1461 Incident Response Jobs - Page 19

Group Details Tradewebs Security Operations team is on the front lines, protecting Tradewebs clients and employees from the constantly evolving threat landscape. This role will help support and enhance our existing Security Operations program as part of our transformation into a hybrid operating model. The ideal candidate will have a combination of hands-on, technical experience and excellent written and verbal communication skills to explain complex issues in non-technical terms. The role will also have a chance to work with subject matter experts within cyber security, across infrastructure, data analytics, application development, and business teams. Job Responsibilities Reporting to the Director of Security Operations, this role will oversee a team of security operations (SOC) engineers that provide 24x7x365 detection and response capabilities for Tradeweb. Mature existing processes to provide measurable results across SecOps OKRs. As a member of Tradewebs technical incident response team, you will be responsible for executing Tradewebs technical incident response process focusing on disk/memory forensics, log analysis, evidence handling and formal report creation. Collaborate with Tradewebs Cyber Threat Intelligence teams to ensure operations engineers are aware of current threat actor tools, techniques and procedures (TTPs). Manage relationships with critical security vendors in local regions to ensure they are providing a level of excellence in line with Tradeweb standards. Train and mentor security engineers, primarily focused on incident response, threat hunting, and security automation. Build internal partnerships with key business stakeholders, particularly those in our Compliance, Infrastructure, and Risk organizations. Publish related metrics, key performance indicators (KPIs) and key risk indicators (KRIs) as well as providing regular updates to the senior management. Qualifications Minimum of 10 years of combined experience in information security and related technical disciplines, with at least 6 years focusing on security operations, incident response or cyber threat investigations. In-depth experience with Windows and Unix operating environments with a focus on disk and memory forensic analysis. Demonstrated experience leading and maturing security teams with a deep technical focus. Strong knowledge of SIEM technologies and hands-on experience with at least one of the following technologiesSplunk, ELK, XSIAM, QRadar. Ability to translate and operationalize technical, legal, and compliance requirements in a heavily regulated environment. Clear and concise communicator, can articulate cyber risk and impact across a wide range of audiences, to ensure decision makers have the information they need. Deep knowledge of network security architecture, internet protocols and web service technologies. Financial services experience is preferable, or experience in the financial technology (FinTech) area CISSP, CISM or equivalent qualifications preferred.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME in design and implementation of Network security using multiple products.- Develop and execute robust security protocols to prevent security breaches.- Facilitate cross-departmental collaboration to ensure cohesive security policies across the organization- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Conduct regular assessments of security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations and proven experience on Palo Alto and Cisco firewalls, Palo Alto Prisma Access, Cisco ISE- Good to have Skills: Network Load balancers preferably F5-BigIP, WAF- Strong understanding of cloud security principles and frameworks.- Experience with security incident response and management.- Knowledge of compliance standards and regulations related to cloud security.- Familiarity with security tools and technologies for threat detection and prevention. Additional Information:- The candidate should have minimum 10 years of continuous experience in Network Security Operations.- This position is based at our Bengaluru office.- 15 years full time education is required.- Willing to work in US Shift timings and WFH policy adherence. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that security measures are effectively integrated into the cloud environment and aligned with organizational objectives. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules Professional & Technical Skills: - Exp working in SOC/SIEM-Incident handling, use case management development , risk assessment, playbook recommendation, fine-tunings-SIEM/SOC operations experience for very large enterprises-Knowledge on MITRE/CKC framework-Security Analytical skills and analysis-Should have good customer handling skills-SIEM, Incident Response, Basic understanding of security technologies-User behavior/Malware Analysis, Knowledge on Securonix, Defender, CrowdStrike, FortiSOAR and Splunk Admin Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Company Overview Incedo is a US-based consulting, data science and technology services firm with over 3000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science & healthcare industries. Working at Incedo will provide you an opportunity to work with industry leading client organizations, deep technology and domain experts, and global teams. Incedo University, our learning platform, provides ample learning opportunities starting with a structured onboarding program and carrying throughout various stages of your career. A variety of fun activities is also an integral part of our friendly work environment. Our flexible career paths allow you to grow into a program manager, a technical architect or a domain expert based on your skills and interests. Our Mission is to enable our clients to maximize business impact from technology by Harnessing the transformational impact of emerging technologies Bridging the gap between business and technology Role Description Position Description: Incedo is seeking a SOC Analyst (L3/Tier 3/Threat Hunter) to join our rapidly growing cybersecurity team! Role and responsibilities: Participate in a rotating SOC on-call; rotation is based on the number of team members. Provide first-line SOC support with timely triage, routing and analysis of SOC tasks. Researches, develops, and monitors custom visualizations. Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives. Tunes and develops SIEM correlation logic for threat detection. Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks. Produce and review aggregated performance metrics. Perform Cyber Threat Assessment and Remediation Analysis Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data. Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise. Investigate network and host detection and monitoring systems to advise engagement processes.Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions. Participate in on-call rotation for after-hours security and/or engineering issues. Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions. Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods. Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection. Technical Skills Required Experience / Skills: Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 1+ years of Incident response Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE Attack Framework Knowledge of security operations and attacker tactics Ability to identify cyber-attacks and develop monitoring logic Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Support alert and notification triage, review/analysis through resolution / close Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) Nice-to-have skills In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Experience and solid understanding of Malware analysis Understanding of security incident response processes Qualifications Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Company Value

Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements). Perform detailed analysis of threats and security events, using sound analytical skills, knowledge, and experience, with a clear narrative to support conclusions. Maintain records of security events investigated, detailed notes of security incident resolution, and incident response activities, utilizing ticketing systems. Make situational incident response recommendations based on best practice security policies that address the clients business need. Research and stay up to date with current security vulnerabilities, attacks, threat actors, security advisories and the MITRE Attack Framework. Manage, maintain, and monitor security alerting systems from remote communications sites to ensure company compliance. Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues. Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network. Open, track and close trouble tickets. Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes. Interface with client through email, phone calls, and meetings or Aspire field personnel to mitigate security incidents. Assist with the preparation of SOC reports, research papers, and blog posts. Investigate and provide technical analysis of various security incidents and possible compromise of systems. Works as Tier I/L1 support and will work directly with Tier II/L2 and TIER III/L3 and NOC Engineers for issue resolution. Provide direct communication to affected users and companies on security incidents and maintenance activities. Maintain customer technical information within defined documentation standards. Obtain/maintain technical/professional certifications applicable to position or as directed. Communicate with customers, peers, team, and managers regarding incident and change management. Provide emergency on-call support on a rotating schedule. Perform other duties as assigned. Technical Skills Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Nice-to-have skills Qualifications Bachelors degree in computer science, Information Technology, or a related field. Experience of 2 to 3 years relevant experience. 1+ year of professional work experience in cyber security field 1+ year of experience with Security Event / Alert Management, Incident Response, and Change Management Processes 1+ year of experience handling security events related to Malware Detection and Analysis, Indicators of Compromise (IOC), Email Phishing, Endpoint Detection and Response (EDR) Knowledge of Runbooks, Playbooks and following Standard Operating Procedures Possession of an Industry Certification (Security+, CySA+, Cisco Cyber-Ops Associate, NSE4, or similar) 1+ years of experience in Security Management. SIEM and Log Management (MS Sentinel , IBM QRadar ,Splunk, OSSIM, FortiSIEM, LogRhythm, etc.) Experience with Firewalls (Palo Alto Networks, Cisco Firepower Manager) Experience with Endpoint Security (Cisco Secure Endpoint, CrowdStrike Falcon, Carbon Black, Microsoft Advanced Threat Protection) Experience with Network Traffic Analytics (Cisco Stealthwatch Cloud, Darktrace) Experience with DNS Security (Cisco Umbrella, Forcepoint) 2+ years of experience with Ticket Management Tools (e.g., ConnectWise, ServiceNow)

Location: Noida Educational Qualification: B.Tech. /MCA or equivalent and (Proofpoint) Technical certified. Job Summary: As an L3 Email Security Engineer, you will be responsible for the design, implementation, and management of advanced email security solutions. You will handle escalated issues, perform in-depth analysis, and provide strategic input to enhance email security protocols. Technical Skills: 7-9 years of experience in Email Security Advanced Technical Support : Provide fourth-tier support for email security issues and resolve complex technical problems. Security Architecture : Design and implement email security architectures, including encryption, anti-phishing, and anti-spam solutions. Incident Response : Lead the investigation and resolution of high-severity email security incidents. Conduct forensic analysis as required2. Policy Development : Develop and enforce email security policies and guidelines across the organization1. Threat Intelligence : Analyze email security threats and develop strategies to mitigate risks3. Compliance Monitoring : Ensure email security solutions comply with relevant regulations and standards. Collaboration : Work closely with other security teams to integrate email security with overall security posture3. Training & Awareness : Provide training and awareness programs to educate employees about email security best practices. Performance Optimization : Continuously monitor and optimize the performance of email security solutions. Reporting : Create detailed reports and dashboards on email security incidents and performance metrics. Key Responsibilities: Provide fourth-tier support to resolve highly complex email security issues. Assist in troubleshooting and analyzing intricate technical problems related to email security. Design and implement comprehensive email security architectures, including advanced solutions for encryption, anti-phishing, anti-spam, and threat detection. Lead the investigation and resolution of high-severity email security incidents. Conduct forensic analysis and provide detailed incident reports and recommendations. Analyze threat intelligence related to email security and incorporate findings into defense strategies. Stay updated on the latest email security threats and vulnerabilities. Ensure email security solutions comply with relevant regulations and industry standards. Conduct regular audits and assessments to verify compliance. Work closely with other security teams to integrate email security measures with the overall organizational security framework. Coordinate with IT and network teams for seamless implementation. These responsibilities position the L4 Email Security Engineer as a key player in safeguarding the organization's email communications and ensuring robust defenses against advanced threats. Technical Experience: Good knowledge of security principles, standards, and techniques. Professional Attributes: Should be open to work in any shifts, Travel to other locations when required, Willing to learn new technologies cross skilling, Upskilling Good Communication presentation skill.

Your Role Configure and customize FortiSOAR to automate and orchestrate security workflows across enterprise environments. Develop and maintain automation playbooks using Python and scripting languages aligned with security use cases. Integrate various security tools and platforms using APIs, Ansible, and custom scripts to enhance SOC capabilities. Monitor, analyze, and troubleshoot automated security processes to proactively address threats and improve response times. Collaborate with IT and security teams to align FortiSOAR configurations with organizational goals and compliance needs. Your Profile 9 to 12 years of experience in security automation and orchestration using FortiSOAR. Experience in Python and scripting languages with integration of security tools and platforms. Develop, create, and maintain automation playbooks based on security use cases. Integration expertise using APIs, Ansible, and Python for security software and toolsets. Basic understanding of networking and security concepts to support automation workflows. What you will love working at Capgemini Work on enterprise-scale security automation and orchestration using Forti SOAR, Python, and Ansible. Collaborate with global teams to develop and maintain playbooks and integrate security tools via APIs and scripts. Clear career progression paths from engineering roles to security architecture and consulting. Be part of mission-critical projects that enhance threat detection, response automation, and compliance for Fortune 500 clients.

Project description CISO organization plays a leading role in ensuring cyber and information security for our clients, employees and data and also manages the Group Operations and Technology (GOTO) risk and group strategies combined firm. Responsibilities The role involves providing advisory, guidance and assessment of DLP policies, allow lists/exceptions and baseline build up. Support the DLP taskforce/Issues with respect to changes and co-ordinate with the technology teams for implementation. Involvement with policy and requirements management and DLP Governance Skills Must have Good working experience with data protection/security controls such as data scanning, data leakage protection/prevention. Good understanding of risk assessments and ISO 27001 and incident response. Good communication skills and stakeholder management. 5+ years of experience with data protection controls. An experienced security specialist with deep understanding of DLP/Data at rest scanning, incident handling and alert handling on DLP. Very good insight to the working of DLP Is a certified cyber security professional, with a minimum of ISO 27001 or CISM, CRISC. -Has good understanding of Security Governance Stakeholder Management Good communication skills Nice to have N/A

Project description CISO organization plays a leading role in ensuring cyber and information security for our clients, employees and data and also manages the Group Operations and Technology (GOTO) risk and group strategies combined firm. Responsibilities The role involves providing advisory, guidance and assessment of DLP policies, allow lists/exceptions and baseline build up. Support the DLP taskforce/Issues with respect to changes and co-ordinate with the technology teams for implementation. Involvement with policy and requirements management and DLP Governance Skills Must have -Very Good working experience with data protection/security controls such as data scanning, data leakage protection/prevention. Deep understanding of risk assessments and ISO 27001 and incident response. Excellent communication skills and stakeholder management. 10-15 years of experience with data protection controls. An experienced security specialist with deep understanding of DLP/Data at rest scanning, incident handling and alert handling on DLP. Very good insight to the working of DLP Is a certified cyber security professional, with a minimum of ISO 27001 or CISM, CRISC. -Has good understanding of Security Governance Stakeholder Management Good communication skills Nice to have N/A

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments of security controls and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security compliance frameworks such as ISO 27001, NIST, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will provide enterprise-level advice to make organizations cyber resilient. Your typical day will involve engaging with various teams to assess and address cyber threats, developing strategies for digital asset protection, and ensuring that stakeholders maintain trust in the organization's security posture. You will also be responsible for staying updated on the latest cybersecurity trends and best practices to effectively guide your organization in navigating the complex landscape of cyber threats. Roles & Responsibilities:-Perform required audits and tests related to the Business Continuity Plans-Develop plans to safeguard data and intellectual property against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs-Work with Accenture's global asset and security organizations to develop solutions for clients unique problems and help implement business continuity plans and align resources, as appropriate-Deliver on key metrics (SLAs and KPIs) and contractual requirements successfully to execute run and transform projects to ensure the quality of functioning of teams to optimize security measures-Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience in developing and implementing security policies and procedures.- Ability to conduct security assessments and audits.- Familiarity with incident response planning and execution.-Active participation in hiring of talent, operating of projects in various type and scale, execute concepts and implementation strategies for various systems to ensure practical implementation of security standards across client and industries.-Understands requirements and participates in Solution Review, Client orals, Client visits etc. to represent Accenture to help client and provide solutions to clients needs.-Document and deliver security and emergency measures policies, procedures, and tests.-Conversant on multiple CyberSecurity domains like:Identity and Access Management, Network Security, Vulnerability Management (Infra and Applications), Cloud Security, Endpoint and Email Security, SOC\SIEM, Network Security, Risk & Compliance, Data Security independent of various tools, technologies and processes. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We are looking for an experienced Threat Hunting Analyst to join our Cybersecurity team. The ideal candidate will proactively hunt for cyber threats, analyze datasets, work closely with our SOC to detect, investigate, respond to security incidents. Required Candidate profile Conduct hypothesis-driven hunts using MITRE ATT&CK framework Execute threat simulation exercises to validate existing security controls Expert inThreat Hunting, Incident Response,Security Monitoring Perks and benefits To be disclosed post interviews

Entain India is the engineering and delivery powerhouse for Entain, one of the world's leading global sports and gaming groups. Established in Hyderabad in 2001, we have grown from a small tech hub into a dynamic force, delivering cutting-edge software solutions and support services that power billions of transactions for millions of users worldwide. Our focus on quality at scale drives us to create innovative technology that supports Entain's mission to lead the change in the global sports and gaming sector. At Entain India, we make the impossible possible, together. This role at Entain India involves working closely with teams across the group to identify and handle security incidents, ensuring that relevant security attacks are timely detected, investigated, and mitigated. Additionally, the role involves reviewing the security risks the organization faces and executing appropriate responses to ensure the security posture remains aligned with the dynamic needs of the organization. **Responsibilities include:** - Executing activities around incident response, security monitoring, threat hunting, security analytics, and reporting. - Collaborating with vendors, consultants, and third-party service providers to define baseline information security configurations for products deployed across all technology platforms. - Championing and continuously developing knowledge on emerging trends and changes in security operations. - Contributing to relationships across the Entain Group to deliver efficient and consistent security operations services through continuous improvement opportunities. - Ensuring visibility on issues and gaps resulting from security monitoring activities and suggesting innovative ways to address incident response. - Applying analytics to provide insight to the security operations team to enhance policies and processes related to risk management, security program management, and security governance. - Assessing current security operations processes and technology continuously to provide enhanced strategy, process, and technology recommendations. - Collaborating with security engineering and vulnerability teams to ensure security tooling provides appropriate visibility to detect and respond to security events. - Managing the development of baseline reporting metrics to effectively measure the health of the security operations domain. - Maintaining security procedures for products, applications, and platforms and acting as a technical resource for security or compliance matters. **Qualifications:** - At least two years of experience in a similar Information Security position. - Experience developing security tools and open-source projects. - Attention to detail and excellent problem-solving skills. - Outstanding knowledge of technical foundations behind networking, operating systems, and applications. - Good understanding of on-premises, cloud, and hybrid environments. - Good understanding of Information Security processes and theory. - Vulnerability research and exploitation skills. - Autonomous and self-organized. - Good communication skills and customer-facing experience. - Experience in vulnerability management, risk management, and traffic and packet analysis. **Competencies/Behaviors:** - Collaboration: Communicates effectively with a positive impact. - Analytical thinking: Thinks critically, providing well-reasoned insights through a commercial lens. - Agility: Quickly adapts and remains flexible while managing risks. - Acts with integrity: Takes ownership and does the right thing. At Entain India, we strive to create a diverse, equitable, and inclusive future for our people and the global sports betting and gaming sector. We value and celebrate individuality across all protected characteristics. We comply with all applicable recruitment regulations and employment laws globally and ensure ethical and compliant hiring practices. If you require any adjustments or accommodations during the recruitment process, please contact us.,

As a Principal BizOps Engineer at Mastercard, you will be part of the Business Operations (Biz Ops) team, specifically as a Business Operations Site Reliability Engineer (SRE). Your primary responsibility will be to ensure the production readiness of Mastercard products. This involves maintaining the stability and health of the platform, supporting developers in building resilient products, and enforcing operational standards. Your role will also include engaging early in the development lifecycle to be proactive in managing production and change activities, all while maximizing customer experience and ensuring compliance and risk mitigation. You will serve as the main contact for overseeing the overall health, performance, scalability, resilience, and capacity of applications. This entails supporting services before launch, collaborating with development teams to establish monitoring strategies, and automating alerts to escalate issues proactively. You will also be involved in incident response, post-mortems, and problem-solving to optimize recovery time and enhance reliability. In addition, you will work on automating data-driven alerts, improving the CI/CD pipeline, analyzing ITSM activities, and strategizing and designing efficient solutions for various aspects such as security, resilience, networking, and deployments. Your role will require a systematic problem-solving approach, strong communication skills, and the ability to collaborate with cross-functional teams to ensure system behavior aligns with expectations. The ideal candidate for this role will have a BS degree in Computer Science or a related field, coding or scripting experience, and a curiosity for new technologies and automation. You should possess knowledge of algorithms, data structures, and large-scale distributed systems. Additionally, experience with industry-standard tools, monitoring solutions, and cloud platforms like Azure, GCP, or AWS is advantageous. Preferred qualifications include coding experience in languages such as C++, Java, Python, or Go, familiarity with CI/CD tools, and expertise in network concepts, operating systems, and security implementations. You should also demonstrate a willingness to learn, adapt to challenging opportunities, and prioritize long-term system health while balancing quick fixes. As a member of the Mastercard team, you are expected to adhere to security policies, maintain the confidentiality and integrity of information, report any security breaches, and participate in mandatory security trainings. Your role is crucial in ensuring the security and success of Mastercard's operations and products.,

The Compliance Department in Vadodara is seeking a candidate with a Master's degree in Law, Business, Finance, or a related field, along with a minimum of 5 years of experience in compliance roles. As a Compliance Officer, your responsibilities will include staying updated on changes in laws, regulations, and industry standards. You will be tasked with designing and implementing policies and procedures to ensure compliance with regulatory requirements, conducting risk assessments to identify and evaluate compliance risks, and developing strategies to mitigate non-compliance risks effectively. In addition, you will establish monitoring and testing checklists to assess compliance across all departments, conduct periodic compliance audits, and investigations as necessary. You will be responsible for preparing and submitting compliance reports to senior management and regulatory authorities, as well as communicating compliance issues and recommendations to the executive team and relevant stakeholders. Collaboration with other departments such as Legal, Risk Management, and Internal Audit is essential to ensure a coordinated approach to compliance. You will also serve as a liaison between the company and regulatory agencies or auditors. Furthermore, you will develop and implement procedures for handling compliance violations and incidents, overseeing investigations, and resolutions of compliance-related matters. Regularly reviewing the compliance calendar and addressing customer grievances will also be part of your role. If you have a keen eye for detail, a strong understanding of regulatory requirements, and excellent communication and analytical skills, we encourage you to apply for this challenging and rewarding position in our Compliance Department.,

As a member of the team at Atos, you will be responsible for triaging, investigating, and analyzing security alerts that are escalated from L1 analysts. Your role will involve performing in-depth analysis of logs, alerts, and network traffic using various SIEM tools such as Splunk, QRadar, and ArcSight. Additionally, you will be expected to conduct root cause analysis of security incidents and provide recommendations for containment and remediation actions. It will be your responsibility to respond to medium and high-severity incidents and escalate critical incidents to L3 or IR teams when necessary. Furthermore, you will play a key role in threat hunting by utilizing IOCs, anomaly detection, and behavioral patterns. You will also be involved in the development and updating of incident response playbooks and standard operating procedures. Collaboration with vulnerability management and threat intelligence teams to enhance detection capabilities will be essential. Your duties will also include supporting the development and tuning of correlation rules in SIEM, as well as maintaining detailed documentation of investigations, findings, and response actions. Your work at Atos will contribute to the overall goal of creating a secure and decarbonized digital environment for clients, in line with the company's commitment to digital transformation.,

As a DevOps Engineer, you will define and implement DevOps strategies that are in line with the business objectives. Your role will involve leading cross-functional teams to enhance collaboration between development, QA, and operations. You will be responsible for designing, implementing, and managing Continuous Integration/Continuous Deployment (CI/CD) pipelines to streamline the release cycles. Automation will be a key aspect of your responsibilities, where you will automate build, test, and deployment processes to expedite the release cycles. You will also be tasked with implementing and overseeing Infrastructure as Code using tools like Terraform, CloudFormation, Ansible, among others. Managing cloud platforms such as AWS, Azure, or Google Cloud will also fall under your purview. Ensuring the security of CI/CD pipelines and infrastructure will be paramount, where you will monitor and address security risks. You will set up observability tools like Prometheus, Grafana, Splunk, Datadog, etc., to maintain visibility into system performance. Additionally, you will establish proactive alerting mechanisms and incident response processes. In the event of incidents, you will lead the incident response and conduct root cause analysis (RCA) to prevent future occurrences. Documentation will be a crucial part of your role, where you will document DevOps processes, best practices, and system architectures. Your expertise in evaluating and implementing DevOps tools and technologies will be instrumental in optimizing operations. Moreover, you will play a key role in fostering a culture of continuous learning and knowledge sharing within the team. Your contributions will be essential in enhancing the efficiency and effectiveness of the organization's DevOps practices.,

As a Site Reliability Engineer (SRE) at UBS, you will play a crucial role in ensuring the availability, performance, and resilience of our platforms in a mission-critical financial environment. Your primary responsibility will be to design, implement, and maintain highly available and fault-tolerant systems, with a focus on building and operating reliable, scalable systems in regulated industries such as banking and financial services. You will work closely with engineering, infrastructure, and security teams to build secure, observable, and automated systems, while fostering a culture of operational excellence. Your role will involve defining and monitoring Service Level Indicators (SLIs), Service Level Objectives (SLOs), and Service Level Agreements (SLAs) to guarantee system reliability and customer satisfaction. Additionally, you will lead incident response, post-mortems, and root cause analysis for production issues, as well as collaborate with development teams to embed reliability into the software development lifecycle. Joining the Operating Systems and Middleware (OSM) team at UBS, you will be part of a globally distributed team that supports critical infrastructure across different time zones using a follow-the-sun support model. Operating in a collaborative Agile environment, you will have the opportunity to work alongside talented engineers who are passionate about building reliable systems and solving complex problems. We value transparency, shared responsibility, and continuous learning, empowering our engineers to take ownership, innovate, and continuously improve. The ideal candidate for this role will have proven expertise in Site Reliability Engineering, with a background in software engineering, infrastructure, or operations. You should possess hands-on experience with cloud platforms like Azure, operating systems such as Linux RHEL7+, and networking fundamentals. A solid understanding of networking and storage technologies, authentication and naming services, scripting and automation, as well as infrastructure as code tools is essential. Additionally, you should demonstrate a metrics- and automation-driven mindset, strong collaboration and communication skills, and a proactive, ownership-driven attitude. Desirable additions to your expertise include experience with chaos engineering, resilience testing, disaster recovery planning, financial transaction systems, real-time data pipelines, core banking platforms, CI/CD pipelines, containerization, and orchestration. UBS offers a dynamic and inclusive work environment where diversity is celebrated, and employees are supported with new challenges, growth opportunities, and flexible working options. Join us at UBS, where collaboration and individual empowerment drive our success.,

The specialist combines expertise in cybersecurity and AI/ML to design, implement, and maintain security frameworks, ensuring the integrity, confidentiality, and compliance of AI-driven solutions throughout their lifecycle. This also involves collaboration with cross-functional stakeholders and AI Engineers to build and deploy enterprise-wide AI security framework. Responsibilities include designing and maintaining structured guidelines and controls to secure AI systems, covering data protection, model security, and compliance requirements. The specialist evaluates and utilizes established frameworks such as Googles Secure AI Framework (SAIF), NIST AI Risk Management Framework, or the Framework for AI Cybersecurity Practices (FAICP) as references or baselines. Identifying, assessing, and mitigating security risks specific to AI, including adversarial attacks, data poisoning, model inversion, and unauthorized access is crucial. Regular vulnerability assessments and penetration testing on AI models and data pipelines are conducted to ensure security. Data used in AI systems is encrypted, anonymized, and securely stored, with robust access controls (e.g., RBAC, ABAC, Zero Trust) implemented for sensitive AI data and models. Protecting AI models from tampering, theft, or adversarial manipulation during training and deployment is a key responsibility. Monitoring and logging AI system activity for anomalies or security incidents is essential, along with developing and enforcing policies to ensure AI systems adhere to industry regulations, ethical standards, and organizational governance requirements. Promoting transparency, explainability, and fairness in AI models, establishing real-time monitoring and advanced threat detection for AI systems, developing and maintaining an AI incident response plan, educating teams on AI security best practices, and collaborating with various departments to align AI security with organizational goals are also part of the role. Qualifications required for this position include a strong understanding of AI/ML concepts, architectures, and security challenges, as well as strong programming skills in Python, R, or similar languages. Experience in Google Cloud Platform (GCP) or equivalent, solid understanding of machine learning algorithms, neural networks, NLP, and computer vision, familiarity with cloud AI/ML services and deployment pipelines, and knowledge of security frameworks and regulatory compliance are necessary. Proficiency in data protection techniques, encryption, and secure access management, familiarity with adversarial machine learning, model hardening, and input sanitization, knowledge of incident response, monitoring tools, and threat intelligence platforms, excellent communication and documentation skills, a Bachelors or Masters degree in computer science, Data Science, Engineering, or a related field, 5+ years in AI/ML roles including hands-on model development and deployment, a track record of delivering AI solutions that drive business value, and relevant certifications such as CAISF, AICERTs, AI for Cybersecurity Specialization, GCP Cloud certification or equivalent in AWS or Azure, and cybersecurity certificates are preferred qualifications for this role.,

About KPMG in India KPMG entities in India are professional services firms affiliated with KPMG International Limited. Established in India in August 1993, KPMG professionals leverage a global network of firms and possess expertise in local laws, regulations, markets, and competition. With offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara, and Vijayawada, KPMG entities offer services to national and international clients across various sectors. The focus is on providing rapid, performance-based, industry-focused, and technology-enabled services that demonstrate a comprehensive understanding of global and local industries along with vast experience in the Indian business environment. Equal Employment Opportunity Information Qualifications - Graduation,

As an Information Security Specialist, you will be responsible for developing, implementing, and maintaining information security policies, standards, and procedures that align with the organizational goals. Your role will involve monitoring security incidents and events using security information and event management (SIEM) tools to identify and respond to threats effectively. Conducting risk assessments and vulnerability assessments will be crucial in identifying potential security threats and weaknesses. You will play a key role in supporting the incident response process by thoroughly investigating and documenting security incidents. Collaboration with IT teams will be essential to ensure that security best practices are integrated into the design and architecture of systems and applications. Additionally, you will lead incident response activities, including investigation, documentation, and reporting of security incidents. Conducting training and awareness programs to educate employees on security policies, practices, and emerging threats will be part of your responsibilities. You will also assist in compliance audits and reviews to ensure adherence to industry standards and regulations. Staying current on emerging security threats and trends, recommending appropriate mitigation strategies and technologies, will be vital in enhancing the organization's security posture. Participation in security awareness initiatives and promoting a culture of security within the organization will be an important aspect of your role. Furthermore, you will assist in the evaluation and implementation of security tools and technologies to enhance the organization's overall security posture. This is a full-time, permanent position with a morning shift schedule. The ideal candidate will have at least 2 years of experience in information security. The work location is in-person. Thank you for your interest in this Information Security Specialist position.,

You should have a Diploma / Bachelors / Masters Degree along with a minimum of 4-5 years of experience in a Security Operations Centre (SOC) or incident response team. It is required to possess at least one valid certification among Security+, CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA, or Cisco Cyber OPS certification. Being flexible to work in 24/7 shifts is a must. Your responsibilities will include 24/7 monitoring, triaging, and analyzing security events and alerts, as well as conducting malware analysis, including reverse engineering. You should have experience in coordinating incident response and troubleshooting across a global organization. It is important to be familiar with core concepts of security incident response and have a strong knowledge of email security threats and controls. Additionally, you should have a good understanding of Threat Intel and Hunting, network fundamentals, common Internet protocols, and experience in analyzing network traffic using tools like Wireshark. Experience in reviewing system and application logs, investigating security issues within Cloud infrastructure, and using SIEM tools such as Splunk, AlienVault, QRadar, ArcSight or similar is essential. Moreover, you should have experience in creating new detection rules and correlation rules, defining use cases for playbooks and runbooks, understanding log types and log parsing, and a strong passion for information security. A good understanding of CIS requirements is also required for this role.,

Tradeweb Markets is a global leader in electronic trading, catering to approximately 2,500 clients worldwide, spanning various sectors such as banks, asset managers, hedge funds, insurance companies, wealth managers, and retail clients across 65 countries. Since its inception in 1998, Tradeweb has been instrumental in revolutionizing and digitizing the fixed income markets. The company prides itself on a culture centered around innovation, creativity, and collaboration, leveraging the expertise of talented individuals, cutting-edge technology, and a wide network of clients to enhance financial market trading practices. As part of Tradeweb's Security Operations team, you will play a crucial role in safeguarding clients and employees from evolving cyber threats. The position involves supporting and improving the Security Operations program during the transition to a hybrid operating model. The ideal candidate should possess a blend of hands-on technical proficiency and exceptional communication skills to convey complex concepts in layman's terms. Additionally, the role offers opportunities to collaborate with cybersecurity experts spanning infrastructure, data analytics, application development, and business units. Reporting to the Director of Security Operations, you will lead a team of security operations engineers responsible for providing round-the-clock detection and response capabilities. Your key responsibilities will include enhancing existing processes to achieve measurable outcomes, executing technical incident response procedures, collaborating with Cyber Threat Intelligence teams, managing relationships with security vendors, training and mentoring security engineers, and establishing partnerships with various business stakeholders. The qualifications for this role include a minimum of 10 years of experience in information security and related technical fields, with at least 6 years dedicated to security operations, incident response, or cyber threat investigations. Proficiency in Windows and Unix operating systems, along with expertise in disk and memory forensic analysis, is essential. The candidate should have a proven track record of leading and developing security teams, familiarity with SIEM technologies like Splunk or ELK, and the ability to interpret and implement technical and compliance requirements in regulated environments. Moreover, effective communication skills, a deep understanding of network security architecture, financial services background, and certifications such as CISSP or CISM are advantageous for this role. By joining Tradeweb, you will be part of a dynamic team committed to enhancing the efficiency, connectivity, and transparency of electronic trading within the global financial markets.,

Job Title: L3 Production Support Engineer Location: Pune/Bangalore Job Type: Full-time We are looking for a highly skilled L3 Production Support Engineer to join our team. This position will focus on providing advanced technical support for our production systems, specifically in Java applications, Microservices, and MySQL databases. The ideal candidate will have extensive experience in L3 support, troubleshooting complex production issues, and applying ITIL best practices in a fast-paced environment. As part of the L3 support team, you will be responsible for handling critical incidents, resolving complex problems, managing escalations, and providing guidance to L1 and L2 support teams. Strong communication skills and the ability to collaborate with cross-functional teams are essential to success in this role. Key Responsibilities: - L3 Incident Management: Provide advanced technical troubleshooting and resolution for critical production issues related to Java-based applications, Microservices, and MySQL databases. - Production Monitoring: Proactively monitor the health and performance of applications and databases in the production environment. Use tools to identify potential issues before they impact end-users. - Root Cause Analysis: Perform deep-dive analysis of incidents and outages, identify root causes, and work with development teams to implement permanent fixes. - Escalation Management: Act as the final escalation point for complex issues raised by L1/L2 teams. Provide expert advice and resolution for high-priority incidents. - Change Management: Collaborate with the Change Management team to plan and execute system upgrades, patches, and deployments in accordance with ITIL processes. - Performance Optimization: Optimize the performance and reliability of Microservices and database queries in production. - Collaboration with DevOps and Development Teams: Work closely with DevOps, development, and QA teams to ensure smooth transitions from development to production, and support ongoing maintenance and enhancements. - Documentation: Maintain detailed documentation for operational procedures, troubleshooting guides, incident reports, and post-mortem analysis. - Knowledge Transfer: Share expertise and provide mentoring to L1 and L2 teams on technical troubleshooting, process adherence, and best practices. - On-call Support: Participate in a rotation for on-call support to ensure 24/7 availability for production issues. Required Skills & Qualifications: - Strong experience in L3 Production Support: At least 6+ years of hands-on experience in supporting production systems with a focus on Java, Microservices, and MySQL. - Proficiency in Java: Advanced knowledge of Java programming, debugging, and troubleshooting in production environments. - Microservices: Deep understanding of Microservices architecture, deployment, and troubleshooting in a distributed environment. - MySQL Expertise: Strong experience in MySQL database management, query optimization, and troubleshooting in production systems. - ITIL Knowledge: Hands-on experience in applying ITIL processes (Incident Management, Problem Management, Change Management) for production support. - Advanced Troubleshooting: Ability to diagnose and resolve complex production issues quickly and effectively, while minimizing service disruption. - Problem Solving: Strong analytical skills with the ability to think critically and implement solutions under pressure. - Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. - Team Collaboration: Proven ability to work effectively with cross-functional teams (development, QA, DevOps) in a fast-paced environment. - Monitoring Tools: Experience with monitoring tools (e.g., Nagios, Prometheus, Grafana) to track system health and performance. Preferred Skills & Qualifications: - Cloud Platforms: Familiarity with cloud-based environments (AWS, Azure, etc.) and containerization (Docker, Kubernetes) is a plus. - Automation Tools: Knowledge of automation tools like Ansible, Jenkins, or similar is an advantage. - Incident Response: Experience with advanced incident response and coordination during high-severity production incidents. - ITIL Certification: ITIL Foundation or Intermediate certification is desirable. Education & Experience: - Bachelors degree in Computer Science, Information Technology, or a related field. - 6+ years of experience in L3 Production Support, with a strong focus on Java, Microservices, MySQL, and ITIL processes. Why Join Us: - Be part of a dynamic team supporting high-impact, mission-critical applications. - Gain exposure to cutting-edge technologies and diverse system architectures. - Opportunities for growth and development within a collaborative and innovative work culture. - Work in a fast-paced, exciting environment with the support of a talented team of professionals. At Indium diversity, equity, and inclusion (DEI) are the cornerstones of our values. We champion DEI through a dedicated council, expert sessions, and tailored training programs, ensuring an inclusive workplace for all. Our initiatives, including the WE@IN women empowerment program and our DEI calendar, foster a culture of respect and belonging. Recognized with the Human Capital Award, we are committed to creating an environment where every individual thrives. Join us in building a workplace that values diversity and drives innovation.,

As a Firewall Engineer Cloud Support Management at our organization in Bangalore, you will play a crucial role in managing and securing cloud infrastructure across AWS, Azure, and GCP. Your responsibilities will include overseeing firewall systems, provisioning cloud infrastructure, responding to incidents, implementing automation through Infrastructure as Code (IaC), and ensuring security compliance and policy enforcement. In the realm of Cloud Infrastructure & Firewall Management, you will be tasked with administering, configuring, and securing firewall systems in both cloud and hybrid environments. Additionally, you will oversee the provisioning, monitoring, and lifecycle management of cloud infrastructure to ensure performance and operational resilience. Your role will involve responding to cloud infrastructure incidents and security alerts, identifying root causes, and implementing long-term remediation strategies. Furthermore, you will drive automation and IaC initiatives to enhance infrastructure deployment, optimize costs, and enforce policies effectively. Your expertise in Infrastructure as Code & CI/CD Integration will be demonstrated through the use of Terraform to define and manage cloud infrastructure, including firewall configurations. You will also be responsible for building and maintaining CI/CD pipelines using tools like GitHub Actions, Jenkins, or Azure DevOps to streamline deployment processes and security updates. It will be essential to store and manage IaC in version control systems to ensure traceability, compliance, and policy adherence. Security, Compliance & Policy Enforcement will be a critical aspect of your role, where you will implement strong access control, segmentation, security policies, and firewall/ACL configurations in cloud environments. You will proactively identify security risks and recommend mitigation strategies for hybrid-cloud deployments. Additionally, you will deploy monitoring solutions for cloud and firewall security visibility, define key reliability and security metrics, and conduct audits of firewall configurations to maintain compliance and transparency. Collaboration & Knowledge Sharing will be key components of your responsibilities, requiring coordination with infrastructure, DevOps, security, compliance, and engineering teams to resolve incidents and improve architectural resilience. You will create SOPs and playbooks, contribute to team knowledge-sharing efforts, and support continuous efficiency improvement within the organization. To excel in this role, you should possess at least 5 years of experience in cloud support, firewall engineering, or related network security roles, particularly in AWS, Azure, and GCP hybrid environments. Additionally, relevant education/certifications such as AWS Solutions Architect/DevOps Engineer, Google Cloud Professional Cloud Architect/Engineer, and Azure Administrator/Solutions Architect will be beneficial. Proficiency in technical skills like Terraform, CI/CD tooling, firewall technologies, network segmentation, VPNs, and expertise in infrastructure security best practices are essential. Strong analytical, problem-solving, communication, and collaboration skills will also be crucial for successful cross-functional teamwork and efficiency improvement.,