1461 Incident Response Jobs - Page 16

Project description Responsible for the gathering, interpreting, and utilizing of complex data to maintain stable operations and ongoing improvement of IT Applications. These systems may include, but are not limited to, functionality to support clinical, fiscal, IT and business operations. This position works in a multi-disciplinary environment that requires excellent communication skills and problem-solving abilities. The Application Analyst designs esponsibilities ystem Management andle daily tasks like designing, building, testing, and maintaining non-clinical applications. ork on both small requests and large projects. roubleshooting & Updates elp fix system issues and assist with software upgrades. esting & Validation reate and manage testing plans. oordinate testing with users to ensure systems work properly. eam Coordination ork with different departments to support applications. ollaboration e part of a multi-disciplinary team to ensure systems are stable and functional. ocumentation & Change Management eep system documentation updated. ollow proper procedures when making changes. n-Call Support e available during off-hours as part of a rotation to handle urgent issues. ontinuous Learning tay updated and trained on different systems and tools. kills Must have + years of IT experience trong critical thinking and problem-solving skills ood understanding of business workflows trong teamwork and communication bility to learn new applications quickly xperience with non-clinical systems like isk management ompliance ncident reporting ecurity camera systems uilding/facilities management oint of sale (POS) systems ice to have ertification b>Location - pune,mumbai,chennai,banagalore

Your Role The Solutions Consultant is the evolution of the traditional Sales Engineering role, aligning how we best serve our customers in understanding their environment, providing solution guidance and ensuring value realization in their investment with Palo Alto Networks. As a Solutions Consultant you provide technical leadership and expertise and guidance in your customers security transformation journey. You will play a key role in defining technical solutions that secure a customers key business imperatives and ensuring value realization of their investment with Palo Alto Networks. You evangelize our industry leadership in on-prem, cloud, and security operations services that establish PANW as your customers cybersecurity partner of choice. Responsibilities Meeting and exceeding sales quotas by building and implementing strategic, technical account plans that target cross-platform solutions Your ability to position, demonstrate and create high level designs across the entire PANW portfolio based on customer business needs Conducting discovery to understand and articulate the key technical, operational, and commercial imperatives of your prospects and customers Working closely with Professional Services, Customer Success and Specialist teams to ensure overall customer implementation and adoption of solutions Demonstrating strong communication skills and the ability to influence through effective presentations and customer-specific demos, technical engagements, and workshops Leading successful technical validation efforts based on best practices to ensure technical win in assigned opportunities Orchestrating supporting resources (Specialists, Channel Resources, Customer Support) to ensure a one-team approach that demonstrates a cohesive strategy Promoting end-to-end solutions that include PANW and/or partner professional services to ensure customers realize business value sooner Understanding the competitive landscape and effectively differentiating our leadership Continuously investing in yourself to develop technical and professional skills that drive your ever-increasing contributions to success of our customers while actively participating within the Solutions Consultant community and at industry events Identifying technical stakeholders and cultivating relationships with key personas to build and drive a security architecture transformation roadmap Qualifications Your Experience Having experience of 10+ years in handling State government and Public Sector departments. Understanding of data networking and/or modern application design and cloud architectures Delivering cybersecurity solutions that solve technical challenges and influence new business initiatives Influencing and gaining buy-in from key stakeholders, either in a customer-facing or internal role; prior experience in a pre-sales role is ideal Handling Government tenders , RFP Management , connects in State Government and Public Sector accounts & Government centric Partner ecosystem (Consulting Partners, SIs etc) Creating and delivering technical presentations, workshops, or technical validation engagements Experience in selling, designing, implementing, or managing one or more of the following solutions: Network Security firewalls (i.e., hardware and virtual), proxy, IPS/IDS, sandboxing, URL filtering, and DNS security SASE, SaaS, CNAPP and/or SOC Transformation Technologies. Partnering with Customer Support functions to ensure successful implementation and adoption of sold solutions Complex sales involving long sales processes with multiple buying centers and multi-product solutions are preferred

Your Career We are looking for a highly motivated and customer-focused professional. As part of the global Cortex XSIAM support team, you will serve our customer base by providing technical support, by answering incoming support inquiries and managing escalations, phone calls, and emails in an effective, efficient, and friendly manner within defined service level agreements. Our methodology is first class support. Weve been recognized for it as an industry leader and were dedicated to continuing this standard. In this role, you will work with our technical account managers to personalize our customers experience. You will learn your clients business objectives in and out within their technical environment and focus on mitigating risks and resolving any technical issues in their networks. Youre close to the deployment of cybersecurity solutions and we need you to recognize risks before they arise. You get a thrill from seeking out complex issues and finding their resolutions and you dont wait for those issues to escalate from our clients. Instead, you find them. Youll be working hand in hand with our developers to reproduce the issues you find and develop permanent solutions to prevent them in the future. Your Impact Respond to user-reported issues in adherence to established Service Level Agreements Triage customer reported issues and respond to them via ticketing system, phone, or remote sessions Perform advanced troubleshooting at the application level and OS level, using your knowledge and relevant expertise Identify the area of fault (code, environment, or configuration) and work with the appropriate team(s) implementing the fix Provide timely feedback into the development process on customer-reported product problems Document actions to effectively communicate information internally and to customers Facilitate root cause investigations and manage the implementation of corrective and preventative measures Qualifications Your Experience Previous experience with Endpoint Security software is required SIEM experience, including - Deep understanding of how SIEMs works Experience in creating custom collections and data parsing Experience in creating complex correlation rules, reports and dashboard Experience in integration and implementation of SIEMs Experience working with EDR tools Experience with strong communication and customer service skills Required basic networking knowledge - Ability to independently debug broad, complex, and unique environments with mixed applications and protocols Experience with Windows OS, MacOS, and Linux based applications (Installation, troubleshooting, Debugging) 4+ years of experience as a Support Engineer Fundamental understanding of Kubernetes, GCP, and AWS for troubleshooting cloud agent deployment and data extraction. Excellent written and verbal communication skills Strong customer advocacy skills and experience, ability to work in difficult customer situations Knowledge of Cloud infrastructure a plus Experience in incident response a plus Experience with scripting a plus Experience with MS Server solutions (SCCM, GPO, AD, MSSQL, IIS, Exchange) is a plus

Your role We are seeking an experienced and highly motivated Cloud Security Engineer for 4 to 6 years for Pan India to manage the implementation and optimization of security solutions across our public and hybrid cloud infrastructure. This role requires hands-on expertise in Microsoft Defender for Cloud, Cloud Access Security Broker (CASB), Cloud Workload Protection Platforms (CWPP), and Cloud Security Posture Management (CSPM) tools. The ideal candidate will be responsible for ensuring robust visibility, security, and compliance across all cloud-native assets, workloads, and applications. Design, deploy, and manage cloud-native security architectures across Azure, AWS, and GCP environments. Implement and optimize Microsoft Defender for Cloud, CASB solutions, and CWPP/CSPM tools to secure cloud workloads and assets. Monitor cloud environments for anomalies, vulnerabilities, and potential threats. Ensure compliance with regulatory standards (e.g., ISO, NIST, GDPR, HIPAA) and internal security policies. Conduct risk assessments and threat modeling of cloud services and applications. Collaborate with DevOps and Cloud Engineering teams to embed security into CI/CD pipelines. Develop automated security alerts, incident responses, and logging mechanisms. Provide recommendations for cloud architecture adjustments to strengthen security posture. Create and maintain documentation for cloud security strategies, policies, and procedures. Your profile Hands-on experience with Microsoft Defender for Cloud and CASB solutions (e.g., Microsoft Defender for Cloud Apps). Expertise in CWPP and CSPM platforms such as Prisma Cloud, Wiz, or Microsoft Defender CSPM. Strong knowledge of cloud platforms including Azure, AWS, and GCP. Proficiency in scripting (e.g., PowerShell, Python) and infrastructure-as-code tools (e.g., Terraform, ARM templates). Familiarity with cloud security frameworks, SIEM solutions, and cloud-native logging tools (e.g., Azure Monitor, AWS CloudWatch). What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Computer Security Incident ResponseMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in proactive monitoring and response to security incidents, contributing to the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards.- Identify and propose adjustments/improvements on SOC runbooks based for example on false positives, tuning of SIEM use cases and audit findings.- Engagement with internal IT functions might be required to fill the identified gaps (e.g. lack of details in asset inventory) in the alert handling process.- Identify and propose adjustments/improvements on SIEM UCs based for example on false positives reported by SOC and audit findings- Quality check and end-to-end testing of SOC runbooks- Preparation for audits (evidence/requests handling) and attendance- Attendance to regular calls with SOC Service Manager- Participate in Blue/Red teams exercise to test and improve our monitoring and response capabilities- Development of automation of various CERT/SOC processes via SOAR solution- Red Teaming/Purple Teaming exercises- Background in Malware Analysis, Digital Forensics and/or Cyber Threat Intelligence- Experience in Threat Hunting including the ability to leverage intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems- Script Development (e.g. Python, Shell scripting)- Cloud Security expertise (primarily GCP and Azure)- Vulnerability Handling / Management- Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA (Security+, Cloud+, PenTest+), OSCP, eLearnSecurity are desirable. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), CERT or SOC team with SIEM alerts handling, workflow design and runbook preparation.- Good To Have Skills: Experience with Computer Security Incident Response.- Knowledge of cyber threats and vulnerabilities:how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.- Expert working knowledge of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience- Solid understanding of cyber threats and MITRE ATT&CK framework- Strong understanding of network security protocols and technologies.- Experience with threat detection and incident response methodologies.- Familiarity with security compliance frameworks such as ISO 27001 or NIST. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Computer Security Incident ResponseMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in proactive monitoring and response to security incidents, contributing to the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards.- Identify and propose adjustments/improvements on SOC runbooks based for example on false positives, tuning of SIEM use cases and audit findings.- Engagement with internal IT functions might be required to fill the identified gaps (e.g. lack of details in asset inventory) in the alert handling process.- Identify and propose adjustments/improvements on SIEM UCs based for example on false positives reported by SOC and audit findings- Quality check and end-to-end testing of SOC runbooks- Preparation for audits (evidence/requests handling) and attendance- Attendance to regular calls with SOC Service Manager- Participate in Blue/Red teams exercise to test and improve our monitoring and response capabilities- Development of automation of various CERT/SOC processes via SOAR solution- Red Teaming/Purple Teaming exercises- Background in Malware Analysis, Digital Forensics and/or Cyber Threat Intelligence- Experience in Threat Hunting including the ability to leverage intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems- Script Development (e.g. Python, Shell scripting)- Cloud Security expertise (primarily GCP and Azure)- Vulnerability Handling / Management- Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA (Security+, Cloud+, PenTest+), OSCP, eLearnSecurity are desirable. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), CERT or SOC team with SIEM alerts handling, workflow design and runbook preparation.- Good To Have Skills: Experience with Computer Security Incident Response.- Knowledge of cyber threats and vulnerabilities:how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic.- Expert working knowledge of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience- Solid understanding of cyber threats and MITRE ATT&CK framework- Strong understanding of network security protocols and technologies.- Experience with threat detection and incident response methodologies.- Familiarity with security compliance frameworks such as ISO 27001 or NIST. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Say hello to possibilities. Its not everyday that you consider starting a new career. Were RingCentral, and were happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Job Summary: We are seeking a proactive and detail-oriented Site Reliability Engineer (SRE) focused on Monitoring to join our observability team. The candidate will be responsible for ensuring the reliability, availability, and performance of our systems through robust monitoring, alerting, and incident response practices. Key Responsibilities: Monitor Application, IT infrastructure environment Drive the end-to-end incident response and resolution Design, implement, and maintain monitoring and alerting systems for infrastructure and applications. Continuously improve observability by integrating logs, metrics, and traces into a unified monitoring platform. Collaborate with development and operations teams to define and track SLIs, SLOs, and SLAs. Analyze system performance and reliability data to identify trends and potential issues. Participate in incident response, root cause analysis, and post-mortem documentation. Automate repetitive monitoring tasks and improve alert accuracy to reduce noise. Required Skills & Qualifications: 2+ years of experience in application/system monitoring, SRE, or DevOps roles. Proficiency with monitoring tools such as Prometheus, Grafana, ELK, APM, Nagios, Zabbix, Datadog, or similar. Strong scripting skills (Python, Bash, or similar) for automation. Experience with cloud platforms (AWS, Azure) and container orchestration (Kubernetes). Solid understanding of Linux/Unix systems and networking fundamentals. Excellent problem-solving and communication skills.

About ECI ECI is a leading provider in the financial industry of cloud and technical solutions. With over 28 years in business, ECI has upheld a reputation of developing top-tier industry technologists by allowing them to work in fast-paced and dynamic environments. Focusing on a promote from within culture allows our team to grow both personally and professionally. Learn more about the role and requirements: • 2+ years of experience in SOC (Cyber Security). • Good communication • Knowledge on SIEM, IDS/IPS, Firewall, VPN, EDR, AV and other security products. • Knowledge on TCP/IP network traffic and event log analysis. •Able to handle high-pressure situations. •Willingness to work in rotational shifts, primarily during US hours.

Key Responsibilities: Incident Management: Lead and manage the end-to-end response to critical incidents and major incidents. Coordinate between teams to assess the incidents impact, scope, and urgency. Oversee and guide root cause analysis and the development of incident recovery and prevention measures. Ensure timely and accurate escalation of incidents to key stakeholders. Crisis Coordination and Communication: Act as the primary point of contact for all crisis incidents, maintaining clear and effective communication with both internal and external stakeholders. Keep senior management, affected teams, and relevant partners updated on incident status and resolution efforts. Create and distribute post-incident reports, highlighting key learnings and improvement areas. Leadership and Team Management: Demonstrate strong leadership during crises, fostering a calm, focused, and solution-oriented environment. Train, mentor, and lead incident response teams, ensuring effective collaboration across departments. Work with cross-functional teams to develop incident response processes, documenting protocols and conducting regular training sessions. Process Improvement: Leverage ITIL principles to enhance and optimize incident management processes, ensuring alignment with industry best practices. Drive continuous improvement initiatives within incident management, reducing response times and enhancing recovery measures. Conduct periodic reviews and simulations of incident response plans to ensure effectiveness and efficiency. Mandatory Key Skills Incident Response Manager,ITIL,Team Management,Crisis Coordination,incident management,incident response,incident response simulation.

We are looking for a detail-oriented and proactive Cybersecurity Analyst to join our IT security team. The candidate will be responsible for monitoring, detecting, analyzing, and responding to security threats and vulnerabilities across the organizations systems, networks, and applications. This role involves implementing security measures, investigating incidents, and ensuring compliance with security policies and standards. Key Responsibilities Monitor networks, servers, and applications for suspicious activity or security breaches. Analyze security alerts, logs, and incident reports to identify potential risks. Respond to security incidents, investigate root causes, and recommend corrective actions. Conduct vulnerability assessments and penetration testing to identify system weaknesses. Maintain and update security tools, firewalls, intrusion detection systems (IDS/IPS), and antivirus solutions. Assist in the development and enforcement of security policies, standards, and best practices. Provide security awareness training and guidance to employees. Stay updated with the latest cybersecurity threats, attack vectors, and emerging technologies. Document incidents, resolutions, and risk mitigation strategies for compliance and audits. Collaborate with IT teams to ensure secure design and configuration of systems. Required Skills & Qualifications Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). Proven experience in cybersecurity, IT security, or network administration. Knowledge of firewalls, IDS/IPS, SIEM tools, and endpoint protection systems. Familiarity with operating systems (Windows, Linux) and networking protocols (TCP/IP, DNS, VPNs). Experience with vulnerability management tools (Nessus, Qualys, OpenVAS, etc.). Understanding of compliance standards (ISO 27001, NIST, GDPR, HIPAA, etc.). Strong analytical and problem-solving skills. Excellent communication skills and ability to work under pressure. Industry certifications (preferred): CompTIA Security+, CEH, CISSP, CISM, or equivalent. Work Environment Fast-paced IT/security operations environment. May require on-call duty for emergency incident response. Collaboration with IT, network, and compliance teams.

Role & responsibilities Provide senior level support (document and present strategy, develop, plan, execute) the strategic goals of Security Operations deliverables. Act as technical SME in the area of security and daily operation of XDR, IAM, Firewall, Email Gateway, SIEM, DLP, CASB and other security solutions. Provide technical expertise to maintain environments and troubleshoot issues. Act as a SME between the Business Partners and vendor technical contacts. Should handle the alerts/incidents created by other security solutions along with alerts initiated by MSSP Should have strong exp in handling Cloud, Network & XDR generated alerts/Incidents Work closely with our MSSP and handle the escalated incidents from them along with continuous fine tuning the process with them Ability to clearly communicate to key stakeholders including internal/external audit teams. Should have strong knowledge on Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis Should have strong experience on Email investigation, and Email Gateway Policies and configuration Should have strong knowledge on Network Intrusions, network topology, and related attacks/risks Should have the experience in working as Inhouse SOC or with MSSP Must be able to work independently to thoroughly investigate suspicious activity (including pivot to additional IOCs without direction), clearly document all findings, and provide detailed remediation guidance to technology teams. Must be able to quickly and thoroughly provide detailed support for information requests from technology teams. Promote and work with team members to implement process improvement initiatives. Provide subject matter expertise on XDR, IAM, Firewall, Email Gateway, SIEM, DLP, CASB issues to Information Security leadership. Should continuously working on creating and maintaining the Documentation like Playbooks, Procedures, Technical documents, KB articles etc. Preferred candidate profile 4-7 years working in SOC, Incident Response, DLP, SIEM, Email Gateway, Firewall Masters degree in Information Systems, Cybersecurity, or a related field and minimum 8 years of relevant experience. Additional years of relevant experience will be considered in lieu of a degree. ~6 years progressive experience in information technology Minimum of 4 - 7 years of practical information security experience. Demonstrated experience in working with a geographically dispersed team Experience working with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, Digital Forensics, WLAN Monitoring, and/or Threat Modeling Ability to manage complex troubleshooting issues Proven ability to manage competing priorities and work under pressure Ability to contribute to the organizational strategic thinking beyond area of responsibility. CEH, CHFI, Security+, Network+ or certifications preferred Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to other teams within Aristocrat, Inc., locally and globally Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict

As an Information Security Manager in ICICI Bank you will be responsible for leading and managing the organizations information security program to ensure the confidentiality, integrity, and availability of data, systems, and networks. This role involves developing, implementing, and maintaining security policies, standards, and procedures, overseeing compliance efforts, and responding to evolving cyber threats. The Information Security Manager works closely with technical teams, business leaders, and external stakeholders to foster a culture of security and effectively mitigate risks. Key Responsibilities Develop and Maintain Security Policies Create, implement, and regularly update information security policies, procedures, and guidelines aligned with organizational objectives and regulatory requirements. Collaborate Conduct regular risk assessments and vulnerability analyses to identify, evaluate, and mitigate security risks to the organizations assets. Monitor emerging threats, security trends, and technologies, regularly recommending adjustments and enhancements to the security program to maintain robust protection. Incident Response Lead the investigation and response to actual and suspected security incidents, ensuring effective containment, analysis, and communication of findings. Compliance Oversight Ensure ongoing compliance with all applicable laws, industry standards (e.g., GDPR, PCI DSS, ISO 27001), and internal policies. Coordinate audits and manage remediation of non-compliant areas. Systems & Technology Oversight Oversee the deployment, configuration, maintenance, and monitoring of security tools such as firewalls, encryption solutions, intrusion detection systems, and access controls. Collaboration Work with other departments to integrate security into business processes and projects. Communicate risks and security postures to stakeholders and senior management. Vendor and Third-Party Management Ensure that third-party vendors and partners adhere to organizational security standards and participate in risk assessments as needed. Reporting Produce detailed reports on the status of information security, audit findings, incidents, and compliance for senior management and governance boards Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications Certification(s) such as CISSP, CISM, or equivalent are preferred. Compliance Great Awareness of cyber security trends & hacking techniques.

Key Responsibilities Process Day to day Operational issues, requests and Project tasks Incident response and resolution within SLA's with excellent analytical and troubleshooting skills Providing all the necessary details to leads about the issue, steps taken, recommendation and any other relevant information Ticket Status Check and Update Respond to False Positive Alerts Incident Escalation and Progress Monitoring Create, review, update, and maintain Standard Operating Procedures. Prepare RCA for the escalated incidents. Perform the Shift handovers Security Incident Response: Leads the escalation as a point for security incidents. Analyze & investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations. Prepare Document and Maintain Procedures, Response Plan, Runbooks, and associated processes for continuous improvement. Assist Analyst for security event and initial incident response to detected threats. Regularly review and recommend changes to policies or controls as needed to enhance security. Identifies potential gaps and offers solutions to include internal team needs, product improvements and client security posture. Develop reporting with focused messages to enable the stakeholders to understand their and responsibilities. Train and mentor, the peers and juniors in the team. SPLUNK Managing Splunk components such as indexer, forwarder, search head, etc Prepare Splunk dashboards. Install, Configure and Troubleshoot Universal forwarders. Triage of non-security alerts based on priority, problem identification and escalation. Escalate to designated contacts within Stratogent and Customer for issues outside SOPs, or when SOPs fail to resolve the issue. Work directly with delivery teams or customers to gather logging requirements. Convert Logging requirements into Splunk designs following best practices. Perform environment health checks. Update and / or create technical documentation. Must-have Skills: Prior Working Experience Must have worked on Splunk Performing incident handling, evidence acquisition, endpoint and Network,and Security Incident management Customer-focused Excellent communication skills (reading, writing, speaking and listening) Highly self-motivated and directed. Excellent attention to detail. Flexibility and willingness to work on different and multiple technologies Ability to effectively prioritize, organize and execute tasks in a high-pressure environment Good to have skills: Prior Work Experience Worked on any of the IAM and PAM tools. Certifications in Enterprise Admin or Cloud Admin of Splunk is an advantage Prior training and certification in communication is added advantage

About the Role We are seeking a highly skilled Sr. Site Reliability Engineer (SRE) to lead the implementation, optimization, and management of our observability stack across cloud infrastructure. You will play a key role in ensuring the reliability, scalability, and performance of our platform, spanning microservices on Kubernetes/EC2 and mission-critical systems. This role requires strong problem-solving, automation mindset, and a proactive approach to incident management. Key Responsibilities Design, implement, and manage monitoring, logging, and alerting systems across production and non-production environments. Lead incident response, root cause analysis, and post-mortem practices for continuous improvement. Define and implement disaster recovery strategies with regular testing. Collaborate with development teams to define and track SLAs/SLOs for critical services. Optimize AWS cloud infrastructure for cost efficiency, reliability, and scalability. Build and maintain automation frameworks for deployment, scaling, and recovery using Terraform, GitLab CI/CD, and Kubernetes. Administer Kubernetes clusters, troubleshoot performance bottlenecks, and ensure high availability. Manage databases (PostgreSQL or similar), including replication and disaster recovery strategies. Contribute to infrastructure security, compliance, and best practices. Participate in the on-call rotation and handle high-priority incidents under pressure. Required Skills & Experience 4+ years of experience as an SRE, DevOps, or similar role. Strong hands-on experience with AWS services: EC2, EKS, RDS, Cognito, CloudWatch, etc. Proven expertise in Kubernetes administration in production environments. Proficiency in scripting/programming: Python, Bash, Chef (recipes, cookbooks), Ansible. Strong knowledge of Infrastructure as Code (Terraform/CloudFormation). Deep experience with observability tools: Prometheus, Grafana, ELK stack, distributed tracing. Database administration experience with PostgreSQL or similar systems. Understanding of network protocols, load balancing, and security best practices. Experience in CI/CD pipelines and GitOps workflows. Ability to handle multiple incidents and prioritize effectively under pressure. Exposure to monitoring solutions like Splunk, Datadog, Dynatrace. Preferred Qualifications AWS Certified Solutions Architect or AWS DevOps Engineer certification. Certified Kubernetes Administrator (CKA). Why Join Us Be part of a fast-growing HealthTech startup transforming healthcare technology. Work with modern tools, cutting-edge infrastructure, and a collaborative team. Opportunity to own end-to-end infrastructure reliability and automation. Competitive salary and growth opportunities.

About this role: Wells Fargo is seeking a Lead Information Security Engineer for the ICS Team. The ICS team is seeking a Lead Information Security Engineer with extensive experience in incident response, network-focused forensics, and threat hunting. The ideal candidate will have a well-rounded background in endpoint/network defenses and security incident response, as well as some offensive security knowledge to allow the ability to think like an adversary. The candidate will also have experience partnering with content development teams to resolve gaps in detection capabilities, as well as experience in conducting technical research and identifying methods to detect evolving Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs). This role will serve as an incident responder to assess the risk, impact, and scope of identified security threats, as well as leading the response efforts to include containment, eradication, and recovery. Strong verbal and written communication skills are desired, to ensure thorough and accurate reporting during and concluding a security incident. The candidate will also play a major role in detecting advanced threats that are not detected via traditional security tools and understand how to operationalize cyber threat intelligence. Regular collaboration with multiple teams such as the Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security Research teams will be critical to success. In this role, you will: Lead computer security incident response activities for highly complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and influence all levels of professionals including managers Lead a team to achieve objectives Required Qualifications: 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Strong years of experience in Information Security Industry. Experience with SIEM tools like Splunk, Arcsight. Incident Response Protocols and Tools experience Information technology applications and systems experience Experience in managing cybercrime detection, investigation, and intelligence strategies DPI (Deep Packet Inspection) experience Knowledge and understanding of banking or financial services industry Strong verbal and written communication skills are desired, in order to ensure thorough and accurate reporting during and concluding a security incident. Ability to execute in a fast paced, high demand, environment while balancing multiple priorities Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports Knowledge of offensive security, with the ability to think like an adversary when performing reverse engineering and responding to incidents Job Expectations: Information security experience including experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence Ability to execute in a fast paced, high demand, environment while balancing multiple priorities Highly refined and professional verbal and written communications Knowledge and understanding of banking or financial services industry Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), or Web Application Penetration Tester (WAPT) certification

Role: L2 SOC Location: Hyderabad Shift Timings: Rotational about alliantgroup alliantgroup is a professional services firm that provides tax consulting and compliance services to businesses in the United States. The company was founded in 2002 and is headquartered in Houston, Texas. alliantgroup services are focused on helping businesses claim tax credits and incentives that they are entitled to under various federal and state programs. These credits and incentives are designed to encourage businesses to invest in certain types of activities, such as research and development, energy efficiency, and hiring employees from certain disadvantaged groups. alliantgroup services include helping businesses identify and claim these credits and incentives, as well as providing guidance on compliance with the relevant regulations. alliantgroup is headquartered in Houston, Texas with additional offices located in Austin, Boston, Chicago, Indianapolis, New York, Irvine, Sacramento, Washington, D.C.; and Bristol and London in the U.K. More about our culture and why we love alliantgroup https://youtu.be/nM_9fXXwyrg https://youtu.be/erJobvthqRw alliantgroup India Talent Pvt. Ltd: alliantgroup started its operations in India in the year 2020 with a world-class office in Hyderabad to provide Tax, Advisory, Audit and Accounting services. alliantgroup India Talent comprises a team of skilled professionals who address the most pressing needs of U.S CPA Firms. We work with the best talent and ensure our clients get top quality services they need. We are currently a family of 1000+ employees. Our people and culture set us apart as a firm, and our team includes professionals from a diverse array of fields, including business, engineering, software development, law, and accounting. Alliant Cybersecurity Alliant Cybersecurity created a full-service cybersecurity consultancy for American businesses. We are technology and vendor agnostic and have a customizable security plan that can be made to fit any businesss needs. Our team has seasoned penetration testers, auditors, technologists, and security analysts to help with client’s needs whether it’s a one-time project or permanent outsourced cybersecurity to our Managed Security Operations Center. We are here as an extension of client’s team, offering straightforward solutions to everyday cybersecurity challenges especially in the moments that matter most. Role Overview Alliant Cybersecurity is seeking an experienced Level 2 analyst based in Hyderabad to help expand its Cybersecurity and Risk Advisory practice. This position primarily supports US-based customers and requires flexibility to work during US business hours. What You'll Do: Security Operations & Investigation: Lead deep-dive investigations of escalated L1 incidents Analyze data from multiple security tools and sources Participates to crisis management by providing support to the incident handler and the SOC Level 3 analysts Create reports and visualizations of security attacks Use Case Fine tuning, New Use case creation Tracks trends for metrics and reporting Works on the decrease of false positives Maintain the detection rules database Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution and helping establish countermeasures increasing cyber resiliency Customer Engagement: Participates to recurring meeting with the customer as the technical referent. Provides recommendations or workarounds to the customer in order to reduce business impact Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting) Supports the customer for the remediation of incidents Supports the SOC manager for the reporting of the activity. Continuous Improvement: Drive improvement plans and documentation Mentor L1 analysts Work independently on complex analyses Maintain process/procedure documentation Support CISO, CIO, and Head of SOC during incidents Lead continuous service improvement initiatives Coordination with ISMS core team to support ISMS activities and implantation strategies at the company. Education: Bachelor’s degree in computer science, Engineering, or other related discipline. Certifications: Professional Security certifications are a plus (CISSP preferred.) What are we looking for: Minimum 4 years of SOC experience Expert knowledge in: Computer Forensics Reverse Engineering IDS/SIEM/Log Management Threat Intelligence Malware Analysis EDR & Incident Response Vulnerability Management Essential Skills: Rigorous process adherence and attention to detail Strong time management and multitasking abilities Information security mindset Team leadership capabilities Excellent analytical and problem-solving skills Outstanding communication and documentation abilities Autonomous and self-organized Experience in tactical coordination during incidents What we offer: With us, there are always opportunities to break new ground. We empower you to take the organization to the next level with the versatile experience that you bring in. We trust you with responsibility early on and support you in all ways to make this organization as trusted partner to the customers and a great place to work for the employees. Join us and bring your curiosity to life!

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 6+ years of experience in below skills - Primary skills : GSOC SIEM Splunk Incident Response Interested candidates for above position kindly share your CVs on asha.ch@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security.

About the role As a SOC Analyst - Detection Engineering in the banks security operations center (SOC), the individual will be responsible to strengthen the creation and optimization of Analytical rules and alerts configured in the banks SIEM platform. You will be responsible to build analytical correlational rules in the banks SIEM platform covering network, systems and endpoints, cloud (SAAS, IAAS and PAAS) and applications (both COTS and internally developed). You will be responsible to provide expert guidance and support to the security operations team in the use of for threat hunting and incident investigation and analysing the detected incidents to identify lessons learned to improve response processes and make recommendations for enhancing security posture. You will be also responsible for developing and maintaining documentation for Analytical rules processes and procedures. Key Responsibilities Business Understanding Accountable to ensure all security anomalous activities are detected by the banks SIEM platform and false positives are kept to a minimum. Collaborate Verify the ingested logs and ensure log parsing to normalize the events. Implement a testing methodology to test the alerts configured and obtain sign off before releasing into production. Reporting Stay Up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with experience in cloud security with any of the following - Microsoft Azure, Google cloud, Ability to develop and implement security policies, procedures and best practices. Experience At least 5 years of experience working as a SOC analysts responsible to create SIEM rules/alerts. Hands-on experience in creation of security alerts in any of the commonly used SIEM solutions is a must. Certifications SIEM Certification from any of the leading SIEM OEMs Splunk, Palo Alto, Securonix, LogRhythm, etc,. CEH or CISSP CCNA Security and/or any of the Cloud security certifications (AWS, GCP, Azure, OCI). Compliance Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, cloud infrastructure along with Machine learning models used for detection of security alerts. Knowledge of various log types, event parsing and ingestion mechanisms across Systems, networks, cloud and commonly used applications in banks. Communication Skills Excellent communication and interpersonal skills. Synergize with the Team Working with the designated bank personnel to ensure alignment with RBI guidelines on detection of security alerts applicable to banks. Should have strong understanding of cybersecurity principles, threat detection and incident response.

Role & Responsibilities: Required Skills/qualifications: 5+ years of experience in Network Security experience, Palo Alto, CISCO, ISE etc Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles Hands-on experience with common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.) Experience with maintaining and operating common security technologies (IDS, IPS, Firewalls, Cloud Security, WAF, Endpoint Security, SIEM, etc.) Exceptional organizational abilities and attention to detail The ability to think creatively to find elegant solutions to complex problems Excellent verbal and written communication skills Below cloud skills are expected: o Strong conceptual and hands on knowledge of working in cloud security for any popular public cloud platforms like AWS, GCP, Azure. o Setting up cloud security in AWS, GCP, Azure Network/VPC Design and implementation/configuration Governance around security groups, external IP's, encryption, etc Restrict access to team/function level using least privilege model. o Automation using Terraform/Ansible or other tooling o Expert in troubleshooting and resolving issues related to cloud security o Certification in any Cloud platform would be desirable Preferred Qualifications: 5+ years of experience in Information Security, Security Operations, Incident Response, etc. (or related field) Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies Demonstrated experience managing firewalls and other security technologies Understanding of common security threats, attack vectors, vulnerabilities and exploits CompTIA Network+/Security+, GIAC (GCIA, GCIH, GSEC, GCFA, GCFE, etc.), CISSP, CEH or related certification(s) desired

Role & responsibilities Responsibilities: Monitoring and Alerting: Continuously monitor security systems for suspicious activity, analyze alerts and events, and escalate critical incidents according to established procedures. Incident Response: Investigate security incidents, determine the root cause, and implement mitigation and remediation measures. This may involve collecting evidence, analyzing log data, and coordinating with other teams. Threat Hunting: Proactively search for and identify potential threats within the environment, using various techniques and tools. This may include analyzing network traffic, reviewing system logs, and conducting vulnerability scans. Vulnerability Assessment: Identify and assess vulnerabilities in systems, applications, and networks. This may involve using vulnerability scanning tools, performing manual assessments, and collaborating with other teams to address vulnerabilities. Policy and Procedure Compliance: Adhere to TSYS's information security policies and procedures, and ensure that all activities are aligned with security standards. Documentation and Reporting: Maintain detailed documentation of security incidents, investigations, and resolutions. Generate reports and summaries on security performance and trends. Collaboration: Collaborate with other SOC analysts, security engineers, and other IT teams to ensure effective security operations.

Overview We are seeking a Manager of Technical Support to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. The Manager of Technical Support will be responsible for leading and overseeing the technical support team, ensuring high-quality customer service, efficient problem resolution, and maintaining exceptional levels of customer satisfaction. Please note, this role will require working during IST night shifts (5:30pm - 2:30am IST). Responsibilities Lead, supervise, and develop a diverse team of technical support professionals. Design and implement inclusive support strategies, policies, and procedures. Monitor and enhance team performance metrics, including response times, resolution rates, and customer satisfaction scores. Establish and maintain performance standards and training programs to support professional growth. Conduct regular performance reviews and provide constructive, actionable feedback. Collaborate with cross-functional teams to address and resolve complex technical challenges. Analyze support trends and propose systemic improvements to enhance products or services. Escalate critical issues to the appropriate departments and ensure prompt resolution. Manage support resources effectively, optimizing team utilization and productivity. Oversee the implementation and maintenance of customer support tools and technologies. Ensure comprehensive documentation of support processes and maintain up-to-date knowledge bases. Qualifications Required Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field. 10+ years of experience in technical support. 5+ years of experience in management or team leadership roles. Ability to work IST night shift (5:30pm - 2:30am IST) . Strong knowledge of technical support best practices. Excellent communication and interpersonal skills, with the ability to work effectively across global diverse teams. Demonstrated ability to lead, motivate, and inspire teams to achieve goals. Advanced problem-solving and analytical skills, with a focus on delivering practical solutions. Proficiency in using customer support software and ticketing systems. Strong understanding of incident response and threat mitigation strategies. Previous experience in customer-facing technical roles, demonstrating strong communication and problem-solving skills. Proven experience in managing security-related support escalations effectively. Knowledge of multiple support channels, including phone, email, chat, and self-service platforms. Demonstrates curiosity and a growth mindset, proactively exploring new tools, technologies, and industry trends with a strong desire to learn and adapt. Possesses hands-on experience in technical support with a proactive, “roll-up-your-sleeves” approach to troubleshooting and problem-solving in dynamic environments. Desired Qualifications: Master’s degree in a relevant field. Experience with cybersecurity tools and platforms, including: Security Information and Event Management (SIEM) systems Endpoint Detection and Response (EDR) tools Intrusion Detection/Prevention Systems (IDS/IPS) Firewall management and configuration Vulnerability scanning and assessment tools Multi-factor authentication (MFA) systems Familiarity with established cybersecurity frameworks, such as NIST and ISO 27001. Relevant IT certifications, such as CISSP, CompTIA Security+, or ITIL. Experience in technology, software, or hardware support environments.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and frameworks.- Experience with incident response and threat intelligence.- Familiarity with security compliance standards such as ISO 27001 and NIST.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare, and similar WAF/CDN platforms, along with a strong grasp of application layer (Layer 7) attacks, web security vulnerabilities, and real-world mitigation strategies.You will play a key role in defending critical applications from threats such as SQL injection, XSS, CSRF, RCE, API abuse, bot attacks, and more ensuring the security and resilience of our digital platforms. Roles & Responsibilities:- WAF Policy Management:Administer Web Application Firewall (WAF) rule sets and policies using industry-leading platforms such as Akamai Kona Site Defender, Cloudflare WAF, AWS WAF, or similar solutions.- Application Layer Defense:Analyze, detect, and defend against a wide range of OWASP Top 10 and other Layer 7 threats, including:- SQL Injection (SQLi)- Cross-Site Scripting (XSS)- Remote Code Execution (RCE)- Cross-Site Request Forgery (CSRF)- HTTP protocol abuse- Malicious bot traffic and API abuse- Firewall & Network Security:Deploy and manage network firewalls and integrate them with other security technologies including Intrusion Detection/Prevention Systems (IDS/IPS) and DDoS mitigation tools.- Bot Protection Expertise:Strong understanding of automated bot attacks, with hands-on experience in detection and defense strategies using behavioral analytics, CAPTCHA, rate limiting, and JavaScript challenges.- Threat Monitoring & Incident Response:Proactively monitor and respond to threats across both application and network layers, leveraging SIEM tools and real-time alerting systems.- Cross-Functional Collaboration:Work in close partnership with DevOps, development, and security teams to enforce secure deployment practices and ensure robust application configurations.- WAF Tuning & Optimization:Perform continual WAF tuning, including signature refinement and custom rule development, to ensure an optimal balance between security coverage and application functionality.- Threat Intelligence & Research:Stay current on emerging application-layer attack vectors, tools, and adversary tactics to inform proactive defense measures.- Incident Handling:Participate in incident response, including threat hunting, forensic analysis, and contributing to post-mortem investigations to enhance organizational resilience. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Strong understanding of cloud security principles and best practices.- Experience with security architecture frameworks and methodologies.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education