies, operations and security principles. 5. Should have sound understanding about Threat Hunting, Mitigation and Response. 6. Strong understanding of Regulatory security guildelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. 7. Should be well versed with ITIL and ITSM practices. Preferred candidate profile 1. Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. 2. Strong leadership, negotiation, and conflict resolution skills. 3. Detail-oriented with a focus on quality and accuracy in project/service deliverables 4. Should have strong written, verbal and presentation skills. 5. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.