307 Incident Response Jobs - Page 3

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Security Incident Response. Experience5-8 Years.

Diverse Lynx is looking for Splunk Developer to join our dynamic team and embark on a rewarding career journey A Splunk Developer is responsible for designing, implementing, and maintaining Splunk-based solutions to collect, analyze, and visualize machine-generated data for various operational and security purposes They work closely with stakeholders to understand data requirements, develop data ingestion processes, create dashboards and reports, and automate data analysis workflows Splunk Developers also collaborate with cross-functional teams to ensure optimal performance, scalability, and security of Splunk deployments Key Responsibilities:Collaborate with stakeholders to understand data requirements, use cases, and objectives for Splunk deployments Design and implement data ingestion processes, including data collection, parsing, normalization, and indexing in Splunk Develop custom Splunk queries, search strings, and data models to extract meaningful insights from machine-generated data Create interactive dashboards, reports, and visualizations using Splunk's search processing language (SPL) and visualization tools Implement and maintain Splunk apps, add-ons, and configurations to support specific use cases or data sources Automate data analysis workflows and alerting mechanisms to identify and respond to critical events and anomalies Optimize Splunk deployments for performance, scalability, and search efficiency Monitor and troubleshoot Splunk infrastructure and resolve issues related to data ingestion, search performance, and system availability Collaborate with security and operations teams to develop and implement Splunk-based security monitoring, log analysis, and incident response solutions Ensure data privacy and security by implementing access controls, data encryption, and compliance with relevant regulations Stay updated with Splunk product releases, new features, and best practices to recommend and implement improvements in Splunk deployments Provide training and support to end-users on utilizing Splunk for data analysis and visualization

Hi, Job Location : Guwahati Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience and Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. If youre interested for Guwahati location please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email Id : ashwini.chakor@ril.com

Requirements: Bachelors degree in Computer Science, Information Technology, or a related field. Strong technical knowledge in areas such as Threat Intelligence, DDOS, Security Monitoring, and SIEM tools. Hands-on experience in vulnerability management, patching (OS & applications), and remediation practices. Proficiency in TCP/IP, networking concepts, and security technologies (e.g., firewalls, proxies, antivirus, IDPS). Experience with event correlation, incident response, and malware/threat analysis. Strong scripting skills and ability to automate security processes. Excellent communication skills and ability to work collaboratively in high-pressure situations. Preferences: Master’s degree in Information Systems or a related field. SIEM, Networking/Router, or Vulnerability Management Tool certifications/training. Exposure to data center or cloud security environments (certifications are a plus). Experience in penetration testing and security assessments. Familiarity with implementing and managing VPNs, secure gateways, and encrypted communications. Proven ability to conduct security research and recommend effective enhancements. Demonstrated passion for cybersecurity and a strong drive to stay updated with industry trends.

LTIMindtree Hiring for Azure Sentinel L2/L3 SOC Analyst for Hyderabad Location- Notice period-immediate to 15 days. Exp-5 to 8 yrs. Location- Hyderabad Skill Combination: Minimum 6 yrs in security domain, and at least 3 yrs as L2/L3 if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview (YES/NO)- Job Description- Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct post incident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

Core Responsibilities Assist with technical control design, implementation and monitoring, support incident responses and assist with providing root cause analysis support for incidents. Monitor for attacks, intrusions, and un-usual, unauthorised or illegal activities when the Security Analysts are finding the instance challenging. Keep an eye on the alerts from systems including SEIM solutions and vulnerability monitoring services and check if the Analysts are able to handle the flow appropriately, if not then jump in and investigate if there are any abnormality in the inflow. Monitor identity and access management, including monitoring for abuse of permissions by authorised systems users if the stats are fluctuating or when you see a spike in the alerts. Assist with Information Security Reporting and metrics, providing input into improving information security reporting and metrics. Identify/recommend improvements on internal investigation capabilities via tool and process building/automation. Provide support to recovering from security breaches; participate in investigation and remediation of security incidents, which may include working as part of a team Assist in perform deep-dive incident analysis, determining if critical systems or data sets has been impacted. Assist with the definition and configuration of compliance policies for security technologies. Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases. Support the incident response of minor incidents by advising on remediation actions, escalating major incidents to the designated parties. Recording lessons learnt whilst supporting on improving existing processes and procedures. Providing support of new analytic methods for detecting threats. Continuously seeking to identify potential service and process improvements. Participate in the implementation of technologies and platforms supporting the corporate infrastructure. Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility. Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility. Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations. Monitoring technical controls that are in place Addressing quires raised by the Security Analysts during investigation or other BAU. Assist Security Analysts in decision making and help in setting up standards. Will be responsible to suggest new fine tunings in the environment to the vendor or to the technical counterparts. Process review and upgradation recommendation when required. Setting up simplified and effective steps in BAU that in turn improves the quality of the work Implementation of new process based on business requirements and communicating the same with the team Team building and team management activities will be one of the key responsibility.

Note : Working hours 6:30 pm to 3:30 am IST . Freelancing/ Contractual Role Key Responsibilities: Kubernetes Administration: Manage cluster lifecycle (health, upgrades, autoscaling, certs, resource tuning). Application Runtime Support: Monitor app deployments, ensure uptime, manage namespaces/configs. DigitalOcean Cloud Operations: Administer compute, networking, DNS, firewalls, backups; respond to system alerts. Redis Cache Management: Tune performance, manage availability/scaling, and respond to cache-related issues. MySQL Cluster Management: Administer clusters, replication, schema management, access controls, patching. Infrastructure as Code (IaC): Maintain infrastructure in Terraform, apply GitOps or CI/CD workflows, manage PR reviews. Security & Compliance Oversight: Manage IAM/RBAC, enforce patching/updates, detect drift/misconfigurations. Incident Response: Rapid response to service disruptions, RCA documentation, and resolution ownership. Reporting & Advisory: Produce monthly reports with key metrics, events, and optimization recommendations.

Role & responsibilities The Cybersecurity Incident Management and Response Team is responsible for effectively and efficiently managing all information and cybersecurity incidents across the Group on a 24x7 basis. This function is structured into two primary missions: Incident Management: Coordinating and orchestrating the global technical response to cybersecurity incidents, and ensuring timely, effective communication to Global Business and Functional stakeholders, Senior Executive Leadership, and relevant regulatory bodies. Incident Response: Conducting technical and forensic investigations arising from threat intelligence, security testing, and user-reported incidents. The goal is to effectively contain, mitigate, and remediate both active and potential attacks. Key Responsibilities: Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. Define and refine detailed processes and procedures for managing cybersecurity events. Enhance technical capabilities of security platforms and incident response tools. Support the development of the teams capabilities, including training and mentoring junior team members. Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. Drive self-improvement and maintain subject matter expertise in cybersecurity. Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies: Strong understanding of cybersecurity incident management and investigation techniques. Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. Ability to independently analyze complex problems and determine root causes. Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. Strong collaboration and stakeholder engagement skills across diverse teams. High level of integrity, urgency, and personal accountability. Demonstrated ethical conduct and commitment to organizational values. Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills: Cybersecurity Incident Management Intrusion Detection/Prevention Systems (IDS/IPS) TCP/IP Protocols and Network Analysis Forensics Tools and Techniques Security Automation & Orchestration Platforms Threat Intelligence Integration SIEM Tools (e.g., Splunk, QRadar, etc.) Skills Incident response,Forensic

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. 1-2 years of relevant experience. Additional Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Feature development for Android and Linux/Ubuntu based Snapdragon products. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience (3-6 years) with C/C++ and good programming skills. Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Good understanding of Linux kernel and internals. Good understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 8+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 7+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 6+ years of Software Engineering or related work experience. 4+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. 2+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Role & responsibilities 1. Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . 2. Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates . 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) . 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Preferred candidate profile Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Bengaluru office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Gurugram office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Cloud Security Architecture Good to have skills : Microsoft Azure Security, Hybrid Cloud SecurityMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to ensure the security of information and infrastructures, while also addressing potential cyber threats. You will engage in proactive measures to safeguard business processes and contribute to the overall security posture of the organization, ensuring that all systems are resilient against evolving cyber risks. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security.- Design, implement, and manage baseline security controls for cloud environments (Azure, GCP)- Develop and enforce security policies using Infrastructure as Code (IaC) and Policy as Code (PaC) principles- Collaborate with development, operations, and security teams to integrate security measures into the DevSecOps toolchain- Conduct security assessments of cloud infrastructure to identify vulnerabilities and ensure compliance with security standards- Implement automated security testing and monitoring solutions to detect and respond to security incidents- Provide guidance and best practices for secure coding and configuration management- Stay updated with the latest security threats, vulnerabilities, and industry trends to continuously improve security posture- Document security policies, procedures, and incident response plans Professional & Technical Skills: - Must To Have Skills: Proficiency in Cloud Security Architecture.- Good To Have Skills: Experience with Hybrid Cloud Security, Microsoft Azure Security.- Strong understanding of security frameworks and compliance standards.- Experience with risk assessment and management methodologies.- Familiarity with security tools and technologies for threat detection and response.- Proven experience (min. 3 years) in cloud security with focus on GCP and Azure- Strong understanding of Infrastructure as Code (IaC) and Policy as Code (PaC) concepts- Proficiency in security tools and frameworks (e.g., Terraform, Sentinel)- Experience with DevSecOps practices and tools- Certification in cloud security (e.g., GCP Professional Cloud Security Engineer, Azure Security Engineer)- Experience with security compliance standards (e.g., ISO 27001, SOC 2, GDPR)- Knowledge of containerization and orchestration technologies (Docker, Kubernetes) Additional Information:- The candidate should have minimum 5 years of experience in Cloud Security Architecture.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Position : Senior LeadEngineer SOC Incident Responder Grade :E1 Location :Chennai JobDescription: Support cyber incident response actions to ensureproper assessment, containment, mitigation and documentation Perform in-depth analysis and investigative effortswhen events are escalated and determine next appropriatecontainment / remediation / eradication efforts. Research and Evaluate new technologies like Anti APTsolutions, SOAR, ,Deception technologies, Big Data forensic analytic tools, andassist in implementation of the same. Assist with defining and updating incident responseplaybooks to ensure tasks align with best practice Identify and propose areas for improvement within theSecurity Operations Centre. Responsible for driving execution of daily, weekly,and monthly metrics for statistical threats and KPIs. Coordinate with global stakeholder along with theSenior management during contingency scenarios/ high severity incidents toensure responsive actions are communicated in timely manner. ProfileDescription: Should have 7-11 years of specific InformationSecurity experience. Should have subject matter expertise in relevantareas, such as Incident Response, Forensic analysis, Malware analysis,Intrusion analysis and Crisis Management. Strong working knowledge on security tools, such asSIEM,AV,Vulnerability scanners,Proxies,WAF,Net flow,IDS and Forensic Tools. In-depth knowledge of malware families and networkattack vectors Demonstrated experience in an enterprise-levelincident response team or security operations centre. Log (network, security, access, OS, application, etc.) analysis skills and experience in relation to identifying and investigatingsecurity incidents. Strong knowledge of Operating System Internals (Linux,Windows. Etc) Should be familiar with security engineeringpractises, web/Application security, Cloud Security. Should have Scripting knowledge () Have sound analytical and problem solving skills Preferable be a GIAC,CISSP, CEH certified Professional Experience in product suites like Mcafee, Fireye,Crowd Strike, Cylance etc.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Implement security measures to protect computer systems, networks, and data.- Conduct regular security assessments and audits to identify vulnerabilities and risks.- Develop and implement security policies, protocols, and procedures.- Stay updated on the latest security trends, threats, and technologies.- Collaborate with cross-functional teams to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Strong understanding of identity and access management principles.- Experience with security tools and technologies such as SIEM, IDS/IPS, and DLP.- Knowledge of regulatory compliance requirements like GDPR, HIPAA, or PCI DSS.- Hands-on experience in incident response and security incident management. Additional Information:- The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ.- This position is based at our Chennai office.- A 15 years full-time education is required. Qualification 15 years full time education

Dear Professional, We are excited to present a unique opportunity at Cognizant, a leading IT firm renowned for fostering growth and innovation. We are seeking talented professionals with 3 to 5 years of experience in Major Incident Management,Critical Incident Handling,Incident Response,ITIL Incident Management Root Cause Analysis,Incident Escalation,Service Restoration,War Room Coordination,ServiceNow,BMC Remedy,Jira Service Management,PagerDuty,ISO 20000,COBIT,Major Incident Manager,Incident Response Lead to join our dynamic team. Your expertise in these areas is highly sought after, and we believe your contributions will be instrumental in driving our projects to new heights. We offer a collaborative environment where your skills will be valued and nurtured. To proceed to the next step of the recruitment process, please provide us with the following details with Updated resume to sathish.kumarmr@cognizant.com Please share below details (Mandatory) : Full Name(As per Pan card): Contact number: Email Current Location: Interested Locations: Total Years of experience: Relevant years of experience: Current company: Notice period: NP negotiable: if yes how many days they can negotiate? : If you are Serving any Notice period Means please mention Last date of Working: Current CTC- Expected CTC- Availability for interview on Weekdays ? Highest Qualification? Additionally, we would like to schedule a virtual interview with you on 26th June 2025 . Kindly confirm your availability for the same. We look forward to the possibility of you bringing your valuable experience to Cognizant. Please respond at your earliest convenience. Thanks & Regards, Sathish Kumar M R HR-Cognizant Sathish.KumarMR@cognizant.com

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Oracle Advanced Access Controls Good to have skills : Oracle Governance Risk and Compliance (GRC), Oracle SecurityMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary As an Oracle Security Manager, you will work with our clients in defining their Fusion FIN / HCM / SCM security posture by creating custom roles as required.Work on RMC cloud - AAC, AFC, FRC as required. Roles & Responsibilities:-Manage a team of Cloud Security Administrators, ensuring they have the resources, training, and support needed to excel. -Partner with key stakeholders across the organization to understand and address security risks and compliance requirements. -Develop and implement comprehensive incident response plans and procedures. -Drive continuous improvement of the security program through regular audits, assessments, and risk management practices. Professional & Technical Skills: - Must Have Skills: Proficiency in Oracle Security in FIN / HCM / SCM.- Strong knowledge of Oracle ERP architecture, with hands-on experience in role customization.- String knowledge of RMC modules of AAC, AFC & FRC.- Solid experience in design discussions, creating design documents, and performing unit testing- Ability to troubleshoot and resolve technical issues within the team and in collaboration with Oracle support.- Proficiency in Segregation of Duties (SOD) and custom role creation, maintenance- Familiarity with identity governance processes, role management, and security protocols is essential. Experience in troubleshooting and optimizing complex systems is a must.- Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information:- The candidate should have a minimum of 7 years of experience in Oracle Security & RMC. Overall IT work experience should be 12 years or above- A 15 years full time education is required.- Bachelors degree in Computer Science, Information Technology, or a related field. Oracle RMC Certifications are a plus. Qualification 15 years full time education

We are RadarRadar, experts in the commodity production, trade and processing industry. As a technology company we continuously aim to support our clients with strong data & analytics and business intelligence tools. It is our mission to enable companies to unlock the full potential of their data to improve risk and margin management and boost performance. Awards won: Top 10 Trading & Risk Management Service Providers 2023 | Energy Business Review Technology Innovation Award 2023 | Commodities People Analytics Technology Leader of the Year 2023 | Commodities People Top Business Information Systems Company 2022 | Data Magazine We are looking for a skilled and proactive Security Associate to join our IT team. This role is very important in ensuring the security of our cloud infrastructure. The ideal candidate will have hands- on experience in Azure security services, Windows Server security, SQL Server security, and infrastructure administration. What you will do Manage and optimize Azure Security services, including Microsoft Sentinel, Azure Monitor, Defender for Cloud, Endpoint/Server, Identity etc. Configure and monitor Log Analytics Workspaces and workbooks for effective threat detection and incident response. Create and manage virtual network configurations, private endpoint connections and other networking/firewall resources. Implement security best practices for Azure resources, ensuring compliance on regulatory standards and respond to incidents. Manage security configurations using Azure Policy Manage and secure mobile devices and applications using Microsoft Intune. Manage identity, access and Conditional Access policies within Azure AD. Apply security hardening techniques to Windows Server environments. Monitor and manage security baselines, patch management, and vulnerability assessments. Implement and maintain Group Policies, security auditing, and logging. Enforce SQL Server security best practices, including log management. Conduct regular audits, compliance checks on Servers Manage roles, permissions, and security configurations to protect data integrity. Create and manage various Azure resource (VMs, SQL Servers, Storage accounts, App services, Gateways, key vaults etc.) Create, manage and optimize Azure automation runbooks Perform administrative tasks for SQL Server, Windows Server, Microsoft 365 services including Intune, Entra ID, Teams, Exchange, Purview for data governance etc. Ensure high availability and performance of servers and services. Troubleshoot and resolve infrastructure-related issues promptly. Support backup and restore, disaster recovery, and business continuity planning. What you will bring Bachelors degree in computer science, Information Technology, or related field. 3+ years of experience in Azure security and infrastructure management. Strong knowledge of Microsoft security tools (Sentinel, Defender for Cloud, Defender for Endpoint/server). Proficiency in Windows Server and SQL Server security practices. Experience with Microsoft 365 and Entra ID administration. Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Azure Administrator Associate Strong analytical and problem-solving abilities. Excellent communication and teamwork skills. Ability to manage multiple tasks and projects effectively. Strong attention to detail and a proactive security mindset. What you will get: Remote work model A competitive salary and working with an amazing international team. An inspiring environment where you learn every day. Personal development plans to help you reach your personal goals.

Job Summary: We are seeking a skilled and experienced Network and Security Consultant to join our team. The ideal candidate will have a strong background in network security, risk assessment, and the implementation of security protocols. This role involves evaluating security needs, designing robust security systems and ensuring the protection of sensitive data. Key Responsibilities: Evaluate the enterprise network and security standards and create solutions that meet the required benchmarks for new infrastructure set ups. Design and implement robust network and security policies and procedures to protect the enterprise infrastructure. Install, configure, and upgrade security software (CC, DS, RF, AS device, on prem and cloud FWs and related networking solutions. Train and mentor team members to upskill them and perform KE sessions for overall team betterment. Respond to security breaches and provide incident response solutions. Stay up to date on the latest intelligence, including hackers methodologies, to anticipate security breaches. Ensure compliance with changing laws and applicable regulations. Required Skills: Technical level experience in Ethernet/Voice/Security/Cloud/VOIP, WIFI, etc. Strong understanding of End-to-End network device set up to support existing infrastructure. Experience with customer relationship management and interaction with internal and external customers. Proficiency in data analysis tools, data gathering, and reporting, Data Migrations and Storage solutions. Mandatory knowledge of CISCO, HP infrastructure along with networking requirements for Azure, GCP and AWS CSPs. Preferred Knowledge of CP and PA FWs (on Prem and Cloud) along with VPC and Public Cloud set ups Excellent presentation skills to interact at multiple organizational levels. Remarkable interpersonal skillsempathy, respectfulness, persuasiveness, and diplomacy. Internal - General Use Ability to multitask and deliver to timescales. Preferred bachelors degree or equivalent with at least 5 years of related experience. Fluent in English, including excellent written English Preferred Qualifications: Familiarity with a wide range of security frameworks and a deep understanding of threat modeling and risk assessment techniques Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role & responsibilities Position Summary: We are seeking an experienced and proactive Threat Intelligence & IR Lead to oversee our SOC threat intelligence and ensure the security of our organizations assets. The ideal candidate will have a minimum of 7 years of experience in cybersecurity, with a strong focus on threat intelligence, threat hunting, analysis & incident response. You will be responsible for identifying, analyzing, and mitigating threats to protect the organization's infrastructure, data, and operations. Key Responsibilities: Threat Intelligence & Incident Response : Develop, implement, and manage the organizations threat intelligence strategy and program. Lead a team of threat SOC analysts and ensure timely identification of emerging threats. Threat Identification and Analysis: Monitor and analyze cyber threat data, including data banks , data lakes , API access controls , threat feeds, and intelligence platforms. Identify trends, techniques, tactics, and procedures (TTPs) of threat actors and provide actionable insights. Collaboration and Reporting: Collaborate with internal teams (e.g., SOC, incident response, and risk management) to share threat intelligence insights. Prepare detailed threat reports and brief senior management on the organizations threat landscape. Threat Hunting and Mitigation: Conduct proactive threat-hunting activities to identify vulnerabilities and weaknesses in the organization’s systems. Recommend and implement mitigation strategies to address identified threats. Tool and Technology Management: Evaluate, implement, and maintain tools and technologies to support the threat intelligence program. Automate threat detection processes and maintain integrations with security operations platforms. Industry Engagement: Participate in threat intelligence sharing forums and build relationships with external organizations to stay updated on evolving threats. Qualifications and Experience: Minimum of 7 years of experience in cybersecurity, with at least 3 years in a threat intelligence or similar role. Strong knowledge of cyber threat landscapes, attack vectors, and defensive strategies. Hands-on experience with threat intelligence platforms (TIPs), SIEMs, and other security tools. Familiarity with frameworks such as MITRE ATT&CK, NIST, and Cyber Kill Chain. Experience in analyzing threat data, including malware, indicators of compromise (IoCs), and vulnerabilities. Excellent analytical, communication, and problem-solving skills. Relevant certifications (e.g., CISSP, CEH, GIAC, GCTI) are preferred. Educational Requirements: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master’s degree preferred. Key Competencies: Strong leadership and team management skills. Ability to work under pressure in fast-paced, high-stakes environments. Detail-oriented with a focus on continuous learning and staying ahead of emerging threats. This role offers the opportunity to lead a critical function within our cybersecurity operations and make a tangible impact on the organization's security posture. If you are passionate about staying ahead of cyber threats and have a proven track record in threat intelligence, we encourage you to apply.

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

JD 1. Hands-on experience on Insider Threat/Risk Tools like Microsoft Purview Insider Risk Management or its competitors (like Proofpoint Insider Threat Management, Splunk User Behavior Analytics, Securonix UEBA, QRadar User Behavior Analytics) 2. Experience in triaging Insider Threat/Risk alerts 3. Working in the Insider Threat team of the Security department. 4. Experience producing Insider Threat reports for C-level leaders. 5. Experience in setting up IRM policies and monitoring them. 6. Understanding of AI, Large Language models, prompt engineering is a plus.