1467 Incident Response Jobs - Page 37

Job Description: As a Data Privacy Manager at Wipro Limited, you will be responsible for ensuring compliance with data privacy laws across various regions, including GDPR in Europe, DPDP in India, CCPA in California, and other international mandates. Your role will involve protecting Personally Identifiable Information (PII) and Sensitive Personal Information (SPI) through the implementation of a robust framework that mitigates risks and enhances the organization's security posture. You will oversee the organization's efforts in safeguarding sensitive data, ensuring compliance with data privacy regulations, and aligning with industry best practices. This pivotal role plays a crucial part in building and maintaining trust with customers, partners, and employees by safeguarding personal and confidential information. Key Responsibilities: - Monitor and ensure adherence to data protection regulations such as GDPR, DPDP (India), CCPA, HIPAA, or other applicable laws. - Develop, maintain, and update data privacy policies, procedures, and guidelines to align with legal requirements and industry best practices. - Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) to identify and mitigate potential risks associated with data processing activities. - Stay informed about changes in data privacy laws and provide guidance to the organization accordingly. - Conduct regular audits and risk assessments to identify areas of improvement. - Lead initiatives to promote a culture of data privacy and protection within the organization. - Collaborate with cross-functional teams to ensure data privacy compliance across all departments. - Develop strategies for data governance and align them with organizational goals. - Ensure privacy is integrated into the design and development of new products and services. - Manage data breach incidents, including investigation, remediation, and reporting. - Organize training sessions to educate employees on data privacy standards and practices. - Oversee the privacy practices of third-party vendors and ensure compliance with data protection standards. Educational Requirements: A bachelor's degree or higher in fields like Law, Information Technology, Computer Science, or a similar field is preferred. Technical Skills: - Familiarity with data security concepts such as encryption, data masking, anonymization, and pseudonymization. - Knowledge of IT systems and data management. Soft Skills: - Collaboration with various teams across the organization. - Attention to detail when dealing with sensitive data and regulatory compliance. - Leadership and organizational skills in overseeing privacy program implementation. - Ethical mindset in handling sensitive information responsibly and upholding privacy rights. Join our team as a Data Privacy Manager at Wipro and contribute to protecting the data that drives our organization and fosters trust with our stakeholders. Your expertise will be instrumental in navigating the complexities of data privacy and security in a constantly evolving digital landscape.,

As an Experienced Systems Administrator, you will have a strong foundation in Linux, infrastructure management, and incident response. You will be skilled in monitoring, troubleshooting, and maintaining reliable systems across virtualized and cloud-based environments. Your main responsibilities will include collaborating with the operations team to manage escalations and oversee incident management. You will also be expected to implement strategies and solutions to enhance daily operations, focusing on system stability, security, and scalability. You will drive real-time monitoring of system performance and capacity, addressing alerts promptly to optimize systems. Leading troubleshooting efforts, you will coordinate responses to network and system issues. Your role will involve conducting and overseeing server, application, and network equipment setup and maintenance. Additionally, you will ensure effective outage notification and escalation for prompt resolution. Furthermore, mentoring and training team members on technical skills and troubleshooting methods will be a key part of your responsibilities. You will also be responsible for maintaining up-to-date documentation of processes and procedures in the WIKI. Key Skills: - Minimum 4 years of experience in Linux system administration. - Proficiency in datacenter technologies and cloud platforms such as AWS/GCP. - Experience in application deployment using tools like Git and StackStorm. - Strong troubleshooting skills across networks and systems, including familiarity with network protocols (TCP/IP, UDP, ICMP) and tools like TCPdump. - Advanced diagnostic skills in network performance and system capacity monitoring. - Proficiency in Linux command-line operations. - Analytical skills with the ability to interpret and act on data effectively. - Ability to prioritize and escalate issues efficiently. - Adaptability to shift work and capacity for multitasking in high-pressure scenarios. - Excellent leadership, communication, and interpersonal skills. - Bachelor's degree in Computer Science, Engineering (BE/B.Tech), MCA, or M.Sc. Desired Skills: - Basic experience with Configuration Management tools like Ansible, SaltStack, or StackStorm. - Basic experience with CI/CD tools like Jenkins. - Experience with monitoring tools such as Nagios, Sensu, Zabbix. - Basic experience with Log Analytics tools like Splunk, Elasticsearch, Sumo Logic, Prometheus, or Grafana. - Knowledge of Virtualization technologies like VMware, KVM. - Strong fundamentals in Linux, troubleshooting, and networking. - Knowledge of Containerization technologies like Kubernetes, Rancher. - Experience with Cloud Providers such as AWS or GCP. - Advanced knowledge of Networking concepts including BGP, F5 Load Balancer, and switching protocols. - Relevant certifications like RHCSA, CCNA, or equivalent. (hirist.tech),

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Job description We are seeking a motivated and detail-oriented Cybersecurity Intern to join our security team. You will assist in monitoring, analyzing, and improving the security posture of our systems and networks. This internship is an excellent opportunity to gain real-world experience in threat detection, security tools, and incident response in a professional environment. Qualification Any Degree/Diploma/+2 Key Responsibilities Assist in monitoring network activity for suspicious behavior or unauthorized access.

Key Skills: Cybersecurity, Incident Response, SIEM, SOAR, MDR, Threat Hunting, Python, Bash, SQL, AWS, Azure, GCP, MITRE ATT&CK, Splunk, QRadar, CrowdStrike, Microsoft Defender, Palo Alto, Datadog. Roles & Responsibilities: Investigate security incidents related to network traffic, IAM violations, and unauthorized access. Analyze security detection rules, alerts, and correlation logic to identify malicious activities. Conduct threat hunting activities to proactively identify potential threats within the environment. Participate in incident response efforts, including containment, eradication, and recovery. Collaborate with the software development & SRE teams. Onboard customers and guide them through integration with MDR platforms. Ensure customer satisfaction and provide strategic security recommendations. This is a fully onsite role that requires high availability and proactive engagement. On-call/rotational work required. Experience Requirement: 3-8 years of experience in cybersecurity operations and advanced threat detection. Experience with SIEM platforms, Security orchestration platforms (SOAR), or specialized MDR providers such as Splunk, QRadar, CrowdStrike Falcon, Datadog, SentinelOne, Microsoft Defender, Palo Alto Cortex XDR, Panther, etc. Experience with threat hunting methodologies. Experience with databases and SQL. Scripting experience with Python and Bash. Ability to work in a team and in a 24/7 environment. Good written and verbal communication skills. MITRE ATT&CK framework knowledge is a plus. Cybersecurity certifications are a plus. Education: Any Graduation.

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

Responsibilities: Deliver structured training sessions (online or in-person) based on the provided 4-month CEH-aligned syllabus Teach tools such as Nmap, Burp Suite, Metasploit, Wireshark, SQLMap, John the Ripper, Aircrack-ng, etc.

Location : Mumbai, Delhi / NCR, Bengaluru , Kolkata, Chennai, Hyderabad, Ahmedabad, Pune, Remote (India-based preferred) Experience Required : 710 Years Employment Type : Contract Primary Skills Cloud Security, AWS, IAM, DLP, Security Consultant, Data Encryption, Logging, Secrets Management, Security Posture, Risk Assessment, Compliance Frameworks, SIEM, SOAR, Incident Response, Automated Security, AIin Security Job Description We are seeking an experienced Security Consultant with 710 years of deep technical expertise across AWS security practices, posture assessment, incident response, and automation in security environments. The ideal candidate will play a key role in advising on cloud security design, conducting risk assessments, and strengthening compliance and data protection mechanisms in cloud-native environments. Key Responsibilities Lead cloud security strategy and implementation for AWS-based applications Conduct Security Posture Assessments, identify gaps, and define risk prioritization plans Implement and manage AWS security controls: IAM (Identity & Access Management) Network Security & Logging Data Encryption & Secrets Management Ensure adherence to compliance frameworks (ISO 27001, NIST, CIS, etc.) Implement Data Loss Prevention (DLP), Data Masking/Obfuscation solutions Drive SIEM/SOAR integration for intelligent threat detection and response Develop and maintain Incident Response plans and coordinate response activities Conduct automated security scanning and integrate into DevSecOps pipelines Provide consultation and innovation around Agentic AI applications in security Qualifications 7+ years of hands-on experience in cloud security, with a focus on AWS Deep knowledge of IAM, encryption, secrets management, and compliance frameworks Experience with SIEM/SOAR platforms, automated scanning tools, and AI-driven security solutions Strong documentation, communication, and stakeholder collaboration skills Ability to work independently in a remote team structure

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries.- Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence. Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Azure Sentinel & KQL.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 1 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Dear Candidate, We at TATA Technologies looking for an experienced candidate for Threat Intelligence lead role for Pune location. Please check the below JD, if matches to your profile please share your resume on nikhil.rajuagale@tatatechnologies.com Job Title: Threat Intelligence Total Experience: 6-8 Years Location: Pune Notice Period : Immediate -30 Days Key Responsibilities: Real-time Security Monitoring: Continuously monitor security tools, systems, and network traffic for suspicious activity and potential threats. Threat Detection and Analysis: Identify potential security breaches by analyzing logs, network traffic, and data for anomalous patterns. Incident Response: Investigate and respond to security incidents, taking necessary step s to contain and mitigate damage. Collaboration and Communication: Work with other teams to address security concerns, share information, and implement preventative measures. Vulnerability Assessment: Identify anRd report vulnerabilities in systems and applications, recommending solutions for remediation. Staying Up to Date: Keep abreast of the latest cybersecurity threats, trends, and solutions. Essential Skills: Strong understanding of network security, operating systems, security tools (SIEM, ID S/IPS, etc.), and scripting/automation. Analytical and Problem-Solving Skills: Ability to analyze data, identify patterns, and develop solutions to security problems. Communication Skills: Ability to clearly communicate technical information to both technical and non-technical audiences. Communication and Interpersonal Skills: Ability to collaborate effectively with other teams and stakeholders. Incident Response and Forensics: Knowledge of incident response procedures, forensic analysis, and reporting.

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting.

We are seeking a highly motivated Cybersecurity Senior Associate to join our team at Bahwan CyberTek, Chennai . This role requires expertise in assessing security and privacy programs, identifying risks, and developing solutions to enhance cybersecurity capabilities. The ideal candidate will have a solid foundation in cybersecurity consulting, HITRUST (e1, i1, r2) and SOC 2 Type 2 frameworks. Key Responsibilities: Assess security and privacy programs and strategies using industry frameworks (e.g., NIST CSF, ISO, CIS, HIPAA, GDPR) and conduct risk assessments. Conduct regular gap assessments and readiness checks for HITRUST and SOC 2 Type 2. Document and design solutions to remediate security gaps and enhance privacy maturity. Act as a Cybersecurity Consultant , evaluating security processes, advising on security strategies, and presenting solutions for complex security and privacy issues. Review and assess client documentation to understand their security environment. Lead client meetings to establish assessment scope and gather necessary information. Provide well-documented deliverables with accuracy and within established timelines. Ideal Candidate Profile: Bachelors degree in information technology , Security, Systems, Assurance, or a related field. 6 months+ of cybersecurity consulting experience in client-facing roles. Basic understanding of regulatory compliance and security frameworks (NIST, GDPR, ISO 27001/27002, NIST 800 series). Familiarity with key security domains such as IAM, PAM, Logging & Monitoring, Vulnerability & Patch Management, Incident Response, Asset Management, and Vendor Risk Management . Strong analytical, presentation, documentation, and collaboration skills.

Job Responsibilities : Candidate must have 7-10 years of experience in security operations, incident response, or a related field. Strong understanding of security concepts, principles, and best practices. Proficiency in using SIEM tools (e.g., Splunk, Q Radar, ArcSight). Experience in developing and maintaining SOC rules, playbooks, and procedures. Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Contact Person - Supraja Email - supraja@gojobs.biz

As a key member of the team reporting to the RingCentral CISO, you will collaborate closely with local leadership to lead and orchestrate day-to-day tasks and business initiatives. Your primary responsibility will be to oversee and lead the local Security Operations, Compliance, Application Security, and Trust teams in India. Your role will involve developing and implementing security policies and procedures to safeguard the organization's data and systems effectively. You will lead security teams and coordinate efforts across various departments in multiple regions, ensuring compliance with relevant global and in-country regulations and standards. Additionally, you will drive vendor risk management, customer trust programs, and oversee security operations-related programs like incident response, vulnerability management, and threat intelligence. Furthermore, you will be responsible for maintaining solutions for firewalls, WAFs, IDS/IPS, and endpoint security infrastructure. Your role will also involve leading security engineering efforts to design and implement secure systems and applications. Regular security assessments and audits will be conducted under your guidance to identify and mitigate risks effectively. You will also formulate data discovery techniques for structured and unstructured data in collaboration with engineering teams. To be successful in this role, you should hold a Bachelor's degree or an Advanced Degree in Computer Science, Information Technology, Cybersecurity, or possess relevant technical security certifications such as SANS. You must have a minimum of 15 years of extensive experience in IT and cybersecurity roles, demonstrating a proven track record in managing security teams and projects. Possession of security certifications like CISSP, CISM, CISA, CCSP, OSCP, CEH, etc., will be advantageous. You should have an in-depth understanding of cybersecurity principles and best practices, along with experience in compliance frameworks such as ISO 27001, NIST, and GDPR. Strong technical skills in areas like network security, application security, data protection, and security architecture are essential. Proficiency in risk management, supply chain security, and incident response is required. Your leadership and management skills will be crucial in effectively leading security teams and projects. Excellent communication skills are necessary for interacting with stakeholders, customers, and auditors at all levels. Analytical and problem-solving abilities will help you identify and address security challenges efficiently.,

As an API and Application Security Specialist at Cywarden, you will play a vital role in ensuring the security and integrity of our clients" systems and data. You will collaborate with developers, architects, and security teams to implement advanced security measures across API ecosystems and software applications. Your responsibilities will include developing and implementing security strategies, conducting security assessments, performing threat modeling and risk assessments, managing authentication and authorization mechanisms, enforcing secure coding practices, responding to security incidents, ensuring compliance with industry standards, and maintaining detailed documentation of security policies. You will also provide training to development teams, implement security monitoring solutions, manage security tools for analysis, and develop security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science or a related field, along with a minimum of 3-5 years of experience in API and application security. You should be proficient in security frameworks and protocols, experienced with API gateways, familiar with RESTful and GraphQL APIs, and have a strong understanding of encryption and authentication mechanisms. Knowledge of security testing tools, secure coding practices, programming languages, DevSecOps practices, and relevant certifications are preferred. Additionally, you should possess excellent problem-solving skills, strong communication skills, and the ability to work collaboratively in a team environment. This is a full-time, permanent position at Cywarden, offering benefits such as paid sick time, paid time off, performance bonuses, and yearly bonuses. The work schedule includes Monday to Friday night shifts on a rotational basis. The work location is in Mohali, Punjab, and reliable commuting or planning to relocate is required. If you meet the qualifications and are passionate about API and application security, we encourage you to apply for this rewarding opportunity at Cywarden.,

As a Security Incident Response Analyst at our organization, you will play a crucial role in safeguarding our systems and data from potential security threats. Your responsibilities will include: - Incident Assessment and Response: You will be responsible for analyzing and responding to security alerts and incidents promptly. Your focus will be on ensuring efficient containment, eradication, and recovery measures. It will be vital for you to document and report your findings accurately to enhance our overall security posture. - Communication and Coordination: You will act as the primary point of contact during security incidents, providing clear and concise communication to stakeholders. Your role will involve preparing detailed incident reports and coordinating effectively with SOC analysts, IT teams, and third-party vendors. Additionally, you will be involved in continuous improvement efforts by participating in post-incident reviews, developing detections, playbooks, and SOPs. Identifying security control gaps and recommending improvements will also be a part of your responsibilities. Furthermore, you will conduct training sessions for SOC team members and stakeholders to enhance their awareness and skills. - Threat Intelligence and Monitoring: Monitoring threat intelligence feeds to identify emerging threats and vulnerabilities will be a critical aspect of your role. You will be expected to proactively hunt for indicators of compromise (IOCs) to stay ahead of potential security risks. To qualify for this role, you should have: - A Bachelor's degree in Computer Science, Information Security, or a related field. - At least 1 year of experience in cybersecurity and threat intelligence. - Proven experience in a security operations role with strong incident response and threat intelligence skills. - Excellent communication and coordination skills. - Ability to work effectively under pressure and manage multiple incidents simultaneously. Please note that the benefits and perks associated with this position may vary depending on the nature of your employment with our organization and the country where you work.,

As the Lead Security Engineer, you will play a pivotal role in ensuring the confidentiality, integrity, and availability of sensitive data across our systems. You will lead our data security strategy and execution, driving initiatives to mitigate risks and protect our data from evolving cyber threats. In this role, you will work closely with cross-functional teams, including engineering, compliance, and operations, to implement best practices for data protection and compliance with relevant industry regulations, such as GDPR, CCPA, PCI-DSS, and others. Lead Data Security Strategy: Develop and execute a comprehensive data security strategy aligned with the company's business objectives and regulatory requirements. Design and implement robust data protection frameworks, including encryption, data masking, tokenization, and data loss prevention (DLP) systems. Conduct regular risk assessments to identify data vulnerabilities and recommend and implement appropriate mitigation strategies to safeguard sensitive financial data. Ensure compliance with all applicable data security regulations and standards (GDPR, PCI-DSS, SOC 2, etc.) and manage audits and assessments. Lead efforts for investigating and responding to data security incidents, including data breaches, leaks, or unauthorized access events. Work closely with product, engineering, and IT teams to integrate security best practices into the software development lifecycle (SDLC) and cloud infrastructure. Design secure data architectures that support scalable, high-performance systems while minimizing exposure to data breaches. Lead, mentor, and grow a team of data security engineers, fostering a culture of continuous learning and improvement. Provide security awareness training to internal teams, educating them on the latest data security threats, trends, and best practices. Assess third-party vendors" security posture and collaborate on securing data exchanges with partners and clients. Implement monitoring systems to detect data security threats and provide regular reporting on the organization's data security posture to senior leadership. Qualifications: - Experience: 7+ years of experience in data security, with at least 3 years in a leadership or senior role within a fintech or similar regulated environment. - Technical Expertise: Strong knowledge of data encryption technologies, cloud security (AWS, Azure, GCP), data loss prevention (DLP), identity and access management (IAM), and security protocols (e.g., TLS, VPNs). - Regulatory Knowledge: In-depth understanding of data security regulations and standards (GDPR, CCPA, PCI-DSS, SOC 2, etc.) and experience leading compliance efforts. - Risk Management: Proven experience conducting risk assessments, threat modeling, and implementing mitigation strategies in a highly regulated environment. - Incident Response: Hands-on experience leading data breach investigations and managing data security incidents from identification to resolution. - Leadership Skills: Strong leadership, mentoring, and team-building capabilities, with a proven ability to drive cross-functional collaboration. - Problem-Solving & Analytical Thinking: Excellent analytical and troubleshooting skills with a strong attention to detail. - Certifications: CISSP, CISM, CISA, or other relevant certifications are highly desirable. Preferred Qualifications: - Experience with DevSecOps practices, security automation, and CI/CD pipeline integration. - Familiarity with advanced threat detection technologies like SIEM, EDR, and SOAR platforms.,

You have an exciting opportunity to join our team as a Splunk Enterprise Security Specialist in Hyderabad. You should have 5-8 years of experience and expertise in Splunk ES architecture. Your responsibilities will include integrating Splunk with various security tools and technologies across different domains like Process control Domain/OT and Operations Domain/IT. You will be administering and managing the Splunk deployment for optimal performance, implementing RBAC, and developing custom Splunk add-ons for ingesting, parsing, and filtering incoming logs. Collaborating with SOC team members, you will understand security requirements and objectives, implementing Splunk solutions to enhance threat detection and incident response capabilities. You will integrate different security controls and devices such as firewalls, Endpoint Detection and Response (EDR) systems, Proxy, Active Directory (AD), and threat intelligence platforms. Your role will involve developing custom Splunk correlation searches, dashboards, and reports to identify security incidents, investigate alerts, and provide actionable insights to SOC analysts. You will also create highly efficient custom dashboards for different teams to facilitate security risks, threat, and vulnerability investigations. Additionally, you will conduct threat hunting exercises using Splunk to proactively identify and mitigate potential security threats and vulnerabilities. You will assist in the development and refinement of SOC processes and procedures, leveraging Splunk to streamline workflows and enhance operational efficiency. Your responsibilities will also include implementing Splunk for various automations of SOC SOP workflows. To be successful in this role, you should have experience in designing and implementing Splunk ES architecture, integration with security tools and technologies, security monitoring, incident response, security analytics, and reporting. You should also have strong collaboration and communication skills. Additionally, you will be responsible for the implementation and management of Splunk Enterprise Security, migration/scaling of the Splunk Environment from Windows to Linux, and enhancing the performance, reliability, and availability. You will also implement and integrate the SOAR platform (Splunk Phantom) and User Behavior Analytics (Splunk UBA/UEBA) with the existing Splunk Infrastructure, supporting and enhancing operations with automations wherever possible.,

As a Security Operation Centre Analyst at our organization, you will play a crucial role in ensuring the security and integrity of our digital experiences for our esteemed clients. With your expertise and knowledge in the field of security operations, you will contribute to the continuous improvement and modernization of our digital infrastructure. We are seeking a talented individual with experience in handling security operations center responsibilities and a strong understanding of the ELK stack. Your primary responsibilities will include monitoring and analyzing security events, identifying potential threats, and responding to security incidents in a timely manner. The ideal candidate for this role should have a minimum of 1-2 years of experience working as part of a SOC team, along with a solid working knowledge of any SIEM tool. You should also be well-versed in the incident response process and demonstrate a proactive approach to addressing security issues. To qualify for this position, you should hold a minimum educational qualification of B.E./B.Tech/B.Sc.(CS)/BCA/MCA. Your passion for cybersecurity and your commitment to ensuring the highest level of security standards will make you a valuable addition to our dynamic team. If you are ready to take on this exciting challenge and contribute to the digital transformation journey of our organization, we encourage you to apply for the Security Operation Centre Analyst position and be a part of our innovative team.,