24 Forensic Analysis Jobs

WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities. Working at WPP means being part of a global network of more than 100,000 talented people dedicated to doing extraordinary work for our clients. We operate in over 100 countries, with corporate headquarters in New York, London, and Singapore. WPP is a world leader in marketing services, with deep AI, data, and technology capabilities, global presence, and unrivalled creative talent. Our clients include many of the biggest companies and advertisers in the world, including approximately 300 of the Fortune Global 500. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging, and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. The Cyber Incident Responder will be responsible for managing the organization's response to all severity levels (Sev 1-4) of security incidents. The role involves leading the investigation, recovery, and follow-up of security incidents, allocated based on time of day, business area, and the individual's skills and experience. The responder will work closely with the team to ensure timely recovery from security incidents and collaborate with other departments to implement processes, procedures, and technologies to prevent future occurrences. Additionally, the role includes reviewing, improving, and maintaining a comprehensive suite of security incident response procedures and playbooks. The Cyber Incident Responder will also be expected to conduct threat analysis, provide incident reports, and participate in post-incident reviews to identify lessons learned and areas for improvement. **Responsibilities:** - Manage Security Incidents: Effectively oversee the management, investigation, and forensic analysis of security incidents. - Team Collaboration: Collaborate with team members to optimize incident response processes, procedures, and approaches. - Procedure and Playbook Maintenance: Continuously review, enhance, and maintain security incident response procedures and playbooks. - Stakeholder Engagement: Develop and maintain strong relationships with internal stakeholders, suppliers, and external agencies. - Incident Simulations: Participate in and enhance regular cyber security incident simulations and exercises to ensure preparedness. - Threat Analysis and Reporting: Conduct threat analysis, generate incident reports, and participate in post-incident reviews to identify lessons learned and areas for improvement. **Requirements:** - Computer Science Degree (desirable but not essential) - CISSP or similar - Certified Incident Handler or similar - Certified Forensic Analyst or similar - Experience of managing security incidents within a large multinational organization - Experience of driving security investigations and forensics - Experience of working within a high pressured security incident response team - Experience of working with suppliers, external stakeholders, and internal teams and developing strong and trusting working relationships - Ability to communicate effectively with senior management **Who you are:** - You're open, inclusive, collaborative, and open-minded - You're optimistic, believing in the power of creativity, technology, and talent - You're extraordinary, fostering a culture of creativity and collaboration WPP offers passionate, inspired people the opportunity to create extraordinary work at an unparalleled scale in the industry. The challenging and stimulating work environment encourages creative problem solvers to excel. If you are up for the challenge and seek a culture of respect and equal opportunities, WPP is the place for you.,

The Senior Cyber Security Engineer role at our organization is crucial for safeguarding digital assets through the design, implementation, and maintenance of IT security infrastructures. Your responsibilities include preventing, detecting, and managing cyber threats by utilizing your knowledge of network and software security vulnerabilities, incident response skills, and risk management expertise. Collaboration with various teams is essential to develop and enforce security policies, conduct audits, and ensure compliance with regulatory standards. You will be accountable for Security Configuration, Monitoring, and Management (SCMM), where tasks involve configuring and maintaining security tools such as SIEM, Email security gateway, and advanced threat detection systems. Leading the monitoring of security events, directing incident response efforts, and proactively searching for threats within the environment are key responsibilities. You will also be required to aggregate logs, develop correlation rules, customize alerts, review security policies, and recommend security controls. Governance tasks include contributing to the creation, review, and updating of IT security policies, ensuring compliance with industry best practices and regulatory requirements. Overseeing security measures, promoting security awareness, conducting security audits, and reporting findings are part of your role. You will also be involved in developing documentation, conducting analyses, and preparing reports for executive leadership. Problem Resolution and Troubleshooting responsibilities include providing guidance to junior team members, conducting root cause analyses, collaborating with IT teams, and seeking continuous improvement through automation and process refinement. Training and Development tasks involve meeting certification requirements, expanding knowledge in security administration, and participating in technical events to increase professional knowledge and awareness. Your communication span will include internal teams and customers at FutureX. The required qualifications and certifications for this role include CompTIA Security+, CCNA Security, Certified Ethical Hacker, and CISSP. A minimum of 6-8 years of cybersecurity experience is necessary, along with skills in analyzing complex information, effective communication, leadership, time management, and prioritization. Technical competencies in SIEM, forensic analysis, network security, endpoint security, threat modeling, compliance, and risk management are essential. Certifications from vendors of widely used security tools, possible travel, project work at customer offices, and out-of-hours work may also be required for this position.,

As a member of the Medline India team, you will play a crucial role in ensuring the security and integrity of our network and systems. Your responsibilities will include continuous monitoring of various security technologies, analyzing event logs to identify security issues, providing incident handling support, and escalating security issues as needed. You will also be involved in maintaining network devices, performing system alerts monitoring, and responding to incidents and service requests within SLA. To excel in this role, you should have a BE in Computer Science or equivalent with 7-8 years of relevant work experience. A strong technical understanding of networking and security controls such as Firewalls (Checkpoint Smart Console, PaloAlto, ASA, Azure, Prisma), IPS, antivirus, FireEye, SolarWinds, as well as information security concepts is essential. You should possess knowledge of trouble isolation, log analysis, event correlation, data analysis, TCP/IP, and system vulnerabilities. Experience with Microsoft Office for data analysis, incident management procedures, information security tools, and IT industry certifications is required. You should be able to troubleshoot complex systems issues, prioritize tasks, and adapt to a fast-paced, evolving service delivery system. Excellent communication skills, both written and verbal, are crucial for this role. This position may require working in 24x7 shifts as needed. By joining Medline India, you will be part of a dynamic team that values innovation, collaboration, and continuous improvement. Your contributions will directly impact our mission to make healthcare run better, and you will have the opportunity to grow and develop within a supportive and engaging work environment. Join us at Medline India, where #PeopleMatter.,

As a Cyber Defence Incident Responder within the Information Security Group, your primary responsibility is to investigate, analyze, and respond to cyber incidents within the network environment or enclave. You will be coordinating and providing expert technical support to enterprise-wide cyber defence technicians to resolve incidents efficiently. Your role will involve correlating incident data to identify vulnerabilities and make recommendations for expeditious remediation. You will analyze log files from various sources to detect potential threats to network security and perform cyber defence incident triage to determine scope, urgency, and impact. Additionally, you will be conducting real-time incident handling tasks to support Incident Response Teams, receiving and analyzing network alerts, and tracking incidents from detection to resolution. Furthermore, you will be writing and publishing cyber defence reports, collecting intrusion artifacts, and collaborating with law enforcement personnel as needed. In this role, you will also be responsible for coordinating incident response functions, performing trend analysis and reporting, and employing approved defence-in-depth principles to enhance security measures. It is essential to monitor external data sources to stay updated on cyber defence threats and collaborate with intelligence analysts to correlate threat assessment data effectively. To qualify for this position, you should have a Bachelor's degree in Commerce, Science, Arts, Business & Insurance, or Management Studies. Additionally, a Master's degree in Business Administration, Commerce, or Arts is preferred. A minimum of 5 to 10 years of relevant experience in cyber incident response is required for this role.,

The role is based in Navi Mumbai and you will be required to attend a Face to Face Drive on 5th July (Saturday), with all rounds of the interview process scheduled for the same day. The ideal candidate should have an immediate to 45 days" notice period. Your main responsibilities will include round-the-clock threat monitoring and detection, as well as the analysis of any suspicious, malicious, and abnormal behavior. You will be responsible for alert triage, initial assessment, incident validation, severity determination, and urgency evaluation. Additionally, you will need to prioritize security alerts and create Incidents following Standard Operating Procedures (SOPs). It will be your duty to report and escalate incidents to stakeholders and conduct post-incident analysis. You will be expected to consistently triage incidents and provide recommendations using playbooks. Furthermore, you will be required to develop and maintain incident management and incident response policies and procedures. Part of your role will involve the preservation of security alerts and security incident artifacts for forensic purposes. You must adhere to Service Level Agreements (SLA) and Key Performance Indicators (KPIs) and work towards reducing the Mean Time to Detection and Response (MTTD & MTTR).,

Teamware Solutions is seeking a highly skilled and experienced Cyber Security Analyst - MSS - Endpoint Security E4 to bolster our Managed Security Services (MSS) operations. In this senior role, you'll be instrumental in protecting client endpoints, leading complex investigations, and proactively defending against advanced persistent threats, ensuring the highest level of endpoint security posture for our diverse client base. Key Responsibilities Lead advanced endpoint security monitoring, threat detection, and incident response activities within a Managed Security Services (MSS) environment. Conduct in-depth analysis of security alerts, logs, and forensic data from Endpoint Detection and Response (EDR) / Extended Detection and Response (XDR) platforms. Perform complex malware analysis, forensic investigations , and root cause analysis for endpoint-related security incidents. Develop, optimize, and fine-tune endpoint security policies, rules, and configurations across various EDR/Antivirus solutions. Provide L3/L4 escalation support and guidance to junior analysts, mentoring and contributing to their skill development. Proactively hunt for threats on client endpoints using advanced tools and techniques. Create detailed incident reports, post-mortems, and provide actionable recommendations for remediation and prevention. Stay current with the latest endpoint security threats, vulnerabilities, and industry best practices. Collaborate with clients and internal teams to enhance security posture and deploy new endpoint security initiatives. Qualifications Proven extensive experience (typically 7+ years) in a Cyber Security role with a strong focus on Endpoint Security and Managed Security Services (MSS) , including significant L3/L4 support experience. Skills Required: Expert-level proficiency with leading EDR/XDR platforms (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Carbon Black, Palo Alto Networks Cortex XDR). Deep understanding of endpoint operating systems (Windows, Linux, macOS) and common attack vectors. Extensive experience in incident response methodologies specific to endpoint compromise. Proficiency in forensic analysis techniques and tools for endpoint investigations. Strong knowledge of malware analysis concepts and anti-malware technologies. Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for integrating endpoint data. Excellent analytical, problem-solving, and communication skills to articulate complex security issues. Relevant advanced cybersecurity certifications (e.g., SANS GCFE, GCFA, GCIH, CySA+, SC-200, SC-300, SC-400, SC-900). Preferred Skills: Experience with scripting languages (e.g., Python, PowerShell) for automation and data analysis. Knowledge of cloud security concepts and endpoint protection in cloud environments. Familiarity with threat intelligence frameworks (e.g., MITRE ATT&CK). Prior experience in a client-facing MSS role.

Teamware Solutions is seeking a dedicated SOC Support L2/L3 Analyst to join our Security Operations Center. You'll be a critical part of our cybersecurity team, responsible for advanced threat detection, incident response, and in-depth analysis of security events, ensuring the continuous protection of our infrastructure and data. This role demands strong analytical skills and a proactive approach to cybersecurity threats. Key Responsibilities Perform advanced security monitoring and analysis of security events from various sources (SIEM, EDR, network logs, etc.) to detect and identify potential threats, intrusions, and anomalies. Lead incident response activities for complex security incidents (e.g., malware outbreaks, phishing campaigns, unauthorized access), from initial triage and containment to eradication and recovery. Conduct in-depth forensic analysis on compromised systems to determine root causes, attack vectors, and impact. Develop and refine SIEM correlation rules, alerts, and dashboards to enhance threat detection capabilities. Provide L2/L3 support for security incidents, acting as an escalation point for junior analysts and guiding their investigations. Research emerging threats, vulnerabilities, and attack techniques, and propose proactive mitigation strategies. Create detailed incident reports, post-mortem analyses, and remediation plans . Collaborate with IT, network, and application teams to implement security controls and improve overall security posture. Qualifications Proven experience in a Security Operations Center (SOC) role at L2 or L3 level . Skills Required: Strong expertise in SIEM platforms (e.g., Splunk ES, Microsoft Sentinel, IBM QRadar, Elastic SIEM) for security event monitoring, correlation, and analysis. Hands-on experience with Incident Response methodologies and tools. Proficiency in network security concepts (firewalls, IDS/IPS, VPNs), endpoint security (EDR/XDR) , and cloud security principles. Solid understanding of common cyberattack techniques, tactics, and procedures (TTPs) , including MITRE ATT&CK framework. Experience with forensic analysis tools and techniques for host and network forensics. Knowledge of scripting languages (e.g., Python, PowerShell) for automation and analysis. Excellent analytical, problem-solving, and communication skills to articulate complex security issues. Relevant cybersecurity certifications (e.g., CompTIA CySA+, SANS GCIH, GCFA, CEH, SC-200, SC-900). Preferred Skills: Experience with cloud security monitoring in platforms like AWS, Azure, or GCP. Familiarity with threat intelligence platforms and frameworks. Knowledge of compliance standards (e.g., ISO 27001, NIST, GDPR). Experience with vulnerability management and penetration testing concepts.

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Deliver undergraduate teaching in: Medical Jurisprudence Forensic Pathology Clinical Toxicology Ethics & Law in Medicine Assist in: Conducting practical sessions , including mock courts and forensic specimen demonstrations. Evaluating students through internal assessments and university exams. Preparing study material, question banks, and MCQs in alignment with CBME norms. Practical & Legal Involvement Assist in medicolegal autopsies under the supervision of senior faculty. Support preparation of medicolegal reports including: Injury documentation Age estimation Cause of death Participate in: Hospital and police liaison for medicolegal cases Court appearances as expert witness (under mentorship) Research & Academic Development Collaborate in departmental and institutional research. Assist in: Literature reviews Data collection & analysis Drafting abstracts, papers, and case reports Attend: CMEs, conferences, faculty development programs (FDPs) Workshops in forensic science and medical education Administrative & Support Duties Support Head of Department in: Curriculum planning Maintaining teaching schedules and student attendance records Help organize: Guest lectures Student activities (e.g., forensic quiz, debates) Departmental inspections and NMC documentation Desirable Attributes Confidence in communicating medico-legal concepts to students and non-medical stakeholders (e.g., police, legal teams). Basic familiarity with legal procedures , IPC/Cr PC sections, and documentation standards. Skilled in dissection and forensic photography (advantageous). Comfort with digital teaching tools and virtual learning platforms

1.Academic Qualifications: MBBS degree from a recognized institution. MD (Forensic Medicine) from an institution recognized by NMC. 2.Teaching & Experience Requirements: A total of 8 years of teaching experience in the subject (Forensic Medicine) as a Lecturer/Assistant Professor or equivalent, with at least 5 years as Associate Professor in a recognized medical college. Job Responsibilities of a Professor in FMT: Teaching MBBS and postgraduate students (if applicable) in Forensic Medicine. Supervising medicolegal autopsies and toxicology lab work. Conducting and guiding research in forensic science and toxicology. Managing departmental administration and academic planning. Preparing students for examinations and evaluating their academic performance. Coordinating with law enforcement and judiciary in legal cases requiring medical expertise.

Deliver undergraduate teaching in: Medical Jurisprudence Forensic Pathology Clinical Toxicology Ethics & Law in Medicine Assist in: Conducting practical sessions , including mock courts and forensic specimen demonstrations. Evaluating students through internal assessments and university exams. Preparing study material, question banks, and MCQs in alignment with CBME norms. Practical & Legal Involvement Assist in medicolegal autopsies under the supervision of senior faculty. Support preparation of medicolegal reports including: Injury documentation Age estimation Cause of death Participate in: Hospital and police liaison for medicolegal cases Court appearances as expert witness (under mentorship) Research & Academic Development Collaborate in departmental and institutional research. Assist in: Literature reviews Data collection & analysis Drafting abstracts, papers, and case reports Attend: CMEs, conferences, faculty development programs (FDPs) Workshops in forensic science and medical education Administrative & Support Duties Support Head of Department in: Curriculum planning Maintaining teaching schedules and student attendance records Help organize: Guest lectures Student activities (e.g., forensic quiz, debates) Departmental inspections and NMC documentation Desirable Attributes Confidence in communicating medico-legal concepts to students and non-medical stakeholders (e.g., police, legal teams). Basic familiarity with legal procedures , IPC/Cr PC sections, and documentation standards. Skilled in dissection and forensic photography (advantageous). Comfort with digital teaching tools and virtual learning platforms

Company Description Samartha InfoSolutions, founded in 2006, aims to be the world leader in providing simplified innovative IT solutions. The company focuses on progressive IT solutions to help customers achieve their core business objectives effectively. Specializing in OSS/NMS/ITSM solutions, IT infrastructure support, and application development & support, Samartha InfoSolutions boasts a team of experienced professionals dedicated to delivering exceptional services in various sectors. Role Description This is a full-time on-site role for a Mobile Forensic Engineer at Samartha InfoSolutions in Bengaluru. The Mobile Forensic Engineer will be responsible for forensic analysis, forensic engineering, analytical skills application, failure analysis, and structural engineering tasks. The role involves day-to-day activities related to mobile forensic investigations and analysis. Qualifications Forensic Analysis and Forensic Engineering skills Analytical Skills and Failure Analysis expertise Strong background in Structural Engineering Proficiency in digital forensics tools and techniques Experience in mobile device forensics Excellent problem-solving and critical thinking abilities Strong attention to detail and accuracy Bachelors Degree/Masters Degree. Information Technology Cybersecurity Digital Forensics,

We are seeking a skilled Endpoint Security Specialist to join our team in India. The successful candidate will be responsible for protecting our organization's endpoints from security threats and ensuring compliance with security policies. Responsibilities Develop and implement endpoint security policies and procedures. Monitor endpoint security systems and respond to security incidents. Conduct risk assessments and vulnerability assessments on endpoints. Collaborate with IT and security teams to ensure compliance with security standards. Provide training and guidance to staff on endpoint security best practices. Evaluate and recommend endpoint security solutions and technologies. Skills and Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. 8-12 years of experience in endpoint security or related IT security fields. Strong knowledge of endpoint protection technologies (e.g., antivirus, EDR, DLP). Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST). Proficient in incident response and threat hunting techniques. Familiarity with network security concepts and practices. Excellent problem-solving skills and attention to detail. Strong communication skills, both verbal and written.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Description Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Privilege Password Management CyberArk.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Saviynt. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Privilege Password Management CyberArk. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Hashicorp Vault. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience: 5-8 Years.

Security Specialist, Incident Response Responsibilities includes • Lead security incident response in a cross-functional environment and drive incident resolution. • Lead and develop Incident Response initiatives that improve Allianz capabilities to effectively respond and remediate security incidents. • Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. • Perform log analysis from a variety of sources to identify potential threats. • Build automation for response and remediation of malicious activity. • Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. • Works on SOAR cases, automation, workflow & Playbooks. • Integrating and working on Identity solutions. • Developing SIEM use cases for new detections specifically on identity use cases. Minimum Qualifications: • 5-10 years of experience in Security Incident Response, Investigations • Working experience in Microsoft On-prem and Entra ID solutions • Good knowledge in Active Directories and Tier 0 concepts • Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. • Experience investigating and responding to both external and insider threats. • Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) • Experience analyzing network and host-based security events

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

The Cyber Forensic Specialist will operate in a secure lab environment equipped with workstations, servers, mobile devices (iOS/Android), IoT devices, and other internet-connected endpoints. The environment supports both live and post-incident Required Candidate profile Essential Certifications(any one of the following) GIAC Certified Forensic Examiner(GCFE) Certified Computer Examiner(CCE) GIAC Certified Forensic Analyst(GCFA) Computer Hacking Forensic Investigation