519 Incident Response Jobs - Page 19

The role involves monitoring security threats, responding to emergencies, and communicating critical incidents to stakeholders while ensuring high customer service standards. A proactive, detail-oriented professional who can work under pressure Required Candidate profile Fluent English (verbal/written) with international voice support experience (US/UK/AU accents). Proven incident management skills in a BPO/SOC/security operations setting. Strong customer service

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your typical day will involve utilizing your expertise in SailPoint IdentityIQ and other security tools to ensure the security of our organization's systems and data. You will collaborate with cross-functional teams to identify and mitigate security risks, implement security measures, and respond to security incidents. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Collaborate with cross-functional teams to identify and mitigate security risks. Implement security measures to protect enterprise systems, applications, and data. Utilize SailPoint IdentityIQ and other security tools to ensure the security of systems and data. Respond to security incidents and conduct investigations to determine the root cause. Stay updated with the latest security threats and vulnerabilities to proactively address them. Assist in the development and implementation of security policies and procedures. Provide guidance and support to other team members on security best practices. Professional & Technical Skills: Must To Have Skills:Proficiency in SailPoint IdentityIQ. Strong understanding of security principles, concepts, and best practices. Experience in designing and implementing security solutions. Knowledge of network security protocols and technologies. Familiarity with security frameworks and compliance standards. Good To Have Skills:Experience with security incident response and forensic analysis. Recommendation:Familiarity with other identity and access management (IAM) tools. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Hyderabad office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring the integrity and confidentiality of data. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect the organization's cloud infrastructure. Collaborate with cross-functional teams to ensure the integrity and confidentiality of data. Conduct risk assessments and develop strategies to mitigate security risks. Stay up-to-date with the latest security trends and technologies. Ensure compliance with industry standards and regulations. Train and educate employees on security best practices. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience with cloud security technologies and tools. Knowledge of network security protocols and technologies. Familiarity with security frameworks and standards such as ISO 27001 and NIST. Good To Have Skills:Experience with cloud platforms such as AWS or Azure. Experience with security incident response and management. Knowledge of threat intelligence and vulnerability management. Understanding of identity and access management concepts. Solid grasp of encryption and cryptographic techniques. Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Architecture Design. This position is based at our Mumbai office. A 15 years full time education is required. Qualifications 15 years full time education

Role & responsibilities JD: This position is for a core team member at best a Technical Lead” NOT “Soc Manager” to supplement the firm’s growing cyber security monitoring function, starting from 5 to max 10yrs of experience having hands on L3/Engineering level work in most recent projects. The candidate will join a team currently responsible for: Providing first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches. The event management includes triage, correlation and enrichment of individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident. Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing. Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics Monitoring the Security Information and Event Management (SIEM) platform for security alerts. Providing metrics and reports around security monitoring by designing dashboards for asset owners and management consumption. Leveraging existing technologies within the organization to expand the scope of coverage of the security monitoring service. Provide technical and thought leadership within SOC by: o Teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies o Regularly recommending new SOC practices and approaches to address program and process improvement Performs analysis duties, including: o Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring o Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration o Perform research at the request of Incident Response teams Perform case management activities to ensure successful BAU Security Monitoring Operations, including: o Documenting case activities in the system of record o Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via teams, email or phone call o Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company, department, or team to which they are a member Author Standard Operating Procedures (SOPs), such as: o Incident detection “use case” needs, logic, and implementation methods o “use case” alert triage workflows o Training documentation o Recommending, then implementing approved program improvements Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations. Provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant security concerns are addressed. Recommends course of action to mitigate risk and ensures that appropriate standards are established and published.

Senior Cyber Security Analyst - IND005A Company Worley Primary Location IND-MM-Mumbai Other Locations IND-KR-Bangalore, IND-AP-Hyderabad, IND-MM-Pune, IND-MM-Navi Mumbai Job Cyber Security Schedule Full-time Employment Type Employee Job Level Experienced Job Posting Apr 21, 2025 Unposting Date May 21, 2025 Reporting Manager Title Manager We deliver the worlds most complex projects Work as part of a collaborative and inclusive team Enjoy a varied & challenging role Building on our past. Ready for the future Worley is a global professional services company of energy, chemicals and resources experts headquartered in Australia. Right now, were bridging two worlds as we accelerate to more sustainable energy sources, while helping our customers provide the energy, chemicals and resources that society needs now. We partner with our customers to deliver projects and create value over the life of their portfolio of assets. We solve complex problems by finding integrated data-centric solutions from the first stages of consulting and engineering to installation and commissioning, to the last stages of decommissioning and remediation. Join us and help drive innovation and sustainability in our projects. The Role As a Senior Cyber Security Analyst with Worley, you will work closely with our existing team to deliver projects for our clients while continuing to develop your skills and experience etc. We are seeking a Senior Cyber Security Analyst -a Subject Matter Expert (SME)- to join our Information Security team. The ideal candidate will be responsible for designing, implementing, monitoring, reacting, and reporting on information security events within the DLP scope. Additionally, the role includes managing security tools and IT systems with a special focus on DLP enablement. DLP Strategy & Policy Design Serve as a Subject Matter Expert (SME)for DLP solutions, technologies, and best practices. Design, implement, and optimize DLP policiesto detect and prevent unauthorized access, sharing, and data exfiltration. Define and maintain DLP governance frameworks, aligning with regulatory requirements Identify sensitive data requiring protection across endpoints, cloud, email, and network. Implementation & Configuration Deploy and configure DLP controlsto monitor, alert, and block potential data leaks. Define and enforce DLP rules for structured & unstructured data, including Personally Identifiable Information (PII), Intellectual Property (IP), and financial data. Integrate DLP solutions with other security tools. Monitoring& Continuous Improvement Monitor and analyzeDLP alerts and incidents, identifying trends and areas for improvement. Ensuring DLP alerts and incidentsget routed to monitoring/response processes in accordance with defined internal procedures Perform regular tuning and updatesto enhance detection accuracy and reduce false positives. Develop automated response actionsto mitigate risks and ensure business continuity. Compliance & Stakeholder Collaboration Ensure compliance with data protection regulations and industry security standards. Collaborate with cross-functional teams to resolve complex technical issues and to align DLP policies with business needs. Provide guidance and training to employees on DLP policies, security best practices, and insider threat awareness. Reporting & Documentation: Define and generate DLP metric supporting the reporting needs across the organization Document DLP configurations, policies, and operational procedures. Provide technical recommendationsto enhance data security strategies. About You To be considered for this role it is envisaged you will possess the following attributes: Ability to balance security measures with business needs A proactive approach to identifying and mitigating data loss risks before they become security incidents Proven experience with DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, McAfee/Trellix, Digital Guardian, Zscaler). Strong knowledge of DLP policies, rules, content inspection techniques, and data classification models. Experience working with cloud-based DLP (e.g., CASB, SaaS security, O365 DLP, Google Workspace DLP) Understanding of network security, endpoint security, and encryption techniques. Familiarity with SIEM, SOC workflows, and incident response processes. Moving forward together We want our people to be energized and empowered to drive sustainable impact. So, our focus is on a values-inspired culture that unlocks brilliance through belonging, connection and innovation. Were building a diverse, inclusive and respectful workplace. Creating a space where everyone feels they belong, can be themselves, and are heard. And we're not just talking about it; we're doing it. We're reskilling our people, leveraging transferable skills, and supporting the transition of our workforce to become experts in today's low carbon energy infrastructure and technology. Whatever your ambition, theres a path for you here. And theres no barrier to your potential career success. Join us to broaden your horizons, explore diverse opportunities, and be part of delivering sustainable change. Worley takes personal data protection seriously and respects EU and local data protection laws. You can read our full Recruitment Privacy Notice Please noteIf you are being represented by a recruitment agency you will not be considered, to be considered you will need to apply directly to Worley.

Role & responsibilities Core Responsibilities Monitor security dashboards and alerts to identify potential threats. Respond to security incidents by following established response plans. Conduct threat hunting to proactively identify vulnerabilities and potential threats. Collaborate with other departments, such as network engineering and incident response teams, for coordinated threat response. Analyze security incidents and document findings to prevent future occurrences. Develop and maintain security monitoring tools and processes. Implement and optimize SIEM, SOAR, EDR, and Threat Intelligence platforms. Conduct vulnerability assessments and penetration tests to identify weaknesses. Create and maintain incident response procedures and playbooks. Provide detailed reports on security incidents and emerging threats. Stay updated with the latest cybersecurity trends and threats. Experience 7-9 years of experience in cybersecurity, with a focus on SOC operations. Extensive experience with security monitoring tools and incident response. Proficiency in threat hunting and vulnerability analysis. Strong knowledge of network protocols, operating systems, and common cybersecurity threats. Experience with SIEM, SOAR, EDR, and Threat Intelligence platforms. Ability to conduct in-depth threat intelligence analysis and develop containment strategies. Experience in conducting vulnerability assessments and penetration tests. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Knowledge of frameworks such as NIST Cybersecurity framework, MITRE ATT&CK, and Lockheed Martin Cyber Kill Chain.

Title: SOC Analyst Location: Bangalore, India Role overview: As a SOC Analyst, you will be a crucial first responder to cybersecurity incidents, tasked with monitoring and analyzing threats, performing vulnerability assessments, and escalating critical issues to senior analysts. This role demands proficiency in managing and operating security tools, maintaining secure network traffic, addressing suspicious activities, and ensuring compliance with SLAs in a 24x7 operational environment. How you will create impact: Responsibilities: Incident response & analysis: Serve as the first responder during security events and when analysis of cyberattacks is required. Review incident alerts, run vulnerability tests, and escalate severe incidents to senior analysts in Tier 2. Technical Knowledge: Proficiency in Windows, Linux, networking, and incident handling in a 24x7 monitoring environment. SIEM and SLA Compliance: Knowledge on SIEM, adhere to SLA. Security Tool Management: Manage security tools - firewalls, intrusion detection and prevention technology. Network Defense: Must have the ability to defend the network. Tasks include monitoring, discovering, and analyzing possible threats. A SOC analyst should have the skills needed to maintain secure network traffic and respond to suspicious activities. Cloud and Operating System Expertise: Strong knowledge of Windows, Linux, and cloud platforms, along with networking fundamentals. Advanced Security Tools: Implement and manage security tools - firewalls, intrusion detection and prevention technology, threat and vulnerability management tools, data loss prevention tools, filtering technologies, traffic inspection solutions, reporting technology and data analytics platforms. Essential qualifications: 1-3 years of relevant experience in SOC. Should have BE/ B. Tech/BCA/MCA/ ME/M.Tech /B.Sc. (Computers)/M.Sc. (Computers) degree from a reputed University. Good to have knowledge in any programming languages- Python, C, Java Should possess strong communication skills, with the ability to effectively convey technical information to both technical and non-technical audiences, collaborate with team members, and provide clear and concise incident reports. Interview rounds & assessments: Table for Two: A brief chat with one of our Recruiters to assess your foundational competencies and provide an overview of TerraPay. Beyond the Bio: A discussion with an SME or the RM to evaluate your role-specific knowledge, problem-solving abilities, and gain a deeper understanding of the company and team dynamics. Manager Meetup: A comprehensive discussion about the role and responsibilities, expectations, and mapping out potential career growth. Hot Seat: A cultural fit round that includes an overview of the companys core values and long-term plans. Why TerraPay: TerraPay is a global money movement player on a mission to build a borderless financial world. We believe payments should be instant, reliable, transparent, seamless, and fully compliant. Registered and regulated across 31 global markets, we are a leading payment partner for banks, mobile wallets, money transfer operators, merchants, and financial institutions. We are proud to be a twice-certified Great Place to Work and were featured in the 2023 CB Insights Fintech 100 and the 2024 Financial Times 1000 lists. Our culture & core values: At TerraPay, we dont just talk about our values—we live by them. Humility, ownership & responsibility, entrepreneurship, global citizenship, and trusting empowerment are the principles that guide everything we do. If you’re looking for a career that offers abundant opportunities for innovation and a culture of excellence, TerraPay is the place to be. With comprehensive healthcare benefits, cab facilities for our India-based employees, and a generous leave policy, we’ve got you covered. Join us in one of our 10 offices worldwide and collaborate with a diverse team representing 40+ nationalities .

Introduction Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world"™s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum"”from prevention and early detection to diagnosis and treatment. Brief Description: An Information Security Management system is maintained to address the complex challenges and threats in the rapidly evolving digital landscape and fulfill the organization"™s purpose and values. As an Information Security Professional, you will play an essential role in implementing and maintaining our Information Security requirements in accordance with ISO27001 and other relevant regulatory standards. You will gain expertise in driving implementation of various Information security topics in a cross-collaborative environment. What are my key Responsibilities? Assist the implementation and continuous improvement of the ISO27001 Information Security Management System (ISMS). Conduct regular risk assessments and internal audits to ensure compliance with ISO27001 standards. Ensure adherence to all relevant regulatory requirements as directed by the Global Cybersecurity Governance Organization and country specific cybersecurity requirements. Assist to Develop and maintain policies, procedures, and process documentation to meet the Information Security requirements. Work closely with various departments to collect and analyze operational security measures and help integrate measures into all aspects of operations without the need for follow-ups or reminders. Assist project teams for information security inquiries and incident response. Monitor and respond to security incidents and breaches, ensuring timely resolution and documentation of incidents. Assist with Planning, coordinating, conducting and preparing detailed audit reports for internal and external audits to assess the effectiveness of the information security program. Follow up on audit recommendations to ensure timely implementation of corrective actions. Maintain a comprehensive audit trail for all information security activities and initiatives. What do I need to qualify for this job? Bachelor"™s degree in engineering, Information Security, Computer Science, or a related field with 4-6 years of working experience. Minimum of 2-3 years of hands-on experience in information security, with a focus on implementing ISO27001. Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements. Good understanding of ISO 27701 PIMS standards. Proven ability to work independently and collaboratively with cross-functional teams. Excellent communication, presentation and interpersonal skills. Self-directed with an ability to take ownership and accountability of assigned tasks. Familiarity with Software development best practices for ensuring security. Previous experience with Software quality assurance responsibilities will be preferred. Highly Recommended to have completed Lead Implementor certification in ISO 27001 standard . What else do I need to know? Siemens Healthineers is dedicated to equality and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens Healthineers are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. We are looking forward to receiving your online application. Please ensure you complete all areas of the application form to the best of your ability as we will use the data to review your suitability for the role.

Diverse Lynx is looking for SOC L2 Engineer to join our dynamic team and embark on a rewarding career journey Security Monitoring: Monitor security alerts and events from various sources, including security information and event management (SIEM) systems. Analyze and respond to security incidents, threats, and vulnerabilities. Incident Response: Conduct incident investigations, document findings, and implement corrective actions. Collaborate with incident response teams to contain and mitigate security incidents. Vulnerability Management: Conduct regular vulnerability assessments and coordinate remediation efforts. Stay informed about the latest security threats, vulnerabilities, and technologies. Security Infrastructure Management: Manage and maintain security technologies, such as firewalls, intrusion detection/prevention systems, and endpoint protection. Configure and fine-tune security tools to enhance detection and prevention capabilities. Log Analysis and Correlation: Analyze logs and security events for unusual or suspicious activity. Develop and implement correlation rules to enhance detection capabilities. Security Policy Enforcement: Enforce security policies and procedures to ensure compliance with industry standards and regulations. Recommend and implement improvements to security policies. Collaboration: Collaborate with other IT and security teams to ensure a coordinated response to security incidents. Provide support during security audits and assessments.

We are looking for a highly skilled and experienced Senior Consultant with expertise in Microsoft Defender to join our team. The ideal candidate will have hands-on experience with Microsoft Defender and related technologies, as well as strong technical knowledge of Windows Server and Linux. ### Roles and Responsibility Architect and implement Defender XDR solutions for clients. Serve as the subject matter expert on Microsoft Defender for customers, utilizing its capabilities in daily operational work. Secure overall cloud environments by applying cybersecurity tools and best practices. Advise customers on best practices and use cases for using Defender XDR to meet their end-state requirements. Develop content, including processes for automated security event monitoring and alerting, along with corresponding event response plans. Create and maintain documentation related to Microsoft Defender configuration, policies, procedures, and incident response playbooks. ### Job Requirements Hands-on experience with Microsoft Defender and related technologies such as Windows Defender, Microsoft Defender XDR, and Defender for Cloud. Ability to work independently and collaboratively in a fast-paced environment with a strong commitment to customer service and teamwork. Expertise in use case management in Defender XDR. Strong technical knowledge of Windows Server and Linux. Identify opportunities for performance optimization and efficiency improvements within Microsoft Defender solutions and implement changes as needed. Scripting knowledge (Python, Bash, PowerShell). Extensive knowledge of different security threats. Good knowledge and experience in Security Monitoring and Cyber Incident Response. B.Tech./B.E. with sound technical skills. Strong command over verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (SC-200, SC-100, SC-900,AZ-500) or any other cloud vendor certification is a plus.

We are looking for a skilled professional with 8 to 13 years of experience to lead our Vulnerability Discovery team, responsible for revolutionizing the way we identify and mitigate digital risks. The ideal candidate will have a strong background in vulnerability management, red teaming, or purple teaming, with expertise in automating vulnerability discovery and developing risk-based metrics to enhance EY’s digital defenses. ### Roles and Responsibility Spearhead the evaluation and management of the firm's digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. Collaborate closely with various departments to develop comprehensive strategies to protect EY's digital assets. Develop and implement innovative solutions to complex security challenges, leveraging deep technical expertise. Manage third-party risk assessments and identify assets that fail to meet stringent EY security standards. Monitor emerging threats in the digital landscape and advise on proactive measures to safeguard the firm against potential security breaches. Lead the development of a comprehensive strategy to identify and manage the risk of the firm’s digital footprint. ### Job Requirements Minimum 8 years of experience in vulnerability management, red teaming, or purple teaming. Strong understanding of cloud services, network security, and data protection principles. Expert knowledge of offensive security principles and experience in automating vulnerability discovery. Ability to develop performance metrics and risk-based assessments of digital exposure. Excellent analytical and problem-solving skills, with the ability to translate complex technical issues into clear business impacts. Demonstrated experience in managing third-party risk assessments and vendor relationships. Exceptional communication and interpersonal skills, with leadership experience and the ability to manage and develop a high-performing team. Ability to evaluate and prioritize competing priorities from varying stakeholders. OWASP training is a plus. Incident response experience is a plus.

We are looking for a highly skilled and experienced Senior Consultant with 5 to 10 years of experience to join our team in Bengaluru. The ideal candidate will have expertise in Cloud Security solutions, particularly in Microsoft Sentinel. ### Roles and Responsibility Architect and implement cloud security monitoring platforms like MS Sentinel. Provide consulting services to customers throughout the testing, evaluation, pilot, production, and training phases to ensure successful deployment. Serve as an SME on Cloud Security solutions for customers, utilizing solution capabilities in daily operational work. Secure overall cloud environments by applying cybersecurity tools and best practices. Advise customers on best practices and use cases for using the solution to meet their end-state requirements. Develop content, including processes for automated security event monitoring and alerting, along with corresponding event response plans. ### Job Requirements A strong technical background is required, with a B.Tech./B.E. degree and sound technical skills. Excellent verbal and written English language skills are essential. Demonstrated technical acumen and critical thinking abilities are necessary. Strong interpersonal and presentation skills are needed. Certification in Azure; other cloud vendor certifications are a plus. Experience in other cloud-native security platforms like AWS and GCP is beneficial. Proficiency in scripting languages such as Python, Bash, and PowerShell is expected. Extensive knowledge of different security threats is vital. Good knowledge and experience in Security Monitoring and Cyber Incident Response are crucial.

We are looking for a highly skilled and experienced Senior Consultant with 3 to 8 years of experience to join our team in Bengaluru. The ideal candidate will have expertise in Cloud Security solutions, particularly in Microsoft Sentinel. ### Roles and Responsibility Architect and implement cloud security monitoring platforms like MS Sentinel. Provide consulting services to customers throughout the testing, evaluation, pilot, production, and training phases to ensure successful deployment. Serve as an SME on Cloud Security solutions for customers, utilizing solution capabilities in daily operational work. Secure overall cloud environments by applying cybersecurity tools and best practices. Advise customers on best practices and use cases for using the solution to meet their end-state requirements. Develop content, including processes for automated security event monitoring and alerting, along with corresponding event response plans. ### Job Requirements Customer service-oriented with a commitment to meeting customer commitments and seeking feedback for improvement. Expertise in content management within MS Sentinel. Good knowledge of threat modeling and experience in creating use cases under Cyber kill chain and Mitre attack framework. Expertise in integrating critical devices/applications, including unsupported (in-house built), by creating custom parsers. Experience in developing migration plans from Splunk/QRadar/LogRhythm to MS Sentinel. Deep understanding of implementing best practices for designing and securing Azure platform. Proficiency in scripting languages such as Python, Bash, and PowerShell. Extensive knowledge of different security threats. Good knowledge and experience in security monitoring and cyber incident response. A B.Tech./B.E. degree with sound technical skills is required. Strong command over verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure; any other cloud vendor certification is a plus. People/project management skills are ideally desired.

We are looking for a highly skilled and experienced Senior Consultant to join our Tech Consulting team in ServiceNow Practice. The ideal candidate will have 2-7 years of experience. ### Roles and Responsibility Serve as a ServiceNow developer on cross-functional development teams, developing workflow solutions across various modules. Collaborate with application teams to design and implement data interfaces with other enterprise application systems. Develop integration solutions for multiple ServiceNow modules. Create and configure Business Rules, UI Policies, UI Actions, Client Scripts, and ACLs, including advanced scripting. Develop and manage operational metrics reporting and dashboards. Support the development and analysis of customer requirements and assist with user story creation. Perform application testing and maintain system design and operations documentation. ### Job Requirements Minimum 2 years of experience in ServiceNow development. Experience working on more than one application, including SecOps, Security Incident Response (SIR), Vulnerability Response (VR). Good understanding of Agile methodologies for software development. Excellent communication and teamwork skills. Ability to work collaboratively with project teams to ensure successful, technically sound projects completed on time and within budget. Strong technical skills in ServiceNow administration, implementation, and application development. ServiceNow Admin certified (CSA). Certified Implementation Specialist (CIS) for any module. Certified Application Developer.

We are looking for a highly skilled and experienced Senior Consultant to join our Tech Consulting team in the ServiceNow Practice. The ideal candidate will have 2-7 years of experience. ### Roles and Responsibility Serve as a ServiceNow developer on cross-functional development teams, developing workflow solutions across various modules. Collaborate with application teams to design and implement data interfaces with other enterprise application systems. Develop integration solutions for multiple ServiceNow modules. Create and configure Business Rules, UI Policies, UI Actions, Client Scripts, and ACLs, including advanced scripting. Develop and manage operational metrics reporting and dashboards. Support the development and analysis of customer requirements and assist with user story development. Perform application testing and create/maintain system design and operations documentation. Utilize Agile methodologies for software development. ### Job Requirements Minimum 2 years of experience in ServiceNow development. Experience working on more than one application, including Secops, Security incident response SIR, Vulnerability response VR. Strong knowledge of ServiceNow Admin certified (CSA), Certified Implementation Specialist (CIS for any module), and Certified Application Developer. Excellent communication and teamwork skills. Ability to work in an Agile environment. Strong understanding of IT services and consulting industry trends and technologies.

We are looking for a highly skilled and experienced Security Analyst to join our team in Bengaluru. The ideal candidate will have 7-10 years of experience in incident response, computer forensics, and malware reverse engineering. ### Roles and Responsibility Perform forensic and malware analysis to detect, investigate, and resolve security incidents. Engage in proactive threat hunting and provide expert security assessments using EDR, SIEM, and other tools. Communicate with IT stakeholders during incident response activities to ensure effective containment, remediation, and accurate identification of compromise indicators. Report on incident metrics, analyze findings, and develop reports to ensure comprehensive resolution and understanding of security events. Act as an escalation point for incident response, lead shifts, mentor junior team members, and contribute to team skill enhancement. Analyze security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture. ### Job Requirements Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT). At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and malware reverse engineering. Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations. Demonstrated experience in investigating security events, threats, and vulnerabilities. Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis. In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response. Possession of or willingness to obtain professional certifications like GREM, GCFE, GCFA, or GCIH. Experience with security incident response in cloud environments, including Azure. Knowledge of legal considerations in electronic discovery and analysis. Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python). Solid understanding of security best practices for network architecture and server configuration. Demonstrates integrity in a professional environment. Strong ethical behavior. Ability to work independently. Possesses a global mindset for working with diverse cultures and backgrounds. Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle. Positive attitude and Excellent teaming skills. Excellent social, communication, and writing skills. Good presentation skills. Excellent investigative, analytical, and problem-solving skills. Supervising Responsibilities: Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues. Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance.

We are looking for a highly skilled and experienced Senior OT Analyst to join our team, with 2-5 years of experience in the field. ### Roles and Responsibility Monitor and analyze ICS/OT alerts generated by IDS tools such as Defender for IoT, Nozomi, Claroty, etc. Identify unusual or suspicious activity, security breaches, or indicators of compromise. Triage and prioritize alerts based on severity and potential impact. Collaborate with SOC analysts and incident response teams to address and mitigate security incidents. Perform pcap analysis to investigate and validate OT alerts. Develop and maintain standard operating procedures (SOPs) for OT alert analysis and triage. Conduct regular security assessments and use cases validations to assure evolving threat coverage and remediation controls in OT systems. Conduct threat hunting activities to identify potential security threats within the OT environment. Provide expert guidance on ICS/OT security best practices and contribute to the continuous improvement of SOC processes. Document all security incidents comprehensively, providing detailed analysis and recommendations to prevent future occurrences. Design and maintain incident response plans and recovery procedures specific to OT incidents. Collaborate closely with IT security counterparts to ensure a cohesive security posture across both IT and OT domains. Stay updated with the latest trends and developments in ICS/OT security. Develop and deliver OT cybersecurity awareness training programs for operational staff. ### Job Requirements Strong knowledge of industrial control systems (ICS), SCADA systems, and other OT technologies. Good understanding of how OT and IT devices interact with each other and how OT devices work. Experience with SIEM tools and log management. Knowledge of regulatory requirements and standards related to ICS/OT security is desirable. Experience with network security solutions, including firewalls and intrusion detection systems (IDS). Analytical skills to screen through data and logs to identify patterns indicative of cyber threats or threat actor methods. Effective communication skills for interacting with technical and non-technical colleagues and stakeholders. Problem-solving attitude, with the ability to manage incidents under pressure. Knowledge of OT-specific malware, Mitre ICS tactics & techniques, and procedures used by threat actors. Relevant certifications are desirable.

We are looking for a skilled Email Security Engineer with 5 to 10 years of experience to join our team in Bengaluru. The ideal candidate will have a strong focus on Microsoft Defender for Office 365 (MDO) technologies and be able to enhance email security, optimize delivery, and integrate various security technologies and protocols. ### Roles and Responsibility Architect, implement, and manage solutions with a focus on Microsoft Defender for Office 365 (MDO), including anti-phishing policies, safe links, and attachments. Configure and optimize MDO services and integrate with other security solutions such as Cisco, Proofpoint, and Fortra. Implement and manage protections for Microsoft Teams, SharePoint, and OneDrive. Manage email authentication protocols (SPF, DKIM, DMARC) and implement encryption solutions like S/MIME and Office 365 Message Encryption. Handle L4 email security incidents, develop incident response plans, and provide technical guidance. Monitor systems, analyze metrics, and optimize for performance and compliance. Conduct proof of concepts (PoCs), product evaluations, and manage requests for comment (RFCs). Prepare and deliver presentations to leadership and support the security awareness training program. Work independently on projects from conception to completion and manage vendor relationships. ### Job Requirements Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience. Minimum 5 years of experience in email security engineering, with proven experience in incident response and managing security solutions. Strong analytical, problem-solving, and communication skills. Ability to collaborate effectively with diverse teams and deliver presentations to senior leadership. Proficiency in PowerShell, Python, and understanding of network protocols (TCP/IP, SMTP, etc.). Expertise in Microsoft Exchange Online and Defender for Office 365. Proficient in email security tools and platforms, anti-spam, malware detection, phishing prevention, encryption, and DLP. Experience with SPF, DKIM, DMARC, and email security solutions from Cisco, Proofpoint, and Fortra. Knowledge of MDO protections for Teams, SharePoint, and OneDrive. Desired Certifications: CISSP, CESS, or Microsoft 365 Certified: Security Administrator Associate. ### Additional Information Occasional on-call support or off-hours work may be required. Join our team and play a vital role in safeguarding our organization's email communication against emerging threats. If you are passionate about email security, possess strong technical skills, and are committed to maintaining a secure digital environment, we encourage you to apply.

We are looking for a highly skilled and experienced Senior CyberArk Operations Support Analyst to join our team. The ideal candidate will have 5-10 years of experience in managing complex CyberArk environments, with a strong understanding of PAM principles, CyberArk architecture, and cybersecurity best practices. ### Roles and Responsibility Lead the administration and advanced support of the CyberArk PAM solution, including complex troubleshooting, policy management, and platform optimization. Design and implement enhancements to the CyberArk infrastructure to improve security, efficiency, and compliance with industry standards. Oversee the onboarding of new accounts, platforms, and integrations into the CyberArk environment, ensuring adherence to strict security guidelines. Conduct regular system audits to identify potential vulnerabilities and recommend remediation strategies. Mentor junior analysts and provide guidance on best practices and technical challenges. Develop and maintain comprehensive documentation for system configurations, procedures, and service records. Coordinate with cross-functional teams to support enterprise-wide cybersecurity initiatives and projects. Manage critical incidents involving privileged accounts, including root cause analysis and preventive measures. Stay updated on emerging threats and technologies in the PAM space and evaluate their impact on the organization. Lead planning and execution of system upgrades, patches, and maintenance activities, minimizing disruption to business operations. Support compliance and regulatory activities by providing expertise and documentation as needed. Develop and maintain a comprehensive disaster recovery and business continuity plan for the CyberArk infrastructure, ensuring minimal downtime and quick restoration of services in case of an outage. Collaborate with the cybersecurity architecture team to design and implement a robust privileged access management strategy that aligns with the organization's overall security posture. Lead security incident investigations related to privileged accounts, including forensic analysis, and collaborate with the incident response team to develop a coordinated response plan. Proactively monitor the CyberArk environment for unusual activities and potential threats using advanced security tools and techniques. Serve as the subject matter expert for CyberArk within the organization, providing insights and recommendations to senior management on PAM-related matters. Participate in vendor management, including evaluating software solutions, negotiating contracts, and managing relationships with CyberArk and other security vendors. Drive continuous improvement initiatives by regularly reviewing and updating CyberArk policies and procedures to reflect the evolving threat landscape and business needs. Facilitate cross-training and knowledge sharing sessions within the team to ensure redundancy in critical skill sets and promote a culture of continuous learning. Engage with the broader cybersecurity community to stay informed about new vulnerabilities, attack vectors, and defense mechanisms related to privileged access management. Influence and enforce security policies and procedures across the organization, ensuring privileged access is managed in accordance with best practices and regulatory requirements. Assist in budget planning and management for the CyberArk operations team, including forecasting future needs for resources, tools, and training. ### Job Requirements Advanced knowledge of CyberArk PAM solutions, with relevant certifications such as CyberArk Certified Delivery Engineer (CDE), Defender, or Sentry. Proven experience in managing complex CyberArk environments, including components such as EPV, CPM, PSM, and AIM. Strong understanding of network security, identity and access management (IAM), and related technologies (e.g., SIEM, firewalls, multi-factor authentication). Expertise in scripting and automation to streamline operations and incident response. Excellent analytical, problem-solving, and decision-making skills. Leadership qualities and experience in mentoring or managing junior staff. Strong communication and presentation skills, with the ability to convey technical information to non-technical stakeholders. Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

We are looking for a highly skilled and experienced Cyber Security Consultant to join our team in Bengaluru. The ideal candidate will have 5-8 years of experience in supporting Data Security Technology, with a strong background in Information Security concepts related to Governance, Risk & Compliance. ### Roles and Responsibility Build and deploy DATA PROTECTION solution concepts and deployment requirements. Deploy and administer endpoint protection tools. Collaborate with vendors to support DATA PROTECTION technology, including troubleshooting and upgrades. Monitor and respond to alerts from Data Protection systems and other technologies. Follow incident response processes through event escalations. Respond to escalations by the Incident Response Team. Maintain leading DATA LOSS PREVENTION/CASB systems. Assist clients in privacy-related incident response activities and support their teams as an interim member (e.g., security officer, security manager, security analyst). ### Job Requirements Bachelor's or master’s degree in Computer Science, Information Systems, Engineering, or a related field. At least 5-8 years of experience in supporting Data Security Technology. Experience in administering DLP, CASB tools, including configuring policies, upgrading, and patching for leading vendors such as Digital Guardium, McAfee, Forcepoint, Netskope, Symantec CloudSOC, MCAS, etc. Technical/Vendor certification is an added advantage. Knowledge of core Information Security concepts related to Governance, Risk & Compliance. Ability to work independently and adapt to a changing environment. Demonstrated integrity in a professional setting. Strong analytical and problem-solving skills. Excellent verbal and written communication skills. Proficient in documentation and PowerPoint. Good social, communication, and technical writing skills. Ability to interface with internal and external clients. Flexible to work on rotational shifts and some weekend work may be required based on job needs. Professional certificate or active pursuit of related professional certifications such as CompTia Security+, CEH, CISSP, or Vendor/Technical certification; certified candidates are expected to complete one of the business-required certifications within 12 months of hire.

We are looking for a highly skilled and experienced Cyber Exercise Analyst to join our team in Bengaluru. The ideal candidate will have 2-4 years of experience in cyber security, with a strong background in risk strategy, digital identity, cyber defense, application security, and technology solutions. ### Roles and Responsibility Collaborate with cross-functional teams to develop and implement comprehensive cyber security strategies. Conduct thorough analysis of complex data sets to identify potential threats and vulnerabilities. Develop and maintain detailed documentation of cyber security processes and procedures. Provide expert guidance on cyber security best practices to stakeholders at all levels. Stay up-to-date with emerging trends and technologies in cyber security. Participate in incident response efforts to mitigate the impact of security breaches. ### Job Requirements Strong understanding of cyber security principles, including risk management and compliance. Experience with cyber security tools and technologies, such as SIEM systems and intrusion detection systems. Excellent analytical and problem-solving skills, with the ability to interpret complex data sets. Effective communication and collaboration skills, with the ability to work with diverse stakeholders. Ability to stay current with emerging trends and technologies in cyber security. Strong attention to detail, with a focus on delivering high-quality results. Expert knowledge of red teaming, tabletop exercises, cyber incident response, and threat intelligence processes. Experience in test documentation, red team report creation, threat intelligence report creation, and analysis for red teaming. Skilled in using information technology/security, proficient in writing technical documentation including manuals, policies, and procedures. Good time management skills and versatility to present to technical audiences. Knowledge of TIBER-EU is an added advantage.

We are looking for a skilled Senior (Endpoint Detection and Response) professional with 6 to 12 years of experience. The ideal candidate will have excellent teamwork skills, passion, and drive to succeed in combatting cyber threats. ### Roles and Responsibility Collaborate with team members to find creative and practical solutions to customers' challenges and needs. Design, implement, and operate EDR solutions such as Carbon Black, Tanium, Crowdstrike, Cortes XDR, Microsoft Defender ATP, MacAfee, Symantec, and similar technologies. Provide consulting services during testing, evaluation, pilot, production, and training phases to ensure successful deployment. Perform remote and on-site gap assessments, customization, installation, and integration of EDR solutions. Develop expertise in EDR use cases, including automated security event monitoring and alerting processes. Lead teams through various project phases and adapt to market trends. ### Job Requirements Minimum 6 to 12 years of experience in network administration or a related field. Strong oral, written, and listening skills are essential for effective consulting. Experience in cybersecurity operations, network security monitoring, host security monitoring, malware analysis, adversary hunting, modern adversary methodologies, all-source intelligence analysis, analytical methodologies, confidence-based assessments, and writing analytical reports is required. Working knowledge of Cuckoo, CAPE, or other sandbox platforms is necessary. Experience with security orchestration automation and response tools (Phantom, Resilient, XSOAR) and incident response platforms/DFIR toolsets is expected. Ability to lead teams and adapt to market trends. Certification in EDR or SIEM Solution is mandatory. Certifications in core security-related disciplines are an added advantage. A strong background in network administration is needed, with the ability to work at all layers of the OSI model and explain communication at any level. Knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security, and troubleshooting is required. Good understanding of programming/scripting languages such as Python, JavaScript, Bash, PowerShell, Ruby, Perl, etc. A degree in computer science, mathematics, engineering, or a similar field is preferred. At least 4 years of working in a security operations center.

Role & responsibilities SOC L2 Qradar : Incident Triage and Escalation : Review security alerts and incidents, determine severity, and escalate to the appropriate teams (e.g., L3, incident response) when necessary. Security Monitoring : Leverage SIEM tools like QRadar to actively monitor security events, correlate data, and detect abnormal patterns or potential threats. Root Cause Analysis : Investigate security incidents thoroughly to identify the root cause, using log analysis and threat intelligence to gain deeper insights. Incident Response : Coordinate and contribute to the response efforts during active security incidents, ensuring rapid mitigation and recovery. Threat Hunting : Proactively search for hidden threats within the network, looking for unusual activity or patterns that may indicate compromise or vulnerabilities. Log Analysis : Deep dive into logs (from firewalls, IDS/IPS, endpoints, etc.) to detect suspicious behavior and correlate events for comprehensive insights. False Positive Reduction : Work on refining SIEM alerts to minimize false positives, improving detection efficiency and alert quality. Collaboration with L3 and Other Teams : Communicate findings and assist L3 analysts or other internal teams with deeper investigations and remediation actions. Documentation and Reporting : Accurately document incidents, their findings, and remediation steps, and generate reports for management and stakeholders. Continuous Learning and Improvement : Stay updated on the latest security threats, attack techniques, and tools, and contribute to improving security processes and detection capabilities.

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. What can you expect? As a Cybersecurity Detection and Automation Engineer, you will be responsible for the consultation, creation, documentation and tuning of new and existing detection mechanisms to identify and mitigate threats within our Security Information and Event Management (SIEM) tool and our Managed Detection and Response (MDR) tool. Additionally, you will be responsible for supporting the growing automation efforts within GCD. We will count on you for: Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences Experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies Experience analyzing and articulating cyber attacks Demonstrated experience with programing languages (e.g., Python, PowerShell) for automation Implementation and customization of Security Orchestration, Automation, and Response (SOAR) platforms Knowledge in one or more of the following domains: Network Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography What you need to have: Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously Knowledge of common attacks, current threats, threat actors, and industry trends Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework Previous automation projects related to the Security space Working knowledge with multiple SIEMs and EDRs What makes you stand out? Cybersecurity Detection and Automation Engineer Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.