41 Fireeye Jobs

The Associate Threat Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How You’ll Make An Impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What We’re Looking For Less than 2years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed This role is Work from Office and 24/7 shifts What You Can Expect From Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

You are being sought after to fill the position of Sr. Analyst Network Security for a reputed client based in Pune. The ideal candidate should possess 3-5+ years of experience in Checkpoint Firewall and Network Security. This role requires you to be well-versed in various security controls such as IPS, antivirus, FireEye, Checkpoint Smart Console, ASA, PaloAlto, Azure, and SolarWinds, along with a solid understanding of information security concepts. Your responsibilities will include demonstrating sound technical knowledge in networking and security controls, proficiency in trouble isolation, log analysis, event correlation, and data analysis. A strong grasp of TCP/IP and networking/system vulnerabilities is essential for this role. Experience with Microsoft Office for data analysis will be an added advantage. The job location is in Pune with a hybrid shift schedule. If you are capable of joining within 30 days and this opportunity aligns with your career goals, we encourage you to share your CV with us at shamili@rightmoveconsultants.com or contact us at 7066010314. We look forward to welcoming you to our team. Thank you and regards, Shamili P,

Overview: The Information Security Specialist ensures the seamless functioning of security operations by emphasizing proactive incident management. This role requires a mix of technical expertise, analytical thinking, and a proactive approach to improve operational efficiency. Key Responsibilities: · Incident Identification and Escalation: · Detect and log incidents with detailed and timely documentation. · Analyze, assign, and escalate high-complexity tickets as needed. · Problem Resolution: · Investigate third-line support calls and determine root causes. · Escalate unresolved issues to third-party vendors when necessary. · Vulnerability Analysis and Risk Assessment · Perform vulnerability analysis and asses the vulnerability risk by analyzing existing security controls · Stakeholder Reporting: · Prepare and deliver regular updates on security activities and incident reports to senior stakeholders. · Collaboration: · Partner with IT and security teams to create a cohesive security strategy. · Ticket Queue Management: · Monitor and action ticket queue, rapidly resolve technology incident issues for internal users. · Security Platform Maintenance: · Maintain/monitor security platforms and services, resolve issues and support SOC/IR (Incident Response) as needed. · Provide analysis, review, and reporting of the operating state for security platforms, make recommendations for any environmental changes to reduce incident volumes and downtime. · Maintain, test, and implement security policies and procedures to ensure compliance with company policy, industry standards, and regulatory requirements. · Rapidly fulfill any SOC/IR requests in response to security incidents. · Cross-Functional Collaboration: · Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows. · Mentorship: · Mentor junior team members to enhance their skills. · Continuous Learning: · Stay up to date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures. Experience Requirements: · 4-6 years of experience with SIEM tools like MS Sentinel, Splunk, QRadar, or LogRhythm. · Proficiency in, EDR tools, Email Security tools. · Strong background in SOC analysis, including triage, alert investigation, and incident qualification. · Demonstrated expertise in incident prioritization and in-depth analysis. · In-depth knowledge of most of the following security technologies: Network DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, SIEM and forensic network · Understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions. · Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems. · An understanding of cloud-based endpoint security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform. · Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues. · Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Skills and Competencies: · Proficient in SIEM tool, Email Security Tool (ProofPoint, FireEye), Incident Response, and CrowdStrike EDR · Strong leadership and stakeholder management skills. · Ability to analyze and optimize SOC operations effectively. · Proficiency in MS Office. · CEH/Security+ certification. Qualifications: · Bachelor’s degree in computer science, Information Security, Electronics & Communication or related field. · 8+years of proven experience in operating and managing security solutions in enterprise environments.

Please find the Job Description for EDR: Experience - 3 to 8 years 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred. ***Willing to work in rotational shift timings.// To be added if required.

Company Overview Incedo is a US-based consulting, data science and technology services firm with over 3000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science & healthcare industries. Working at Incedo will provide you an opportunity to work with industry leading client organizations, deep technology and domain experts, and global teams. Incedo University, our learning platform, provides ample learning opportunities starting with a structured onboarding program and carrying throughout various stages of your career. A variety of fun activities is also an integral part of our friendly work environment. Our flexible career paths allow you to grow into a program manager, a technical architect or a domain expert based on your skills and interests. Our Mission is to enable our clients to maximize business impact from technology by Harnessing the transformational impact of emerging technologies Bridging the gap between business and technology Role Description Position Description: Incedo is seeking a SOC Analyst (L3/Tier 3/Threat Hunter) to join our rapidly growing cybersecurity team! Role and responsibilities: Participate in a rotating SOC on-call; rotation is based on the number of team members. Provide first-line SOC support with timely triage, routing and analysis of SOC tasks. Researches, develops, and monitors custom visualizations. Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives. Tunes and develops SIEM correlation logic for threat detection. Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks. Produce and review aggregated performance metrics. Perform Cyber Threat Assessment and Remediation Analysis Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data. Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise. Investigate network and host detection and monitoring systems to advise engagement processes.Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions. Participate in on-call rotation for after-hours security and/or engineering issues. Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions. Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods. Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection. Technical Skills Required Experience / Skills: Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 1+ years of Incident response Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE Attack Framework Knowledge of security operations and attacker tactics Ability to identify cyber-attacks and develop monitoring logic Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Support alert and notification triage, review/analysis through resolution / close Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) Nice-to-have skills In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Experience and solid understanding of Malware analysis Understanding of security incident response processes Qualifications Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Company Value

The Associate Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How you’ll make an impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What we’re looking for 1-2 years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed Ability to work greater than 40 hours per week as needed This role is Work from Office role What you can expect from Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups . Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others. Job Description Location: Chennai, TN To deliver the above, we are recruiting for the post of Security Operations Centre (SOC) Analyst. The SOC analyst will, reporting to the SOC Manager, participate in the securing of Conde Nast assets across global markets by delivering a dedicated, focused and high-performing function to the organisation, which includes; Security Event Monitoring Event Triage and Escalation Insider Threat monitoring and management Security Incident Analysis and Response Vulnerability Management Threat Review and Analysis Threat Hunting Escalation point for SOC The SOC Analyst will have the opportunity to develop skills across a broad range of security tools and solutions, many of which will be cutting-edge. Required Skills: Minimum 8 years of Security Operations experience with at least 7 years of experience working with event monitoring and management, preferably in a SOC setting. 24X7 Security Operations Centre (SOC) and ensure seamless delivery of monitoring service and SLA management Coordinate with global stakeholders to understand the infrastructure, application, and business process to understand the threat hunting and SOC Monitoring coverage. Supporting SIEM platforms to ensure adequate log source integrations and fine-tuning Demonstrated experience with endpoint telemetry, Malware analysis tools, Exploit kits and SIEM platforms(Splunk/IBM QRadar/ArcSight/Logrhythm) Tactically supports the Vulnerability Management (VM), in the areas of the security patch and remediation management, must have experience in(Rapid7, Nessus, Tenable or others) Work with the security Engineer to ensure all security tools and solutions are properly configured and maintained. Incident Response - Escalation point of contact for incident response activities and acts as needed as Incident manager to ensure proper protection or corrective measures have been taken, and follows procedures to contain, analyse, and eradicate malicious activity Threat Hunting - Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Experience with TIPs will be beneficial in developing the hypothesis. SPAM/Phishing analysis - Executes analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures In-depth knowledge of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks Knowledge of Cloud infrastructure and security(AWS, GCP and Azure). In-depth knowledge of Antivirus - McAfee/Symantec/Sophos In-depth knowledge of EDR solutions(Sophos XDR/Crowdstrike/FireEye HX/SentinelOne/McAfee EDR/Symantec EDR) Hands-on experience in managing any of the SOAR solutions (Rapid7 SOAR/InsightConnect/Swimlane/IBM Security Resilient) Sound working knowledge of firewalls and VPNs: Palo-alto/FortiGate, VPN: Appgate VPN/Any other VPN Hands-on experience with Network Detection and Response tools (Rapid7, Cortex or any other NDR tools) Fundamental knowledge of the principles of Identity and access management Fundamental knowledge of Encryption & PKI. Good understanding of Proxies, WAF, Cyber deception technology, Windows, UNIX/Linux Security best practices Provides audit, analysis, and material support for cyber-related validation, certification, standards, governance, process, infrastructure, deployment and ongoing maintenance. Experience in using a scripting language to automate tasks. Good communication and presentation skills Experience of working in a fast-paced, globally dispersed environment Good analytical, problem-solving solving and interpersonal skills Educational Qualifications: B.Tech/M.Sc IT Certification CompTia Security+, CompTia CySA+, SIEM Associate Admin or any similar SIEM admin certification SSCP or similar certification What happens next? If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile. Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.

Nightfall AI (www.nightfall.ai) is the unified platform that prevents data leaks and enables secure collaboration by protecting sensitive data and controlling how it's shared. For decades, legacy data leak prevention (DLP) solutions have failed to adequately protect sensitive information. Traditional DLP is outdated, intrusive, and complex - it wasn't designed for today's modern enterprise where users continuously share data across interconnected SaaS applications, endpoints, and now generative AI. Nightfall AI is the first AI-native DLP solution. We leverage AI to achieve twice the accuracy with a fraction of the false positives that overwhelm security teams. Nightfall does this without disrupting modern work patterns. Our AI-native platform spans sensitive data protection across SaaS, email, data exfiltration prevention on SaaS, endpoints, and data encryption. Nightfall's Developer Platform provides an open, flexible environment for developers to integrate our data classification and protection capabilities anywhere, including establishing trust boundaries for AI model building and consumption. Nightfall makes safeguarding sensitive data for every application simple and seamless. Organizations, from startups to global brands, trust Nightfall's software platform and APIs to discover, classify, and protect sensitive data. Responsibilities Be a product expert with a deep understanding of all customer scenarios. Analyze requirements/PRD and create test cases. Perform Web App & API end-to-end testing for all features and prepare test reports. Analyze test results, troubleshoot and report issues to the product engineering team. Find bugs, create detailed bug reports and verify fixes. Reproduce customer-reported issues and enable product engineers to debug. Define approaches and own load & stress testing of features. Requirements 8-10 years of experience as a Software Quality/Automation Engineer. Ability to work in a fast-paced environment with minimal supervision. Ability to solve QA infrastructural problems and can scale it Able to work closely with Product Management and Product Engineering. Experience in scripting with any of the languages like shell, python, perl. Experience of SaaS/cloud-delivered/Web application Testing and API Testing. Understanding of Database concepts with ability to write SQL queries. Experience with various testing tools (Postman, Selenium, etc) and defect management tools (Linear, Jira, etc) on Linux systems. Good to have performance testing experience with tools jmeter, gatling, etc. Good to have security testing experience with tools like Burp, Zap, etc. Preferred educational qualification: BE / BTech / MCA. About Nightfall: Nightfall is a cybersecurity startup dedicated to helping organizations secure and manage their sensitive data. As a leading enterprise technology company, our product affects the personal data that people entrust businesses to store & process with care every day. Critical data in modern organizations is often sprayed across a broad set of cloud data silos, and it's a herculean task for security & compliance teams to monitor, manage, and protect this highly sensitive data. Via machine learning, our product makes it easy for organizations to discover, classify, and protect this sensitive data across their cloud footprint - such as their corporate SaaS, data infrastructure, and even their own apps. In doing so, we prevent data leakage, provide unprecedented data visibility & protection across the cloud, and enable compliance. We're a technology startup founded in San Francisco, well-funded by leading institutional investors like Bain and Venrock, and a cadre of security & IT leaders from Okta, Salesforce, Atlassian, Splunk, FireEye, and more. Learn more on our website www.nightfall.ai or by reaching out via email at careers@nightfall.ai.

Infrastructure PM Location – Remote – 12 months contract – 12000/Day Infrastructure & Network PM Role: Must have atleast 10 yrs of experience as Network/ Infrastructure PM. Must have worked and managed $Multimillion worth projects end to end as an Infrastructure PM. Proven track record as an Infrastructure and Network PM. Must have experience in Global networks. You will be responsible for the planning, conception, configuration, network migrations, implementation of commissioning, and operation of complex network systems Experience in on prem to cloud migration. Experience in Data Center Consolidation. Experience in Intune roll outs. Experience in Azure Landing Zones. New servers rollout experience. Wi-Fi for the sites Azure Landing zones Networks: Palo Alto Firewalls & Prisma, F5 VPN/Load Balancers, Cisco Switching, Meraki Switching/Access Points, Aruba AP/WLAN Controllers. Security: Microsoft Sentinel / Defender, Intune, FireEye, Gigamon, Guardicore, IDS / ProtectWise, Secret Server, Symantec VIP, Authenticator. Collaborative, analytical, proactive, curious, pragmatic, process, customer and results-oriented. Strong commercial acumen. Good communication skills.

Job description *Job Title: Senior Engineer - Endpoint Security *Location: Mumbai* *Job Type: Full-time* *Experience: 4-6 years *About Us:* We're a leading Tata communications seeking an experienced Senior Endpoint Security Expert to join our team in Mumbai. If you have a strong background in implementing and managing endpoint security solutions, we'd love to hear from you! *Responsibilities:* - Manage endpoint security solutions via below security tools: - Symantec Endpoint Protection - Symantec Endpoint Encryption - Trend Micro Deep Security Manager - Trend Micro Cloud One - Workload Security - FireEye EDR, CM, HX, HXD, FireEye NX - Trend Micro Vision One XDR - Zscaler Proxy Cloud - Monitor and respond to security incidents, ensuring prompt resolution and minimizing risk - Collaborate with cross-functional teams to ensure seamless integration of endpoint security solutions - Stay up-to-date with emerging threats and technologies, recommending improvements to our endpoint security posture *Requirements:* - 4-6 years of experience in endpoint security, with expertise in the listed tools - Strong understanding of security principles, threat analysis, and risk management - Excellent problem-solving skills and attention to detail - Ability to work in a fast-paced environment, meeting deadlines and prioritizing tasks effectively - Experience with cloud security and virtualization technologies *Nice to Have:* - Relevant certifications (e.g., CompTIA Security+, CEH) or any other Endpoint security tools certification - Experience with security orchestration and automation tools *What We Offer:* - Competitive salary and benefits package - Opportunity to work with cutting-edge security technologies - Collaborative and dynamic work environment - Professional growth and development opportunities *Notice Period:* - Less than 45 days If you're passionate about endpoint security and are looking for a new challenge, please DM.

Skill: Endpoint Detection and Response (EDR) Exp : 3- 8 Yrs NP : 30-60 days Location : Pune & Hyderabad Responsibilities Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS Ability to distinguish between False Positives and False Negatives detections with respect to logs available. Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. Good understanding of Malware Analysis i.e. static and dynamic and its variants. Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch Understanding of Database language i.e. KQL is a Plus. Understanding of Network Security concepts and popular encryption standards. Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. Exposure to reverse engineering of malware samples is a plus. Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred. ***Willing to work in rotational shift timings.

The Responsibilities Include But Are Not Limited To We are looking to hire a Security Analyst to join our team in Mumbai. The candidate will be a part of the Security Operations team and would be responsible for a 24*7 role in monitoring security tools for potential malicious behaviors and providing incident response and escalation to the incident response team. An ideal candidate will have to work from office and will have the following role and responsibilities: Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis. Perform analysis on logs produced by network devices utilized within the infrastructure such as firewalls, content filtering, syslog from various sources/devices, assorted Intrusion Detection capabilities, substantiating vulnerability scanner results, directory services, DHCP logs, Secure Email Gateway logs, and approved applications. Use the SIEM to monitor the network and perform analysis, while integrating the results and information needed to proactively protect the enterprise. This includes developing customized signatures, enterprise content filtering, or firewall ACL change recommendations. Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating the events Manage inbound requests via the ticketing system (Service Now), as well as via telephone calls, and provide security notifications via three methods: logging incident tickets, sending emails, placing telephone calls. Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs) specified in the PRS. This root-cause analysis will include documenting recommendations for corrective action. Requirements Minimum 3 years of experience in Cyber Security. Bachelor of Science (Masters preferred) in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area. Working level knowledge of policies, procedures, and protocols of a government Security Operations Center. Experience using numerous security tools and technologies to include some of the following and/or closely comparable security technologies: McAfee Nitro SIEM, McAfee IDS/IPS, Imperva web application firewalls, McAfee Enterprise Antivirus, BlueCoat, Symantec DLP, Mandiant/Fireeye, Guardian MDB Protect, Cisco firewalls, QualysGuard, AppScan. Preferred Certifications: Comptia Security+ Certified Ethical Hacker (CEH) About Kroll In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity - not just answers - in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel. Kroll is the premier global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals balance analytical skills, deep market insight and independence to help our clients make sound decisions. As an organization, we think globally—and encourage our people to do the same. Kroll is committed to equal opportunity and diversity, and recruits people based on merit. In order to be considered for a position, you must formally apply via careers.kroll.com

Company Profile Since year 2003, Oceaneering’s India Center has been an integral part of operations for Oceaneering’s robust product and service offerings across the globe. This center caters to diverse business needs, from oil and gas field infrastructure, subsea robotics to automated material handling & logistics. Our multidisciplinary team offers a wide spectrum of solutions, encompassing Subsea Engineering, Robotics, Automation, Control Systems, Software Development, Asset Integrity Management, Inspection, ROV operations, Field Network Management, Graphics Design & Animation, and more. In addition to these technical functions, Oceaneering India Center plays host to several crucial business functions, including Finance, Supply Chain Management (SCM), Information Technology (IT), Human Resources (HR), and Health, Safety & Environment (HSE). Our world class infrastructure in India includes modern offices, industry-leading tools and software, equipped labs, and beautiful campuses aligned with the future way of work. Oceaneering in India as well as globally has a great work culture that is flexible, transparent, and collaborative with great team synergy. At Oceaneering India Center, we take pride in “Solving the Unsolvable” by leveraging the diverse expertise within our team. Join us in shaping the future of technology and engineering solutions on a global scale. Position Summary The Cybersecurity Technologist works with project managers, business analysts and contractors on security solutions to address company security requirements. Provides subject matter expertise in evaluating, selecting, designing, and integrating a diverse set of IT security systems and tools in a highly complex corporate environment. He/She should be able to travel both domestically and internationally up to 10%. Duties And Responsibilities Evaluate, select, design, and configure security infrastructure systems in a global environment. Perform security audits and assessments. Analyze logs and determine which events are ‘material’ in our environment. Analyze vulnerability scanning outputs, assess findings, and develop remediation tasks in cooperation with the appropriate operational subject matter experts. Develop, document, and implement complex changes to security solutions within the company network. Generating solution design documentation. Ability to travel both domestically and internationally up to 10% Qualifications REQUIRED Sound knowledge of Palo Alto security products - at least L2.5 to L3. Should be able to handle device installations/replacements and implement and troubleshoot operational/break-fix issues independently. Good understanding of CyberArk Endpoint Privilege Manager (CEPM) at L2 level Proficient in handling Splunk SIEM tool at L2 Level. Should be able to handle various types of incident alerts. Flexible schedule, open for 24X7 shift support and occasional travel within and/or outside India. Solid knowledge of information security principles and practices. Understanding of advanced security protocols and standards. Conceptual understanding of one of the following security systems, including but not limited to: intrusion detection systems, firewalls, identity management, desktop security, content filtering, network access control and vulnerability scanning. Basic knowledge of core networking technologies such as TCP/IP, DNS, DHCP. Must be able to pass a security background check. DESIRED Advanced skills with spreadsheet software such as Microsoft Excel. Advanced skills with word processing software such as Microsoft Word. Advanced skills with presentation software such as Power Point. Advanced shills with diagramming software such as Visio. Degree in computer science or a related field is preferred. Advanced Active Directory configurations Cyberark Identity Management CISCO networking equipment: firewalls, routers and switches. Bitlocker drive encryption SecureAuth multi-factor authentication NAC FORTINET Fortigate UTMs Fortinet FortiWeb WAFs Fireeye Imperva Vormetric Dell Change Auditor Bomgar Packet analysis Linux Basic knowledge of data encryption principles, PKI and SSL certificates CISSP certification Knowledge, Skills, Abilities, And Other Characteristics Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. Skill to maintain a high level of security and confidentiality of information. Ability to work effectively on a project team. Ability to establish and maintain project priorities. How To Apply Oceaneering provides equal employment opportunities to all applicants. How To Apply Regular full-time employees who apply will be considered along with external candidates. Employees with less than six months with their current position are not eligible to apply for job postings. Please discuss your interest in the position with your current manager/supervisor prior to submitting your completed application. It is highly recommended to apply through the PeopleSoft or Oceanet portals. How To Apply In addition, we make a priority of providing learning and development opportunities to enable employees to achieve their potential and take charge of their future. As well as developing employees in a specific role, we are committed to lifelong learning and ongoing education, including developing people skills and identifying future supervisors and managers. Every month, hundreds of employees are provided training, including HSE awareness, apprenticeships, entry and advanced level technical courses, management development seminars, and leadership and supervisory training. We have a strong ethos of internal promotion. We can offer long-term employment and career advancement across countries and continents. Working at Oceaneering means that if you have the ability, drive, and ambition to take charge of your future-you will be supported to do so and the possibilities are endless.

Location- Navi Mumbai. Experience - 8 to 12 Years. Immediate to 30 days joiner. Skills Required:- Firewall- Palo Alto, Juniper, VPN- Cisco ASA, DNS Security- Cisco Umbrella, IDS/IPS, McAfee, Tipping Point, Adv. Threat Protection FireEye, Akamai (WAF), Proxy – Zscaler ZIA, ZDX, Email Security- Cisco IronPort, DDOS Arbor Its 5 days work from office.

JOB DESCRIPTION About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. QUALIFICATIONS Prior experience in handling critical Information security incidents/breach Able to decipher attack motivations and techniques by correlating threat data from various sources to complete a comprehensive picture of potential cyber-attacks Proficient with MITRE ATT&CK framework and TTPs related to various adversary groups Should have experience in any of EDR tools - MDE, Carbon Black, CrowdStrike, FireEye HX Should be able to use Encase, Autopsy, FTK Access Data, and other forensic tools for acquiring and analysis of the data from the various Storage devices Exposure in minimum one SIEM tools - ArcSight, Splunk, Sentinel, QRadar Should be able to perform basic malware analysis Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

LTIMindtree Hiring for EDR Researcher. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Pune Note-Willing to work in rotational shift timings. if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred.

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.

Manage FireEye NX, ETP, and Zscaler security solutions to monitor, detect, and respond to cybersecurity threats. You will configure and manage security appliances to protect against threats. Expertise in FireEye and Zscaler is required.

SDWAN Infrastructure PM Location – Remote – 12 months contract – 12000/Day SDWAN( Juniper) Network PM Role: Must have atleast 10 yrs of experience as Network/ Infrastructure PM. Must have worked and managed $Multimillion worth projects end to end as an Infrastructure PM. Proven track record as an SDWAN Network Engineer and PM. Must have experience in Global networks. You will be responsible for the planning, conception, configuration, network migrations, implementation of commissioning, and operation of complex network systems Must have done SDWAN (Juniper) rollout. Experience in Data Center Consolidation. Experience in Intune roll outs. Experience in Azure Landing Zones. Experience in Aruba and Cato products SDWAN( Juniper): SASE New servers rollout experience. Wi-Fi for the sites Azure Landing zones Software-defined Networking (SD-WAN) and secure access service edge (SASE). Networks: Palo Alto Firewalls & Prisma, F5 VPN/Load Balancers, Cisco Switching, Meraki Switching/Access Points, Aruba AP/WLAN Controllers. Security: Microsoft Sentinel / Defender, Intune, FireEye, Gigamon, Guardicore, IDS / ProtectWise, Secret Server, Symantec VIP, Authenticator. Collaborative, analytical, proactive, curious, pragmatic, process, customer and results-oriented. Strong commercial acumen. Good communication skills.

Job Statement: NopalCyber makes cybersecurity manageable, affordable, dependable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are tailored to client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. Job responsibilities: Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents, and escalate issues as appropriate Responsible for monitoring, detection of analysis through various input tools and systems (SIEM, IDS / IPS, Firewalls, EDR, etc.) Conduct basic red team exercises to test the effectiveness of preventive and monitoring controls Provides support for complex system/network exploitation and defense techniques to include deterring, identifying, and investigating system and network intrusions Support malware analysis, host and network, log analysis, and triage in support of incident response Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats Monitoring threat/vulnerability landscape, security advisories, and acting on them as appropriate Continuously monitors the security alerts and escalation queue, triages security alerts Monitoring and tuning SIEM (content, parsing, maintenance) Monitoring Cloud infrastructure for security-related events Delivers scheduled and ad-hoc reports Develop and coach L1 analysts Author Standard Operating Procedures (SOPs) and training documentation Work the full ticket lifecycle; handle every step of the alert, from detection to remediation Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty Perform threat-intel research, learn new attack patterns, actively participate in security forums. Job specifications: Qualification: Bachelor’s degree in Engineering or closely related coursework in technology development disciplines Certifications like CISSP, CEH, CISM, GCIH, GCIA are desirable Experience with the following or related tools: SIEM Tools such as Splunk, IBM QRadar, SecureOnix; Case Management Tools such as Swimlane, Phantom, etc.; EDR tools such as Crowdstrike, Sentinel, VMware, McAfee, Microsoft Defender ATP, etc; Network Analysis Tools such as Darktrace, FireEye, NetWitness, Panorama, etc. Experience: 6+ years of SOC related work experience Desired Skills: Full understanding of SOC L1 responsibilities/duties and how the duties feed into L2/L3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts. Advanced knowledge of TCP/IP protocols and event log analysis Strong understanding of Windows, Linux and networking concepts Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools Good understanding of security solutions including SIEMs, Web Proxies, EDR, Firewalls, VPN, authentication, encryption, IPS/IDS etc. Functional understanding of Cloud environments Ability to conduct research into IT security issues and products as required Working in a TAT based IT security incident resolution practice and knowledge of ITIL Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred Malware analysis and reverse engineering is a plus Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment

Experience: 3- 8 years Location: Hyderabad Working Shift: Rotational Shift Key Responsibilities: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis of PE and non-PE files. Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with crossfunctional teams to improve detection capabilities and response strategies. Develop and implement incident response plans and coordinate incident investigations. Provide continuous monitoring and analysis of network traffic and security events. Conduct research on advanced persistent threats (APTs) and develop protection solutions. Maintain and update real-time block lists and URL block lists. Write and review regular expressions for spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Participate in endpoint detection and response (EDR) efforts to identify and mitigate threats. Conduct threat hunting to proactively identify and address potential security risks. Basic Qualifications: Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analysing email borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. AntiPhishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management (SIEM): Platforms like Splunk or IBM QRadar to monitor and analyze security events, including email threats. Incident Response Tools: Solutions like TheHive or MISP (Malware Information Sharing Platform) for managing and sharing incident response data. Show more Show less

Proficiency in creating robust IT infrastructures & applications. Driving overall IT operations Technological Capabilities and Building Responsive IT Departments. Expertise in planning & building IT Infrastructure and applications Excellence in IT Software solution implementation & post implementation support Enabling to lead implementation of best practices and technology solutions. Supervising end-to-end IT service delivery to the company, including IT Infrastructure, Operations, Security, Services, Application Services, and Vendor Management IT - Audit and Control IT ISO Certifications Knowledge of Plant, Maintenance, sales et,c module. Platforms Knowledge: IBM P6 Server, Windows NT, Windows 2k3, Windows 2008, Windows 2012, VMware ESXi 5.1. Knowledge of Mailing Solution: MS Exchange 2007. Knowledge of Security Devices: Barracuda SPAM Filtering, Fireeye, Cyberoam Firewall. Knowledge of ERP Platform and cloud Knowledge of RDBM: MS-SQL SERVER 2k5, 2k8/2012, Oracle 11g Knowledge of Languages: ABAP, SQL, Visual Basic 6.0, C++, FoxPro 2.5, 2.6 Kra (smart) Implementation of Software from an IT Point of View Drive IT operations smoothly Build up Technology Capability and its applications (ref:iimjobs.com) Show more Show less

Overview Company Profile Since year 2003, Oceaneering’s India Center has been an integral part of operations for Oceaneering’s robust product and service offerings across the globe. This center caters to diverse business needs, from oil and gas field infrastructure, subsea robotics to automated material handling & logistics. Our multidisciplinary team offers a wide spectrum of solutions, encompassing Subsea Engineering, Robotics, Automation, Control Systems, Software Development, Asset Integrity Management, Inspection, ROV operations, Field Network Management, Graphics Design & Animation, and more. In addition to these technical functions, Oceaneering India Center plays host to several crucial business functions, including Finance, Supply Chain Management (SCM), Information Technology (IT), Human Resources (HR), and Health, Safety & Environment (HSE). Our world class infrastructure in India includes modern offices, industry-leading tools and software, equipped labs, and beautiful campuses aligned with the future way of work. Oceaneering in India as well as globally has a great work culture that is flexible, transparent, and collaborative with great team synergy. At Oceaneering India Center, we take pride in “Solving the Unsolvable” by leveraging the diverse expertise within our team. Join us in shaping the future of technology and engineering solutions on a global scale. Position Summary Position Summary a nd Location The Cybersecurity Technologist works with project managers, business analysts and contractors on security solutions to address company security requirements. Provides subject matter expertise in evaluating, selecting, designing, and integrating a diverse set of IT security systems and tools in a highly complex corporate environment. He/She should be able to travel both domestically and internationally up to 10%. Functions Duties And Responsibilities Essential Evaluate, select, design, and configure security infrastructure systems in a global environment. Perform security audits and assessments. Analyze logs and determine which events are ‘material’ in our environment. Analyze vulnerability scanning outputs, assess findings, and develop remediation tasks in cooperation with the appropriate operational subject matter experts. Develop, document, and implement complex changes to security solutions within the company network. Generating solution design documentation. Ability to travel both domestically and internationally up to 10% Supervisory Responsibilities This position has/does not have direct supervisory responsibilities. Reporting Relationship Will report to Manager – IT Security Qualifications REQUIRED Sound knowledge of Palo Alto security products - at least L2.5 to L3. Should be able to handle device installations/replacements and implement and troubleshoot operational/break-fix issues independently. Good understanding of CyberArk Endpoint Privilege Manager (CEPM) at L2 level Proficient in handling Splunk SIEM tool at L2 Level. Should be able to handle various types of incident alerts. Flexible schedule, open for 24X7 shift support and occasional travel within and/or outside India. Solid knowledge of information security principles and practices. Understanding of advanced security protocols and standards. Conceptual understanding of one of the following security systems, including but not limited to: intrusion detection systems, firewalls, identity management, desktop security, content filtering, network access control and vulnerability scanning. Basic knowledge of core networking technologies such as TCP/IP, DNS, DHCP. Must be able to pass a security background check. DESIRED Advanced skills with spreadsheet software such as Microsoft Excel. Advanced skills with word processing software such as Microsoft Word. Advanced skills with presentation software such as Power Point. Advanced shills with diagramming software such as Visio. Degree in computer science or a related field is preferred. Advanced Active Directory configurations Cyberark Identity Management CISCO networking equipment: firewalls, routers and switches. Bitlocker drive encryption SecureAuth multi-factor authentication NAC FORTINET Fortigate UTMs Fortinet FortiWeb WAFs Fireeye Imperva Vormetric Dell Change Auditor Bomgar Packet analysis Linux Basic knowledge of data encryption principles, PKI and SSL certificates CISSP certification Knowledge, Skills, Abilities, And Other Characteristics (Optional) Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. Skill to maintain a high level of security and confidentiality of information. Ability to work effectively on a project team. Ability to establish and maintain project priorities. How To Apply Oceaneering provides equal employment opportunities to all applicants Closing Statement Working Conditions This position is considered OFFICE WORK which is characterized as follows. Almost exclusively indoors during the day and occasionally at night Occasional exposure to airborne dust in the workplace Work surface is stable (flat) Physical Activity/Requirements (Optional For India Service Center) The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This position is considered LIGHT work. OCCASIONAL FREQUENT CONSTANT Lift up to 20 pounds Climbing, stooping, kneeling, squatting, and reaching Lift up to 10 pounds Standing Repetitive movements of arms and hands Sit with back supported How To Apply In addition, we make a priority of providing learning and development opportunities to enable employees to achieve their potential and take charge of their future. As well as developing employees in a specific role, we are committed to lifelong learning and ongoing education, including developing people skills and identifying future supervisors and managers. Every month, hundreds of employees are provided training, including HSE awareness, apprenticeships, entry and advanced level technical courses, management development seminars, and leadership and supervisory training. We have a strong ethos of internal promotion. We can offer long-term employment and career advancement across countries and continents. Working at Oceaneering means that if you have the ability, drive, and ambition to take charge of your future-you will be supported to do so and the possibilities are endless. Show more Show less

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 3 to 5 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to varshini.t@s3staff.com Show more Show less