10 Incident Detection Jobs

At Dark Matter Technologies, you are at the forefront of a tech-driven revolution in loan origination. The commitment to cutting-edge AI and origination technology solutions is reshaping the industry landscape, illuminating a path towards seamless, efficient, and automated experiences. Driven by Empower, the cutting-edge all-in-one LOS, and a suite of innovative Origination Technologies, end-to-end solutions are provided that fully serve the mortgage origination process. Dark Matter Technologies is owned by Constellation Software Inc. (TSX:CSU). As a SOC Lead with 8+ years of experience, your responsibilities will include monitoring and investigating security alerts, maintaining and tuning security tools under InfoSec purview, researching and providing gap analysis of current security event processes, identifying opportunities for improvements, acting as a subject matter expert and mentor to junior team members, and driving root-cause analysis to common security events. To qualify for this role, you should have an associate or bachelor's degree in computer science, Information Technology, System Administration, or a closely related field, or equivalent work experience. A minimum of 10+ years of experience working in a Security Operations Center (SOC) and demonstrating an increased level of responsibilities is required. Additionally, you should possess sound working knowledge of security operations and security investigation best practices, experience monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events, experience monitoring and handling Microsoft Defender portal and Purview alerts and events, exceptional customer service skills, strong project management skills, strong team management skills with a history of managing direct reports, high self-motivation with keen attention to detail, ability to work within a diverse geographically distributed team, willingness to adjust work schedule to accommodate business needs, ability to perform in cross-functional teams, ability to adapt to different cultures with varying degrees of physical living standards, accommodations, and environments, ability to sit at a computer workstation for extended periods and fully utilize the PC monitor, keyboard, mouse, and required programs, ability to be on-call and work extended hours as needs arise, ability to work on a modified schedule that aligns with the US Eastern time zone (8 am to 5 pm), and strong English written and verbal skills. If you believe you meet the qualifications and are excited about the opportunity to work in a dynamic and innovative environment, we look forward to receiving your application documents (Resume, Salary details, and references) stating the earliest date you could start. Get empowered by Dark Matter Technologies!,

As a Team Lead of the SOC Analyst Team in the Cybersecurity/Security Operations department, your primary responsibility will be to guide and support a group of security analysts in their day-to-day tasks. You will oversee daily SOC operations, ensuring that the team adheres to processes, SLAs, and quality standards. Facilitating team meetings, knowledge-sharing sessions, and performance evaluations will also be part of your role. Additionally, you will schedule and coordinate shifts to maintain 24/7 coverage and proper workload distribution. Your expertise will be crucial in overseeing the detection, triage, investigation, and response to cybersecurity incidents. Working closely with threat intelligence, IT, and engineering teams, you will collaborate to remediate threats effectively. After incidents, you will conduct root cause analysis and recommend preventive measures to enhance security posture. To excel in this role, you must have a strong understanding of security frameworks like MITRE ATT&CK and NIST. Hands-on experience with tools such as CrowdStrike, Splunk, WIZ, VirusTotal, Jira, Confluence, AWS, Azure, and GCP is essential. Proficiency in incident detection, investigation, and response is required, along with familiarity in handling various alert types including IDS/IPS alerts, EDR detections, malware and forensic investigations, phishing attempts, and cloud-related security incidents. Your communication, leadership, decision-making, analytical, and problem-solving skills will be vital in managing pressure during security incidents and multitasking in a dynamic environment. The ideal candidate should have a minimum of 5-7 years of experience in a SOC environment, with at least 1-2 years of team leadership or supervisory experience. This position requires working in rotational shifts to ensure 24/7 coverage of security operations. While certifications such as CompTIA Security+ or Google Cybersecurity Professional Training are valuable, hands-on experience and leadership abilities take precedence in this role.,

As an Ethics and Compliance professional at our organization, you will be responsible for various key tasks to ensure the integrity and security of our information systems. Your duties will include investigating ISMS events such as system failures and equipment failures to maintain our high security standards. You will also review ISMS policies and procedures, collaborate with different departments to ensure compliance, and provide expertise in resolving technical challenges through IT helpdesk support. Additionally, you will play a vital role in coordinating Information Security Task Force meetings, working closely with external audit firms to meet regulatory requirements, and conducting security awareness training. Your involvement in ISO 27001 objective evaluation, risk management processes, internal audits, and remediation activities will contribute significantly to our certification efforts. Monitoring operational controls for projects and preparing documentation supporting ISO 27001 implementation will also be part of your responsibilities. To be successful in this role, you should hold a bachelor's or master's degree in engineering or a related field and have 3-5 years of experience in information security. Your experience managing audits, understanding of cybersecurity frameworks, incident detection and response skills, risk management proficiency, and ability to analyze complex technical issues are essential. Strong communication and stakeholder management skills are crucial for effective collaboration with diverse teams. While certifications such as CISA are preferred, we offer a competitive compensation and flexible benefits package as part of our total rewards package. Guidehouse is an Equal Opportunity Employer committed to creating a diverse and supportive workplace. If you require accommodations during the application process, please contact Guidehouse Recruiting. We do not charge any fees or require money transfers at any stage of our recruitment process and maintain confidentiality of all information provided by applicants.,

As a SOC Lead, you will be responsible for incident detection and response, utilizing tools such as Azure Sentinel SIEM, Splunk, and Microsoft Defender for Endpoint. Your primary tasks will involve investigating high-priority security incidents, determining root causes, and guiding the team in remediation efforts. Furthermore, you will be tasked with creating and refining custom detection rules in Azure Sentinel, monitoring alerts from Microsoft Defender for Endpoint to identify security threats, and documenting security incidents including timelines and outcomes. Your role will also involve collaborating with other SOC team members, IT teams, and external vendors to resolve incidents and provide mentorship to junior analysts. Additionally, you will be conducting forensic analysis on compromised systems, performing threat hunting activities, and contributing to security posture improvement by refining security procedures and optimizing Azure Sentinel and Microsoft Defender for Endpoint configurations. Staying up-to-date with the latest threat intelligence and security trends will be crucial to ensure that tools and strategies evolve with emerging threats. If you are passionate about cybersecurity and have experience in incident response, threat hunting, and security monitoring, we invite you to apply for this challenging and rewarding position in either Bangalore or Mumbai.,

As a shift lead in the Security Operations Center (SOC) at Virtusa, you will play a crucial role in supporting SOC operations by conducting detailed threat-based investigations, making recommendations for incident detection methodologies, and offering expert assistance for incident response and monitoring activities. Your responsibilities will include being a technical and strategic leader in driving key performance indicator (KPI) metrics, promoting automation, analytics, and operational efficiencies to enhance the overall security posture. You will be tasked with providing suggestions to enhance security postures, minimize security risks, and identify opportunities for automation to streamline manual efforts. Your role will involve ensuring the highest quality of SOC service delivery and aiding in the development of incident response actions, policies, and procedures, including process enhancements. As the escalation point for advanced security incident escalations from Level 1 SOC analysts, you will oversee all SOC activities and business-as-usual (BAU) tasks during your shift, which involves 24/7 support. Additionally, you will review and improve run books, operating procedures, and playbooks, as well as assign and prioritize tasks and incidents for Level 1 SOC team members. You will manage the incident pipeline, including escalating outstanding incidents, updating incidents as needed, and escalating open incidents when necessary. Furthermore, you will be responsible for meeting service level agreements (SLAs) and leading SOC shift handover calls. Your role will also involve providing continuous improvement initiatives and on-the-job training for Level 1 SOC analysts. Your expertise will be paramount in analyzing logs from various sources such as network devices, applications, infrastructure services, security products, and endpoint data using Security Information and Event Management (SIEM) tools and other security technologies. You will also lead security event and incident investigations, applying industry-recognized incident detection and response frameworks like NIST, MITRE, and others. At Virtusa, we prioritize teamwork, quality of life, and professional development. Join our global team of 30,000 professionals who are dedicated to fostering your personal and career growth. We offer exciting projects, opportunities to work with cutting-edge technologies, and a collaborative environment where great minds come together to innovate and excel.,

The Information Security Officer (ISO) at Wishfin plays a crucial role in safeguarding the organization's information assets and technologies. Reporting to the Technical Lead, you will be at the forefront of establishing and maintaining the enterprise vision and strategy to ensure robust protection against security risks. As an ISO, your key responsibilities will include identifying, assessing, and prioritizing potential security risks to systems, data, and networks. You will develop and implement effective strategies to mitigate these risks while ensuring compliance with regulations such as GDPR and PCI DSS. Leading incident response efforts, you will be responsible for investigating, containing, and resolving security incidents, as well as implementing preventive measures. Developing and enforcing security policies, standards, and procedures to safeguard sensitive information will be a core part of your role. You will also be tasked with delivering security awareness training programs to educate employees on best practices and compliance requirements. Assessing the security posture of third-party vendors and collaborating with IT and engineering teams to design secure architectures for systems will be among your responsibilities. Regular security audits, assessments, and compliance reviews will be conducted by you, in addition to deploying and managing security monitoring tools for real-time threat detection. Establishing and chairing a security governance committee to oversee initiatives and provide strategic direction will also be part of your duties. You will prepare and present reports on information security status to senior management and stakeholders. To qualify for this role, you must possess a Bachelor's degree in Computer Science, Information Technology, or a related field. Professional certifications such as CISSP, CISM, or CISA are advantageous but not mandatory. Two years of experience in information security roles, particularly in risk management, compliance, and incident response within fintech or financial services, is required. Familiarity with security frameworks and regulatory requirements, as well as strong communication skills and an analytical mindset, are essential for success in this position. If you meet the qualifications and are interested in this opportunity, please apply or send your updated resume to hrteam@wishfin.com.,

You have an exciting opportunity at EthicalHat Cyber Security Pvt. Ltd. as a Security Operations Center Manager. In this role, you will play a crucial part in managing the Security Operations Center (SOC) and ensuring the effective and efficient operation of security processes. Your responsibilities will include directing the functions, processes, and operations of the SOC to maintain compliance with policies and procedures. You will lead the 24/7 operations of the SOC to ensure timely identification and resolution of security incidents, enhancing client security. Additionally, you will manage the SOC team, including shift scheduling, performance monitoring, and process adherence. As the SOC Manager, you will be responsible for managing the collection, documentation, and research of security incidents received via the SOC. You will provide realistic overviews of risks and threats to CISO/Senior Management and develop incident response management programs. Moreover, you will work closely with customers to ensure resolution management and customer satisfaction. Your role will also involve creating reports, dashboards, and metrics for SOC operations, conducting training exercises for staff, and establishing performance goals and priorities. Desired candidates should have at least 4 years of SOC experience and 10+ years of Security Operations management experience. The ideal candidate will possess good knowledge of SIEM concepts and experience with tools such as LogRhythm, Sourcefire, and Cisco AMP. Strong expertise in security operational services, including threat management, cyber investigations, and forensic investigations, is required. Advanced knowledge of information systems security standards and procedures, along with excellent time management and leadership skills, are essential for this role. If you have 8-12 years of relevant experience, excellent communication skills, and a strong understanding of networking and security fundamentals, we encourage you to apply for this challenging position at EthicalHat Cyber Security Pvt. Ltd.,

The role is based in Navi Mumbai and you will be required to attend a Face to Face Drive on 5th July (Saturday), with all rounds of the interview process scheduled for the same day. The ideal candidate should have an immediate to 45 days" notice period. Your main responsibilities will include round-the-clock threat monitoring and detection, as well as the analysis of any suspicious, malicious, and abnormal behavior. You will be responsible for alert triage, initial assessment, incident validation, severity determination, and urgency evaluation. Additionally, you will need to prioritize security alerts and create Incidents following Standard Operating Procedures (SOPs). It will be your duty to report and escalate incidents to stakeholders and conduct post-incident analysis. You will be expected to consistently triage incidents and provide recommendations using playbooks. Furthermore, you will be required to develop and maintain incident management and incident response policies and procedures. Part of your role will involve the preservation of security alerts and security incident artifacts for forensic purposes. You must adhere to Service Level Agreements (SLA) and Key Performance Indicators (KPIs) and work towards reducing the Mean Time to Detection and Response (MTTD & MTTR).,

At Dark Matter Technologies, you are at the forefront of a tech-driven revolution in loan origination. The commitment to cutting-edge AI and origination technology solutions is reshaping the industry landscape, illuminating a path towards seamless, efficient, and automated experiences. Driven by Empower, the cutting-edge all-in-one LOS, and a suite of innovative Origination Technologies, you provide end-to-end solutions that fully serve the mortgage origination process. Dark Matter Technologies is owned by Constellation Software Inc. (TSX:CSU). As a SOC Lead with 8+ years of experience, your job location will be in Hyderabad & Bhubaneswar with shift timings from 5:30 PM to 3:00 PM IST. Your responsibilities will include monitoring and investigating security alerts, maintaining and tuning security tools under InfoSec purview, researching and providing gap analysis of current security event processes, acting as a subject matter expert and mentor to junior team members, and driving root-cause analysis to common security events. To qualify for this position, you should have an associate or bachelor's degree in computer science, Information Technology, System Administration, or a closely related field; or equivalent work experience. A minimum of 10+ years of experience working in a Security Operations Center (SOC) is required, along with sound working knowledge of security operations and security investigation best practices. Experience in monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events, as well as experience monitoring and handling Microsoft Defender portal and Purview alerts and events, is crucial. Exceptional customer service, strong project management, and team management skills are necessary, with a history of managing direct reports. You should be highly self-motivated and directed, with keen attention to detail, able to work within a diverse geographically distributed team, willing to adjust work schedules to accommodate business needs, perform in cross-functional teams, adapt to different cultures, be on-call, work extended hours as needed, align with the US Eastern time zone (8 am to 5 pm), and possess strong English written and verbal skills. If you believe you are the ideal candidate for this position, we look forward to receiving your complete application documents (Resume, Salary details, and references) at sreedevi.choudhury@dmatter.com. Get empowered by Dark Matter Technologies!,

As a candidate for this position, you should hold a Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field, with a preference for a Masters degree. Your role will involve leading and mentoring the SOC team to promote a culture of continuous improvement and collaboration. Overseeing the day-to-day operations of the SOC is crucial, ensuring efficient incident detection, response, and recovery processes. Collaboration with IT and business units is essential to integrate cybersecurity measures into existing and new technology deployments. Your responsibilities will also include managing cybersecurity projects, selecting and implementing cutting-edge security tools and technologies. Regular security assessments, penetration testing, and proactive threat hunting are key tasks to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC are desired, along with at least 10 years of experience in cybersecurity, including a minimum of 3 years in a leadership role within an SOC environment. In-depth knowledge and experience with cybersecurity regulations and standards are expected. Proficiency in managing and configuring security technologies such as SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools is required. You should have a demonstrated ability to lead and develop high-performing teams. Additional responsibilities include preparing lab/demo environments, conducting research and development on security tools and best practices, and being flexible to work in US Shift. Excellent problem-solving, communication, and presentation skills are necessary for this role.,