1461 Incident Response Jobs - Page 23

At EY, you will have the opportunity to shape a career that reflects your uniqueness, leveraging global resources, a supportive environment, an inclusive culture, and cutting-edge technology to empower you to reach your full potential. Your distinct voice and perspective are valued as we look to you to contribute to EY's continuous improvement. Join us in creating an exceptional experience for yourself and fostering a more prosperous working world for all. The role of IAM Administrator entails providing support and enhancements for engagements, ensuring adherence to SLAs, and maintaining high-quality deliverables. Your responsibilities will include: - Identity Management: Assisting in user account and profile management, ensuring accuracy and currency of user data in IAM systems, and promptly resolving user access issues. - Access Control: Configuring and managing access controls, implementing access policies, and monitoring access permissions to prevent unauthorized access attempts. - Security Compliance: Conducting access reviews, participating in audits to enforce security rules, and contributing to IAM-related documentation maintenance. - Incident Response: Participating in IAM incident response activities, collaborating with the security team to investigate and address security breaches or unauthorized access. - Collaboration: Enhancing IAM processes through collaboration with cross-functional teams, staying informed on IAM industry trends and best practices. Requirements: - A bachelor's degree in computer science, information security, or related field. - Strong interest in identity and access management and cybersecurity. - Exceptional analytical and problem-solving skills. - Effective teamwork and communication abilities. - Eagerness to learn and adapt to new technologies and security concepts. - Strong attention to detail and capability to handle sensitive data. - Flexibility to travel, provide on-call support, work overtime, and shift hours as needed. Education: Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field. Work Requirements: - Flexibility to travel as necessary. - Availability for on-call support and occasional overtime. - Willingness to work in shifts when required. Join EY in our mission to build a better working world, where long-term value creation for clients, people, and society, along with trust in the capital markets, are our primary goals. Our diverse teams across 150+ countries, enabled by data and technology, provide assurance and support clients in growth, transformation, and operations across various sectors. In assurance, consulting, law, strategy, tax, and transactions, EY teams challenge conventional thinking to address the complex issues of today's world.,

This position in the Managed Services organization involves supporting customers, applications, systems, and vendors in security operations, administration, and general maintenance. You will play a crucial role in CBTS's compliance strategy and objectives by performing various technical and functional tasks to mitigate physical and cyber risks, safeguarding customer information, systems, products, facilities, and assets. Your responsibilities will include operationalizing compliance policies, conducting day-to-day security operations, administering security applications and infrastructures, reviewing access to systems, applications, and facilities, performing vulnerability scans, patching and reporting on in-scope environments, providing vendor support, conducting maintenance activities, participating in incident/event response, assisting with documentation and policy creation, and collaborating with technology team leadership. Additionally, you will be expected to design innovative solutions using technologies and processes to mitigate risks to information, systems, products, facilities, and assets. Identifying and mitigating potential security risks, facilitating compliance with external regulatory requirements related to security, contributing to the development of policies and standards that mitigate risks, and ensuring the organization's adherence to these policies and standards will also be part of your role. The ideal candidate should have 4-6 years of experience, possess technical knowledge in security and compliance, including experience with network, compute, and/or application security technologies, a strong understanding of the OSI model, excellent communication and presentation skills, curiosity, motivation, creativity, effective planning and organizational skills, self-motivation, and initiative. This is a rotational shift role based in Chennai, and candidates who can join on short notice or immediately are preferred. Geetha Jeyabalan Senior Technical Recruiter geetha.jeyabalan@cbts.com,

As a Cybersecurity Trainer, you will play a crucial role in equipping professionals with the knowledge and skills necessary to navigate the dynamic landscape of cyber threats. Your primary responsibility will involve designing and delivering virtual training sessions that cover various cybersecurity domains like network security, ethical hacking, incident response, and risk management. You will be expected to develop and update training content, facilitate engaging live sessions, workshops, and webinars, and assess learners" performance through evaluations, labs, and hands-on exercises. Additionally, you will customize training programs to suit the specific requirements of clients or organizations and stay abreast of the latest industry trends, tools, certifications, and threats. To excel in this role, you should have prior experience as a Cybersecurity Trainer, IT Instructor, or Security Professional, with a deep understanding of cybersecurity frameworks, principles, and practices. Strong communication and presentation skills are essential, and experience in instructional design or curriculum development would be advantageous. Possessing relevant certifications such as CompTIA Security+, CEH, CISSP, or CISM is a requirement, along with the ability to simplify complex technical concepts for easy comprehension. Ideally, you should hold a Bachelor's degree in Cybersecurity, Computer Science, or a related field and be familiar with eLearning platforms like Moodle or Canvas. Experience with hands-on labs such as Cyber Range, TryHackMe, or Hack The Box would be beneficial. Joining our team offers you competitive compensation, flexible working hours, and the chance to make a meaningful impact on the future generation of cybersecurity professionals. You will thrive in a supportive, mission-driven work environment that prioritizes continuous learning and professional development.,

As a SOC Manager at NTT DATA, you will play a crucial role in leading the Security Operations Center (SOC) team to monitor, detect, and respond to security incidents. Your responsibilities will include managing the day-to-day operations of the SOC, ensuring compliance with security policies, and providing strategic direction to enhance the security posture of the Managed Security Service Provider (MSSP) and its clients. Your primary duties will involve team leadership and management, incident response, security monitoring and analysis, strategic planning, client management, reporting, and documentation. You will lead and mentor a team of security analysts and engineers, develop training programs, and conduct performance reviews. Additionally, you will oversee the incident response process, develop incident response playbooks, and coordinate with other departments and clients during major security incidents. In terms of security monitoring and analysis, you will ensure effective monitoring of client networks and systems for security threats, analyze security data and trends, and implement security tools and technologies such as SIEM, IDS/IPS, and threat intelligence platforms. Furthermore, you will develop and implement strategic plans to enhance security posture, stay updated with the latest security trends, and collaborate with other departments to align security strategies with business objectives. As the primary point of contact for clients, you will manage security incidents and issues, provide regular reports on security status, and conduct security assessments and vulnerability scans. You will also be responsible for preparing and presenting regular reports on SOC activities, documenting security incidents and responses, and maintaining detailed records of security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with a master's degree preferred. You should also have proven experience in a SOC or similar role, experience in leading and managing a team of security professionals, and relevant certifications such as CISSP, CISM, or CEH. Proficiency in security tools and technologies, strong knowledge of network security, incident response, and threat analysis, and excellent leadership and communication skills are essential. The work environment for this role may include working in shifts, occasional travel for client meetings or industry conferences, and a hybrid working setup. NTT DATA is a trusted global innovator of business and technology services committed to helping clients innovate, optimize, and transform for long-term success. With a diverse team of experts and a focus on digital and AI solutions, NTT DATA is dedicated to creating a sustainable digital future for organizations and society.,

As a shift lead in the Security Operations Center (SOC) at Virtusa, you will play a crucial role in supporting SOC operations by conducting detailed threat-based investigations, making recommendations for incident detection methodologies, and offering expert assistance for incident response and monitoring activities. Your responsibilities will include being a technical and strategic leader in driving key performance indicator (KPI) metrics, promoting automation, analytics, and operational efficiencies to enhance the overall security posture. You will be tasked with providing suggestions to enhance security postures, minimize security risks, and identify opportunities for automation to streamline manual efforts. Your role will involve ensuring the highest quality of SOC service delivery and aiding in the development of incident response actions, policies, and procedures, including process enhancements. As the escalation point for advanced security incident escalations from Level 1 SOC analysts, you will oversee all SOC activities and business-as-usual (BAU) tasks during your shift, which involves 24/7 support. Additionally, you will review and improve run books, operating procedures, and playbooks, as well as assign and prioritize tasks and incidents for Level 1 SOC team members. You will manage the incident pipeline, including escalating outstanding incidents, updating incidents as needed, and escalating open incidents when necessary. Furthermore, you will be responsible for meeting service level agreements (SLAs) and leading SOC shift handover calls. Your role will also involve providing continuous improvement initiatives and on-the-job training for Level 1 SOC analysts. Your expertise will be paramount in analyzing logs from various sources such as network devices, applications, infrastructure services, security products, and endpoint data using Security Information and Event Management (SIEM) tools and other security technologies. You will also lead security event and incident investigations, applying industry-recognized incident detection and response frameworks like NIST, MITRE, and others. At Virtusa, we prioritize teamwork, quality of life, and professional development. Join our global team of 30,000 professionals who are dedicated to fostering your personal and career growth. We offer exciting projects, opportunities to work with cutting-edge technologies, and a collaborative environment where great minds come together to innovate and excel.,

As a Senior Google Workspace Operations Lead, you will be responsible for managing and optimizing our extensive Google Workspace environment to ensure seamless operation, security, and scalability of collaboration and productivity tools. Your proactive problem-solving skills and passion for technology will be crucial in leading a team and driving success. Your key responsibilities will include managing and maintaining a large Google Workspace tenant, utilizing third-party tools for streamlining administration, designing and managing complex integrations, conducting security audits, leading a team of engineers, providing expert recommendations, and resolving technical issues promptly to minimize disruptions. To excel in this role, you should have at least 5 years of experience in managing large Google Workspace environments, deep technical proficiency in Google Workspace administration, APIs, and security best practices, integration skills, a security mindset, leadership acumen, excellent communication skills, and strong problem-solving abilities. The ideal candidate is a self-starter who thrives on challenges, enjoys working independently, and possesses a strong sense of ownership. If you are passionate about technology, dedicated to excellence, and ready to make a significant impact on our organization, we encourage you to apply and take your Google Workspace expertise to the next level.,

Join our dedicated team in a role where your expertise in risk assessments and cybersecurity exercises propels forward our mission of safeguarding our operations and enhancing resiliency. This position offers the unique opportunity to shape our security posture and contribute to our continuous improvement in an environment that values innovation and teamwork. As an Assessments & Exercises Senior Associate within our cybersecurity team, you will utilize industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. You will collaborate with the team to design and execute risk-promoting tests and simulations, evaluate preventative controls, incident response processes, and detection capabilities. Your ability to make informed decisions and foster continuous improvement will contribute to the achievement of our team's operational goals and the mitigation of cyber and resiliency risks. Collaborate with other Assessments & Exercises team members to conduct testing and simulations such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies to ensure alignment with industry standards and regulatory requirements. Partner with subject matter experts to evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation. Develop comprehensive assessment reports, including detailed findings, risk assessments, and remediation recommendations, and effectively communicate these insights to relevant stakeholders as you contribute to decisions that yield continuous improvement. Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy. Required qualifications, capabilities, and skills: - Formal Training or Certification required on Cybersecurity or resiliency, assessments or simulation exercises and 3+ years applied experience. - Prior experience in offensive or defensive technical cybersecurity roles, focusing on solutions to reduce cybersecurity risks. - Basic coding (scripting) experience in languages such as Python, C, JavaScript, and VBScript. - Demonstrated proactivity and resourcefulness in identifying and analyzing data sources for data-driven investigations. - Knowledge or experience in cybersecurity roles and processes, including Incident Response, Threat Intelligence, Penetration Testing, and more. - Familiarity with network architecture concepts, cloud architectures, and deploying large-scale applications in enterprise environments. Preferred Qualifications, Capabilities, and Skills: - Familiar in developing both tactical and strategic tools and capabilities. - Familiar in building analytical processes, templates, and documentation. - Bachelor's Degree in Computer Science or a related field, or equivalent experience.,

Monitor and authorize entrance,Patrol industrial premises,Write reports of daily activities and irregularities,Enforce company rules and regulations regarding safety, health, and security,onduct vehicle inspections at factory entry/exit points

10+ yrs Exp in cybersecurity Multi-tenant MSSP SOC Analytics rules KQL Playbooks Logic Apps Workbooks Connectors Incident response Detection use cases-MITRE ATT&CK Defender XDR stack PowerShell ISO 27001 SOC 2 /PCI DSS CISSP CISM GIAC (GCIA, GCIH)

We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience: Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep technical expertise in: Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications: Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Required Skills Email Security, EDR, Threat hunting, SIEM

About the Role: As a Information Security Officer, you'll join growing Global Corporate Security Office diverse international team bridging divisions, central services, and global entities. Ideal for career changers or early cybersecurity enthusiasts, this role offers a hands-on learning experience with room to grow. What Youll Do: Develop, review, and maintain security policies and procedures; produce documentation and guidelines to foster organizational security awareness. Support or manage internal frameworks and audits related to ISMS (ISO 27001), QMS (ISO 9001), and SOC2. Handle security incidents end-to-end, from detection to resolution and post-incident analysis. Contribute to security-focused projects: define requirements, assess risks & mitigations, and monitor adherence to securitybydesign principles. Advise on secure product design and development to uphold privacy and regulatory standards. Build team security maturity: assess current competencies, identify gaps, propose improvements, and drive training initiatives. Serve as a liaison for a designated Cegeka Group entity, addressing security/compliance queries and verifying conformance with baseline standards. Support corporate security office in validating compliance across group entities (CSAF/minimum security standards). Maintain the corporate security risk register: identify, document, and track organizational risks. Seek and participate in ongoing training to strengthen security expertise; provide feedback and suggest enhancements to existing processes. Technical Exposure: SIEM/SOAR : Hands-on experience with Splunk or equivalent tools. EDR : Familiarity with CrowdStrike endpoint protection. Vulnerability Management : Using tools like Microsoft Intune . Network Security : Understanding of firewalls (e.g., FortiGate) and other perimeter controls. Application Security (AppSec) : Secure coding practices, code reviews, and application threat modeling. SDLC Security : Integration of security controls into development lifecycles. AI Risk Awareness : Understanding risks associated with AI models and data privacy. Enterprise Risk Management : Experience in identifying, analyzing, and mitigating enterprise-level security risks. Threat Intelligence : Ability to analyze threat reports and integrate actionable intelligence into security posture. Requirements: Bachelors or masters degree in a relevant field or equivalent practical experience. Excellent communication capabilities with both technical and business stakeholders (e.g., CISO, IT, engineering). Familiarity with frameworks like NIST or ISO 27001. CISSP and/or CISM certifications. Fluent in English (verbal and written)

Join us as a Senior Cyber Operations Analyst Cyber Threat Hunting at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards You'll spearhead the evolution of our digital landscape, driving innovation and excellence You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences, To be successful as a Senior Cyber Operations Analyst Cyber Threat Hunting you should have experience with: Strong analytic skills, Strong experience in cyber security, especially in threat hunting or incident response, Good knowledge of security toolsets, Prior experience with scripting languages & proficiency in data analysis, Excellent inter-personal skills with experience of briefing, de-briefing and presenting to senior executives and having effective listening skills, Able to communicate effectively, both orally and in writing, with clients, colleagues, and external vendors, Excellent time management and planning skills with experience of working under pressure, Ability to remain organised and able to prioritise multiple incident priorities, Highest standards of personal integrity, professional conduct, and ethics, Incident, problem and change management skills Some Other Highly Valued Skills May Include Familiarity with Financial Services regulatory landscape and related compliance issues Formal accreditation e-g CompTIA Security +, CISSP Incident response and change management skills You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills, This role is based in Pune, Purpose of the role To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats, Accountabilities Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage, Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise, Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats, Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network, Management of cyber security incidents including remediation & driving to closure, Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness Collaborate closely with other functions/ business divisions, Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard The four LEAD behaviours are: L Listen and be authentic, E Energise and inspire, A Align across the enterprise, D Develop others, OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes, Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues, Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda, Take ownership for managing risk and strengthening controls in relation to the work done, Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function, Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy, Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc) to solve problems creatively and effectively, Communicate complex information 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience, Influence or convince stakeholders to achieve outcomes, All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship our moral compass, helping us do what we believe is right They will also be expected to demonstrate the Barclays Mindset to Empower, Challenge and Drive the operating manual for how we behave, Show

Role & responsibilities • Security Incident monitoring & Security Incidents analysis. • Good experience in using SIEM tools. • Knowledge on Threat analysis, evolving Threat landscape. • Knowledge on Event logging and event analysis. • Knowledge on Corporate security products like firewalls, IPS, Web/content Filtering tools, Compliance tools, ITIL process. • Knowledge on Vulnerabilities and threats. • Knowledge on Packet Analysis and Forensic Analysis. • React to attacks observed during incidence monitoring. • Good knowledge about common security attacks, targeted attacks. • Define and act to common security incidents and reporting to stakeholders. • Contributing to continue monitoring and improvement of security posture of the organization.

Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc. SIRT/SIEM/Threat Hunting Background/intel, netwitness, splunk, qRadar, RSA Netwitness, Linux/python understanding/Ethical hiking/programming background added advantage. Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit Very good understanding of security fundamentals and principles, attack techniques, Mitre, TTP, hacking tools etc Having experience of managing team of 24X7 team members across multiple locations. Red/Blue teaming activities Hands on experience on Threat Intel Management/Platform (TIM/TIP) Leveraging knowledge of the Cyber Kill Chain Framework and working familiarity of the MITRE ATT&CK Framework. Location: Noida. Must be willing to work in 24/7 shifts (including night shifts).

What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organizations security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications: Experience:6-8 years in cybersecurity, with a focus on SOC operations and incident response. Environment:Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills: Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM:Splunk, CrowdStrike, QRadar EDR:CrowdStrike, Carbon Black, SentinelOne SOAR:Palo Alto XSOAR, Splunk SOAR Forensics:FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes: Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM 3:00 PM 2:00 PM - 11:00 PM IST

Key Responsibilities Incident Response and Management: Lead the incident response process, including identification, containment, eradication, and recovery. Analyze and respond to complex security incidents and breaches. Conduct post-incident analysis and develop reports with recommendations to prevent future incidents. Security Monitoring and Analysis: Oversee the continuous monitoring of security alerts and events. Analyze logs and data from various sources (e.g., SIEM, firewalls, EDR, IDS/IPS) to identify suspicious activity. Perform advanced threat hunting and forensic analysis. Vulnerability Management: Conduct regular vulnerability assessments. Identify, prioritize, and remediate security vulnerabilities in systems and applications. Collaborate with IT and development teams to implement security patches and updates. Security Architecture and Engineering: Design and implement security solutions to protect the organization's networks, systems, and data. Develop and maintain security policies, standards, and procedures. Evaluate and recommend new security technologies and tools. Compliance and Risk Management: Ensure compliance with relevant regulatory requirements and industry standards (e.g., ISO 27001, NIST). Perform risk assessments and develop mitigation strategies. Document and maintain security controls and frameworks.Required Skills and Qualifications Technical Expertise: Advanced knowledge of cybersecurity principles, techniques, and technologies. Proficiency in using security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection solutions. Experience with vulnerability management, penetration testing, and forensic analysis. Experience: Minimum of 7-10 years of experience in cybersecurity, with at least 2-3 years in an L3 or senior role. Proven track record of handling complex security incidents and leading incident response efforts. Experience in designing and implementing security architectures and solutions. Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable. Analytical and Problem-Solving Skills: Strong analytical skills with the ability to identify and mitigate security threats. Excellent problem-solving skills and the ability to think critically under pressure. Communication and Collaboration: Strong communication skills, both written and verbal. Ability to collaborate effectively with cross-functional teams and stakeholders.Preferred Skills and Qualifications Experience with cloud security (e.g., AWS, Azure, Google Cloud). Knowledge of scripting and automation tools (e.g., Python, PowerShell). Familiarity with regulatory requirements and standards (e.g., GDPR, HIPAA).

Role Overview The Anti-Phishing Specialist leads the organization's efforts to detect, prevent, and respond to phishing attacks and other email-based threats. This role is pivotal in developing robust anti-phishing strategies, managing email security technologies, responding to incidents, and educating users to enhance organizational resilience against cyber threats. Key Responsibilities - Identify and facilitate takedown of phishing websites and rogue applications. - Proactively address a broad spectrum of cyber threats including DDoS, ransomware, business email compromise (BEC), spear phishing, whaling, vishing, and other social engineering attacks. - Monitor and analyze inbound emails to detect malicious content and recommend rule adjustments to reduce email-borne threats. - Design, implement, and maintain anti-phishing strategies, policies, and procedures. - Manage and optimize anti-phishing tools and platforms, including DMARC, DKIM, SPF, and secure email gateways. - Develop advanced detection rules and filters to counter evolving phishing tactics. - Lead phishing-related incident response efforts--containment, eradication, recovery, and post-incident review. - Deliver regular employee training and awareness programs on phishing prevention. - Collaborate with security teams to provide guidance on email security best practices. - Evaluate emerging anti-phishing technologies and recommend improvements. - Stay abreast of current phishing trends, attack methods, and mitigation techniques. - Produce detailed reports on phishing incidents, metrics, and defensive performance. Qualifications - Bachelor's degree in Computer Science, Information Security, or a related field. - 5+ years of hands-on experience in anti-phishing, email security, or a similar domain. - Strong expertise in email protocols (SMTP, etc.) and security standards (DMARC, DKIM, SPF). - Proven experience with enterprise email security solutions (e.g., Proofpoint, Mimecast, Ironscales). - Deep understanding of phishing tactics, social engineering, and email-based threat vectors. - Strong analytical, problem-solving, and communication skills. - Demonstrated leadership in mentoring or guiding security teams. - Preferred certifications: CISSP, Certified Email Security Manager (CESM), or equivalent. Required Skills SOC L2, Cyber Security, Phishing

As a Blue Team Cybersecurity Engineer, your main responsibility will involve safeguarding an organization's systems, networks, and applications from cyber threats. You will be part of a team tasked with monitoring, analyzing, and responding to security incidents while also implementing measures to strengthen the organization's security posture. Your expertise is vital in ensuring that the organization's systems are secure, resilient, and capable of withstanding cyber-attacks. You will be responsible for Security Monitoring and Incident Response by monitoring systems, networks, and applications for security incidents, investigating and analyzing security alerts, developing incident response plans, and collaborating with other teams to contain and recover from security incidents promptly. In terms of Security Operations and Threat Hunting, you will develop and maintain security monitoring systems, perform security assessments and vulnerability scans, conduct proactive threat hunting activities, and stay updated with the latest threat intelligence to enhance security measures proactively. Security Infrastructure Management will also fall under your duties, involving managing security tools and technologies, monitoring and fine-tuning security configurations, implementing security policies aligned with industry best practices, and collaborating with other teams to ensure secure configurations are in place. You will also conduct Security Awareness and Training programs to educate employees about security threats and best practices, provide guidance on secure coding practices, and foster a culture of security awareness throughout the organization. Your responsibilities will include preparing detailed incident reports, maintaining documentation of security incidents and response activities, and collaborating with stakeholders for proper reporting and escalation of security incidents. Qualifications and Skills: - Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field. - Proven experience in security monitoring, incident response, and threat hunting. - Strong knowledge of networking protocols, operating systems, and security technologies. - Familiarity with security frameworks (e.g., NIST, CIS) and regulatory requirements (e.g., GDPR, HIPAA). - Experience with security tools such as SIEM solutions, firewalls, and endpoint protection systems. - Understanding of security concepts like encryption, access control, authentication, and vulnerability management. - Knowledge of scripting and automation for security operations tasks. - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills. - Professional certifications such as CISSP, GIAC, CompTIA Security+, or Certified Incident Handler (GCIH) are desirable.,

The AI Data Platform Manager plays a crucial role in optimizing data platforms that drive business objectives by bridging business analysis, operational teams, and AI engineering. This role involves collaborating with various stakeholders to ensure that data platform administration and configuration align with organizational goals. Working closely with Engineering Leads, the AI Data Platform Manager focuses on maintaining high reliability and performance of data-driven AI products through efficient incident response, troubleshooting, and remediation efforts. Continuous improvement, operational excellence, and stakeholder collaboration are key aspects of this role to deliver scalable and reliable AI data platforms. Responsibilities of the AI Data Platform Manager include: - Administering, managing, and configuring ADB's AI Data Platforms to meet defined business requirements. - Collaborating with business analysis teams and business units to translate requirements into actionable platform configurations. - Partnering with Engineering Leads to align implementation plans and support operational needs. - Maintaining comprehensive documentation on platform configurations, procedures, and best practices. - Managing incident response, troubleshooting, root cause analysis, and implementing permanent fixes in collaboration with Engineering Leads. - Overseeing daily operations of AI Products and AI Data Platforms to ensure high availability and optimal performance. - Establishing and maintaining Service Level Agreements (SLAs) for platform uptime, response times, and service quality. - Monitoring platform performance, reliability, and scalability to recommend improvements aligned with business goals. - Identifying gaps in service delivery, proposing enhancements, and driving process improvements. - Facilitating regular status updates and SLA reviews with internal and external stakeholders. Requirements and Qualifications: - Bachelor's degree in Information Technology, Engineering, or related field. - Proven experience in data platform management, preferably with AI or machine learning platforms. - Strong understanding of business analysis and translating business requirements into technical configurations. - Experience in incident response, troubleshooting, and root cause analysis in a data platform environment. - Familiarity with establishing and maintaining SLAs for platform performance and service quality. - Excellent collaboration, communication, and problem-solving skills. - Proficiency in monitoring and optimizing platform performance, reliability, and scalability. - Strong focus on delivering quality outcomes. Soft Skills: - Exceptional problem-solving and decision-making abilities. - Excellent communication and leadership skills to guide technical discussions and mentor team members. - Strong focus on delivering quality outcomes. Work Arrangement: - Hybrid work model requiring onsite reporting three times a week. - Work schedule from 8:00 AM to 5:00 PM Manila Time. The AI Data Platform Manager will report to Kadra Saeed and collaborate closely with Engineering Leads, business units, analysts, and internal stakeholders to ensure the successful operation and optimization of AI data platforms at the Asian Development Bank.,

RateGain Travel Technologies Limited is a global provider of AI-powered SaaS solutions for travel and hospitality, collaborating with 3,200+ customers and 700+ partners in 100+ countries to enhance revenue generation through acquisition, retention, and wallet share expansion. Our organization is a key player in processing electronic transactions, price points, and travel intent data, assisting revenue management, distribution, and marketing teams in various sectors such as hotels, airlines, meta-search companies, and more. Founded in 2004 and based in India, RateGain has established partnerships with 26 of the Top 30 Hotel Chains, 25 of the Top 30 Online Travel Agents, 4 of the Top 5 Airlines, and major car rentals, including 16 Global Fortune 500 companies, to facilitate revenue growth consistently. RateGain offers a wide array of products designed to empower businesses in the Travel and Hospitality industry to boost revenue, optimize digital presence, and elevate customer experiences. Our key products include UNO, a cutting-edge AI-powered revenue maximization platform, Distribution for seamless inventory and pricing management, Demand Booster for driving traffic to hotel websites, and DAAS providing real-time data and insights for informed decision-making. As the Senior Partner - Security Compliance at RateGain, you will play a crucial role in developing, implementing, and managing the organization's security compliance and governance framework. Your responsibilities will involve ensuring adherence to regulatory standards such as GDPR, PCI DSS, ISO 27001, NIST, SOC 2, DPDP, and SEBI CSCRF, while proactively identifying and mitigating cybersecurity risks. Collaborating with internal and external stakeholders, managing audits, driving security awareness, and continuously enhancing compliance programs will be key aspects of your role to support business objectives effectively. Your day-to-day activities will include developing and managing cybersecurity governance frameworks aligned with global and local regulations, ensuring IT policies comply with industry standards, staying updated on regulatory changes, conducting security assessments and gap analysis, leading audits and regulatory assessments, assessing security risks, managing third-party vendor compliance, overseeing incident management, implementing cloud security governance, and driving security awareness initiatives. To qualify for this role, you should hold a Bachelor's degree in Computer Science, Cybersecurity, or a related field (Masters preferred), along with 7+ years of experience in cybersecurity governance, compliance, and risk management. Certifications such as CISSP, CISA, CISM, CRISC are preferred. Your knowledge should encompass expertise in security frameworks (ISO 27001, NIST, PCI DSS, GDPR, SOC 2, SEBI CSCRF), a strong understanding of cybersecurity governance, risk management, and compliance, and in-depth knowledge of IT security policies, risk indicators, and regulatory obligations. Moreover, your skills should include conducting security compliance assessments, risk analysis, and remediation planning, technical expertise in IT governance, cloud security, and incident response, as well as strong leadership, stakeholder management, and communication skills. Your attitude should reflect strategic thinking and problem-solving in cybersecurity risk and compliance, effective collaboration with internal and external teams, and adaptability to evolving cybersecurity regulations and best practices.,

As a Cybersecurity Specialist, you will be responsible for safeguarding your organization's IT systems, networks, data, and digital assets. Your primary objective will be to protect these assets from unauthorized access, cyber attacks, malware, and data breaches. You will play a crucial role in ensuring the continual secure operation of your organization's information systems by conducting risk assessments, developing security policies, configuring firewalls, detecting intrusions, and responding to security incidents. Your key responsibilities will include: Threat Assessment and Risk Management: - Identifying potential vulnerabilities and security threats in systems and networks. - Conducting regular security audits, scans, and penetration tests. - Analyzing security risks and providing recommendations for enhancements and risk mitigation. Security System Deployment and Maintenance: - Configuring and maintaining firewalls, intrusion detection systems, intrusion prevention systems, SIEM solutions, etc. - Implementing access control policies, VPNs, and multi-factor authentication. Security Monitoring and Incident Response: - Monitoring network traffic and system activity in real-time to detect suspicious behavior. - Responding to security incidents like data breaches, DDoS attacks, and malware intrusions, and performing forensic analysis. Policy and Compliance: - Assisting in developing and updating information security policies and best practice guidelines. - Ensuring systems comply with industry standards such as ISO 27001, NIST, PCI-DSS, HIPAA, and GDPR. Staff Training and Awareness Raising: - Organizing network security training for employees to mitigate human factors like social engineering and phishing attacks. - Enhancing the overall security awareness within the organization. To excel in this role, you should have: - A Bachelor's degree or above in Computer Science, Cyber Security, Information Technology, or related fields. - Knowledge of common attack methods and mastery in operating system security, network protocols, and encryption technology. - Proficiency in using security tools like Wireshark, Nmap, Metasploit, Kali Linux, Splunk, and CrowdStrike. - Experience in log analysis, incident response, and vulnerability management. Join our team as a Cybersecurity Specialist and contribute to the protection of our organization's critical assets against evolving cyber threats.,

You will be responsible for designing, developing, and maintaining scalable and secure backend systems and services for cloud-based applications. Your role will involve utilizing strong programming skills in Node.js, Python, Go, or Java, automating infrastructure using tools like Terraform or Ansible, and managing CI/CD pipelines for consistent delivery and workflow automation. Additionally, you will be expected to monitor and optimize system performance on platforms like AWS, Azure, or GCP, integrate backend services with frontend apps and APIs, implement cloud and code-level security best practices, manage Docker containers, orchestrate with Kubernetes, and document architecture, configurations, and operations. Supporting incident response and on-call duties will also be part of your responsibilities, along with staying updated with evolving cloud technologies. Your skills should include proficiency in Node.js, Python, Go, CI/CD, Terraform, Ansible, Cloud Infrastructure, and Incident Response. You will design and manage scalable cloud infrastructure on platforms like AWS, Azure, or GCP, automate provisioning with Terraform or similar tools, implement CI/CD using Jenkins, GitLab CI, GitHub Actions, etc., develop backend services using Node.js, Python, Go, or Java, monitor and secure systems for performance and uptime, collaborate closely with Dev and Ops teams to streamline deployments, and efficiently troubleshoot and resolve production issues. To excel in this role, you must have hands-on experience with cloud platforms (AWS, Azure, or Google Cloud), strong coding skills in Node.js, Python, Go, or Java, familiarity with Docker and Kubernetes, knowledge of Terraform, Ansible, or other IaC tools, understanding of microservices and REST APIs, and proficiency in Git and modern version control workflows. This is a permanent position in the IT Services & Consulting industry, requiring a B.Tech/B.E. degree in Any Specialization. If you are interested in this opportunity, please send your updated resume to career@simpsoftsolutions.com with the job title "Cloud Support Engineer" in the subject line.,

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect, and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States. It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! At TaskUs, we understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world. What We Offer: At TaskUs, we prioritize our employees" well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First. Overview: The Fraud and Risk Analyst will primarily be responsible for managing the Fraud Risk and Cyber Risks of a campaign. This generally covers identifying the Fraud Risks, recommending and implementing preventative and detective controls, managing all fraud-related risks across operations and support teams, and monitoring key controls for the detection and continuous audit of fraud risks. Primary Responsibilities: - Conducting Risk Assessments and other Risk Management Related activities. - Ensuring Alignment of Security Controls to Regulatory Standards. - Conducting Investigation and assisting in Litigation as needed. - Partnering with both Operations and Clients to strengthen security controls. Requirements: - Conduct reviews for the identification of fraud risks and recommend controls for the detection and prevention of fraud. - Completes assignments as directed by the Fraud Prevention and Audit team. - Must stay current with new fraudulent activities that may breach TaskUs" security measures. - Recommend new technologies for fraud detection and prevention. - Develop internal control and governance procedures to ensure minimal risk of fraud. - Evaluate TaskUs and client applications for separation of duties issues and general internal control deficiencies which may contribute to fraud risk. - Provide reporting from continuous audit/monitoring initiatives once fraud risks and controls are mapped. - Work with IT and InfoSec engineers for the implementation of DLP and user activity monitoring controls. - Provide Fraud incident response support and fraud investigation. - Participate in fraud mapping exercises and continuous audit processes. - Maintain and update relevant system and process documentation and develop ad-hoc reports as needed. - Perform a variety of other fraud and risk-related tasks. - Perform necessary functions as needed by Management. DEI: In TaskUs, we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know. We invite you to explore all TaskUs career opportunities and apply through the provided URL: https://www.taskus.com/careers/,

As a Cyber Security Engineer, you will collaborate closely with the Engineering Organization, IT, Information Security, Software Engineers, and our DevOps departments. Your team will ensure our back-end and front-end services, cloud infrastructure, DevOps pipelines, data pipelines, software and embedded platforms are secured in the most efficient manner. You will work to develop new systems and procedures to counteract threat vectors that arise within our cloud and embedded environments. The ideal candidate will be a meticulous problem solver who can work under pressure when required and will remain current with the latest attack trends and technologies. Responsibilities include participating in the planning, development, implementation, and management of security measures across various cloud platforms to ensure robust security. Utilizing advanced security tools like Wiz, BurpSuite, Sumologic, and Sonarqube to identify, analyze, validate, and stop vulnerabilities from entering the environment. Performing regular penetration testing and vulnerability assessments. Conducting comprehensive analysis of security data from microservice architectures, content distribution networks, data lakes, serverless functions, and databases. Using SIEM tools to correlate security events and identify anomalies. Participating in incident response efforts, performing root cause analysis, and implementing or suggesting corrective actions to mitigate security breaches. Developing and maintaining incident response playbooks. Assessing and mitigating security risks associated with the supply chain, like open source libraries, ensuring end-to-end security. Identifying and addressing software security flaws and misconfigurations to enhance overall security posture. Performing code reviews and static/dynamic analysis in languages including but not limited to Python, C++, C#, JS, Python, HCL. Developing and implementing custom security solutions, minimizing reliance on paid services. Creating security automation scripts and integrating security tools into CI/CD pipelines. Developing and implementing automated security testing functions to ensure continuous security validation. At GlobalLogic, we prioritize a culture of caring where you'll experience an inclusive culture of acceptance and belonging, with opportunities for continuous learning and development. You'll have the chance to work on interesting and meaningful projects that matter while maintaining balance and flexibility. As a high-trust organization, integrity is key, and we aim to provide a safe, reliable, and ethical global environment for our employees and clients. GlobalLogic, a Hitachi Group Company, is dedicated to digital engineering, collaborating with clients to transform businesses and redefine industries through intelligent products, platforms, and services.,

We are seeking candidates who possess the following experience: - Mandatory experience with any of the following: - Cylance Protect and Optics - Crowdstrike Falcon Insight - Sentinel One ActiveEDR - Carbon Black EDR - Practical experience in the security incident response lifecycle and its various phases - Proficiency in L1 and L2 in EDR - Hands-on experience in event and log analysis on Windows endpoints - Total experience: 3-7 years, Relevant experience: 2+ years Please take note that candidates must have expertise in the following skills: - EDR Experience - Specific EDR products worked on and the level of support provided - Incident Response - Malware Analysis - Willingness to work flexible shifts Skills required: Cyber Security, Network Security, and Web application security,