1458 Incident Response Jobs

You will be responsible for leading the automation, orchestration, and continuous improvement of the Technology and Infrastructure Resilience Process as a Manager in Technology Resilience & Automation at Northern Trust. Your role will involve focusing on enhancing the efficiency, reliability, and effectiveness of DR Operations through automation, ensuring rapid recovery of critical systems, and minimizing downtime. Key Responsibilities: - Develop and implement an automated DR framework to enhance failover and recovery speed. - Integrate automation into DR Runbooks, testing, and execution to minimize manual intervention. - Optimize RTO (Recovery Time Objective) and RPO (Recovery Point Objective) through automation. - Collaborate with Infrastructure teams to enhance DR capabilities. - Ensure DR plans meet the standards and compliance requirements. - Own and maintain a DR Automation backlog to deliver automation initiatives using agile methodology. Automation & Tooling Implementation: - Review requirements and approve design artifacts with the engineering team. - Utilize organization infrastructure tools to automate the DR process. - Implement DR automation solutions across on-premise, hybrid, and multi-cloud environments. - Enhance monitoring and alerting capabilities for DR automation using organization-accredited tools. DR Testing & Validation: - Conduct disaster recovery tests, failover drills, and resilience simulations using automation. - Monitor and analyze test results, identifying areas for improvements in automation and response time. - Collaborate with relevant departments to ensure alignment between disaster recovery, authentication, and security strategies. - Lead disaster recovery efforts in the event of a disruption, coordinating the response and recovery activities. - Create and maintain a consistent set of documents to support automation capabilities. Communication, Collaboration & Leadership: - Lead a team of engineers and specialists focused on DR Automation. - Serve as a subject matter expert in disaster recovery automation, providing guidance and training. - Develop and present effective presentations for strategy and approach to management and stakeholders. - Facilitate meetings with stakeholders to relay automation metrics. - Maintain an effective technical network across technical SMEs and architects. Qualifications: - Bachelor's degree or equivalent experience. - Strong knowledge of IT automation strategies, tools, and framework. - Proven experience in disaster recovery and business continuity planning. - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills. - Financial or Regulatory domain experience a plus. - Ability to work effectively under pressure and in high-stress situations. - Knowledge of relevant regulations and compliance standards. Experience: - Minimum 12+ years of experience in Management or Team Lead role in the IT Industry. - Minimum 5 years of experience in disaster recovery and business continuity planning. - Practical experience operating in an Agile development environment. - Strong communications, analytical, problem-solving, and incident response skills. - Experience in leading DR automation projects and response efforts. You will have the opportunity to work in a flexible and collaborative culture at Northern Trust, where movement within the organization is encouraged, and senior leaders are accessible. Join a company committed to assisting the communities it serves and build your career with one of the world's most admired and sustainable companies. Apply today and discuss your flexible working requirements for a greater achievement.,

As an L3 SOC Analyst at CyberProof, a UST Company, you will play a crucial role in monitoring, investigating, and resolving security incidents, violations, and suspicious activities. Your primary responsibilities will include: - Acting as an escalation point for high and critical severity security incidents and conducting thorough investigations to determine potential impact and understand the extent of compromise. - Analyzing attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle. - Providing recommendations on issue resolution activities such as security controls policy configuration changes and security hygiene improvement. - Hunting for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Clients environment. - Conducting threat hunting through in-depth log analysis to identify potential threats that may have evaded automated detection. - Identifying gaps and weaknesses in existing security processes and proposing enhancements to improve established incident response methodologies. - Collaborating with cross-functional teams to ensure end-to-end management of security incident lifecycle. - Documenting and updating incident response processes, defining outcomes for future references, and driving continuous improvement. - Participating in regular team meetings, Incident Response war room discussions, and executive briefing sessions. Requirements: - Minimum 2+ years of experience as a SOC L3 Analyst working as part of a Global SOC team. - Resolving, escalating, reporting, and raising recommendations for resolving and remediating security incidents. - Proactively monitoring and reviewing threats and suspicious events from customers participating in the service. - Handling the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity. - Investigating and resolving security violations by providing post-mortem analysis to illuminate issues and possible solutions. - Collating security incident and event data to produce monthly exception and management reports. - Reporting unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes. - Assisting and training team members in the use of security tools, the preparation of security reports, and the resolution of security issues. - Developing and maintaining documentation for security systems and procedures. - Experience in handling Linux servers, familiar with Linux OS and commands. - Maintaining excellent customer satisfaction through professional, proactive, and personal service. - Experience with SIEM vendors such as QRadar, ArcSight, RSA, and LogRhythm. - Experience in incident response and in writing procedures runbooks and playbooks. - Ability to work with customers IT and security teams. CyberProof, a UST Company, is dedicated to transforming the operations of customers and securing the security landscape by utilizing innovative approaches and cutting-edge technologies. UST is a global digital transformation solutions provider that partners with clients from design to operation to make a real impact through transformation. With over 30,000 employees in 30 countries, UST builds for boundless impact, touching billions of lives in the process.,

As a SRE lead with 8+ years of experience, your role will involve providing strategic direction and technical expertise to ensure the ongoing success and reliability of the platform's and products. Key Responsibilities: - Support and provide guidance in designing, building, and maintaining highly available, scalable, and reliable SaaS infrastructure. - Lead efforts to ensure the reliability and uptime of the product by driving proactive monitoring, alerting, and incident response practices. - Develop and implement strategies for fault tolerance, disaster recovery, and capacity planning. - Conduct thorough post-incident reviews and root cause analyses to identify areas for improvement and prevent recurrence. - Drive automation initiatives to streamline operational workflows, reduce manual effort, and improve efficiency. - Champion DevOps best practices, promoting infrastructure as code, CI/CD pipelines, and other automation tools. - Collaborate with other teams to enhance observability systems for monitoring site stability and performance. - Continuously explore new tools and methodologies to drive innovation and enhance the DevOps platform. - Work closely with development teams to optimize application performance and efficiency. - Implement tools and techniques to measure and improve service latency, throughput, and resource utilization. - Identify and implement cost-saving measures to optimize cloud infrastructure spending. - Proactively identify and address security vulnerabilities in the cloud environment. - Collaborate with cross-functional teams to align on reliability goals and drive initiatives. - Communicate effectively with stakeholders to provide visibility into reliability initiatives, progress, and challenges. - Maintain documentation of processes, configurations, and technical guidelines. What we offer: - Culture of caring: Experience an inclusive culture of acceptance and belonging, prioritizing people first. - Learning and development: Commitment to continuous learning and growth with various opportunities for skill enhancement and career advancement. - Interesting & meaningful work: Engage in projects that make an impact and reimagine what's possible. - Balance and flexibility: Explore different work arrangements to achieve a work-life balance. - High-trust organization: Join a high-trust organization where integrity is key, ensuring a safe, reliable, and ethical work environment. About GlobalLogic: GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner known for creating innovative digital products and experiences. Collaborate with forward-thinking companies to transform businesses and redefine industries through intelligent solutions.,

As the CISO (Chief Information Security Officer) at Digamber Capfin Limited, located in Jaipur, Rajasthan, your primary responsibility is to build the information security function of the organization from the ground up. You will play a crucial role in transforming Digamber NBFC into a tech-first financial institution. Your role is both strategic and operational, involving defining the security vision and directly implementing tools, policies, and processes in the initial stages. **Key Responsibilities:** - **Security Governance & Strategy** - Define a 2-3 year information security roadmap aligned with RBI/NBFC guidelines. - Draft and implement security policies covering endpoint security, IAM, vendor risk management, and incident response. - Establish and run the organization's Governance, Risk, and Compliance (GRC) framework. - **Regulatory & Compliance** - Lead RBI cyber security compliance, including evidence preparation and audit closure. - Coordinate with external auditors and regulators. - Ensure all security initiatives meet or exceed regulatory requirements. - **Security Operations (Hands-On)** - Set up and configure SIEM/SOC monitoring in collaboration with vendors or MSSPs. - Oversee and execute endpoint security rollout (EDR/antivirus, encryption, patching). - Manage incident detection, response, and reporting. - **Identity & Access Management (IAM)** - Implement MFA, privileged access controls, and quarterly access reviews. - Work with IT to automate user provisioning and deprovisioning. - **Vendor & Outsourced Service Security** - Evaluate and approve vendor security posture (e.g., M2P LMS, cloud services). - Integrate security clauses and SLAs into vendor contracts. - Monitor vendor performance and compliance. - **Awareness & Training** - Launch company-wide security awareness programs and phishing simulations. - Build a culture of security across 700+ employees. **Qualifications Required:** - Proven track record of building or maturing a security program from low maturity. - Hands-on experience with SIEM, Endpoint protection & patch management, IAM solutions, Vulnerability scanning & remediation. - Strong understanding of RBI regulations for NBFCs. - Experience managing outsourced SOC/MSSP and IT vendors. - Excellent communication skills - able to work with executives and train non-technical staff. Join Digamber Capfin Limited and be part of a mission-driven organization that empowers rural Indian minds with financial services. With a strong presence in 8 states and over 90 districts, you will contribute to making a positive impact on society by enabling the rural population to succeed and grow.,

Role Overview: As a Sr. Systems Engineer - Firewall, you will have a passion for data networking, focusing on large, global security engineering for Palo Alto firewall architecture and operations. You will thrive in team-oriented environments and possess the technical depth to lead/influence/participate in engineering discussions, strategic planning, and roadmaps to ensure a robust, scalable, and secure network. Your responsibilities will include designing, implementing, and maintaining high-availability in multi-vsys Palo Alto firewall infrastructure, enforcing advanced security policies, performing troubleshooting on security incidents, leading firewall projects, and collaborating with cross-functional teams. Key Responsibilities: - Design, implement, and maintain high-availability in multi-vsys Palo Alto firewall infrastructure - Ensure disaster recovery designs for all firewall systems and services - Architect and enforce advanced security policies, including application-aware and user-based rules - Perform troubleshooting and root cause analysis on complex security incidents and firewall-related network issues - Lead firewall projects and integrations with other security appliances and cloud platforms - Collaborate with cross-functional teams to ensure compliance with regulatory and business requirements - Develop and maintain scripts for firewall configuration, automation, and health monitoring - Conduct security assessments, vulnerability testing, and risk analysis - Stay current with emerging threats and cybersecurity best practices - Provide mentorship and technical leadership to junior engineers - Support networking escalations in an on-call rotation - Perform systems resource optimization activities and capacity planning - Drive continual process improvements through KPIs and automation Qualifications Required: - BS in Computer Science, Engineering, or related field or equivalent work experience - 5+ years of Core Firewall Experience - Next-Generation Firewall Engineer Certification from Palo Alto or equivalent experience - Expertise in diagnosing and solving complex problems - Strong verbal and written communication skills - Hardware expertise in Palo Alto Firewalls, PANOS, Panorama, Strata Cloud Manager - Advanced scripting skills in Python, Perl, iRules, TCL, Chef/Puppet or Go - Experience with SNMP-based monitoring tools and network-related monitoring tools - Experience with vendor management and contract negotiations About the Company: Williams-Sonoma India Pvt. Ltd. is a sourcing office established in 2013, based in Gurugram, India. The company handles versatile vendors across India, Nepal & Bangladesh, sourcing premium products across all categories of Home Furnishing. Williams-Sonoma Inc. is a premier specialty retailer of high-quality products for the kitchen and home in the United States, operating globally with well-known brands in home furnishings.,

Role Overview: As a Senior Executive/ Assistant Lead - MEPF (E&M) at Adani Airports Holding Limited, you will be responsible for the maintenance, operation, and troubleshooting of mechanical, electrical, plumbing, and fire safety systems across the airport facilities. Your role will involve performing routine inspections, preventive maintenance, and assisting in resolving issues related to MEPF systems to ensure efficient functioning and minimal downtime of critical systems. Additionally, you will be involved in hands-on maintenance activities, system upgrades, repairs, and diagnostics. Key Responsibilities: - Collaborate with the Lead - MEPF in planning and executing preventive maintenance schedules for MEPF systems to prevent system failures. - Support in planning system shutdowns or upgrades to minimize operational disruption, especially during peak airport hours. - Assist in coordinating with other teams to prioritize critical maintenance tasks and emergency repairs. - Take a proactive role in troubleshooting routine MEPF system malfunctions and assist in identifying the root cause of issues. - Track maintenance costs and ensure tasks are completed within the allocated budget. - Adhere to safety protocols and procedures while performing maintenance activities to comply with safety regulations. - Ensure maintenance work is executed according to established quality standards and compliance with building codes and safety regulations. - Manage relationships with external contractors and vendors performing specialized MEPF work. - Provide support and guidance to junior engineers and technicians to improve their technical skills and efficiency. - Coordinate with the Lead and other departments to ensure smooth communication regarding MEPF system updates, maintenance schedules, and system issues. - Monitor energy consumption within the cargo terminal and implement energy-saving measures to improve efficiency and reduce costs. Qualification Required: - Educational Qualification: Bachelors degree in mechanical, Electrical, or related engineering discipline. - Work Experience: 5-7 years of experience in maintaining MEPF systems, with hands-on experience in troubleshooting and repairs. Previous experience in an airport, large commercial facilities, or industrial buildings is preferred. Understanding of MEPF systems (HVAC, electrical, plumbing, fire safety) and their importance in large-scale facilities.,

As a Security Program Manager, you will play a crucial role in developing and implementing the enterprise vision, strategy, and security program to ensure the protection of information assets and technologies. Your responsibilities will include: - Improving and implementing a comprehensive information security strategy that aligns with the organization's goals and regulatory requirements. - Governing and managing the Information Security Management System, Business Continuity Management System, and Data Privacy Management System. - Leading the information security team in identifying, assessing, and managing security risks. - Establishing security policies, standards, and procedures to safeguard sensitive information and ensure compliance with relevant regulations, including privacy regulations. - Focusing on supply chain and third-party security risks. - Collaborating with IT and business leaders to integrate security practices across all aspects of the organization's operations. - Conducting regular security audits and assessments to identify vulnerabilities and recommend improvements. - Responding to security incidents and breaches, leading investigations, and coordinating remediation efforts. - Building a security-aware organization through training initiatives. - Staying up-to-date with industry trends and emerging threats to ensure the organization adapts to new security challenges. - Planning and coordinating with external auditors. - Providing security reporting of KPIs, risks, challenges, ongoing and future security programs, and changes in the threat landscape to top management, including the Board of Directors. You will also need to maintain a current understanding of the cybersecurity landscape to effectively protect the organization.,

Role Overview: As a Manager, Detection and Response at Synchrony, you will be a part of the Synchrony Joint Security Operations Center (JSOC) and will play a crucial role in cyber detection of information security alerts and assisting in the investigation and reporting of major information security incidents across all business units. Your responsibilities will include operating the detection and response program, handling escalated incidents, and ensuring the security of both traditional on-premise and cloud management plane. You will be expected to have a strong understanding of communication technologies, emerging cloud security practices, and building relationships within the organization. Key Responsibilities: - Respond to security incidents by mitigating and containing impacts, coordinating remediation efforts, and providing recommendations for improvements to senior management. - Utilize security technologies such as Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and other tools to proactively detect security threats. - Collaborate with the Cyber Intelligence team to develop threat detection logic and enhance Detection and Incident Response processes. - Document findings, create detailed reports, enumerate risks, and prioritize mitigation efforts based on business priorities. - Act as a subject matter expert on incident response tasks and coordinate IT resources effectively. - Identify and recommend process improvements to enhance overall security posture. Qualifications Required: - Bachelor's degree in Computer Science or related discipline with a minimum of 4 years of work experience in information security or related technology, or a High School Diploma/GED with equivalent work experience. - Minimum 2 years of experience in cyber security, incident response, or security operations related to detection, analysis, containment, eradication, and recovery from cyber security incidents. - Strong verbal and written communication skills. - Ability to perform logical problem-solving. - Experience working in high-performing teams and understanding teamwork dynamics in a SOC environment. - Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security Specialty, and other cybersecurity certifications are a plus. Company Details: Synchrony (NYSE: SYF) is a premier consumer financial services company with a focus on delivering digitally enabled product suites across various industries. Recognized for its employee-friendly policies and career advancement opportunities, Synchrony offers flexibility, choice, and best-in-class employee benefits to promote work-life integration and overall well-being. Grade/Level: 09 Work Timings: Rotational shifts,

As a Senior SOC Analyst (L2 & L3) at Fiori Technology Solutions in Bengaluru, India, with over 10 years of experience, you will be part of a 24x7 365 operation, working in a rotating schedule involving all shifts in 10-hour swings, including some Holidays. Your primary responsibilities will include: - Monitoring alerts in various tools, performing initial triage analysis, and incident creation - Working on alerts to resolution or escalation, and simple issue resolution based on documentation or guidance from Team Leader - Receiving and documenting incident and service requests via web tickets, phone calls, or emails and converting them to tickets - Following operational processes, delivering shift turn over reports, and managing incidents with a focus on risk - Participating in escalations, process documentation, and continuous improvement initiatives - Performing all functions from our end client facility in Bangalore and collaborating with worldwide customers and global IT teams To be successful in this role, you should have experience in a large-scale heterogeneous corporate environment. Preferred experience includes 5-10 years in Network Security Monitoring, Splunk Enterprise Tools, Phantom, Carbon Black, Malware Analysis, Phishing, Incident response, Endpoint protection, using SIEM Tools. You should also possess a strong desire to provide world-class support, excellent email communication skills, and the ability to communicate effectively with end users and team mates. Demonstrating strong customer service, verbal, documentation, and listening skills, as well as the ability to access, triage, and determine criticality of issues or incidents, is essential. Previous experience in handling risk tickets is also required. If you meet these qualifications and are interested in joining our team, please send your resume to jobs@fiorit.com.,

Shift Timings : 2PM to 11PM IST Job Description: Information security analysts are responsible for improving the overall security posture of the organization. They evaluate, test and document security solutions and controls, and work closely with other security team members to remediate risk while ensuring the business can innovate. Information security analysts must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive role and requires a passion for security and rigor to protect the business. Information security analysts collaborate with internal and external teams, along with technology management and business stakeholders. Essential Job Duties: Utilize and configure technical systems to monitor for unusual and suspicious activity across a wide range of products. Assist with security configuration standards for systems and business applications. Serve as a member of the information security team to support change management processes. Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met. Serve as an additional security team member, aiding in incident monitoring and incident response (IR) in partnership with the security operations center (SOC) teams. Maintain vendor management standards, questionnaires, and documentation to adhere to regulatory compliance. Interface with internal and external stakeholders for risk assessments. Recommend new security approaches and business process changes to support existing security controls; that do not negatively impact or severely impeded business innovation. Serve as a liaison for the security team regarding product team efforts. Perform other duties as assigned. Skills and Experience: At least 5-8 years of information security experience (or combination of 3 to 5 years of IT system administration with security). Expertise in incident response and system monitoring and analysis. Experience with compliance requirements (GLBA, PCI, HIPAA, SOX, etc.) is preferred. Ability to effectively communicate business risk as it relates to information security. Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws. Knowledge of multiple computing platforms, including Windows, OSX, Linux, Unix, networks, and endpoints and cloud platforms such as Azure, AWS, and Google Cloud. Experience with the application of threat intelligence, indicators of compromise (IOCs), and vulnerability Analysis Experience working with MSSPs to support monitoring and response. Additional Qualifications: Possesses highly effective communications skills with the ability to influence business units. Acts with integrity, takes pride in work, and seeks to excel, be curious and adaptable. Displays an analytical and problem-solving mindset. Is highly organized and efficient. Leverages strategic and tactical thinking. Works calmly under pressure and with tight deadlines. Demonstrates effective decision-making skills. Is highly trustworthy and leads by example. Stays current with evolving threat landscape. Education Requirements: Bachelors degree in computer science, information assurance, information systems/technology Will consider experience in lieu of a bachelors degree (4 years of demonstrated direct experience). Certification Requirements: Certification in Cybersecurity Analysis, Incident Response, or Risk Management desired.

Cigna Medical Group is looking for Cyber Security Lead Analyst to join our dynamic team and embark on a rewarding career journey Threat Detection and Analysis: Monitor network traffic, system logs, and security alerts to detect and analyze potential security threats, such as malware, intrusions, and unauthorized access Incident Response: Develop and execute incident response plans to address and mitigate security incidents and breaches Vulnerability Assessment: Identify vulnerabilities in software, hardware, and network configurations, and recommend patches and security updates Security Monitoring: Continuously monitor and analyze security events, assess system vulnerabilities, and recommend security enhancements Security Policies and Procedures: Develop and enforce security policies, standards, and procedures to ensure a consistent and secure computing environment Access Control: Implement and manage access control systems, including user authentication, authorization, and password policies Security Tools: Utilize a range of security tools, such as intrusion detection systems (IDS), intrusion prevention systems (IPS), firewalls, antivirus software, and data encryption Disclaimer: This job description has been sourced from a public domain and may have been modified by Naukri.com to improve clarity for our users. We encourage job seekers to verify all details directly with the employer via their official channels before applying.

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SOAR Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps SOAR playbooks for security use cases, such as phishing incident response, vulnerability triage, or threat hunting on Google SecOps based on specific threat models.Integration of Google SecOps SOAR with other security capabilities and tools such as SIEM, EDR, NDR threat intelligence platform, and ticketing systems.Design testing and conduct validation of SOAR playbooks before deployment to live environment.Write custom actions, scripts and/or integrations to extend SOAR platform functionality.Monitor performance and perform timely actions to scale SOAR deployment, especially in a high-volume security environment.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Develop SOAR playbooks to provide case handling and Incident response as per triage needsCreation of SOAR assets such as reports etc.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Google SecOps SOAR experience in the areas of responsibility for at least 1 yearCoding experience in one or more general purpose languages.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SIEM experience of 1 year in integration of log sources, extension of pre-built UDMs and creation of custom parsers, creation of dashboards, creation of custom rules using YARA-L 2.0 etc.Knowledge and experience in SOAR platformsKnowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSPExperience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC.Demonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 years of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a Google SecOps Platform Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Spearhead the architecture and implementation of Google SecOps environment on GoogleCloud Platform for large scale deployments and migration.Strategic design and implementation of data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of Google SecOps customers.Design, plan and implement data migrations from existing SIEM SOAR platforms of customers to Google SecOps.Hardening of critical infrastructures and platform services leveraged by Google SecOps.Integration of Google SecOps with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend Google SecOps platform functionality.Monitor performance and perform timely actions to scale Google SecOps deployment, especially in a very high-volume security environment.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Bachelors degree in computer science, Engineering or related technical field or equivalent practical experience.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience in architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityDemonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English, and the ability to develop high-quality technical documentation and presentation materials.Google SecOps experience in the areas of responsibility for at least 1 year.Ability to be located in Mumbai, India for at least 1 year.Hands on and deep knowledge of security principles.Demonstrated experience in Cloud Security delivered within the context of customer facing roles. Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.10+ years' experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : Security Information and Event Management (SIEM) Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SIEM Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps data ingestion from diverse sources, various mechanisms for integration and normalization of logs.Extension of pre-built UDMs in Google SecOps and creation of custom parsers were required for log sources.Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend SIEM platform functionality.Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment.Creation of SIEM assets such as detection rules using YARA-L, dashboards, parsers etc.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards.Design and implement solutions to handle alert fatigue encountered in SIEM correlation.Creation of custom SIEM dashboards to meet customer requirements.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Debug and solve customer issues in ingestion, parsing, normalization of data.Develop SOAR playbooks to provide case handling and Incident response as per triage needs.Professional & Technical Skills: SIEM experience in the areas of responsibility for at least 1 year.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SOAR experience of 1 year in creation of playbooks, testing and validation of playbooks, integration with custom actions using bespoke scripts, or other SOAR platformsKnowledge and experience in SIEM platformsDemonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English and the ability to develop high-qualitytechnical documentation and presentation materials.Knowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP.Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Threat Intelligence Operations Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced and detail-oriented Security Delivery Specialist to support the planning, implementation, and delivery of cybersecurity services across Microsoft security technologies. The ideal candidate will have practical expertise in Microsoft Sentinel, Cribl, Logstash, DevOps, Terraform, Log source onboarding, and ASIM Parsing, and will play a key role in delivering secure, scalable, and compliant security solutions for internal stakeholders or clients.Roles & Responsibilities:Deliver security solutions using Microsoft security stack, with a focus on Microsoft Sentinel Platform Management.Translate business and technical requirements into well-architected security solutions and support delivery from design to deployment.Manage clusters with multiple clients.Lead and manage cross-functional teams, ensuring effective collaboration, communication, and alignment with business objectives. Responsible for team decisions.Engage with multiple teams and contribute on key decisions.Develop and implement security strategies.Conduct security assessments and audits.Stay updated on the latest security trends and technologies.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.Coordinate with engineering, operations, and risk teams to ensure consistent and secure delivery of services.Create technical documentation, deployment guides, and knowledge transfer materials for clients or internal teams.Collaborate with project managers and stakeholders to ensure timely and successful delivery of security services.Contribute to continuous improvement initiatives and automation of delivery processes.Professional & Technical Skills: Strong client-facing and stakeholder engagement capabilities.Excellent organizational and project coordination skills.Ability to clearly communicate technical information to both technical and non-technical audiences.Proactive mindset with a focus on security service quality and consistency.Experience working in delivery frameworks such as Agile, ITIL.Microsoft Sentinel:Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.KQL (Kusto Query Language) Proficiency:Ability to create analytics rules, hunting queries, workbooks, and detections in Sentinel.Ability to create and tune analytics rules using behavioral detection techniques, building watchlists, and custom rule logic.Knowledge of MITRE ATT&CK & Threat Modeling:Developing detection coverage across ATT&CK techniques, identifying detection gaps, and prioritizing use cases based on threat relevance.Log Source and Data Schema Familiarity (ASIM):Mapping raw logs to the ASIM model, understanding normalized data schemas (e.g., DeviceEvents, NetworkSession), and validating data quality.Able to manage Key Vault and secret rotation.Required knowledge of Entra ID management.Required knowledge in log source optimization.SIM parsing and normalization.Managing Cribl and Logstash pipeline for log source onboarding.Strong understanding of incident response and threat management.Familiarity with scripting (PowerShell, KQL), infrastructure-as-code, and automation tools is a plus.Able to manage requests, incidents, and changes on ServiceNow as per service management process.Required active participation/contribution in team discussions.To be a part of audits and service improvement activities within the team.Experience in designing and implementing security solutions.Deliver security solutions using Microsoft security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.Implement and operationalize Microsoft Defender for Cloud (MDC) for cloud security posture management and workload protection.Support deployment and ongoing management of Microsoft Defender for Endpoint (MDE) for endpoint threat detection and response.Integrate Microsoft Defender for Identity (MDI) into customer environments to monitor identity- related threats and provide remediation recommendations.Knowledge of network security protocols and best practices.Hands-on experience with security tools and technologies. Additional Information:-The candidate should have a minimum of 7+ years of experience in Managed Cloud Security Services.-This position will be operated from Bengaluru location.-A 15 years full time education is required. Qualification 15 years full time education

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, LogRhythm, Splunk, QRadar, Wazuh etc.) Develop, implement, and maintain SOC processes, procedures, and playbooks to ensure effective incident response. Perform threat hunting and proactive analysis to identify emerging threats. Manage and mentor SOC analysts, providing training and professional development. Conduct root cause analysis and prepare detailed incident reports and recommendations. Drive continuous improvement in SOC capabilities through adoption of new tools and technologies. Participate in security audits, assessments, and vulnerability management initiatives. Stay up-to-date with the latest threat trends, vulnerabilities and regulatory requirements. Required Qualifications: Minimum 12 years of professional experience in cybersecurity, with at least 8 years in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting. Preferred Certifications: CISSP, GCIA, GCIH, CEH, OSCP, Security+, CySA+ or similar. SIEM-specific certifications (e.g. Azure Sentinel, LogRhythm, Splunk etc). Education: BE CSE/IT or a related field, MCA with 60%+ throughout the academics.

Job Overview: The SOC L1 Analyst will be a key member of the Security Operations Center team, responsible for initial monitoring, detection, and analysis of security incidents. This role involves working closely with senior analysts and engineers to ensure the security of the organizations infrastructure. The ideal candidate should possess a foundational understanding of cybersecurity and be eager to grow their expertise in security operations. Key Responsibilities: Monitor security events and alerts from various security tools and platforms. Perform initial analysis and triage of security incidents to assess their impact and urgency. Escalate verified incidents to L2 and L3 teams for further investigation and response. Document incidents, findings, and follow-up actions accurately and comprehensively. Assist in the implementation and enforcement of security policies and procedures. Collaborate with cross-functional teams to resolve security issues efficiently. Stay current with evolving cybersecurity threats and mitigation strategies. Required Skills/Technologies/Tools Solid understanding of cybersecurity concepts and principles. Hands-on experience with Security Information and Event Management (SIEM) tools like Splunk, Sentinel, or ELK. Good knowledge of networking protocols, infrastructure, and security controls. Good communication with incident response and investigation processes. Strong analytical, troubleshooting, and problem-solving skills. Excellent communication and technical documentation abilities. Ability to work efficiently in a fast-paced, team-oriented environment. Good to have Technologies/Tools Good to have relevant cybersecurity certifications like CEH, Security+, or equivalent but not mandatory.

When you join Verizon You want more out of a career A place to share your ideas freely ? even if theyre daring or different Where the true you can learn, grow, and thrive At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy We do what we love ? driving innovation, creativity, and impact in the world Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins In crisis and in celebration, we come together ? lifting our communities and building trust in how we show up, everywhere & always Want inJoin the #VTeamLife, What Youll Be Doing,, The work you'll be doing is to support mission and business-critical applications within Verizon You will be ensuring the application is available to the customers 100% You will also work as an individual contributor on various projects in monitoring, maintaining and improving the application availability and reliability, Developing and maintaining performance metrics for platforms like NewRelic, DynaTrace APM tools and Elasticsearch to ensure high availability and quick troubleshooting, Conducting regular platform health checks and optimizations to prevent downtime and enhance user experience, Collaborating with engineering and support teams to establish response protocols for incidents and performance issues, Interacting with Dev/QA teams to identify RCA and re-instrument triggers to prevent future application degradation and outages, Designing and implementing CI/CD pipelines using Jenkins, GitLab, and Artifactory to support agile and DevOps workflows, Tracking and analyzing CI/CD pipeline performance to identify bottlenecks and optimize for speed and reliability, Where you'll be working,, This hybrid role will have a defined work location that includes work from home and assigned office days as set by the manager, What Were Looking For,, You are curious about new technologies and the possibilities they create You enjoy the challenge of supporting applications while exploring ways to improve upon the technology You are driven and motivated, with good communication and analytical skills, You'll Need To Have Bachelors degree or four or more years of work experience, Six or more years of hands-on experience as an SRE Engineer, Strong experience in maintaining AWS cloud infrastructure, Mandatory to have a AWS associate level certification Mandatory to have a ITIL certification Good to have Certified Kubernetes Administrator (CKA) certification, Mandatory working experience on the Java Microservices and springboot based architecture Good experience on the API management platforms like APIGEE or IBM API Connect, DataPower, Experience with SRE best practices and meeting the system availability by defining the proper SLI, SLO and SLA, Error rates and reducing the toil, Strong knowledge on system monitoring, Incident response, performance tuning to meet the MTTR Capacity planning, scaling of the application infrastructure as part of the risk mitigation strategies to avoid any performance bottlenecks, Experience with infrastructure automation and container orchestration tools CloudFormation, Ansible, Docker, Kubernetes, Helm etc Deep working knowledge on Linux servers and networking, Good knowledge on NGINX setup and proxy configuration on web server Understanding of ITIL best practices for the Problem, Incident and Change management for the critical production applications, Knowledge on any one scripting language Shell, Groovy or Python, Good understanding of concepts related to computer architecture, data structures and programming practices, Strong troubleshooting and problem-solving capabilities Experience with monitoring/logging solutions like NewRelic, OpenSearch, ELK, Splunk, Grafana, Strong working experience with continuous integration and deployment tools like Jenkins, GitLab, Ansible, Experience with modern cloud development practices (microservices architectures, Spring boot, API interfaces, etc ), Experience in managing distributed systems like Kafka/Cassandra etc Always ready to learn more and adopt new cutting-edge technology with the right value proposition, Even better if you have one or more of the following: Knowledge on performance tuning, scalability, security for high volume Digital and assisted applications, Knowledge with OWASP rules and mitigate security vulnerabilities using security tools like Fortify, Sonarqube, Blackduck etc Knowledge on Disaster Recovery planning If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every ?even better? qualification listed above, Where youll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager, Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics, Show more Show less

Experience Required- Incident management, managing alerts end to end or incidents happening, Investigation & Analysis, remediation action to IT provider, Crisis Management Support, Automation Integration, Remediation & Containment Conduct detailed investigations into security alerts to determine the scope, impact, and root cause of incidents. Utilize Microsoft Defender, Sentinel, and Azure tools for analysis and incident management. Solid experience with Microsoft security technologies , especially Microsoft Defender XDR and Sentinel. Good to have- Certifications in incident response, such as GCIH , GCFA , GCIA , or similar. Good communication skills, able to engage with stakeholders at all levels in the organization Key Responsibilities: Incident Command: Act as the Incident Commander during security incidents, ensuring timely and effective resolution of alerts triaged by the Managed Security Service Provider (MSSP). Investigation & Analysis: Conduct detailed investigations into security alerts to determine the scope, impact, and root cause of incidents. Utilize Microsoft Defender, Sentinel, and Azure tools for analysis and incident management. Remediation & Containment: Provide clear and actionable remediation and containment instructions to IT and relevant teams to mitigate and resolve security incidents. Ensure all stakeholders are aligned in restoring operations while preventing further escalation. Crisis Management Support: Support on crisis management during high-severity incidents, ensuring effective communication and status reporting. Automation Integration: Assist on automation and hyper-automation tools to improve incident response efficiency. Participate in design and implementation of automated workflows to accelerate threat detection, investigation, containment, and remediation processes. Incident Documentation: Maintain accurate incident records, including detailed timelines, incident impact assessments, and post-incident analysis reports. Ensure compliance with internal and regulatory requirements for incident documentation. Collaboration & Communication: Work closely with internal IT teams, external MSSP providers, and other stakeholders to ensure a coordinated response to incidents. Continuous Improvement: Conduct post-incident reviews to identify lessons learned and propose improvements to response processes. Work with the security operations team to enhance detection, investigation, and remediation capabilities. These key responsibilities are peered with key technologies (and linked skills) that are used in the company environment: Microsoft Defender Suite (Endpoint, Identity, Office, Cloud Apps) Zscaler Technologies , including ZIA and ZPA Microsoft Sentinel and Azure Logic Apps (automation and orchestration) Nozomi (OT/IoT network visibility and threat detection) Familiarity with API integrations, automation scripting (PowerShell, KQL), and incident enrichment techniques is highly desirable. Interested Share cv on dhanashree.chitre@weareams.com

As a Security Engineer specializing in Threat Correlation and Tool Optimization, you will serve as the technical subject matter expert for improving the fidelity, prioritization, and integration of vulnerability data across a multi-cloud and hybrid enterprise environment. This role is focused on optimizing inputs from a wide range of scanning and detection tools including endpoint, network, and cloud-native platformsand enriching them with contextual data such as threat intelligence, asset criticality, and exploitability indicators. You will work across industry standard tools and technologies, and external threat/risk platforms (e.g., BitSight, Recorded Future), as well as integrate findings into broader SIEM, SOAR, and asset inventory systems. Your work will directly impact how the organization correlates vulnerability data with emerging threats and prioritizes remediation to reduce enterprise risk.

In this role at Tradeweb Markets, you will be part of Tradeweb's Security Operations team, contributing to the protection of clients and employees from evolving threats. Your responsibilities will include overseeing a team of SOC engineers, enhancing existing security operations processes, and collaborating with various cybersecurity experts and business teams. As a key member of the technical incident response team, you will focus on forensics, log analysis, and threat intelligence to ensure a secure environment. **Key Responsibilities:** - Oversee a team of SOC engineers to provide 24x7x365 detection and response capabilities - Enhance existing processes to deliver measurable results across SecOps OKRs - Execute technical incident response processes including forensics, log analysis, and report creation - Collaborate with Cyber Threat Intelligence teams to stay updated on current threat actor TTPs - Manage relationships with security vendors to uphold Tradeweb standards - Train and mentor security engineers in incident response, threat hunting, and security automation - Build partnerships with key stakeholders in Compliance, Infrastructure, and Risk organizations - Publish metrics, KPIs, and KRIs while providing updates to senior management **Qualifications:** - Minimum 10 years of experience in information security with 6 years in security operations, incident response, or cyber threat investigations - Expertise in Windows and Unix environments focusing on forensic analysis - Experience leading and maturing security teams with strong technical skills - Knowledge of SIEM technologies and hands-on experience with tools like Splunk, ELK, XSIAM, QRadar - Ability to translate technical, legal, and compliance requirements in a regulated environment - Effective communicator able to convey cyber risk to diverse audiences - Deep understanding of network security architecture, internet protocols, and web service technologies - Financial services or FinTech experience preferred - CISSP, CISM, or equivalent certifications are advantageous Join Tradeweb Markets and be a part of a dynamic team dedicated to enhancing electronic trading and maintaining a secure environment for clients and employees.,

Role Overview: You will be responsible for implementing and managing security controls, conducting vulnerability assessments, responding to security incidents, managing cybersecurity risks, providing training on cybersecurity best practices, contributing to disaster recovery and business continuity plans, and ensuring compliance with cybersecurity regulations and standards. Additionally, you will be involved in reporting security status to management, managing vendor relationships, collaborating with other departments, providing technical support and advice, staying up to date on cybersecurity trends, and problem-solving. Key Responsibilities: - Implementing and maintaining security controls such as firewalls, intrusion detection systems, and data encryption. - Hands-on experience in Fortigate & Checkpoint Firewalls. - Expert knowledge of FW clustering, HA, Traffic Filtering, Network & Security policies, Network Segmentations (VLAN), IDS/IPS, NGFW Concepts. - Log Management & Forwarding over Syslog. - Identifying and addressing potential vulnerabilities in systems and networks. - Practical knowledge of VAPT tools like NESSUS Professional. - Investigating and responding to security incidents, including breaches and attacks. - Assessing and mitigating cybersecurity risks to the organization. - Providing training and education to project customers on cybersecurity best practices. - Contributing to the development and maintenance of disaster recovery and business continuity plans. - Preparing reports and communicating security status to management and stakeholders. - Managing relationships with IT service providers and vendors to ensure security standards are met. - Collaborating with other departments and teams to ensure security policies are followed. - Providing technical support and advice on security-related issues. - Documenting security processes, policies, and procedures. - Keeping abreast of the latest cybersecurity trends, threats, and technologies. - Identifying and resolving security-related issues and problems. - Ensuring the organization complies with relevant cybersecurity regulations and standards. Qualifications Required: - Hands-on experience in implementing security controls and managing security incidents. - Knowledge of Fortigate & Checkpoint Firewalls. - Expertise in FW clustering, HA, Traffic Filtering, Network & Security policies, Network Segmentations (VLAN), IDS/IPS, NGFW Concepts. - Practical experience with VAPT tools like NESSUS Professional. - Strong communication skills for reporting and collaborating with stakeholders. - Ability to provide technical support and advice on security-related matters. - Understanding of disaster recovery and business continuity planning. - Familiarity with cybersecurity regulations and standards.,

As a DevOps Engineer, you will be responsible for defining and implementing DevOps strategies that are aligned with the business goals. Your role will involve leading cross-functional teams to enhance collaboration between development, QA, and operations. Additionally, you will design, implement, and manage Continuous Integration/Continuous Deployment (CI/CD) pipelines to automate build, test, and deployment processes, thereby accelerating release cycles. Key Responsibilities: - Design and implement CI/CD pipelines to automate build, test, and deployment processes. - Manage Infrastructure as Code using tools such as Terraform, CloudFormation, and Ansible. - Oversee cloud platforms like AWS, Azure, or Google Cloud. - Monitor and address security risks in CI/CD pipelines and infrastructure. - Set up observability tools like Prometheus, Grafana, Splunk, and Datadog. - Implement proactive alerting and incident response processes. - Lead incident response and conduct root cause analysis (RCA). - Document DevOps processes, best practices, and system architectures. - Evaluate and integrate DevOps tools and technologies. - Cultivate a culture of learning and knowledge sharing within the team. Qualifications Required: - Proven experience in implementing DevOps strategies and practices. - Proficiency in CI/CD tools and technologies. - Strong knowledge of Infrastructure as Code tools. - Experience with cloud platforms such as AWS, Azure, or Google Cloud. - Familiarity with observability tools and incident response processes. - Excellent communication and collaboration skills. This job description outlines the key responsibilities and qualifications required for the role of a DevOps Engineer.,

You will be responsible for overseeing and managing risks associated with internal stakeholders, external vendors, suppliers, and partners engaged by the bank. Your critical role will ensure compliance with regulatory Risk Management guidelines, mitigate operational, financial, and cybersecurity risks, and safeguard the bank's reputation. You will work closely with internal stakeholders and external vendors to establish a robust risk management framework, conduct due diligence, and monitor ongoing compliance. - **Policy & Framework**: - Develop and review the Bank's Outsourcing/Third Party/Vendor Risk Management Framework and the Risk Assessment Templates. - Implement the framework in coordination with Internal and External Stakeholders. - **Risk Identification & Assessment**: - Identify and assess IT and cybersecurity risks across critical applications and infrastructure. - Highlight control gaps, suggest mitigation plans, and ensure compliance with internal and external standards. - **Risk Mitigation & Control**: - Develop and implement risk management policies and controls. - Align cybersecurity services with business needs to improve performance and adapt to evolving threats. - **Compliance & Regulatory Oversight**: - Ensure compliance with CERT-IN, ISO 27001, RBI, and other relevant standards. - Establish metrics to demonstrate the value and impact of cybersecurity initiatives. - **Risk Monitoring & Reporting**: - Monitor security posture and track risks. - Report key metrics and improve processes to enhance operational efficiency and service quality. - **Incident Response & Crisis Management**: - Lead response efforts, conduct root cause analysis, and ensure continuity during cybersecurity incidents. - **Incident Management**: - Conduct audits and threat assessments to detect violations and inefficiencies. - Stay updated on emerging threats and technologies to strengthen cybersecurity posture. - **Reporting & Communication**: - Create clear reports on system performance and incidents. - Provide risk-based recommendations to guide business decisions. - **Third-Party Risk Management**: - Evaluate and manage vendor risks. - Integrate cybersecurity practices into business operations to support strategic objectives. You will need to have a minimum of 6+ years of experience in an IT-related area, of which 3+ years should be in the Cyber Security/Information Security domain. Your educational qualification should be a B.Tech / B.E / MCA / M.Sc (IT or Cyber Security related specialisations) / BCA / B.Sc (IT or Cyber Security related specialisations) from a recognized University with a minimum score of 50% or equivalent qualifications. Please note that the place of posting for this role will be Ernakulam/Bangalore, and you may be liable for transfer anywhere in India at the sole discretion of the Bank.,

Role Overview: You will be joining the Defender Experts (DEX) Research team within Microsoft Security, whose mission is to protect customers from advanced cyberattacks by transforming raw signals into intelligence. As a Threat Researcher, you will collaborate with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats impacting both Microsoft and third-party products. Your work will directly contribute to developing real-time protections for enterprises worldwide and enhancing threat detection and response capabilities within Microsoft Sentinel. This role offers a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Key Responsibilities: - Execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Develop and refine detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel, to ensure comprehensive threat coverage and response capabilities. - Collaborate with internal and external security teams to implement scalable solutions for multi-cloud threat intelligence, detection, mitigation, and response. - Translate complex raw security data into actionable intelligence to enhance cloud security operations for a global customer base. - Mentor and guide researchers and detection engineers on advanced threat hunting and incident response best practices across diverse SIEM ecosystems. - Contribute to industry knowledge and Microsoft's security posture by publishing research, developing threat models, and identifying threats and attack trends in the cloud. Qualifications: - 3+ years of relevant experience in security research, detection engineering, threat lifecycle, and cloud security in large-scale complex cloud environments. - Proven ability in executing advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Demonstrated experience in developing and refining detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel. - Extensive hands-on experience with cloud platforms, including Azure, and understanding of multi-cloud security challenges and solutions. - Strong practical experience in identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. - Ability to work independently, deliver complete solutions, articulate technical insights effectively, and influence multidisciplinary teams.,