1461 Incident Response Jobs - Page 18

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Data Privacy Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security policies and procedures.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Data Privacy.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience with risk assessment methodologies and compliance frameworks.- Familiarity with security tools and technologies for monitoring and incident response. Additional Information:- The candidate should have minimum 5 years of experience in Security Data Privacy.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development of security policies and procedures to enhance the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and practices.- Experience with security incident response and management.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to analyze security logs and identify potential threats. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities:- Expected to be an SME for SOC incident handling.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SOC/Incident Response.- Strong understanding of cloud security principles and frameworks.- Ability to analyze security incidents, determine root causes, and develop mitigation strategies..- Experience implementing SOC playbooks, detection rules, and post-incident reviews. Additional Information:- The candidate should have minimum 5 years of experience in SOC/Incident Response/Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required.- Experience in Telecom industry is preferred. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities:- Expected to be an SME for SOC incident handling.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SOC/Incident Response.- Strong understanding of cloud security principles and frameworks.- Ability to analyze security incidents, determine root causes, and develop mitigation strategies..- Experience implementing SOC playbooks, detection rules, and post-incident reviews. Additional Information:- The candidate should have minimum 3 years of experience in SOC/Incident Response/Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required.- Experience in Telecom industry is preferred. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with organizational standards and best practices. Engaging in continuous improvement initiatives will be a key part of your role, as you strive to enhance the security posture of the organization while adapting to evolving threats and technologies. Roles & Responsibilities:1. Lead the development and implementation of SOAR solutions to automate security incident response and improve incident management efficiency.2. Design and implement scalable SOAR architectures that integrate with existing security infrastructure and tools.3. Manage and mentor a team of SOAR engineers and analysts to ensure successful solution delivery and adoption.4. Collaborate with cross-functional teams* to identify security automation opportunities and drive solution adoption.5. Drive continuous improvement of SOAR solutions through data analysis, reporting, and process optimization.6. Develop and execute SOAR strategy and roadmap7. Design and implement SOAR solutions, playbooks, and integrations8. Lead and mentor a team of SOAR engineers and analysts9. Collaborate with security teams, vendors, and stakeholders10. Analyze data and generate reports to inform SOAR solution improvement11. Ensure compliance with security regulations and industry standardsRequirements:- Strong technical background in security automation, SOAR, and security incident response- Experience with Splunk Phantom SOAR platform- Leadership and team management experience- Excellent communication and collaboration skills- Strong analytical and problem-solving skills Professional & Technical Skills: - Must Have Skills: Proficiency in Security Operation Automation.- Tool proficiency:Splunk Phantom SOAR platform- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with security automation tools and technologies.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 3 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Looking for an experienced Senior CyberArk Cloud Engineer to lead the design, implementation, and support of our privileged access management (PAM) program leveraging CyberArk Privilege Cloud. The ideal candidate will have a deep understanding of privileged access controls in cloud and hybrid environments, hands-on CyberArk experience, and the ability to drive security best practices across the organization. Roles & Responsibilities:- Define secure vaulting, session isolation, credential rotation, and privileged task automation- Develop architecture diagrams and documentation for hybrid and multi-cloud PAM solutions- Integrate CyberArk Privilege Cloud with cloud platforms (AWS, Azure, GCP) and on-prem systems- Lead CyberArk Privilege Cloud onboarding and migration initiatives- Configure privileged account onboarding, safe structures, access controls, and policies- Set up session recording, monitoring, and auditing- Integrate with directories (AD/Azure AD) and identity providers (SSO)- Act as senior escalation point for CyberArk issues- Support upgrades, patching, and ongoing maintenance of the CyberArk SaaS environment- Monitor vault performance, logs, and incident trends- Perform troubleshooting and root cause analysis of PAM issues Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Knowledge of security incident response and risk management processes. Additional Information:- The candidate should have minimum 2 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Identity Access Management (IAM) Good to have skills : Microsoft Identity and Access Management Operations, Microsoft Azure SecurityMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain the integrity of business processes. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity Access Management (IAM), Microsoft Identity and Access Management Operations, Microsoft Azure Security.- Good To Have Skills: Experience with Microsoft Identity and Access Management Operations, Microsoft Azure Security.- Strong understanding of security frameworks and compliance standards.- Experience with identity governance and administration tools.- Familiarity with risk assessment methodologies and incident response planning. Additional Information:- The candidate should have minimum 7.5 years of experience in Identity Access Management (IAM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:--Demonstrated expertise in the endpoint security domain with a minimum of 10 years of overall experience, including at least 5 years of hands-on experience with the CrowdStrike Falcon EDR platform.-Endpoint Security Platform:Detection, Quarantine & response handling, On-Demand Scans (ODS), Sensor and prevention policy configuration & General platform administration and operational tasks.-Device Control:USB policy management and enforcement, Device exception handling and approval processes, Monitoring and reporting of device usage & Device Control administration and troubleshooting.-Firewall Management:Creation and management of firewall policies, Configuration of rule groups and policy sets & Troubleshooting firewall-related issues.-File Vantage Module:Policy creation and management, Implementation of rule suppression processes & Monitoring and alert tuning.-The candidate must have hands-on experience with the ServiceNow ticketing platform and a basic understanding of the JIRA storyboard. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of security architecture principles and best practices.- Experience in risk assessment and vulnerability management.- Familiarity with incident response and threat intelligence processes. Additional Information:-The candidate must have a minimum of 5 years of hands-on experience with the CrowdStrike Falcon EDR platform.-This position is based at any ATCI office location.-A minimum of 15 years of full-time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and maintain comprehensive documentation of cloud security architecture and controls.- Evaluate and recommend security technologies and solutions to enhance cloud security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of network security principles and practices.- Experience in designing and implementing security policies and procedures.- Familiarity with incident response and risk management processes. Additional Information:- The candidate should have minimum 3 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and maintain comprehensive documentation of cloud security architecture and controls.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Experience with cloud security frameworks and best practices.- Strong understanding of risk management and compliance requirements.- Familiarity with incident response and threat detection methodologies.- Knowledge of security tools and technologies relevant to cloud environments. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. Your typical day will involve coordinating with various teams to ensure the successful execution of security initiatives, utilizing global delivery capabilities, and ensuring that projects align with organizational goals. You will engage with stakeholders to understand their needs and provide guidance on best practices in security management, fostering a collaborative environment that promotes innovation and efficiency in service delivery. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of incident response and threat management.- Experience with security compliance frameworks and regulations.- Ability to analyze security incidents and provide actionable insights.- Familiarity with security monitoring tools and technologies. Additional Information:- The candidate should have minimum 12 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development and maintenance of security policies and procedures.- Evaluate and recommend security technologies and solutions to enhance cloud security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of network security principles and practices.- Experience in implementing security controls in cloud environments.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:1)Strong knowledge on ELK for monitoring application performance, troubleshooting issues, and implementing logging and monitoring solutions. 2)Fair understanding and practical demonstration of utilizing ELK for threat detection, incident response, SIEM and compliance monitoring3)Leverage ELK for data visualization, exploration, and analysis to identify trends and patterns in user behavior, application performance, and business metrics. 4)Implement cloud-based logging and monitoring solutions using ELK and optimize cloud infrastructure performance5)Responsible for installing, configuring and maintaining ELK clusters, ensuring high availability and performance.6)Designs and implements Elasticsearch solutions, including data modeling, indexing and querying. 7)Develops and maintain Logstash configuration for data ingestion, processing and forwarding. 8)Provides technical support for ELK platform, troubleshooting issues, and resolving problems.9)Creates custom Kibana dashboards, visualizations, and reports to provide insights into data.10)Designs and implements data pipelines, integrating ELK with other data sources and systems. 11)Designs and implement overall ELK architecture, ensuring scalability, reliability, and performance. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) ELK.- Tool proficiency:ELK- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat management.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Monitor security events, logs, and alerts in real-time. • Perform initial investigation, triage, and assessment of alerts to detect suspicious activities by accessing security solutions consoles. • Log and track cybersecurity incidents

Role : senior analyst/Assistant manager - SOC Engineer location: Hyderabad shift : 06.30 AM to 03.30 PM work mode: work from office- 5 days of working Role & responsibilities : Required: ( BE/B. Tech/MCA candidate from IT and global company are preferred) Experience or can able to work in in L3 candidate is mandatory Qualifications experience in a cyber SIEM engineering role (Ideally Splunk) Expertise in use case/content and dashboard development Experience in custom data source onboarding and understanding of end-2-end SIEM integration/architecture. Continuously monitor network traffic for potential threats. Identify and remediate system vulnerabilities. Implement and manage security measures for computers and servers. Design and maintain network security controls. Develop and deliver cybersecurity training programs. Enforce security policies and ensure regulatory compliance. Stay informed about cybersecurity threats and trends. Regards ishwarya- HR consultant email : ishwarya@enehobs.com

Your role and responsibilities This role will support the follow-the-sun principle of incident handling within ABB. The IS Level 3 Incident Response Senior Specialist will support the Security Incident Response Service Manager in the delivery of the Security Incident Service to the business stakeholders. This role is contributing to the Core IS Services. You will be mainly accountable for: Handling Security Incidents assigned by the Security Incident Service Manager Ensuring that incidents are handled according to agreed procedures. Investigates escalated incidents and seeks resolution. Facilitates recovery, following resolution of incidents. Ensuring that resolved incidents are properly documented and closed Analyzing causes of incidents, and informs service owners in order to minimize probability of recurrence, and contributes to service improvement. Analyses metrics and reports on performance of incident management process Work with our service providers to ensure the proper implementation of the Security Incident Process and Policies Work closely with Security Incident Service Manager to identify areas of improvement for the Security Incident Process and Policies Work with countries, businesses and regions to identify key resources that can assist in the Security Incident process and incident handling Defining standard methods and processes for incident resolution, delegates them to the back-office, and oversees the work of the back-office. On assignment is involved in the installation, management, maintenance, and optimization of IS security solutions/services. Qualifications for the role 10 years in IT, 5 in Security incident response. Graduate level with IT focus or equivalent practical experience Security Certification (CISSP, CISM, GSEC or others). Experience in AntiVirus Technology and AV Tools Experience in EDR Technology and EDR Tools Experience in log analysis of Firewalls, Proxy servers, Operation Systems, Databases, preferably via a SIEM Servers/clients / mobile devices / appliances / OSs / common applications, databases / middleware in-depth knowledge

BMC is looking for an Experienced Information Security Engineer to join our amazing global Corporate Cybersecurity team! In this role, you will build out, maintain, and troubleshoot our information security systems, while supporting internal customers. You will have the opportunity to learn multiple tools and technologies across multiple security domains. So, if youre committed to customer services, an awesome team player and enjoy building relationship this is the role for you! Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Deploy and maintain security tools and systems. Develop, analyze, and implement security specifications. Participate in incident response and break/fix situations as needed. Develop documentation to support ongoing security systems operation. Analyze system services, operating systems, networks, and applications from a security perspective discovering security issues that appear under new threat scenarios. Create custom use cases, system alarms, correlation signatures, watch lists and 20 plus custom regex parsers to meet customer's IT security needs. Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs. To ensure youre set up for success, you will bring the following skillset & experience: 5+ years of experience in Information Security Engineering Experience in Windows, Unix/Linux, and/or network administration experience. Deep understanding of information security threat landscape, and prior experience with threat modeling, including usage of relevant tools and technologies. Experience in networking protocols and services (FTP, HTTP, SSH, SMB, LDAP) Good problem solving and troubleshooting skills. Excellent interpersonal communication skills, with ability to work as a part of a team, as well as independently. Whilst these are nice to have, our team can help you develop in the following skills: Previous experience in other IT roles (such as System Administrator, Networking Engineer etc.) Experience working with SIEM technologies, threat hunting, and pen-testing tools and technologies, and working with malware analysis. Understanding of basic routing principles and networking fundamentals Knowledge of basic functions of operating systems Bachelors degree or equivalent security-related course CA-DNP

Position - Operations Security Consultant Experience: 8 to 12 years Location: Chennai Education: B.E./ B.Tech./ MCA Job Profile The Operations Security Consultant is responsible for the end-to-end management of security operations across multiple client environments. The role demands strong leadership in overseeing SOC operations, incident response, threat detection, compliance, and risk management. The ideal candidate will possess extensive hands-on experience in a multi-customer SIEM (QRadar) environment, a deep understanding of security frameworks, and the ability to build trusted relationships with internal and external stakeholders. Key Roles & Responsibilities Oversee Daily security operations and maintain operational excellence ensuring availability, performance, and reliability of security tools and processes. Manage 24/7 monitoring, triage, investigation, and resolution of security incidents via SIEM (QRadar). Coordinate incident management efforts across internal teams and external stakeholders. Develop, fine-tune, and manage security detection rules, use cases, and threat intelligence integration. Implement continuous improvement processes using KPIs, operational reviews, and performance metrics. Manage Lead SOC analysts, threat hunters, and incident responders. Facilitate collaboration across engineering, compliance, and client teams. Ensure compliance with ISO 27001, NIST CSF, CIS Controls, DORA, GDPR, and client-specific standards. Lead preparation of audits, client reports, and executive dashboards. Maintain risk treatment plans aligned with ISO 27001 standards. Conduct vulnerability assessments and prioritize remediation using EBIOS methodology. Desired Skills Hands-on expertise with QRadar SIEM, SOC operations, and incident response. Proficiency in security frameworks: NIST CSF, CIS Controls, DORA, GDPR. Experience with vulnerability management, threat hunting, and risk assessment methodologies. Familiarity with automation, SOAR solutions, and operational workflow optimization. Strong experience on at least one technical environment and related cybersecurity topics: Cloud (AWS/Azure), Mainframe, Datawarehouse, Database, O365 Certifications (Preferred) Security: CISSP, CISM (any one) Technical Skills (Minimum 3 to 4 from below) Environments: Cloud (AWS/Azure), Windows, Linux, Mainframe, Data Warehouse, Database. Tools: Qualys, Splunk, ServiceNow, PAM, IAM, Palo Alto, Fortinet, SOC tools / EDR (MDR), AppSec, Bastion, Network Management, Micro-Segmentation, Vaults & Secret Management, PKI, Vulnerability Scanning (QRadar, Nessus).

We are seeking dynamic candidate for the role of Security Engineer, proficient in Triage and respond to security incidents and alert,knowledge in cybersecurity principles,threat detection and incident response.Comfortable with 2:30 PM-11:30 PM(SHIFT) Required Candidate profile Security certifications such as CISSP, CISM, CEH. Previous experience in security automation, scripting and working in a SOC or security operations environment and cloud security best practices.

Overview We are seeking a skilled and experienced security professional to manage and enhance our web application security infrastructure. The ideal candidate will bring expertise in application and network security, with a strong foundation in managing WAF platforms such as Imperva. This role requires a deep understanding of modern security frameworks, cloud environments, and incident response practices to ensure robust protection across systems. Role Manage and optimize the Imperva Web Application Firewall (WAF) or similar platforms. Conduct application security assessments aligned with OWASP Top 10 and other industry standards. Administer and review AWS IAM policies, roles, and access controls. Support and maintain firewall infrastructure, with an emphasis on Palo Alto Networks. Collaborate with IT and security teams to manage secure network architecture including load balancers, routers, and virtualized environments. Drive incident response efforts, including root cause analysis, documentation, and mitigation strategies. Participate in infrastructure design reviews to enforce security best practices. Engage in security governance and compliance activities, contributing to a secure SaaS and cloud-based operational environment. All About You Experience Proven experience managing Imperva WAF or similar web security platforms. In-depth knowledge of OWASP Top 10, NVD databases, and CVSS scoring systems. Strong background in application security testing and assessments. Hands-on experience with AWS IAM, including creation of security policies and role-based access control. Proficiency in core networking protocols and technologies: TCP/IP, HTTP, DNS, SSL/TLS, APIs, HTML, and JavaScript. Familiarity with firewall systems, especially Palo Alto Networks. Working knowledge of load balancing, network routing and switching, and virtualization platforms. Demonstrated experience in security incident response, problem tracking, and reporting. Understanding of IT infrastructure design with a security-first approach. Exposure to AWS security controls and SaaS platforms is highly desirable. Relevant certifications such as CISSP, AWS Security Specialist, or equivalent are preferred.

Responsibilities Work in a 24x7 Security Operation Centre (SOC) environment. Provide analysis and trending of security log data from various security devices. Coordinate incident response on a daily basis. Perform threat analysis to improve detection capabilities. Conduct forensic investigations and develop recovery plans. Develop and implement advanced defensive strategies and countermeasures. Engage in threat hunting to identify potential threats that may have bypassed defenses. Communicate effectively through written and visual documents for diverse audiences. Requirements Minimum of 6+ years of experience in Cybersecurity. At least 6 years of working in a Security Operations Center (SOC). Proficient in Incident Management and Response, handling escalations. In-depth knowledge of security concepts such as cyber-attacks, threat vectors, and risk management. Knowledge of various operating system flavors including Windows, Linux, and Unix. Knowledge of TCP/IP protocols and network analysis. Experience with SIEM, SSL, Packet Analysis, HIPS/NIPS, and network monitoring tools. Nice-to-haves Hands-on experience with Splunk. Experience with Proofpoint and Azure security. Ability to suggest fine-tuning of existing security use cases.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Operation Automation.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Dear Candidate Greetings!!!! I am hiring for INCIDENT RESPONSE 6+ EXP PUNE & TRIVENDRUM NP: 30 DAYS JOINERS KINDLY REVERT WITH DETAILS ON SWATI@THINKPEOPLE.IN Total exp Rel Exp Current CTC eXPECTED ctc Location Preferred Location DOB CURRENT ORG

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Incident Response.Experience: 5-8 Years.

Role Overview: The Security Engineer is a technical security position in the F5 Security Incident Response Team (F5 SIRT). Addressing security issues in F5 products is the responsibility of the F5 Security Incident Response Team (F5 SIRT). The F5 SIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to F5 products and networks. The Security Engineer is well versed in a breadth of security threats, incident handling methodologies and offensive/defensive attack vectors. The Security Engineer follows incident handling procedures to drive mitigation of security incidents and will be called to perform attack analysis, configuration suggestions, and potential onsite interaction. A Security Engineer can handle multiple active issues of diverse scope simultaneously while maintaining good communication, particularly written communication to our customers, and accepts ownership of issues until a resolution is delivered or a business as usual state is returned, providing high customer satisfaction. When not engaged in incidents, an Security Engineer will mentor other security related issues. A good candidate has a deep passion for security and a desire to help develop a security mindset in others. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities. Sounds interesting? Read on! What Youll Do: Primary Responsibilities Responsible for upholding F5s business code of ethics & for promptly reporting violations of the code or other company policies Manages multiple issues and prioritizes based upon customer and business needs, without direction Provides F5 customers with a consistently high-quality support experience Assist Senior Security Engineer with other tasks as required based upon business operation needs Effectively engages supporting escalation personnel, without direction Participate in weekend support rotation Product Vulnerability Response and Management Work with the PD Platform Security team to maintain the 3rd Party Module Vulnerability Triage information Open Escalation when requested by Platform Security to investigate orphaned Vulnerability bugs Participate in the release meetings and triage bugs for release Assist ENE owners with ENE006 SRs that are in deadlock or stalled Perform threat and vulnerability management, monitoring of CVE and vendor notifications Monitor the F5SIRT shared mailbox, identify external researchers and create SRs where necessary to be assigned to Security Engineers Customer Security Incident Response Provide incident handling and drives both attack analysis and mitigation options Participate in tier 2 and tier 3 security support Follows processes defined in F5s Quality Management System (QMS) Mentoring Security SRs to resolution - Proactively monitors Securty Service Request (SR) with long Time to Resolution (TTR) Working with F5 SIRT Specialists to handle ESRP cases Maintain incident documentation, participate in post-mortems, and write incident reports. Working with SR Security Engineers on post-mortem for ESRP incidents Tracking attack trends and threat intelligence from different sources Monitors security issues in order to identify and act upon them as they occur Active Mentoring Running workshops to help F5 SIRT Specialists build hands-on experience in a lab environment in order to better prepare for dealing with attacks in the real environment With Sr. Sec Eng Simulating typical customer network environment (in terms of versions, modules, network devices), running different attacks, documenting security incident response plan and exercising it Work closely with others to develop incident response plans Building Security Mindset - Security Evangelism Running regional F5 SIRT meetings Handling reactive mentor questions on Security from F5 SIRT Specialists and NSEs Monitor F5 SIRT email Creating security presentations for a wide audience Engages in on-going training within the security field and with F5 products May lead projects and provide guidance/training to less experienced staff and mentoring. Evaluate and execute cross-functional security initiatives across the enterprise. Work with cross functional Engineering teams to ensure all systems are properly remediated according to our policies and standards. What Youll Bring: Minimum of 5 years of related experience in a technical security role such as support, monitoring or consulting (e.g. pen testing) working with relevant technologies Appropriate security based qualification; CISSP, GCIH (or demonstrated skills and ability to obtain certification) more than one certification preferred. Strong understanding of industry standards such as CVE, CPE, and CVSS Experience with security incident handling processes, procedures and methodologies. Technical experience with identifying and mitigating a breadth of attacks such as DDoS, web application, DNS and other network attacks. Knowledge with common security vulnerabilities and the ability to judge their severity Experience with working security incidents at corporate production environments Experience working with network and packet analysis tools BA/BS degree or equivalent experience Knowledge with Web Application Firewalls, Firewalls and IPS/IDS Experience with network vulnerability scanners OS hardening and security best practices Hands on technical experience with andvery knowledgeable on LAN/WAN operations, and/or networking hardware required CVE and CERT experience Knowledge of security offensive/defensive techniques and methodologies. Understanding of security attack/defense methodologies (e.g. DNS, network TCP/IP, SSL and HTTP) Intermediate understanding and working knowledge of TCP/IP, SSL, DNS, HTTP and common protocols. Knowledge of network and security monitoring tools Coding experience having in addition to Python knowledge in other scripting languages Familiarity with load balancers, WAFs and common network architectures Working knowledge of standard UNIX/Linux command line tools Ability to generate new training and knowledge sharing content via various delivery method Proven track record in a team environment Analytical thinker with strong attention to detail Must be able to read, write and speak English fluently, including technical concepts and terminology. Must be able to relay technical information to customers with varying skill levels Ability to create attack Proof of Concepts Experience with incident tracking software, Seibel experience a plus What Youll Get: Hybrid working mode Career growth and development opportunities Recognitions and Rewards Employee Assistance Program Competitive pay, , and cool perks Dynamic Interest Groups