2257 Incident Response Jobs - Page 10

About Company Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way youd like, where youll be supported and inspired bya collaborative community of colleagues around the world, and where youll be able to reimagine whats possible. Join us and help the worlds leading organizationsunlock the value of technology and build a more sustainable, more inclusive world. Job TitleSOC L2 Total Exp- 4 to 7 Years Location- Bangalore Your Role SOC Analyst Key Skills & Experience Experience 3+ years in SOC analysis; prior network/system admin experience is a strong plus. Technical Expertise Strong in Active Directory, Kerberos, ADCS, Windows security logs, ne...

Educational Requirements Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Tool: XSOAR, Tines or Torq or Sentinel SOARKeywords : Playbook Development, Custom Automation Scripting, Playbook Deployment, Custom IntegrationProgramming : Python Additional Responsibilities: Tool: XSOAR, Tines or Torq or Sentinel SOARKeywords : Playbook Development, Custom Automation Scripting, Playbook Deployment, Custom IntegrationProgramming : Python Technical and Professional Requirements: Tool: XSOAR, Tines or Torq or Sentinel SOARKeywords : Playbook Development, Custom Automation Scripting, Playbook Deployment, Custom IntegrationProgramming : Python Preferred Skills: T...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with var...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collabora...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NA Minimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various team...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating ...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve coll...

Provide technical inputs for monthly customer service review reports and contribute to the creation of Service Improvement Plans. Monitor ticket queues, ensuring timely updates and comprehensive closure summaries. Apply expertise in Incident, Change, Problem, Service Request, and Configuration Management Processes. Manage, monitor, resolve, and report network security incidents involving equipment deployed across multiple client locations in India. Conduct daily incident analysis and publish reports to enhance transparency and security oversight. Maintain compliance with security policies and processes while striving for continuous improvement. Analyze key security metrics and escalate anoma...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve co...

Forescout NAC Deploy, configure, and manage Fore-scout NAC for network access control across LAN/WAN environments. Develop and enforce access control policies for endpoints and users. Integrate NAC with directory services (AD, LDAP) and SIEM platforms. Perform advanced troubleshooting of NAC-related issues including device profiling, policy enforcement failures, and network access anomalies. Handle incident response for unauthorized access attempts, rogue devices, and policy violations. Conduct root cause analysis and implement corrective actions for recurring NAC issues. Perform regular health checks, upgrades, and patching of NAC Develop and enforce network access policies and compliance s...

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities. Hands on experience in Secure SDLC, DAST, SAST, HP Fortify and Burp Suite Provide strategic advice and insights to clients based on deep domain knowledge and industry best practices. Identify potential risks and develop mitigation strategies to ensure project success and client satisfaction. Lead and coordinate incident response activities, including i...

About the Role: We are seeking a highly analytical and proactive Threat Intelligence Analyst to join our cybersecurity team. In this role, you will be responsible for identifying, analyzing, and reporting on cyber threats and threat actors that pose risks to our organization. Key Responsibilities: Threat Monitoring & Intelligence Collection: Monitor and collect data from threat intelligence platforms, social media, dark web, forums, and security communities. Identify indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and emerging threat patterns. Track threat actor activity, malware campaigns, phishing trends, and geopolitical developments impacting cybersecurity. A...

Job Position Title: Associate/Senior Associate- SOC Location: Navi Mumbai Years of experience required: 2-6 Years Responsibilities • Monitor security alerts and events from various sources including SIEM, EDR, IDS/IPS and cloud security platforms. • Execute initial triage and in-depth investigation of security incidents. • Develop and maintain incident response procedures, threat detection use cases and runbooks. • Collaborate with internal teams to investigate security events, perform root cause analysis and implement corrective actions. • Participate in threat hunting activities and contribute to the enhancement of detection capabilities. • Support tuning and maintenance of SIEM rules, ale...

What we’re looking for In this dynamic Information Security Engineer III role, you'll be the primary driver of automation within the security operations team. Your main responsibility will be to develop and implement automated solutions that enhance our ability to detect and respond to threats. You will maintain and enhance operational efficiency playbooks, strengthening our defenses and responses, and ensuring proper workflow functioning. We are looking for someone who thrives on building scalable solutions and is constantly challenged to expand their knowledge of the latest security trends to protect a widely trusted service. You will report to the Information Security Manager. What you’ll...

The Opportunity EY is looking for Senior Consultant/Consultant Technology Consultant (Service Now) Role and Responsibilities: 4+ years of Experience in ServiceNow GRC/IRM Solutions. Domain separation, Integration, Performance analytic (Secops). Define, at an architectural and design level of detail, technical solutions aligned with business problems and ServiceNow Implementation Best Practices. Serve as primary technical point-of-contact for the project and as the face of the development team. Support current Policy and Compliance, Risk Management and Vendor Risk Management configurations and Business processes. Document current and propose future process flows. Ability to convert Business R...

Your key responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated secur...

Your key responsibilities As an Associate Manager of Cyber practice within IDD group, you will be a vital member of the team supporting global EY practice teams to sell, manage and execute Cybersecurity focused projects. Part of your role will also involve developing experience across a range of different type of engagements, including pre-deal (e.g. Cyber Due Diligence and carve-out planning) and post-deal (e.g. integration planning, separation planning, Day one readiness plans, 100 days plan). Having a commercial mind-set is key to this consulting-based role. Conduct security assessments, identify gaps and red flags assessing clients on prem / cloud hosted applications, data and infrastruc...

Your key responsibilities As an Assistant Manager of Cyber practice within IDD group, you will be a vital member of the team supporting global EY practice teams to sell, manage and execute Cybersecurity focused projects. Part of your role will also involve developing experience across a range of different type of engagements, including pre-deal (e.g. Cyber Due Diligence and carve-out planning) and post-deal (e.g. integration planning, separation planning, Day one readiness plans, 100 days plan). Having a commercial mind-set is key to this consulting-based role. Conduct security assessments, identify gaps and red flags assessing clients on prem / cloud hosted applications, data and infrastruc...

L3 SOC Analyst The L3 SOC Analyst is responsible for advanced threat detection, incident response, and proactivesecurity monitoring in a fast-paced SOC environment. The analyst will work closely with other SOCteam members, security engineers, and stakeholders to ensure the organizations security posture iscontinuously improved. They investigate complex security incidents and provides expert advice formitigating threats and reducing future risks. Key Responsibilities: 1. Incident Detection and Response:Act as the primary escalation point for L1 and L2 SOC analysts during security incidents. Perform in-depth analysis of security events and incidents using a variety of tools (SIEM,IDS/IPS, EDR,...

What Youll Do When you are on-shift , your activity is to focus on responding . You are the point of contact for all matters related to alerts. This includes escalation, documentation, reporting and adhoc response. Alongside L1/L2 Analysts, you participate in the daily alert triage, helping with prioritisation depending on the threat level and potential impact. After the daily alert triage, you take ownership of alerts and drive them to resolution through investigation and stakeholders engagement. You involve IT stakeholders in the risk assessment, and you coordinate implementation of remediation or mitigation actions. You provide feedback to L1/L2 Analysts to improve analysis quality and co...

Description: About The Role : (Should be 3 - 10 points only) The role of the Major Incident Consultant is to undertake management of Major Incidents, ensuring that they are managed and communicated within the scope of Service Level Agreement, securing that all engaged parties perform up to high standards and follow agrees process. The role ensures that the output from Major Incident Management process is of high quality and provides management with the right level of business intelligence. The primary goal of Major Incident Consultant is, as a matter of urgency, to minimize or remove the adverse impact of Incidents on the business that is caused by errors within the IT Infrastructure, proces...

Description Google Logging Engineer We are looking for a GCP Engineer who has specialist skills in Google nlogging to develop, test and implement data integration, alerting and logging with the Google Cloud platform. In addition, this role will be expected to develop reporting and dashboards that illustrate activity and performance of data being ingested by GCP looker. Specific tasks includeDesign and build dashboards, reports, and alerts using Google Cloud Logging, BigQuery, and Looker based upon customer requirements. Integrate log data from various sources into BigQuery via Google Logging and ensure data compatibility. Implement performance-optimized Looker models to enable real-time and ...

Requirement / Qualification Resource with minimum 4 5 years of managing SIEM. Security events Monitoring and SIEM administration/Implementation support. Proven experience on handling security incident investigation / forensics Knowledge of security and compliance regulatory standards. Create dashboards on Alien Vault Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment. Monitor multiple security alerts sources, eliminate false positive and based on impact and nature of security incident escalate according to established procedures. Knowledge of Alien Vault SIEM, its components, and associates Proactive...

Experience in SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, Malware Analysis, Incident Response Responsible for the technical Administration or troubleshooting in SIEM ensuring the efficient functionality of the solution Responsible for Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation, installation, integration troubleshooting and overall functionalities of Arcsight ArcSight rule base fine tuning, Ongoing log source modifications, Configuration/policy changes, General SIEM Administration, SIEM Content Development Troubleshooting of an incident within IT Security incident response teams of SOC. Apply investigation techniques to ...

We are seeking a highly skilled Security Copilot Agent Developer to design, develop, and deploy AI-driven automation agents using Microsoft Security Copilot , M365 Defender , and the Azure OpenAI ecosystem . This role sits at the intersection of cybersecurity engineering and AI innovation , empowering proactive detection, response, and remediation across enterprise environments. Key Responsibilities Design & Development: Architect and optimize Security Copilot agents for automated investigation, incident response, and tailored cybersecurity scenarios. Integration: Seamlessly integrate Copilot workflows with Defender XDR , Sentinel , Entra ID , and other Microsoft security solutions. Data Eng...