307 Incident Response Jobs

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired bya collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizationsunlock the value of technology and build a more sustainable, more inclusive world. Your Role Minimum 3-8 years’ experience assessing against standards and frameworks including one or more of the followingDOE C2M2, IEC-62243/ISA-99, NIST CSF, NERC CIP, etc. Minimum 3-5 years’ experience working with ICS technologies and/or environments on one or more of the followingSCADA, DCS, EMS, DMS, ADMS, PCN, RTUs, IACS, PLCs, HMIs, etc. Minimum 3-5 years working with cybersecurity functions of one or more of the followingvulnerability assessment and management processes, identity and access management, incident response and monitoring, etc. Problem-solving ability and strong analytical skills Experience of working with diverse teams and is a team player Relevant certifications (CISSP, GICSP, GRID, GCIP, etc.). Keep abreast with the latest technology trends and predictions Ability to drive the creation of prototypes and proof of concepts Able to effectively communicate, interact and influence business and operational stakeholders and partners Ability to deliver innovative solutions and consistently demonstrate customer outcomes. Primary Skills DOE C2M2 IEC-62243/ISA-99 NIST CSF NERC CIP

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals and physician practices. Headquartered in Chicago, R1 is a publicly-traded organization with employees throughout the US and international locations. Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients and each other. With our proven and scalable operating model, we complement a healthcare organizations infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience. We are looking for a self-motivated Cybersecurity Analyst to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more in patient care; in turn, this allows us to continue to grow our company and your career. The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring. Responsibilities : Monitoring various security tools (e.g., Crowdstrike, Proofpoint, MS Sentinel, Azure VM ) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of R1s architecture and information systems are protected Reviewing and analyzing log files to report any unusual or suspect activities. Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating. Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open-source intelligence (OSINT) Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents. Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy. Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the R1s network, and assessments for High Value Assets. In this role, the successful candidate will maintain and monitor compliance with enterprise change management policies and procedures. Develop and maintain metrics & reports on the status of the R1 cyber security operations program. Attend and participate in Cyber security projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning. As part of the overall Cybersecurity Operations Team, work in tandem with the security operations center (SOC), incident responders (when anomalous activity and host compromise occurs), and technology infrastructure and development team members. Participate in established incident response procedures to ensure proper escalation,analysisand resolution of security events and incidents. Managing and maintaining change detection and auditing tools Researching technology and application processing environments, operation, and associated user workflow to design, build, configure, implement, and document change compliance and audit rules within designated technologies. Reconciling changes detected by the system to authorized changes documented in service desk and change management applications. Analyzing large volumes of security event data from a variety of sources to identify suspicious and malicious activity. Documenting, logging and investigating security incidents. Performing case management throughout the incident lifecycle for moderately complex security incidents Design, build, and documenting security technology standards, processes, and operational workflows Operating and maintaining physical security monitoring systems Review, investigate, track, and monitor viruses and malware propagation and eradication throughout the enterprise. Monitoring compliance with enterprise security, compliance, and change management programs, policies, and processes Researching Threat Intelligence sources on the latest malware, trends, patches in order to keep the Security Program up-to-date. Providing metrics & reports on the status of tools, environments, and assets within the organization. Database and Application security to prevent attacks via Input Validation, Cross-Site Scripting, Buffer Overflowetc Required Qualifications : A minimum of 4 years of professional experience in an IT-related field Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols and standards Knowledge of security policy, programs, process, and metrics CompTIA Security+ certification or equivalent professional experience in security operations Intermediate or advanced security, networking, or audit certification Recent experience with static and/or dynamic code review process Strong drive and passion to deliver distinctive end-products, a quick learner with a strong attention to detail and quality. Excellent interpersonal and communication skills Desired Qualifications: A Bachelors degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.) Certification (or ability to obtain certification) in at least one of the following areasGeneral Security (CISSP), Incident Handling (GCIH), Cloud Security (GCLD, Cloud+, CCSK), and Ethical Hacking (CEH) Experience with advanced cyber security tools, network topologies, intrusion detection, and secured networks In-depth understanding of NIST SP 800-61,SOC 2 AICPA controls and frameworks. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit:R1RCM.com. R1 RCM Inc. (the Company) is committed to the principles of equal employment opportunity. The Companys practices and employment decisions, including those regarding recruitment, hiring, assignment, promotion, compensation, benefits, training, discipline, and termination shall not be based on any persons age, color, national origin, citizenship status, physical or mental disability, medical condition, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status or any other characteristic protected by federal, state or local law. Furthermore, the Company is committed to providing a workplace free from harassment based on any of the foregoing protected categories. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook

Scope of Position: The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness. RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Incident Response Analyst with hands-on experience in Microsoft Sentinel to detect, investigate, and respond to security incidents. The role requires strong capabilities in log analysis and deep investigations to support the SOC team in protecting client environments. Roles & Responsibilities:-Monitor and investigate security alerts using Microsoft Sentinel SIEM.-Perform detailed log analysis from network devices, endpoints, and security tools.-Conduct incident triage, root cause analysis, and escalation as needed.-Collaborate with SOC analysts and other teams to contain and remediate threats.-Apply knowledge of attack techniques to identify and respond to threats effectively.-Assist in documenting incident response actions and reporting findings. Professional & Technical Skills: -4+ years experience in incident response or SOC analyst role.-Hands-on experience with Microsoft Sentinel or similar SIEM platforms.-Strong skills in log analysis and incident investigation.-Understanding of attack frameworks like MITRE ATT&CK is a plus.-Good communication skills and ability to work in a team environment.-Relevant security certifications (e.g., GCIH, SC-200) are a bonus. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Architect and maintain scalable Microsoft Sentinel workspaces and data ingestion pipelines (Syslog, Azure AD, MDE, custom logs).- Develop and fine-tune advanced Sentinel analytics rules and watchlists.- Write and optimize complex KQL queries for threat hunting and anomaly detection.- Build and maintain automation workflows via Sentinel Playbooks (Logic Apps).- Conduct deep forensic analysis via MDE (Advanced Hunting, Live Response.- Analyze attacker TTPs leveraging MITRE ATT&CK within Sentinel and MDE environments.- Create and manage custom threat detection and incident enrichment logic.- Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).- Mentor and train SOC analysts and engineers in Sentinel/MDE best practices.- Collaborate with detection engineers, cloud architects, and incident responders.- Participate in red/blue team exercises to continually improve detection maturity. Professional & Technical Skills: - Exp in Security Operations, Incident Response, or Cyber Threat Detection.- Expert-level KQL (Kusto Query Language) proficiency.- Proven experience in Sentinel rule authoring, hunting queries, and data modeling.- Strong background in SOAR automation (Microsoft Logic Apps).- Deep understanding of MITRE ATT&CK and its mapping to telemetry.- Familiarity with JSON, ARM templates, Azure Monitor, and Event Hub integration.- Experience integrating third-party tools and custom connectors into Sentinel.- Proficiency in PowerShell, REST APIs, and Azure Resource Manager.- SC-200:Microsoft Security Operations Analyst- SC-100:Microsoft Cybersecurity Architect- AZ-500:Microsoft Azure Security Technologies- GCFA/GCIA (SANS) for deep forensic or network detection background- MITRE ATT&CK Defender (MAD) certificate.- CISSP, CEH, or equivalent industry certifications -Strong problem-solving and analytical thinking.- Effective communicator with ability to explain complex issues to various stakeholders.- Passion for mentoring and knowledge-sharing within the security team.- Proactive, detail-oriented, and highly autonomous.- Comfortable working under pressure in high-stakes incident response situations.- Collaboration-first mindset with cross-functional teams (SOC, IR, Cloud, IT) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks. Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical Skills: -68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, monitoring systems for vulnerabilities, and responding to potential threats to ensure the integrity and safety of the organization's information and infrastructure. You will engage in proactive measures to safeguard against cyber threats while continuously improving security protocols and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of security protocols and best practices.- Experience with incident response and threat analysis.- Familiarity with network security technologies and tools.- Knowledge of compliance standards and regulations related to information security. Additional Information:- The candidate should have minimum 2 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules-Work on RFPs and estimations related to SOC solutions-Good knowledge on popular EDR tools such as CrowdStrike and Microsoft Defender Professional & Technical Skills: -Experience working in SOC/SIEM-Incident handling, use case management development, risk assessment, playbook recommendation, fine-tuning -7+ years SIEM/SOC operations experience for very large enterprises-Act as a single POC for any major security incident-Knowledge on MITRE/CKC framework implementation-Security Analytical skills-Should have excellent customer handling skills-Basic understanding of Incident Response and other security technologies -User behavior/Malware Analysis, Knowledge on ServiceNow and Splunk Admin Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data.Key Responsibilities:- Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.- Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.- Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.- Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.- Participate in security assessments, rule base cleanups, and change management processes.- Assist in the development of network security policies and procedures.- Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.- Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with network security protocols and practices.- Strong understanding of threat intelligence and incident response.- Familiarity with compliance frameworks such as ISO 27001 and NIST.- Experience in conducting vulnerability assessments and penetration testing. Additional Information:- The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

JD: 1) 5+ yearsof experience in building and operating highly reliable SaaS/PaaS systems. 2) Experience with Kong API management platformand open-source technologies. 3) Strong understandingof cloud infrastructure, networking, and distributed systems. 4)Proficiency in scripting and automation languages(e.g., Python, Go). 5)Excellent communication and collaboration skills . 6) Experience with incident response and root cause analysis .

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a detail-oriented and proactive Application Security Analyst to join our security team. The ideal candidate will have hands-on experience with Black Duck software composition analysis and a strong background in conducting thorough source code reviews to identify and mitigate security vulnerabilities. This role involves collaborating closely with development teams to ensure secure coding practices and maintaining the security posture of applications throughout the SDLC.Key Responsibilities:- Perform security assessments and vulnerability analysis of applications using Black Duck to identify open-source component risks and compliance issues.- Conduct in-depth source code reviews to detect security flaws, including injection attacks, authentication weaknesses, insecure data handling, and other common vulnerabilities.- Collaborate with developers, DevOps, and QA teams to remediate identified security vulnerabilities and integrate security controls into development processes.- Develop and enforce security policies and best practices for secure coding and application security.- Support threat modeling, risk assessments, and security testing activities throughout the software development lifecycle (SDLC).- Stay updated with the latest application security trends, vulnerabilities, tools, and mitigation techniques.- Provide security training and awareness sessions for development teams.- Create clear and concise documentation on findings, recommendations, and remediation strategies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Knowledge of risk assessment methodologies and security compliance requirements.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 2 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls and Palo Alto Prisma Access.- Excellent knowledge on Palo Alto firewall, content update, wild fire , URL filtering, NAT.- Hands on Experience on Prisma, Prisma Gateway, security policy, dns security, decryption ,file block and Tunnel Management, Good Troubleshooting skill on Firewall issue, Global Protect, application slowness issue.- Understanding of Threat protection, EDL, SSL Inspection ,VPN technology.- Strong understanding of network security protocols and best practices.- Experience with security incident response and threat analysis.- Familiarity with compliance standards and regulatory requirements in security.- Ability to design and implement security architectures tailored to organizational needs. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with regulatory compliance frameworks relevant to cloud security.- Ability to analyze security logs and events for potential threats. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented Proofpoint Email Security and DLP Administrator to manage, maintain, and optimize our organization's email security infrastructure. This role will focus on administering Proofpoints security and DLP solutions to ensure strong email protection, policy enforcement, and data loss prevention. Roles & Responsibilities:-Administer and manage Proofpoint Email Protection platform including policy configuration, spam/quarantine management, and advanced threat protection (e.g., TAP, TRAP).-Configure and maintain Proofpoint DLP policies to detect and prevent unauthorized transmission of sensitive data.-Monitor and analyze email traffic for threats such as phishing, spoofing, malware, and ransomware.-Respond to security alerts and conduct incident investigations involving email-based threats and data exfiltration attempts.-Implement email filtering rules, quarantine settings, and encryption policies based on compliance and business requirements.-Regularly review and optimize security policies and rulesets to ensure alignment with organizational risk and compliance frameworks.-Collaborate with the IT security team to identify and mitigate vulnerabilities and emerging email-based threats.-Generate reports and dashboards on email security events, DLP violations, and compliance metrics.-Assist in integrating Proofpoint with SIEM and other threat intelligence platforms.-Perform user training and awareness for phishing and DLP-related topics.-Ensure proper backup and redundancy configurations are in place for email protection systems. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards such as ISO 27001, NIST, or GDPR.- Knowledge of risk assessment methodologies and security architecture design.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 5 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare, and similar WAF/CDN platforms, along with a strong grasp of application layer (Layer 7) attacks, web security vulnerabilities, and real-world mitigation strategies Roles & Responsibilities:-WAF Policy Management:Administer Web Application Firewall (WAF) rule sets and policies using industry-leading platforms such as Akamai -Kona Site Defender, Cloudflare WAF, AWS WAF, or similar solutions.-Application Layer Defense:Analyze, detect, and defend against a wide range of OWASP Top 10 and other Layer 7 threats, including:-SQL Injection (SQLi)-Cross-Site Scripting (XSS)-Remote Code Execution (RCE)-Cross-Site Request Forgery (CSRF)-HTTP protocol abuse-Malicious bot traffic and API abuse-Firewall & Network Security:Deploy and manage network firewalls and integrate them with other security technologies including Intrusion-Detection/Prevention Systems (IDS/IPS) and DDoS mitigation tools. Professional & Technical Skills: -Bot Protection Expertise:Strong understanding of automated bot attacks, with hands-on experience in detection and defense strategies using behavioral analytics, CAPTCHA, rate limiting, and JavaScript challenges.-Threat Monitoring & Incident Response:Proactively monitor and respond to threats across both application and network layers, leveraging SIEM tools and real-time alerting systems.-Cross-Functional Collaboration:Work in close partnership with DevOps, development, and security teams to enforce secure deployment practices and ensure robust application configurations.-WAF Tuning & Optimization:Perform continual WAF tuning, including signature refinement and custom rule development, to ensure an optimal balance between security coverage and application functionality.-Threat Intelligence & Research:Stay current on emerging application-layer attack vectors, tools, and adversary tactics to inform proactive defense measures.-Incident Handling:Participate in incident response, including threat hunting, forensic analysis, and contributing to post-mortem investigations to enhance organizational resilience. Additional Information:- The candidate should have minimum 7.5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations, Microsoft Active Directory Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Analyze and assess security risks associated with cloud operations and recommend appropriate mitigation strategies.- Develop and maintain comprehensive documentation of security policies, procedures, and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity and Access Management (IAM) Operations, Microsoft Active Directory.- Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration tools.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of security incident response and management processes. Additional Information:- The candidate should have minimum 3 years of experience in Identity and Access Management (IAM) Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. You will be responsible for overseeing the security aspects of cloud infrastructure. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security strategies for cloud environments.- Conduct security assessments and audits to identify vulnerabilities.- Stay updated on the latest security trends and technologies.- Lead security incident response and resolution efforts. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of security compliance standards and regulations.- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with Identity and Access Management solutions. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Urgent Opening for Security Analyst - Hyderabad Posted On 20th Dec 2016 11:18 AM Location Hyderabad Role / Position Security Analyst Experience (required) 3+ Description Our Client is a leading IT company Title :Security Analyst Location : Hyderabad Department Operations Overview: The Security Analyst will take ownership of existing Operations controls from Security Engineers, and then improve those controls. : Develop and execute the Security Operations function Identify systems and scan for network vulnerabilities. Partner with TechOps and others to ensure the vulnerabilities discovered are closed in a timely manner Assess vendors for information security risk and recommend whether or leadership should accept the risk Report metrics and escalate issues with management as appropriate Monitor security logs to detect intrusions Coordinate incident response With guidance from the Lead Security Engineer, assess new releases of the product for security issues and approve the release on behalf of Security Monitor Security controls to discover deviations. Follow up to resolve deviations Review and approve network firewall rule requests : 3+ years of Information Security experience 1 year of experience with network, server, or application administration Basic knowledge of programming and scripting languages as well as HTML Thorough and detail-oriented Available to meet with US colleagues during US Central Time hours every working night and sometimes during US Pacific Time hours Excellent communication and interpersonal skills Self-starter eager to take on new challenges at a growing, cloud-based company Preferred: Security certification (e.g. CISSP, OSCP, CEH) Experience with any SIEM tool in SOC environment (ArcSight, Splunk, RSA enVision,etc.) Experience with application security methodologies such as OWASP Experience responding to external audits Send Resumes to girish.expertiz@gmail.com -->Upload Resume

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development and documentation of security policies and procedures.- Evaluate and recommend security technologies and tools to enhance the security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Operations.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education