717 Incident Response Jobs - Page 28

SOC analyst Job Statement: NopalCyber makes cybersecurity manageable, affordable, dependable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are tailored to clients needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. For attending the walk-in, we request you to fill out this quick registration form(mandatory) https://forms.gle/MEaAUivs2832ka5A8 Job responsibilities: Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents, and escalate issues as appropriate Responsible for monitoring, detection of analysis through various input tools and systems (SIEM, IDS / IPS, Firewalls, EDR, etc.) Conduct basic red team exercises to test the effectiveness of preventive and monitoring controls Provides support for complex system/network exploitation and defense techniques to include deterring, identifying, and investigating system and network intrusions Support malware analysis, host and network, log analysis, and triage in support of incident response Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats Monitoring threat/vulnerability landscape, security advisories, and acting on them as appropriate Continuously monitors the security alerts and escalation queue, triages security alerts Monitoring and tuning SIEM (content, parsing, maintenance) Monitoring Cloud infrastructure for security-related events Delivers scheduled and ad-hoc reports Develop and coach L1 analysts Author Standard Operating Procedures (SOPs) and training documentation Work the full ticket lifecycle; handle every step of the alert, from detection to remediation Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty Perform threat-intel research, learn new attack patterns, actively participate in security forums. Job specifications: Qualification: Bachelors degree in Engineering or closely related coursework in technology development disciplines Certifications like CISSP, CEH, CISM, GCIH, GCIA are desirable Experience with the following or related tools: SIEM Tools such as Splunk, IBM QRadar, SecureOnix; Case Management Tools such as Swimlane, Phantom, etc.; EDR tools such as Crowdstrike, Sentinel, VMware, McAfee, Microsoft Defender ATP, etc; Network Analysis Tools such as Darktrace, FireEye, NetWitness, Panorama, etc. Experience: 3-10 years of SOC related work experience Desired Skills: Full understanding of SOC L1 responsibilities/duties and how the duties feed into L2/L3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts. Advanced knowledge of TCP/IP protocols and event log analysis Strong understanding of Windows, Linux and networking concepts Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools Good understanding of security solutions including SIEMs, Web Proxies, EDR, Firewalls, VPN, authentication, encryption, IPS/IDS etc. Functional understanding of Cloud environments Ability to conduct research into IT security issues and products as required Working in a TAT based IT security incident resolution practice and knowledge of ITIL Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred Malware analysis and reverse engineering is a plus Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

IS Specialist OT Security What you will do Let’s do this. Let’s change the world. In this vital role you will [responsible for developing and implementing security strategies that protect industrial control systems (ICS), SCADA networks, and other manufacturing infrastructure components. This role ensures the integrity, availability, and confidentiality of OT environments by integrating security monitoring, risk management, and compliance efforts into industrial operations. The OT Security Engineer works closely with Security Operations, Engineering and Infrastructure, and Operations to safeguard systems against cyber threats. Key responsibilities include implementing security best practices for OT, managing vulnerabilities, and collaborating with stakeholders to enhance the security posture of OT environments. . Roles & Responsibilities: Define, lead, and implement security strategies for OT environments, focusing on Industrial Control Systems (ICS) and SCADA. Implement and manage OT-specific security monitoring tools, ensuring real-time detection and response to cyber threats. Collaborate with engineering and operational teams to integrate security measures into OT network architectures. Assess and mitigate vulnerabilities in OT environments, ensuring compliance with industry standards (e.g., NIST 800-82, IEC 62443). Support security incident response efforts, including forensic analysis and remediation of threats in industrial environments. Coordinate with vendors, partners, and government agencies to address OT cybersecurity challenges. Develop security policies, procedures, and guidelines tailored to OT environments. Provide training and awareness programs to operational teams regarding OT cybersecurity best practices. Maintain relationships with vendors and strategic partners to enhance security capabilities. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Master’s degree with 4- 6years of experience in Information Systems or related field OR Bachelor’s degree with 6- 8years of experience Information Systems or related field OR Diploma with 10– 12years of experience in Information Systems or related field Preferred Qualifications: Must-Have Skills: Solid understanding of ICS, SCADA, and OT security principles Experience with network segmentation, firewalls, and intrusion detection systems in OT environments Knowledge of industrial protocols (e.g., Modbus, DNP3, BACnet, OPC, CIP) and their security implications Understanding of risk management frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP) Experience with security monitoring and detection in OT environments Good-to-Have Skills: Experience with security assessments and penetration testing for OT networks Proficiency in security tools (e.g., Nozomi Networks, Dragos, Claroty, Armis) Knowledge of cloud security and how it integrates with OT environments Scripting and automation skills (e.g., Python, PowerShell) Familiarity with compliance and regulatory requirements for critical infrastructure Professional Certifications (please mention if the certification is preferred or required for the role): GICSP (Global Industrial Cyber Security Professional) – Preferred CISSP (Certified Information Systems Security Professional) – Preferred ISA/IEC 62443 Cybersecurity Certificate – Preferred CompTIA Security+ – Preferred Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

SOC T1 Analyst What you will do Let’s do this. Let’s change the world. In this vital role you will responsible for the initial response to security events and incidents within a 24/7 Cybersecurity Operations Center (CSOC). This role involves following established procedures to investigate security events, providing feedback to improve processes, and assisting in the incident response lifecycle. Additionally, the associate will participate in knowledge-sharing sessions and correlate security alerts across platforms. Roles & Responsibilities: Follow established procedures to triage, investigate and respond to security events and incidents. Provide feedback to senior analysts to improve, review, and optimize existing procedures and documentation. Correlate security alerts from various platforms based on common elements. Participate in and lead CSOC Tier 1 knowledge-sharing and learning sessions. Assist incident responders in coordinating the response, containment, eradication, recovery, and lessons learned phases of the incident response lifecycle. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree with 1 to 3 yeras of experience in Security Operations or related field OR Diploma with 4 to 7 year of experience in Security Operations or related field Solid understanding of security technologies and their core functionality Experience in analyzing cybersecurity threats with up-to-date knowledge of attack vectors and the cyber threat landscape. Ability to prioritize tasks effectively and solve problems efficiently in a diverse, global team environment. Good knowledge of Windows and/or Linux systems. Preferred Qualifications: Familiarity with CSOC operations and incident response procedures. Experience with security alert correlation across different platforms. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) MTA Security Fundamentals (preferred) Soft Skills: Strong communication and collaboration skills, especially when working with global teams. Ability to prioritize and manage tasks in high-pressure situations. Critical thinking and problem-solving abilities in cybersecurity contexts. A commitment to continuous learning and knowledge sharing. Work Hours: This position requires you to work a later shift and may be assigned a second or third shift schedule. Candidates must be willing and able to work during evening or night shifts, as required. Potential Shifts (subject to change based on business requirements)Second Shift2:00pm – 10:00pm IST; Third Shift10:00 pm – 7:00 am IST. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Cloud Security Architecture Good to have skills : Hybrid Cloud Security, Microsoft Azure Security Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to ensure the security of information and infrastructures, while also addressing potential cyber threats. You will engage in proactive measures to safeguard business processes and contribute to the overall security posture of the organization, ensuring that all systems are resilient against evolving cyber risks. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Conduct regular security assessments and audits to identify vulnerabilities. Develop and implement security policies and procedures to enhance organizational security. Design, implement, and manage baseline security controls for cloud environments (Azure, GCP) Develop and enforce security policies using Infrastructure as Code (IaC) and Policy as Code (PaC) principles Collaborate with development, operations, and security teams to integrate security measures into the DevSecOps toolchain Conduct security assessments of cloud infrastructure to identify vulnerabilities and ensure compliance with security standards Implement automated security testing and monitoring solutions to detect and respond to security incidents Provide guidance and best practices for secure coding and configuration management Stay updated with the latest security threats, vulnerabilities, and industry trends to continuously improve security posture Document security policies, procedures, and incident response plans Professional & Technical Skills: Must To Have Skills: Proficiency in Cloud Security Architecture. Good To Have Skills: Experience with Hybrid Cloud Security, Microsoft Azure Security. Strong understanding of security frameworks and compliance standards. Experience with risk assessment and management methodologies. Familiarity with security tools and technologies for threat detection and response. Proven experience (min. 3 years) in cloud security with focus on GCP and Azure Strong understanding of Infrastructure as Code (IaC) and Policy as Code (PaC) concepts Proficiency in security tools and frameworks (e.g., Terraform, Sentinel) Experience with DevSecOps practices and tools Certification in cloud security (e.g., GCP Professional Cloud Security Engineer, Azure Security Engineer) Experience with security compliance standards (e.g., ISO 27001, SOC 2, GDPR) Knowledge of containerization and orchestration technologies (Docker, Kubernetes) Additional Information: The candidate should have minimum 5 years of experience in Cloud Security Architecture. This position is based at our Hyderabad office. A 15 years full time education is required. Qualification 15 years full time education

Job Summary: We are looking for an experienced SOC Security Analyst SME to join our cybersecurity team. This role involves real-time monitoring, threat hunting, incident response, and implementing modern detective controls to proactively defend against evolving cyber threats. Need Immediate Joiners or with a notice Period of a Month would be preferrable. Work From Office and will have Rotational Shifts. Key Responsibilities: Analyze and respond to security alerts and incidents. Perform deep-dive investigations to identify root causes and suggest mitigations. Design modern detective controls and continuously improve detection capabilities. Conduct proactive threat hunting and improve alerting use cases. Participate in 24/7 incident response rotation and document IR activities. Stay informed on threat actor tactics and industry trends to enhance security posture. Mandatory Skills & Qualifications: Bachelors degree in Computer Science, InfoSec, or related field 57+ years of experience in a Security Operations Center (SOC) or similar role Strong background in threat hunting and security incident analysis Experience with SIEM, SOAR, and XDR tools (e.g., Cortex XSIAM, Torq) Familiarity with cybersecurity frameworks like NIST , MITRE ATT&CK , and kill chain methodology Excellent analytical skills and attention to detail Preferred (Good-to-Have) Skills: Cloud security (Azure, AWS, GCP) Incident response experience in complex environments Endpoint and network forensic analysis Certifications: CISSP, GIAC, CEH Scripting in Python, PowerShell

•Review and triage information security alerts, provide analysis and determine and track remediation and escalate as appropriate •Assist with log management and security information and event management (SIEM) solutions design and configuration Required Candidate profile Scripting in one of the common scripting languages (Python, Bash, Powershell) is an asset. CISSP Certification is a plus.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your typical day will involve utilizing your expertise in product security to ensure the security of our systems and data, identifying vulnerabilities, and implementing effective security measures. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Identify vulnerabilities in systems and applications and develop strategies to mitigate risks. Implement and maintain security measures to protect systems and data. Conduct security assessments and audits to identify potential threats and weaknesses. Collaborate with cross-functional teams to ensure security best practices are implemented. Stay up-to-date with the latest security trends and technologies. Assist in incident response and recovery efforts. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills:Proficiency in Product Security. Experience with threat modeling and risk assessment methodologies. Strong understanding of network security protocols and technologies. Knowledge of secure coding practices and vulnerability management. Familiarity with security frameworks and compliance standards. Good To Have Skills:Experience with cloud security technologies. Experience with security incident management and forensics. Knowledge of encryption algorithms and cryptographic protocols. Additional Information: The candidate should have a minimum of 3 years of experience in Product Security. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Oracle Advanced Access Controls Good to have skills : Oracle Security, Oracle Governance Risk and Compliance (GRC) Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary As an Oracle Security Manager, you will work with our clients in defining their Fusion FIN / HCM / SCM security posture by creating custom roles as required.Work on RMC cloud - AAC, AFC, FRC as required. Roles & Responsibilities:-Manage a team of Cloud Security Administrators, ensuring they have the resources, training, and support needed to excel. -Partner with key stakeholders across the organization to understand and address security risks and compliance requirements. -Develop and implement comprehensive incident response plans and procedures. -Drive continuous improvement of the security program through regular audits, assessments, and risk management practices. Professional & Technical Skills: Must Have Skills: Proficiency in Oracle Security in FIN / HCM / SCM. Strong knowledge of Oracle ERP architecture, with hands-on experience in role customization. String knowledge of RMC modules of AAC, AFC & FRC. Solid experience in design discussions, creating design documents, and performing unit testing Ability to troubleshoot and resolve technical issues within the team and in collaboration with Oracle support. Proficiency in Segregation of Duties (SOD) and custom role creation, maintenance Familiarity with identity governance processes, role management, and security protocols is essential. Experience in troubleshooting and optimizing complex systems is a must. Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information: The candidate should have a minimum of 7 years of experience in Oracle Security & RMC. Overall IT work experience should be 12 years or above A 15 years full time education is required. Bachelor's degree in Computer Science, Information Technology, or a related field. Oracle RMC Certifications are a plus. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Gurugram office. 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Security Information and Event Management (SIEM) Operations Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Develop and implement security architecture solutions Conduct security assessments and recommend enhancements Stay updated on the latest security trends and technologies Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Strong understanding of security operations Experience with incident response and threat intelligence Knowledge of network security principles Familiarity with security compliance standards Additional Information: The candidate should have a minimum of 5 years of experience in Security Information and Event Management (SIEM) This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities: Design and implement secure, scalable GCP architectures. Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO). Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor. Manage Cloud Security Command Center for visibility, governance, and incident response. Implement Cloud Operations Suite for logging, alerting, and security analytics. Conduct threat modeling, vulnerability assessments, and define remediation paths. Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations. Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles. Support audit preparation, policy compliance, and security documentation efforts. Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset. Strong communicator with cross-functional collaboration experience. Continuously stays updated with evolving cloud threat landscapes. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement. Experience with Terraform, automated auditing, and log analysis tools. Additional Information:Bachelor's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CCSP preferred. 7+ years in security roles, with 3+ years in hands-on GCP security delivery. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Bengaluru office. 15 years of full-time education is required. Qualification 15 years full time education

We are looking for the candidates from Delhi/NCR for the position of IT Security Engineer for US client in Gurgaon location Candidates from West and South location need not to apply Job description Job Title: SOC Analyst Tier 2 Looking for Immediate Joiners or who can Join within 15-20 Days. Location: Gurgaon Shift : Rotational Shift / US Shift Budget: As per market standards + Shift Allowances Contract Tenure: 2 years contract on the payroll of Mynd solution. Share your CV at "Pratibha@myndsol.com" Please share your CV With the Subject line as SOC Analyst Work Experience 2 to 5 years of experience in Security Operations, SOC or Cybersecurity and Graduate in IT/CS from recognized University Key Skills - Candidate should be ready for rotational shift -.Candidate must have Excellent communication Skill - Candidate must have the knowledge of penetration testing, Knowledge of TCP/IP protocols, network applications. Good knowledge of security tools and monitoring devices - CCNA would be preferred - Equivalent Certifications (Network+, Security+, CySA+, GSEC, GMON) Job Requirement Keysight is looking for a Cybersecurity Analyst to join its growing organization and be part of its in-house Security Operations Centre (SOC). This is a position requiring a good technical background in Information Security practice, good knowledge of IT Security threats and solid communication and organizational skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work with the team to tackle incoming alerts. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. JOB DESCRIPTION Handling, and escalation of, alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security teams technology stack. Functional Responsibilities Experience Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms. Creating and maintaining documentation for security event processing. Acknowledge and handle the incoming security alerts. Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary. Assist the Incident Response team on alerts escalated to them by the SOC team. Develop/Update and follow Standard Operating Procedures (SOPs) and Playbooks to handle standard and out-of-band alerts. Report to the Incident Response Team quickly and efficiently regarding urgent matters. Ensure ticket queues are always within satisfactory limits and all tickets are updated. Provide On-Call Support for emergency or high severity issues. Liaise with partner teams and end-users for security related tickets and activities. Excellent analytical and problem-solving skills required. Experience working with SIEMs and evaluating SIEM alerts. Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Key Competencies Ability to think with a security mindset. The successful candidate has a good IT background with good level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.) • Knowledge of TCP/IP Protocols, network analysis, and network/security applications. • Good knowledge of various security tools and monitoring devices; e.g. able to read and understand IDS/IPS/Firewall/Proxy logs and determine the current state of play. Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise. Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives. Experience in large, geographically diverse enterprise networks. Ability to build lasting relationships with partner teams and stakeholders. Documentation; experience in writing reports and documenting tickets efficiently and accurately. Visit : http://www.keysight.com/ Feel free to reach me for any clarifications

To act as the SPOC for all third-party audits, especially from BFSI clients & create Network Infrastructure. JD: https://www.pinnacle.in/career/security-manager JD:https://www.pinnacle.in/career/network-manager To work purely from HO Nagpur

The responsibilities of this patch management administrator encompass the full lifecycle of software and system updates within the organization's infrastructure. This includes patch management, prioritization, rigorous testing, ensuring compliance, effective troubleshooting, and continuous monitoring. Additionally, this role is integral to assets and configuration management. The administrator oversees the entire process of applying necessary patches and updates, which are crucial for maintaining the security posture, operational stability, and optimal performance of our systems by addressing vulnerabilities, providing new features, and resolving existing issues. To achieve these goals, the patch management administrator will collaborate closely with system administrators, security teams, and other IT professionals, ensuring seamless operations and adherence to established patching policies. Key responsibilities related to patch management within the organization: Patch Deployment:** This includes managing, testing, and deploying patches for operating systems, applications, and hardware devices across the network. Patch Scheduling:** Develop and maintain a clear patch deployment schedule to ensure timely and organized application of patches, minimizing system downtime and disruption. Vulnerability Management:** A crucial aspect is identifying vulnerabilities in systems and software through consistent monitoring of patch release notes, vendor advisories, and security bulletins. Security Compliance:** All patch management activities must ensure compliance with relevant security standards, regulatory requirements, and internal policies. Testing and Validation:** Before deploying any patch to production environments, thorough testing in a controlled environment will be mandatory to confirm compatibility and stability. System Monitoring:** Continuously monitor the status of patch deployments, promptly identify any failed patches, and coordinate the necessary remediation activities. Documentation:** Maintaining detailed records of all patching activities, including schedules, testing outcomes, identified issues, and their resolutions, is essential. Regular reports will be prepared for IT management and auditors. Collaboration:** Effective collaboration with other IT teams, including network, security, and systems administrators, is vital to ensure consistent patch application across all systems. Incident Response:** Engineer must be prepared to troubleshoot any patching issues that arise and provide timely resolutions to problems caused by patch deployments. Patch Inventory Management:** Accurately tracking and maintaining an inventory of patches for all software and systems in use is necessary to ensure they are up to date and applied regularly. Continuous Improvement:** Staying informed about the latest patching tools, techniques, and best practices is key to continuously enhancing the patch management processes.

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Note : Preferable Immediate Joiner Security Analyst - L2 Responsibility: Coordinate with associate L1 Analysts Handle all the escalation of associate L1 Serve as shift leader and point of escalation for level 1 analysts Provide operational and technical support to the customer Oversee completion of day-to-day checklist(s), including: log review, management report scheduling, alert analysis, and escalation follow up activity status Provide knowledge to L1 to maintain and improve the Operation Ensure all unresolvable cases are passed to the correct team for action as appropriate Support implementation of SOC processes and perform periodic check for compliance Handle configuration and change management of SIEM / Logger. Duties: Ensure high level of quality when managing tickets, requests and Customer queries Capture requirements of Customer and prepare SIEM Rules, Reports and Dashboards Prepare reports & distribute in readiness for Customer tuning calls Arrange & manage client calls. Take actions accordingly. Create scheduled Customer reporting, from existing reports, whenever appropriate. Checklist Task for L2 Analyst : Handle all the escalation request of associate L1 Verify incident reported by associate L1 analyst Verify Reports made by associate L1 analyst

Need exp in Vulnerability Remediation, Patch, Active Directory, Incident response, Endpoint security, DLP, Device encryption, Security monitoring Exp- 6+ years Loc- Pune- Akrudi Immediate - 15 days serving needed Apply/share preethi.kumar@harjai.com

For Soc L3-Position: 7Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), Team management & Shift roaster Location: Pune Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight. 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Use case Creation 9.Team management 10.Shift Roaster 11.Monthly reports Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedures Please share your profile to anwar.shaik@locuz.com