307 Incident Response Jobs - Page 12

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Gurugram office. 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Security Information and Event Management (SIEM) Operations Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Develop and implement security architecture solutions Conduct security assessments and recommend enhancements Stay updated on the latest security trends and technologies Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Strong understanding of security operations Experience with incident response and threat intelligence Knowledge of network security principles Familiarity with security compliance standards Additional Information: The candidate should have a minimum of 5 years of experience in Security Information and Event Management (SIEM) This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities: Design and implement secure, scalable GCP architectures. Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO). Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor. Manage Cloud Security Command Center for visibility, governance, and incident response. Implement Cloud Operations Suite for logging, alerting, and security analytics. Conduct threat modeling, vulnerability assessments, and define remediation paths. Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations. Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles. Support audit preparation, policy compliance, and security documentation efforts. Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset. Strong communicator with cross-functional collaboration experience. Continuously stays updated with evolving cloud threat landscapes. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement. Experience with Terraform, automated auditing, and log analysis tools. Additional Information:Bachelor's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CCSP preferred. 7+ years in security roles, with 3+ years in hands-on GCP security delivery. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Bengaluru office. 15 years of full-time education is required. Qualification 15 years full time education

We are looking for the candidates from Delhi/NCR for the position of IT Security Engineer for US client in Gurgaon location Candidates from West and South location need not to apply Job description Job Title: SOC Analyst Tier 2 Looking for Immediate Joiners or who can Join within 15-20 Days. Location: Gurgaon Shift : Rotational Shift / US Shift Budget: As per market standards + Shift Allowances Contract Tenure: 2 years contract on the payroll of Mynd solution. Share your CV at "Pratibha@myndsol.com" Please share your CV With the Subject line as SOC Analyst Work Experience 2 to 5 years of experience in Security Operations, SOC or Cybersecurity and Graduate in IT/CS from recognized University Key Skills - Candidate should be ready for rotational shift -.Candidate must have Excellent communication Skill - Candidate must have the knowledge of penetration testing, Knowledge of TCP/IP protocols, network applications. Good knowledge of security tools and monitoring devices - CCNA would be preferred - Equivalent Certifications (Network+, Security+, CySA+, GSEC, GMON) Job Requirement Keysight is looking for a Cybersecurity Analyst to join its growing organization and be part of its in-house Security Operations Centre (SOC). This is a position requiring a good technical background in Information Security practice, good knowledge of IT Security threats and solid communication and organizational skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work with the team to tackle incoming alerts. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. JOB DESCRIPTION Handling, and escalation of, alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security teams technology stack. Functional Responsibilities Experience Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms. Creating and maintaining documentation for security event processing. Acknowledge and handle the incoming security alerts. Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary. Assist the Incident Response team on alerts escalated to them by the SOC team. Develop/Update and follow Standard Operating Procedures (SOPs) and Playbooks to handle standard and out-of-band alerts. Report to the Incident Response Team quickly and efficiently regarding urgent matters. Ensure ticket queues are always within satisfactory limits and all tickets are updated. Provide On-Call Support for emergency or high severity issues. Liaise with partner teams and end-users for security related tickets and activities. Excellent analytical and problem-solving skills required. Experience working with SIEMs and evaluating SIEM alerts. Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Key Competencies Ability to think with a security mindset. The successful candidate has a good IT background with good level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.) • Knowledge of TCP/IP Protocols, network analysis, and network/security applications. • Good knowledge of various security tools and monitoring devices; e.g. able to read and understand IDS/IPS/Firewall/Proxy logs and determine the current state of play. Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise. Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives. Experience in large, geographically diverse enterprise networks. Ability to build lasting relationships with partner teams and stakeholders. Documentation; experience in writing reports and documenting tickets efficiently and accurately. Visit : http://www.keysight.com/ Feel free to reach me for any clarifications

To act as the SPOC for all third-party audits, especially from BFSI clients & create Network Infrastructure. JD: https://www.pinnacle.in/career/security-manager JD:https://www.pinnacle.in/career/network-manager To work purely from HO Nagpur

The responsibilities of this patch management administrator encompass the full lifecycle of software and system updates within the organization's infrastructure. This includes patch management, prioritization, rigorous testing, ensuring compliance, effective troubleshooting, and continuous monitoring. Additionally, this role is integral to assets and configuration management. The administrator oversees the entire process of applying necessary patches and updates, which are crucial for maintaining the security posture, operational stability, and optimal performance of our systems by addressing vulnerabilities, providing new features, and resolving existing issues. To achieve these goals, the patch management administrator will collaborate closely with system administrators, security teams, and other IT professionals, ensuring seamless operations and adherence to established patching policies. Key responsibilities related to patch management within the organization: Patch Deployment:** This includes managing, testing, and deploying patches for operating systems, applications, and hardware devices across the network. Patch Scheduling:** Develop and maintain a clear patch deployment schedule to ensure timely and organized application of patches, minimizing system downtime and disruption. Vulnerability Management:** A crucial aspect is identifying vulnerabilities in systems and software through consistent monitoring of patch release notes, vendor advisories, and security bulletins. Security Compliance:** All patch management activities must ensure compliance with relevant security standards, regulatory requirements, and internal policies. Testing and Validation:** Before deploying any patch to production environments, thorough testing in a controlled environment will be mandatory to confirm compatibility and stability. System Monitoring:** Continuously monitor the status of patch deployments, promptly identify any failed patches, and coordinate the necessary remediation activities. Documentation:** Maintaining detailed records of all patching activities, including schedules, testing outcomes, identified issues, and their resolutions, is essential. Regular reports will be prepared for IT management and auditors. Collaboration:** Effective collaboration with other IT teams, including network, security, and systems administrators, is vital to ensure consistent patch application across all systems. Incident Response:** Engineer must be prepared to troubleshoot any patching issues that arise and provide timely resolutions to problems caused by patch deployments. Patch Inventory Management:** Accurately tracking and maintaining an inventory of patches for all software and systems in use is necessary to ensure they are up to date and applied regularly. Continuous Improvement:** Staying informed about the latest patching tools, techniques, and best practices is key to continuously enhancing the patch management processes.

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Note : Preferable Immediate Joiner Security Analyst - L2 Responsibility: Coordinate with associate L1 Analysts Handle all the escalation of associate L1 Serve as shift leader and point of escalation for level 1 analysts Provide operational and technical support to the customer Oversee completion of day-to-day checklist(s), including: log review, management report scheduling, alert analysis, and escalation follow up activity status Provide knowledge to L1 to maintain and improve the Operation Ensure all unresolvable cases are passed to the correct team for action as appropriate Support implementation of SOC processes and perform periodic check for compliance Handle configuration and change management of SIEM / Logger. Duties: Ensure high level of quality when managing tickets, requests and Customer queries Capture requirements of Customer and prepare SIEM Rules, Reports and Dashboards Prepare reports & distribute in readiness for Customer tuning calls Arrange & manage client calls. Take actions accordingly. Create scheduled Customer reporting, from existing reports, whenever appropriate. Checklist Task for L2 Analyst : Handle all the escalation request of associate L1 Verify incident reported by associate L1 analyst Verify Reports made by associate L1 analyst

Need exp in Vulnerability Remediation, Patch, Active Directory, Incident response, Endpoint security, DLP, Device encryption, Security monitoring Exp- 6+ years Loc- Pune- Akrudi Immediate - 15 days serving needed Apply/share preethi.kumar@harjai.com

For Soc L3-Position: 7Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), Team management & Shift roaster Location: Pune Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight. 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Use case Creation 9.Team management 10.Shift Roaster 11.Monthly reports Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedures Please share your profile to anwar.shaik@locuz.com

Job Summary :- We are seeking a detail-oriented and proactive Employee Monitoring Specialist to oversee and manage employee activity monitoring systems to ensure compliance with company policies, enhance productivity, and protect sensitive information. The ideal candidate will have experience with monitoring tools (e.g., Teramind, ActivTrak, or similar platforms), data analysis, and compliance management. Key Responsibilities :- Administer and manage employee monitoring software (e.g., Teramind, ActivTrak, etc.) to track user activity, system access, and data handling. Monitor, review, and analyze employee activity reports to identify anomalies, suspicious behaviors, or policy violations. Work closely with compliance, HR, and IT departments to investigate incidents, prepare reports, and recommend corrective actions. Ensure that monitoring activities comply with company policies, data privacy regulations, and legal standards. Develop and maintain monitoring dashboards, alerts, and reporting mechanisms for leadership. Assist in drafting and updating company policies related to acceptable use, data handling, and system access. Conduct audits and periodic reviews of employee system usage, application access, and document handling. Train relevant stakeholders on monitoring systems, security best practices, and compliance requirements. Maintain accurate and secure records of monitoring activities, incidents, and resolutions. Stay current on best practices, industry trends, and evolving regulations related to employee monitoring and data protection. Required Qualifications :- Bachelors degree in Information Technology, Cybersecurity, Business Administration, or a related field. 2+ years of experience in employee monitoring, IT compliance, or cybersecurity. Hands-on experience with monitoring platforms like Teramind, ActivTrak, Veriato, or similar. Strong understanding of data privacy laws, including GDPR, HIPAA, or other relevant regulations. Excellent analytical, problem-solving, and communication skills. Ability to handle sensitive and confidential information with discretion and integrity. Preferred Qualifications :- Certifications in IT security, compliance, or data privacy (e.g., CIPP, CISSP, CISM, CompTIA Security+). Experience working in a regulated industry (e.g., finance, healthcare, or SaaS). Familiarity with incident response and investigation processes.

Job Description :- We are seeking a highly skilled Teramind Monitoring Expert with hands-on experience in compliance, monitoring, and system surveillance. The ideal candidate will be responsible for the effective implementation and management of Teramind monitoring solutions to ensure adherence to regulatory requirements and optimal system performance. Key Responsibilities :- Implementation & Configuration :- Install, configure, and manage Teramind monitoring software across the organization. Monitoring & Surveillance :- Continuously monitor system activities, user behaviors, and network traffic to detect and prevent security breaches. Compliance Management :- Ensure all monitoring activities comply with relevant regulatory standards and organizational policies. Incident Response :- Quickly respond to security incidents and anomalies detected by the Teramind system. Reporting & Analysis :- Generate detailed reports and analysis of monitoring data for management review and compliance audits. Policy Development :- Develop and update security policies and procedures related to system monitoring and data protection. Training & Support :- Provide training and support to staff on the use of Teramind tools and best practices for system monitoring. System Optimization :- Continuously evaluate and enhance the performance of the Teramind system to ensure optimal efficiency and security. Collaboration :- Work closely with IT, security, and compliance teams to integrate monitoring solutions with other security measures. Qualifications :- Education :- Bachelor's degree in Computer Science, Information Technology, or a related field. Experience :- Minimum of 3-5 years of hands-on experience with Teramind or similar monitoring software. Technical Skills :- Proficiency in system monitoring, network security, and compliance standards (e.g., GDPR, HIPAA). Analytical Skills :- Strong analytical and problem-solving skills with the ability to interpret complex monitoring data. Communication Skills :- Excellent verbal and written communication skills for effective reporting and collaboration. Certifications :- Relevant certifications such as CISSP, CISM, or equivalent are a plus. Preferred Attributes :- Detail-oriented with a proactive approach to identifying and mitigating security risks. Ability to work independently and as part of a team in a fast-paced environment. Strong ethical standards and commitment to maintaining confidentiality and data integrity.

Role & responsibilities Lead security incident response in a cross-functional environment and drive incident resolution. Lead and develop Incident Response initiatives that improve customer capabilities to effectively respond and remediate security incidents. Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. Perform log analysis from a variety of sources to identify potential threats. Build automation for response and remediation of malicious activity. Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. Works on SOAR cases, automation, workflow & Playbooks. Integrating and working on Identity solutions. Developing SIEM use cases for new detections specifically on identity use cases Working experience in Microsoft On-prem and Entra ID solutions Good knowledge in Active Directories and Tier 0 concepts Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. Experience investigating and responding to both external and insider threats. Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) Experience analyzing network and host-based security events Preferred candidate profile Domain SOC, Lead- Incident Response Interested can share me there resume in recruiter.wtr26@walkingtree.in

Job Description Principal Security Software Engineer Are you interested in building large-scale distributed software for the cloud? Oracles Service Cloud team is building Software-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services. Were looking for hands-on engineers with expertise and passion in identifying and resolving difficult security problems in distributed systems, virtualized infrastructure, and highly available services. If this is you, at Oracle you can design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. An engineer at any level can have significant technical and business impact. As a Principal Security Software Engineer you will review the software design and development for all components of Oracles Service Cloud team. Develops and execute programs and processes to reduce information security risk and strengthen Oracles security posture. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. Things you'll do:* Penetration testing* Hardening of network, software and firmware* Security tool development (e.g. scanning tools)* Security metrics definition and delivery* Consult across different software development teams* Attack vector modeling* Champion secure coding practices Minimum Qualifications: Bachelors or Masters degree in Computer Science or related field 7+ years of experience in software engineering or related field Experience working in a large cloud or Internet software company preferred Strong application/product/software security background Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, verbal and written communication skills Ability to succeed through collaboration and working through internal and external organizations and individuals Prior DevOps or continuous delivery and deployment experience preferred Strong security testing experience with Fortify, Burp, Zap or Webinspect. Thorough understanding of latest security principles, techniques, and protocols. Security certifications is a plus. Skills Required: Application architecture and design reviews; Penetration Testing and Vulnerability assessments; Web Services and API security assessments; Product Security Assessments and Threat Modeling; Dynamic Vulnerability Scanning using automated application scanners; Execute Secure Code Audits using manual and automated methods to review product codes; Secure SDLC Processes including DevOps and Agile; Knowledge of languages, including Java, .Net, PHP, C++, and XML; Security Testing tools, including Nmap, Nessus, Web Inspect, BurpSuite, ZAP Scanner, Fortify Secure code scanner, SOAP UI, Kali Linux, and Metasploit; Operating Systems including Windows and Linux; Cryptographic algorithms, hashing algorithms, encryption; and Network and web related protocols, including TCP/IP, TLS/SSL, HTTP, and FTP. Detailed Description and Job Requirements As a member of the software security team, you will assist in defining and developing software for tasks associated with the security testing of software applications. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Develop, implement, and enforce Oracles security policies. Develop, implement, and manage Oracles compliance with operational security procedures. Develop Security Review threat model and operationalization standards for cloud services to be built and deployed into Oracles Service cloud. Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law. Career Level - IC4 Career Level - IC4 Responsibilities Supports the strengthening of Oracles security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance.Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required.Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents.Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required.Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In Security role, may manage the creation, review and approval of corporate information security policies.Mentors and trains other team members. Compiles information and reports for management.

Job Description Principal Security Software Engineer Are you interested in building large-scale distributed software for the cloud? Oracles Service Cloud team is building Software-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services. Were looking for hands-on engineers with expertise and passion in identifying and resolving difficult security problems in distributed systems, virtualized infrastructure, and highly available services. If this is you, at Oracle you can design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. An engineer at any level can have significant technical and business impact. As a Principal Security Software Engineer you will review the software design and development for all components of Oracles Service Cloud team. Develops and execute programs and processes to reduce information security risk and strengthen Oracles security posture. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. Things you'll do:* Penetration testing* Hardening of network, software and firmware* Security tool development (e.g. scanning tools)* Security metrics definition and delivery* Consult across different software development teams* Attack vector modeling* Champion secure coding practices Minimum Qualifications: Bachelors or Masters degree in Computer Science or related field 7+ years of experience in software engineering or related field Experience working in a large cloud or Internet software company preferred Strong application/product/software security background Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, verbal and written communication skills Ability to succeed through collaboration and working through internal and external organizations and individuals Prior DevOps or continuous delivery and deployment experience preferred Strong security testing experience with Fortify, Burp, Zap or Webinspect. Thorough understanding of latest security principles, techniques, and protocols. Security certifications is a plus. Skills Required: Application architecture and design reviews; Penetration Testing and Vulnerability assessments; Web Services and API security assessments; Product Security Assessments and Threat Modeling; Dynamic Vulnerability Scanning using automated application scanners; Execute Secure Code Audits using manual and automated methods to review product codes; Secure SDLC Processes including DevOps and Agile; Knowledge of languages, including Java, .Net, PHP, C++, and XML; Security Testing tools, including Nmap, Nessus, Web Inspect, BurpSuite, ZAP Scanner, Fortify Secure code scanner, SOAP UI, Kali Linux, and Metasploit; Operating Systems including Windows and Linux; Cryptographic algorithms, hashing algorithms, encryption; and Network and web related protocols, including TCP/IP, TLS/SSL, HTTP, and FTP. Detailed Description and Job Requirements As a member of the software security team, you will assist in defining and developing software for tasks associated with the security testing of software applications. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Develop, implement, and enforce Oracles security policies. Develop, implement, and manage Oracles compliance with operational security procedures. Develop Security Review threat model and operationalization standards for cloud services to be built and deployed into Oracles Service cloud. Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law. Career Level - IC4 Responsibilities Supports the strengthening of Oracles security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance.Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required.Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents.Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required.Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In Security role, may manage the creation, review and approval of corporate information security policies.Mentors and trains other team members. Compiles information and reports for management.

Job Description At Oracle Cloud Infrastructure (OCI) we build the future of the cloud for Enterprises. We act with the speed and attitude of a start-up along with the scale and customer focus of the leading enterprise software company in the world. About the team: The Enterprise Engineering SRE team is tasked with ensuring the security and compliance of internal systems by conducting regular audits, identifying potential gaps in existing standards and proactively improving the organization's overall security posture. The team plays a critical role in safeguarding the integrity, confidentiality and availability of all systems while driving risk management initiatives across departments including disaster recovery planning and execution. We are also responsible for liaising with various internal teams during audits, ensuring data sharing is concise, accurate and aligned for successful audit outcomes. Ideally, the candidate will possess several of the following skills: Supports the strengthening of Oracles security posture, focusing on one or more of the following: regulatory compliance; risk management; incident management and response; security policy development and enforcement; Threat and Vulnerability Management; Incident Management and response and similar focus areas. Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, CMMC, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. Conduct and document very complex information security risk assessments and assist in the creation and implementation of security solutions and programs Cloud Security: In-dept knowledge of cloud security principles and best practices, including securing cloud infrastructure, services, and applications in platforms, OCI experience is a plus Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required Incident Management and response: Brings advanced level skills to respond to security events and responding in line with Oracle incident response playbooks to mitigate vulnerabilities Mentors and trains other team members Compiles information and reports for management Qualifications: Bachelors degree in computer science, Information Security, or a related field. Master's degree preferred 8+ years of experience in information systems, business operations, or related fields, 3+ years of experience in security operations, with a focus on incident detection, response, and vulnerability remediation Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are preferred Solid understanding of networking protocols, operating systems (Linux, Windows), MiddleTier, Database, cloud computing and end point computing management Excellent communication skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders Proven leadership abilities with experience leading security projects and initiatives independently Experience with security tools such as SIEM platforms, intrusion detection/prevention systems, and endpoint security solutions Ability to work independently and collaboratively in a fast-paced environment Strong analytical and problem-solving skills with a keen attention to detail Career Level - IC4 Responsibilities Oversee and manage internal audit processes to ensure adherence to security and compliance standards Act as the primary liaison between internal teams, facilitating effective communication and collaboration to ensure audits are completed efficiently and accurately Assess the effectiveness of security controls and ensure auditing requirements are clearly documented, defined and communicated to necessary teams Ensure the timely and accurate sharing of data across departments to support successful audit outcomes Continuously assess and enhance the organizations security posture by addressing any identified weaknesses Lead and manage departmental risk management programs, ensuring alignment with broader organizational risk mitigation strategies Facilitate and drive disaster recovery (DR) planning and preparedness across departments to minimize operational disruptions in case of incidents Collaborate with cross-functional teams to establish and maintain robust security policies and procedures, ensuring alignment with industry best practices Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps. Engage with required teams to close the gap Develop and maintain cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary Develop, implement, and maintain industry best practices and regulatory security policies, procedures, and system standards (servers, databases, endpoints, and application design) Engagement in cloud security technologies and protocols, including cloud security architecture, identity and access management, and data protection Write stakeholder reports to explain the assessment, audit results, and recommendations. Create and provide metrics for cybersecurity leadership. Brief executive leadership on compliance matters

Job Description Job Description As a Network Development Engineer on the Oracle Infrastructure Engineering Services (IES), Network Operations & Reliability Engineering team, your priorities include completing change requests, fulfilling service requests, incident response, and problem management. This role is also responsible for creating tools that facilitate change validation, verify service health, and expose performance metrics. This role will work closely to develop and support solutions for Oracles SaaS customers including supporting their private VPN connections. Because our team is globally distributed, on-call shift coverage is generally specific to one shift/region, but we do ask for flexibility as occasional urgent needs arise. Organizational Overview: Oracle Cloud continues innovative breakthroughs providing Autonomous Database and services to an ever-increasing customer base. Oracle's Global Business Unit Cloud Services group is an industry leader focused innovation, service delivery, and migration of traditional, on-premises workloads to the Oracle Cloud Infrastructure. Our customer base includes fortune 500 and industry leaders across a variety of sectors including Communications, Financial Services, Health Sciences, Hospitality, Retail, Utilities, Construction and Engineering. Together, we are purposeful, industry leading experts in engineering delivering the next generation of Cloud services centered on the Autonomous Database. Career Level - IC3 Responsibilities Responsibilities Leading the transformation and migration for the IES Cloud Services customers, our Cloud Networking group designs, delivers, and supports the OCI cloud infrastructure services for our hosted tenants. Ensuring Site UP is the top priority, we are laser focused on ensuring site reliability, performance, and security while leading migration efforts to the next generation cloud infrastructure. Consisting of a group of experienced Software Developers, Network Development and Network Engineers, the IES Cloud Network Engineering group is the high-octane engine powering the transformation and evolution of our Cloud based Network infrastructure Develop methods to capture metrics that show service health. Create and use pre-defined work instructions to safely deliver on change requests to the production environment. Plan and execute changes to the network as needed. Develop and maintain scripts and tools in Python or other languages to efficiently perform various changes to the network. Automate manual processes using API's and Python or other object oriented languages. Participate in weekly on-call rotation, and occasionally on weekend coverage as a member of a globally distributed on-call team. Create Postmortems and documentation of corrective actions to prevent the reoccurrence of incidents. Implement, Maintain & Support Cloud based Network SaaS components according to associated SLAs/OLAs Collaborate with peers and lead automation and innovation workshops for members of the extended organization. Active monitoring of the production environment to proactively address issues that could affect Oracles services in partnership with the Oracle Global Operations Center. Required Qualifications: Bachelor's Degree in technology related field or equivalent practical & demonstrated experience. 7+ years professional experience in supporting carrier grade, IP based ISP, Webscale, on-prem Datacenter and cloud-provider network environments. Demonstrated progressive increase in role specific responsibilities and associated complexities Advanced level knowledge of multiple network operating systems including Cisco IOS/NX-OS, and TMOS, Operational experience with internet routing protocols and concepts, including but not limited to TCP/IP, BGP, iBGP, EGP, MPLS, IS-IS, OSPF, Anycast, RHI, & Route reflection. Advanced level automation and DevOps type optimization experience including proficiency in a combination of Python, Ansible, Chef, Docker, TerraForm, Perl, JavaScript, JSON, REST, iControl, Bash, Yaml, XML, and iControlRest. Advanced level knowledge of multiple Firewall technologies, including but not limited to Cisco ASA, Palo Alto. Advanced level knowledge of Layer 4-7 protocols including TCP, UDP, AH, ESP, SMB, RCP, TLS, SSL, HTTP, HTTPS, DNS, SNMP, SMTP, and SSH Advanced level experience in cloud environment support of IaaS, PaaS, SaaS, & LBaaS offerings. Advanced level experience in capacity management, traffic engineering, and performance optimization Additional preferred skills and experience: 5 + years of experience performing peering, network design, customer turnup, provisioning, migration, and decommissioning 1-2 + years Cloud based Network service design and management Experience with Oracle Database, SQL Server, MySQL, or PLSQL Experience in Traffic Management and Load balancing technologies Experience supporting DNS infrastructure services Experience operating in a Linux/Unix environment 3+ Experience translating and managing the Incident to Problem Management workflow through a combination of process automation, defect cataloging, data warehousing, reporting and analytics. Practical experience with Apex, Oracle BI, Grafana, or Power BI for system analytics and reporting Experience with network system change management and release management programs. Demonstrated ability to define and measure performance of Objectives and Key Results (OKRs), KPIs, Operational Level Agreements (OLAs), and Service Level Agreements (SLA)

Job Description Minimum Qualifications 10+ years of experience in security engineering, detection engineering, or cloud security. Strong expertise in application security, API security, and SaaS-specific threat detection. Experience with SIEM, SOAR, and detection-as-code tools (e.g., Splunk, OpenSearch, KQL, Sigma). Proficiency in log analysis, security telemetry engineering, and anomaly detection in cloud applications. Experience integrating security controls into SaaS applications and microservices. Good programming and automation skills. Preferred Qualifications Experience with automated threat simulations, MITRE ATT&CK mappings, and adversary emulation. Knowledge of risk quantification methods and security metrics for executive reporting. Familiarity with cloud-native security tools. Hands-on experience in threat intelligence-driven detection engineering. Security certifications (e.g., GIAC GCDA/GCFA, AWS Security Specialty, GCP Security Engineer, OSCP). Career Level - IC5 Responsibilities 1. SaaS-Application Centric Detection Research & Engineering Develop and refine application-layer security detections for FAaaS, Spectra, and other critical LoBs, focusing on business logic abuse, API security threats, and identity-based attacks. Research and engineer detections for SaaS-specific attack vectors. Leverage detection-as-code frameworks (e.g., Sigma, OpenSearch, KQL) to automate the development and tuning of detection rules. Work closely with application security teams to enhance telemetry and ensure that security observability is embedded in SaaS products. 2. Proactive Security Controls & Mitigative Capabilities Move beyond traditional monitoring by implementing proactive security controls to mitigate threats before exploitation. Collaborate with development teams to integrate security controls into SaaS applications for real-time anomaly detection and automated response. Drive continuous security validation efforts through automated adversary simulation and detection effectiveness testing. 3. Cross-Team Integration & Real-Time Threat Intelligence Sharing Drive collaboration between Detection Engineering, Incident Response, and Red Teams by aligning detection research with real-world attack simulations and post-incident learnings. Develop automated feedback loops to reduce false positives, false negatives, and coverage gaps. Work with Incident Response to develop automated triage and enrichment mechanisms for SaaS security incidents. 4. Risk-Based Detection Engineering & Security Metrics Shift towards a risk-based detection approach, ensuring that high-impact threats are prioritized based on their potential financial and reputational consequences. Provide executive-level visibility into detection efficacy by quantifying the impact of mitigated threats and aligning detection efforts with business risk. Develop security dashboards and reporting to communicate detection outcomes, including risk coverage, adversary trends, and operational efficiency. 5. Proactive Threat Hunting & Data Anomaly Analysis Expand threat hunting and anomaly detection capabilities to identify previously unknown threats affecting SaaS customers and cloud applications. Utilize advanced data analytics and behavioral anomaly detection to identify stealthy attacks that evade traditional detection methods. Reduce reliance on SOC-driven escalations by proactively analyzing security telemetry for signs of compromise. Work closely with data scientists to enhance the use of ML/AI-driven security analytics for predictive threat detection. #LI-DNI

As a member of the Customer Success Services (CSS) organization, your focus is to deliver post-sales support and solutions to the Oracle customer base while serving as an advocate for customer needs. This involves managing and supporting customer environments in the Oracle Cloud Infrastructure (OCI) and provide expert assistance to ensure the optimal performance, availability, and security of customer cloud environments. Your responsibilities include resolving technical issues, performing system monitoring, and collaborating with internal teams to implement best practices. You will also engage with customers to understand their needs, provide training, and deliver exceptional customer service. This position requires strong problem-solving skills, technical proficiency in OCI, and a commitment to enhancing customer satisfaction. As a primary point of contact for customers, you are responsible for facilitating customer relationships with Support and providing advice and assistance to internal Oracle employees on diverse customer situations and escalated issues Career Level - IC4 Responsibilities Responsibilities: Manage and support customer environments in OCI cloud. Designing a well architected cloud deployment design in OCI adhering to the best practices principles and guidelines. Applying automated configuration management infrastructure provisioning. Communicate with corporate customers via telephone, written correspondence, and electronic service regarding finding solutions for technical problems identified in Oracle Cloud products. Manage customers escalations/expectations and ensure timely delivery of high-quality resolution on technical issue focusing on root cause analysis and prevention. Develop and implement strategies for providing proactive support resulting in fewer incidents, increased availability, or accelerated deployments. The prospective candidate should draw upon all resources at Oracle, to advise and consult on the use of Oracle products to avoid such problems in the future. Educate and walk the customer through the problem-solving process. Adopt Oracle diagnostic methodology procedures when handling and documenting technical issues that comply with Support processes, policies SLAs. Collaborate on cross-team and cross-product technical issues by working with resources from other groups (e.g. Product support, Product development etc). Research and study product features and keep abreast of new releases and functionalities or related technologies to maintain product expertise. Requirements: 6+ years of relevant Cloud IAAS PASS (preferably OCI) experience and Ability to communicate effectively 6+ Years of overall experience on Any domain preferably Database or system or network administration. Experience on Cloud Database Services - preferably OCI VMDB, EXACC,EXACS,ADB,ADW,MYSQL and NOSQL DB Proven experience in implementing, monitoring, and maintaining Cloud (AWS or AZURE or OCI) solutions Like. Cloud Compute - Creation and maintenance of instances, scaling, OS Management Services. Cloud IAM and IDCS - AuthN, AuthZ, federation using SAML Identity cloud service, Create/Manage Compartments, User Groups, Policies, dynamic user groups. Cloud Networking - VCN, Subnets, Gateways (IG, NAT, DRG, Service, Local Peering), Security Lists, Route tables, Network Security Group, VPN tunnels, Fast Connect. Cloud storage - Storage best practices, storage performance metrics, Object Storage, Block Volume, File Storage, Storage Migration services. Cloud Security - Cloud guard Assessments, Configuration of Vault and Bastion. Export importing of SSL Certificate and updating of SSH Public/Private Keys Knowledge on Observability and Management - Basic concepts and MonitoringEvents IaaC tools like ansible, terraform etc. Should be able to understand Business requirements and map them to proposed solutions/enhancements Ability to drive performance issues and complex architecture issues. knowledge on OIC management of Oracle integrations Multi cloud exposure is a plus AWS,AZURE,GCP Certifications: OCI Architect Associate, OCI Architect/Operational professional Certification (preferred), or AWS Profession Architect or Azure Cloud Architect

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 4-6 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities: Monitor, investigate, and close security incidents using QRadar SIEM , with deep expertise in offense triage and management. Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance. Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs. Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment). Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms. Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations. Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics. Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows. Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams. Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration. Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers. Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs. Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Experience in Designing and deploying use cases for SIEM and other security devices. Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar). Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling. Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary) Experience with network traffic analysis, packet capture tools, and deep dive investigations. Strong analytical, problem-solving, and decision-making skills. Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls. Preferred Qualifications: Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist. Prior experience in managing an in-house 24x7 SOC or leading shift teams. What We Offer: Work on a modern cloud-native security stack in a dynamic FinTech environment. Opportunity to lead security engineering and detection strategy for critical financial platforms. Be part of a tight-knit, expert-level team with a strong learning and innovation culture. Competitive salary, performance-based incentives, and growth opportunities.