307 Incident Response Jobs - Page 4

Cloud security management Implement & manage security controls for cloud platforms (e.g., AWS, Azure, Google Cloud) Ensure compliance Monitor security alerts and incidents Implement automation scripts (e.g Python, PowerShell) Up-to-date documentation Required Candidate profile Must have Proven experience in security operations, preferably in a multi-cloud environment (AWS, GCP, Azure Strong knowledge of security frameworks and tools & incident response & vulnerability Mgmt

Role & responsibilities JD: This position is for a core team member at best a Technical Lead” NOT “Soc Manager” to supplement the firm’s growing cyber security monitoring function, starting from 5 to max 10yrs of experience having hands on L3/Engineering level work in most recent projects. The candidate will join a team currently responsible for: Providing first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches. The event management includes triage, correlation and enrichment of individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident. Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing. Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics Monitoring the Security Information and Event Management (SIEM) platform for security alerts. Providing metrics and reports around security monitoring by designing dashboards for asset owners and management consumption. Leveraging existing technologies within the organization to expand the scope of coverage of the security monitoring service. Provide technical and thought leadership within SOC by: o Teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies o Regularly recommending new SOC practices and approaches to address program and process improvement Performs analysis duties, including: o Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring o Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration o Perform research at the request of Incident Response teams Perform case management activities to ensure successful BAU Security Monitoring Operations, including: o Documenting case activities in the system of record o Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via teams, email or phone call o Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company, department, or team to which they are a member Author Standard Operating Procedures (SOPs), such as: o Incident detection “use case” needs, logic, and implementation methods o “use case” alert triage workflows o Training documentation o Recommending, then implementing approved program improvements Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations. Provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant security concerns are addressed. Recommends course of action to mitigate risk and ensures that appropriate standards are established and published.

HI, Job Description Develop and maintain security tooling, guidelines, and standards for the Security Engineering team. Participate in threat intelligence and forensic analysis exercises, with guidance from more senior engineers. Work closely with application and infrastructure teams on mitigation of vulnerabilities against all cloud hosted systems. Create and maintain thorough runbooks and incident response documentation for the Security Operations Center (SOC). Create and monitor correlated event dashboards in the SIEM, alerting against thresholds you develop. Research, implement, and configure security protections for email, hosts, and identities. Write scripts to automate manual tasks. Create and provide training to assist new staff and internal teams. Education Bachelor's degree in Information Systems, Computer Science, or related discipline. Or any combination of education and experience which would provide the required qualifications for the position. Experience 5+ years of experience in being a part of a security operations center, with focuses on threat intelligence, incident response, blue team operations and SIEM query/workflow creation. 5+ years of experience in systems administration, software engineering, software development, or related discipline. Licenses CEH, SANS, ISC2 (CISM, CISSP, CCSP, etc), AWS, GCP, Azure Knowledge Working knowledge of SOC operations and incident response procedures, such as EDR, SWG, CASB, email threat protection, SIEM and SOAR platforms, threat intelligence frameworks (like MITRE ATT&CK), vulnerability and identity management, network security tools (firewalls, IDS/IPS), Python or PowerShell scripting, cloud-native security services (AWS, Azure, GCP), forensic and log analysis, and documentation platforms for preserving security operations materials. Skill in: Analytical, critical thinking and problem-solving skills; troubleshooting and resolving architecture and application development issues; working as member of a team; communicating effectively; establishing and maintaining effective working relationships. Ability to: Determine how a system should work and how changes in conditions, operations, and the environment will affect outcomes; demonstrate presentation skills with a high degree of comfort with both large and small audiences; work in a fast- paced environment; plan, organize, and prioritize workload and multi-task, to meet deadlines; establish and maintain effective working relationships through collaboration and respect.

At Juniper, we believe the network is the single greatest vehicle for knowledge, understanding, and human advancement the world has ever known, To achieve real outcomes, we know that experience is the most important requirement for networking teams and the people they serve. Delivering an experience-first, AI-Native Network pivots on the creativity and commitment of our people. It requires a consistent and committed practice, something we call the Juniper Way, About the Job:. Juniper Network’s Security Incident Response Team (SIRT) is the focal point for discovering and remediating product security vulnerabilities. The role of an Incident Manager (IM) is to drive security defects to resolution by understanding the software flaw, its impact, its proper resolution, and then communicating that to customers through Juniper Security Advisories. SIRT IMs are part of a global team that works closely with both the support and engineering organizations. The role requires understanding of secure software development and the consequences of security flaws. The successful candidate will have a passion for security and an ability to see problems with a security professional’s perspective, Responsibilities:. Juniper is seeking an experienced Security Incident Response Manager to join the Juniper SIRT, The SIRT IM is responsible for:. Investigating reports of potential vulnerabilities. Analyzing software flaws and working with engineering teams to ensure proper remediation. Authoring and presenting Security Advisories. Working with external security communities, security researchers, and customers. Managing the response to product security incidents. Requirements:. Should have 2-4 years of product security incident response experience, Familiarity with secure programming concepts and testing, Good understanding of web application security threats and defenses (SQL Injection, XSS, CSRF, etc,,), Good understanding of database security threats and defenses (cloud/container configuration, access control, authentication, misconfigured and abused privileges, logging and auditing), Familiarity with OWASP guidelines. Participation in a local OWASP chapter or similar security focused communities is a plus, Familiarity with Common Vulnerabilities and Exposure (CVE) systems, Coordinated Vulnerability Disclosure (CVD), Familiarity with the Common Weakness Enumeration (CWE) types and CERT Secure Coding Standards, Familiarity with the Common Vulnerability Scoring System (CVSS), Familiarity with agile software development/continuous integration/automation, Minimum of a Bachelor’s Degree in Engineering or Computer Science or Cybersecurity or similar, Excellent written and verbal communication skills. Should be able to produce a writing sample: A blog entry or other long-form post on a technical issue, comment on a mailing list or open source issue or other technical comment on social media, a self-written academic paper, Strong analytical and problem-solving skills, and the ability to work independently, Ability to collaborate across functional teams as well as external partners, researchers, and other security teams, Ability to track multiple issues in various states of progress, Desired Qualifications:. A strong ability to use scripting languages such as Perl, Python, TCL, and UNIX shell programming, Demonstrated experience (such as academic projects) in JavaScript, NodeDot js, Pug, PHP, Python, Java, C/C++, R, Rust, relational and NoSQL databases, Experience with HTML, CSS, JSON, XML file creation and management. Experience with AWS, Azure, GCP, Snowflake, Should be able to produce a sample code such as a project hosted on GitHub or personal site, Linux and/or FreeBSD experience along with the ability to read and understand multiple programming languages, Familiarity with routing and switching protocols and security firewalls, About Juniper Networks. Juniper Networks challenges the inherent complexity that comes with networking and security in the multicloud era. We do this with products, solutions and services that transform the way people connect, work and live. We simplify the process of transitioning to a secure and automated multicloud environment to enable secure, AI-driven networks that connect the world. Additional information can be found at Juniper Networks (www,juniperDot Net) or connect with Juniper on Twitter, LinkedIn and Facebook, WHERE WILL YOU DO YOUR BEST WORK?. Wherever you are in the world, whether it's downtown Sunnyvale or London, Westford or Bengaluru, Juniper is a place that was founded on disruptive thinking where colleague innovation is not only valued, but expected. We believe that the great task of delivering a new network for the next decade is delivered through the creativity and commitment of our people. The Juniper Way is the commitment to all our colleagues that the culture and company inspire their best work-their life's work. At Juniper we believe this is more than a job it's an opportunity to help change the world, At Juniper Networks, we are committed to elevating talent by creating a trust-based environment where we can all thrive together. If you think you have what it takes, but do not necessarily check every single box, please consider applying. We’d love to speak with you, Additional Information for United States jobs:. ELIGIBILITY TO WORK AND E-VERIFY. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire, Juniper Networks participates in the E-Verify program. E-Verify is an Internet-based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employers to electronically verify the employment eligibility of new hires and the validity of their Social Security Numbers, Information for applicants about E-Verify / E-Verify Informacin en espaol: This Company Participates in E-Verify / Este Empleador Participa en E-Verify. Immigrant and Employee Rights Section (IER) The Right to Work / El Derecho a Trabajar. E-Verify® is a registered trademark of the U.S. Department of Homeland Security, Juniper is an Equal Opportunity workplace. We do not discriminate in employment decisions on the basis of race, color, religion, gender (including pregnancy), national origin, political affiliation, sexual orientation, gender identity or expression, marital status, disability, genetic information, age, veteran status, or any other applicable legally protected characteristic. All employment decisions are made on the basis of individual qualifications, merit, and business need, Show more Show less

What You'll Do. Avalara, Inc. is the leading provider of cloud-based software that delivers a broad array of compliance solutions related to sales tax and other transactional taxes.. What is it like to work at Avalara?. Come find out! We are committed to the following success traits that embody our culture and how we work together to accomplish great things: Fun. Passion. Adaptability. Urgency. Simplicity. Curiosity. Humility. Ownership. Optimism.. Avalara is looking for Detection Engineer to join the Detection and Response Team. The ideal candidate will have a track record in incident response, demonstrating advanced technical expertise and leadership capabilities. Your role will be of an Incident Response Analyst, you will help protect Avalara. This includes detecting, investigating, and mitigating security incidents. You will also be a key contributor in improving our incident response capabilities.. You will report to Security leadership at Avalara. This is a remote position.. What Your Responsibilities Will Be. You will perform incident response activities and workstreams as the Incident Response Senior Analyst.. You will monitor security systems, including Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) platforms, software firewalls, and Security Information and Event Management (SIEM) platforms. Gather and analyze evidence from affected systems, logs, and network traffic.. You will conduct detailed investigations of security incidents to determine the root cause, scope, and impact. Document all aspects of security incidents, including timelines, actions taken, and lessons learned.. Perform forensic analysis of compromised systems to identify the techniques and tactics used by attackers, or as directed by Legal.. Collaborate with cross-functional teams including Engineering, IT, Security Operations, Legal, HR, and Compliance to manage and mitigate incidents.. Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders.. Participate in rotating On Call shifts that utilize a paging system in case a security event requires attention.. What You’ll Need To Be Successful. 5+ years experience in Security Incident Response.. Experience across the information security domain, including familiarity with endpoint, email, network, cloud security, vulnerability management, incident response, and threat intelligence.. Experience with log analysis, network security, digital forensics, and incident response investigations.. Ability to script / code using Python or an equivalent language.. Bachelor's degree in computer science, information security, or relevant experience.. Certifications related to digital forensics and incident response. How We’ll Take Care Of You. Total Rewards. In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.. Health & Wellness. Benefits vary by location but generally include private medical, life, and disability insurance.. Inclusive culture and diversity. Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.. What You Need To Know About Avalara. We’re Avalara. We’re defining the relationship between tax and tech.. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year, and this year we became a billion-dollar business. Our growth is real, and we’re not slowing down until we’ve achieved our mission to be part of every transaction in the world.. We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them.. We’ve been different from day one. Join us, and your career will be too.. We’re An Equal Opportunity Employer. Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.. Show more Show less

Req ID: 125023. Remote Position: Hybrid. Region: Asia. Country: India. State/Province: Chennai. City: Guindy, Chennai. Summary. The Senior Specialist, IT Solutions is a key role that evaluates, implements, and manages Security solutions to protect Celestica's systems and data. Responsibilities include implementing automation technologies, performing risk assessments, contributing to automation policies and standards, and advising on automation best practices. This role also mentors junior team members and provides advanced technical support for automation solutions.. Detailed Description. Performs tasks such as, but not limited to, the following:. Maintain security infrastructure for operational efficiencies. collaborate with other IT infrastructure, application and network teams to ensure seamless integrations of tools and technology.. Develop and implement playbooks for security automation and orchestration to respond to security events and incidents.. Design and implement integrations between security tools such as EDR, SIEM, and ServiceNow, to automate incident response and threat intelligence sharing.. Automate security processes, such as vulnerability scanning, patching, and user provisioning, using scripting and configuration management tools.. Develop custom scripts and tools, such as parsers and data enrichment scripts, to automate repetitive security tasks and integrate disparate security data sources.. Create and maintain comprehensive documentation and runbooks for security automation processes and integrations.. Collaborate with other security team members, such as threat intelligence analysts and incident responders, to identify automation opportunities and implement effective security automation solutions.. Stay up-to-date on emerging security threats and technologies to proactively identify and address potential security risks through automation.. Knowledge/Skills/Competencies. Expert knowledge of information security principles, practices, and technologies.. Expert knowledge of EDR, SIEM, and ServiceNow. Strong understanding of data integration and API development. In-depth knowledge of information security standards and regulations (e.g., ISO 27001, NIST).. Strong understanding of software design processes and data modeling.. Excellent problem-solving and analytical skills.. Strong leadership, mentoring, and communication skills.. Ability to work independently and as part of a team.. Physical Demands. Duties of this position are performed in a normal office environment.. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.. Typical Experience. 6 to 8 years of experience in information security, with a proven track record of evaluating, implementing, and managing security solutions.. Typical Education. Bachelor's degree in Software Engineering, Computer Science, Information Security, or a related field.. Relevant industry certifications (e.g., CISSP, CISM) are highly desirable.. Notes. This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).. At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.. Company Overview. Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.. Celestica would like to thank all applicants, however, only qualified applicants will be contacted.. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.. Show more Show less

Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona’s products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona’s global headquarters is located in Charlotte, North Carolina, USA. The company’s shares are listed in the United States on NASDAQ under the symbol XRAY.. Bringing out the best in people. As advanced as dentistry is today, we are dedicated to making it even better. Our people have a passion for innovation and are committed to applying it to improve dental care. We live and breathe high performance, working as one global team, bringing out the best in each other for the benefit of dental patients, and the professionals who serve them. If you want to grow and develop as a part of a team that is shaping an industry, then we’re looking for the best to join us.. Working At Dentsply Sirona You Are Able To. Develop faster with our commitment to the best professional development.. Perform better as part of a high-performance, empowering culture.. Shape an industry with a market leader that continues to drive innovation.. Make a difference -by helping improve oral health worldwide.. Scope. The Senior Security Analyst is responsible for maintaining security systems, implementing process automation, and responding to security incidents. They must have a thorough understanding of both cloud-based and on-prem environments and threats. They serve as an escalation point for incident response and the support of security toolsets. They must be capable of working on multiple projects and alerts with general supervision.. Key Responsibilities. Administer, monitor, and maintain cloud-based and on-prem security systems.. Coordinate the implementation and upgrade of security systems.. Administer, monitor, and maintain automated security response tools.. Develop and maintain automated security processes and workflows.. Investigate and remediate security related alerts for both cloud-based and on-prem systems.. Investigate and remediate security policy violations.. Research threat actors, tactics, techniques, procedures, malware, and other IOCs.. Engineer and tune custom alerts for security systems.. Research emerging security technologies and make recommendations to influence security initiatives.. Assist with documentation and training related to security systems.. Act as an escalation point and mentor for junior analysts.. Act as an escalation point and oversee relationship with hosted SOC.. Act as a technical point of contact during security incidents.. Prepare security reports for benchmarking security efficiency.. Collaborate with cross-functional teams to support security initiatives of varying complexity.. Typical Background. Education: BS/BA Degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience. Certifications/Licensing: COMPTIA Security+, CEH, CISSP, GIAC Security Essentials, CCNA Security, Google Professional Cloud Security Engineer. Years and Type of Experience: 6+ years of experience in Information Systems with at least 2 years of formal experience in Cyber Security.. Excellent English written and spoken communication skills with the ability to explain technical information to non-technical people.. Key Required Skills, Knowledge And Capabilities. Experience with the Microsoft Suite of Security Tools.. Experience with configuration and management of security solutions for Google Cloud, Microsoft Azure, and/or Amazon Web Services.. Experience with configuration and management of endpoint security solutions including EDR and DLP.. Experience with process and security automation.. Experience with SIEM configuration, alert tuning, and KQL.. Experience with configuration and management of Office 365 services and security solutions.. Experience with incident response.. Must have excellent technical writing and research skills.. Experience with Microsoft Windows, Linux, and macOS.. Willing to work non-standard hours and be on-call.. Team player.. Ability to work with ambiguity.. Resilience to change.. Communication skills.. Integrity.. Open minded, respectful, empathetic ability to work in a multicultural environment.. Analytical thinking, problem solving.. DentsplySirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in DentsplySirona.. If you need assistance with completing the online application due to a disability, please send an accommodation request to careers@dentsplysirona.com. Please be sure to include “Accommodation Request” in the subject.. Show more Show less

Lloyd Institute of Forensic Science, Greater Noida affiliated to National Forensic Sciences University, an institution of national importance under the aegis of the Ministry of Home Affairs, which facilitates and promotes studies and research and to achieve excellence in the field of forensic science in conjunction with applied behavioral science studies, law, criminology and other allied areas and technology and other related fields, invites online application from the eligible candidates for various non teaching posts Scientific Assistant - Multimedia Forensic Master's degree in Multimedia Forensics/Forensic Science (with specialization in Cyber Forensics / Forensic Physics) / Computer Applications/Electronics/ Computer Science/IT/Cyber Security/Digital Forensic/ Physics/ Cyber Security Management/ Digital Forensics OR B.E./B. Tech. Computer Science & Engineering (Cyber Security).OR BE/ B. Tech in Information Technology/ Computer Science/Electronics and Communication/Information Communication Technology/ EEE with good academic record from a recognized Lab Assistant Digital Forensic Multimedia Forensic Cyber Security & Information Security Bachelor's degree in Multimedia Forensics/Cyber Security / Digital Forensics / Computer Science / information Technology / Electronics and Communication or B.E./B.Tech. in all Engineering/Technology Branches OR B.Sc. (Information Technology (IT)/Computer Science (CS)/Electronics) with good academic record Obtained from recognized University.2. Should have adequate proficiency in English & Hindi

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!. Who We Are. Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.. Deepwatch Recognition Includes. 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified. 2024 Military Times Best for Vets Employers. 2024 US Department of Labor Hire Vets Gold Award. 2024 Forbes' America's Best Startup Employers. 2024 Cyber Defense Magazine, Global Infosec Awards. 2023 and 2022 Fortress Cybersecurity Award. 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners. 2022 Cybersecurity Excellence Award for MDR. Solutions Engineer, Automation This role is hybrid in Bengaluru. Position Summary. As a Solutions Engineer, Automation, you will play a vital role in enhancing the automation frameworks and security incident response capabilities for our organization. This role spans across designing, implementing, and managing both quality assurance automation and security automation to optimize our software development lifecycle and improve security incident response processes.. This role works closely with development, QA, security teams, and other stakeholders to ensure that our applications are robust, efficient, and secure. You’ll be instrumental in building testing frameworks, integrating automated processes, and developing security automation workflows that streamline operations and improve our response to emerging threats.. In This Role, You’ll Get To. Develop and maintain test frameworks and environments for assigned projects, integrating these into CI/CD processes. Evaluate project outputs against defined acceptance criteria and continuously improve testing processes. Continually work towards making improvements in the Test processes. Assess and analyze release components. Carry out the builds and tests and ensure, where possible, information exchange with configuration management. Manage risks and resolve issues that affect release scope, schedule and quality. Conduct Release Readiness reviews, produce test reports, and ensure deployments meet release standards. Monitor test activities, track release quality, and manage the release repository, documenting build and release procedures. Design and implement SOAR (Security Orchestration, Automation, and Response) workflows to enhance security processes. Develop and maintain integrations with SIEM, IDS/IPS, EDR, and other security tools, ensuring compatibility with threat intelligence feeds and vulnerability scanners. Collaborate with security analysts to identify automation opportunities, building custom playbooks to streamline incident response processes. Troubleshoot SOAR-related issues, working with cross-functional teams to resolve complex security concerns and improve system resilience. Work with teams across the organization, including application development, QA, and security operations, to foster continuous improvement in automation processes. Participate in customer meetings to discuss scope and challenges, keeping security and quality at the forefront of deliverables. Create comprehensive documentation and training materials to assist stakeholders in understanding and using automation solutions effectively. To Be Successful In This Role, You’ll Need. Proficiency in developing automation frameworks leveraging Python. Strong experience with Agile methodologies and CI/CD pipelines, leveraging Git for version control. Deep understanding of security operations, incident response, and frameworks such as ATT&CK and Cyber Kill Chain. Experience with SOAR platform integrations and scripting languages for automation, with a background in security threat modeling. Knowledge of QA tools and frameworks like Cypress, Postman, Webdriver.io, and others. Excellent problem-solving skills, with the ability to work independently and as part of a team, effectively communicating with cross-functional teams. To integrate IDS/IPS, SIEM, EDR, Firewall, Email, and Cloud security solutions with a SOAR platform. Life At Deepwatch. For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional. growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.. In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to. creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida;. and Bengaluru, India.. What We Offer. At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.. We Partner With Plum Benefits To Provide. ? Group Health Insurance – Comprehensive medical coverage for you and your dependents.. ? Group Accidental Insurance – Financial protection in case of accidental injuries.. ? Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.. For additional details, refer to the benefits guide provided by Plum.. Payroll & Compensation. ? Pay Cycle: Salaries are processed monthly and paid on the last day of each month.. ? Pay Slips & Reimbursements: Delivered via email.. ? Payroll Processing: Managed by BCL Chartered Accountants through GreytHR, which provides tax and payment-related details.. Show more Show less

About Toast Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. Because our technology is purpose-built for restaurants, our customers trust that we will deliver on their needs today while investing in innovative experiences that will power the future of the industry. About this roll*: We are seeking a strategic and experienced leader to manage our Corporate Security and Governance, Risk, and Compliance functions in India. You will lead and grow both teams, strengthen our security posture, drive compliance with industry frameworks, and support enterprise risk efforts, while partnering closely with global stakeholders on key initiatives. What you will do: Corporate Security: Provide leadership and oversight to the CorpSec team, ensuring the implementation of best practices across endpoint protection, vulnerability management, and threat mitigation. Guide the design and management of a secure enterprise endpoint strategy, ensuring the CorpSec team aligns with policy and compliance requirements. Supervise the CorpSec team in conducting vendor risk assessments and coordinate with global stakeholders to drive remediation activities. Oversee the management of secure email gateway and Data Loss Prevention (DLP) systems, ensuring the CorpSec team enforces data protection and policy compliance across all endpoints (Windows, macOS, Linux). Manage endpoint investigations and root cause analysis, directing the CorpSec team to collaborate with the SOC for integrating telemetry into SIEM platforms (e.g., Splunk, Datadog). Ensure the CorpSec team maintains documentation, SOPs, and training resources, and oversees the delivery of awareness sessions to improve endpoint hygiene. Stay informed on emerging threats to provide strategic guidance to the CorpSec team for enhancing threat detection and response capabilities. Governance, Risk, and Compliance (GRC): Oversee the development and maintenance of GRC frameworks (SOC 2, PCI DSS, ISO 27001), ensuring the Technical GRC team aligns with global standards and maintains ongoing compliance. Manage the review process for third-party security attestations (e.g., SOC 2, ISO 27001) and guide the Technical GRC team in assessing vendors in collaboration with Legal, Procurement, and IT. Supervise periodic vendor risk reviews, ensuring the Technical GRC team identifies gaps and drives remediation plans effectively. Partner with internal audit and external assessors to support security evaluations and regulatory alignment. Provide oversight for regular reporting on compliance posture, risk trends, and incident metrics to senior stakeholders, ensuring the Technical GRC team delivers accurate and timely updates. Team Leadership and Development: Provide leadership and mentorship to the Corporate Security and GRC teams in India, fostering a high-trust, collaborative environment. Recruit, train, and grow security talent to build a resilient, high-performing organization. Set performance goals, conduct evaluations, and support team members' ongoing development. Do you have the right ingredients*? Bachelor’s in Computer Science, InfoSec, or related field (Master’s preferred). Industry certifications like CISSP, CISM, or CEH are strongly preferred. 10+ years in cybersecurity, with hands-on experience in vulnerability management, compliance automation, and GRC. Strong understanding of SOC operations, incident response, and security tooling (SIEM, IDS/IPS, WAF). Proven leadership experience managing distributed security teams in dynamic environments. Skilled in communication, collaboration, and team development. Deep knowledge of compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001) and regulatory expectations.

Locations : Pune / Hyderabad / Trivandrum / Kochi / Bangalore / Chennai Skills Required : Proficient in DLP false-positive event detection and optimizing the process Experience in DLP, ITIL Foundation, Data Security, Incident Management Strong experience in monitoring, analyzing, and daily operations on DLP process Experience in security process and incident management tools Hands-on experience in security incident response lifecycle Data Security Strong experience with DLP (Data Loss Prevention) solutions, DLP policy creation, Data Security and Incident Response Experience in DLP policy design and analysis Strong experience in data security tools & techniques including DLP, Cloud Access Security Broker (CASB)

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :3 to 8 yrs Work Location :Bangalore Required Skills, Security operations SOC1, SOC2 , FFIEC , GDPR Interested candidates can send resumes to nandhini.spstaffing@gmail.com

In this role, you will be triaging, analysing, and remediating security incidents. You will be writing and delivering detailed investigation and analysis reports while maintaining technical documentation. You will work as part of follow-the-sun 24/7 SOC. Monitor security events and alerts from various sources. Execute predefined incident response playbooks related to identified security incidents. Collect, correlate, and analyze additional data to perform incident analysis and response. Support incident reporting to internal and external stakeholders. Collaborate with senior analysts to improve security processes. Who you are: Basic Qualification: Education: Bachelors in information technology, Computer Science or similar Field. Experience: Minimum 1 year of experience in a Cyber Security Operations Center (SOC) or related cyber security experience. Strong analytical and interpersonal communication skills, including the ability to communicate effectively Excellent verbal and written communication skills Technical documentation and writing Excellent team player that demonstrates proactiveness Mandate Skills: Experience with SOAR, SIEM, and EDR solutions. knowledge of Windows and Linux operating systems Strong analytical skills in threat, vulnerability, and intrusion detection analysis. Have a understanding of threat vectors as well as attacker techniques and tactics. Being a highly motivated individual with the ability to self-start, prioritize, and multi-task. The candidate should be able to react quickly, decisively, and deliberately in high stress situations. Strong verbal/written communication and interpersonal skills. Preferred Skills One or more widely recognized security certifications from renowned institutions such as GIAC/SANS, EC-Council, etc. Service-related expert knowledge: Knowledge of incident handling, protection of systems, networks, applications and data Confident handling of artifacts, IoCs and threat intelligence Case management experience and tools Experience with EDR and SIEM tools Alert triage and investigation, applying knowledge of the environment, understanding of the attack chain, and initial impressions of alerts to prioritize, validate, and investigate alerts. Case management classification and initial validation, documenting relevant details and observables Cyber security and technical knowledge: Experience with operating system security (Linux and Windows), anti-virus technologies and network security. Working knowledge of common TCP/IP based services and protocols such as DNS, DHCP, HTTP, FTP, SSH, SMTP, etc. Knowledge about firewalls, proxies/reverse proxies, IDS/IPS Knowledge of operating systems Ability to read and understand network and endpoint logs Basic Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, etc.) Consideration of laws, regulations, policies, and ethics (GDPR, etc.) Skills in writing queries for security and investigative tools Skills in applying incident handling best practices

Hi everyone. Open Positions in the SOC Lead Analyst Role Greetings from Tekaccel! This is an excellent opportunity with us. If you have that unique and unlimited passion for building world-class enterprise software products that turn into actionable intelligence, then we have the right opportunity for you and your career. What are we looking for? Job Title: SOC Lead Analyst Location: Hyderabad (Work from Office) Experience Required: 5 to 7 years Shift: Rotational shifts (24x7) Contract Key Responsibilities: Incident Response: Respond to alerts across the global technology environment to detect, analyze, contain, and mitigate security incidents. Work in collaboration with Cybersecurity Incident Response teams to manage serious security events. Threat Detection & Analysis: Develop, test, and implement new detection use cases and response playbooks. Conduct root cause analysis and participate in post-incident reviews. Stay current with emerging threats and vulnerabilities. Process & Tooling: Continuously improve analysis workflows, tools, and playbooks. Identify opportunities for automation to enhance operational efficiency. Ensure detection rules are optimized for maximum coverage and minimum false positives. Leadership & Collaboration: Provide expert-level guidance to team members and stakeholders. Mentor and coach junior analysts to improve overall team capability. Collaborate with IT and Cybersecurity teams to ensure effective security controls are in place. Support shift handovers and ensure seamless incident management coverage. Strategic Contribution: Promote a culture of continuous improvement and proactive risk management. Support broader cybersecurity awareness initiatives across the organization. Required Skills & Qualifications: 5+ years of technical experience in IT or IT Security (e.g., network/system administration, SOC analyst). Expertise in SIEM platforms, EDR solutions, log management, and cybersecurity tools. Strong knowledge of IDS/IPS, HIPS, anti-malware, firewalls, proxies, MSS. Experience with cloud platforms (AWS, Azure, Google Cloud). In-depth understanding of operating systems (Windows, Linux, UNIX, iOS, OSX, etc.). Proficiency in network protocols (TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.). Hands-on experience in scripting/programming for automation and tool development. Familiarity with security frameworks and standards (OWASP, ISO 2700x, PCI DSS, NIST, etc.). Proven experience in incident response, threat containment, and remediation processes. Relevant certifications (CEH, EnCE, SANS GSEC, GCIH, GCIA, CISSP, or equivalent). Education: Bachelors or advanced degree in Computer Science, Cybersecurity, or equivalent experience. If interested, candidates, please share your updated resume at naveen@tekaccel.com or WhatsApp at +91 7997763537 Tekaccel Software Services India

3 -7 years of working experience in a security operations centre or relevant. Experience with incident response frameworks and methodologies (e.g., MITRE ATT&CK) Strong knowledge of incident response, incident management, change management, process flow, etc. and their best practices. Excellent communication and collaboration skills Ability to work independently and as part of a team Ability to handle pressure and work effectively in a fast-paced environment Experience with security tools and technologies (e.g., SIEM, SOAR, EDR) a plus Knowledge of legal and regulatory requirements related to data breaches a plus Good understanding of Incident life cycle and Triage process. Good experience in OS logs, WAF, IPS, firewall etc. log analysis. Insight knowledge about DFIR and Malware analysis Knowledge of Threat Intelligence and Security Advisories research and analysis would be added advantage.

Job Description: Cloud Segment Information Security Officer (SISO GL28) Location- Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organizations cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Key Responsibilities: Cloud Security Strategy: Develop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure. Risk Management: Identify, assess, and mitigate security risks associated with cloud operations and technologies. Incident Response: Lead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation. Compliance: Ensure compliance with relevant cloud-specific regulations and standards. Collaboration: Work closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications. Training and Awareness: Support security training and awareness programs for employees within the cloud segment to promote a security-conscious culture. Policy Development: Develop and enforce security policies and procedures specific to cloud operations. Audit and Assessment: Support security audits and assessments to ensure the effectiveness of security measures within the cloud segment. Business Partnership: Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions. Qualifications: Proven experience in developing and implementing cloud security strategies. Strong knowledge of cloud risk management and security architecture. Experience in leading cloud incident response efforts. Familiarity with cloud compliance regulations and security monitoring tools. Excellent collaboration and communication skills. Ability to conduct training and develop cloud security policies. Experience in conducting cloud security audits and assessments. Demonstrated ability to build and maintain relationships with business leaders and stakeholders. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission. njp

Job Description: Cloud Segment Information Security Officer (SISO GL28) Location Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organizations cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Primary Responsibilities: Cloud Security Strategy: Develop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure Risk Management: Identify, assess, and mitigate security risks associated with cloud operations and technologies Incident Response: Lead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation Compliance: Ensure compliance with relevant cloud-specific regulations and standards Collaboration: Work closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications Training and Awareness: Support security training and awareness programs for employees within the cloud segment to promote a security-conscious culture Policy Development: Develop and enforce security policies and procedures specific to cloud operations Audit and Assessment: Support security audits and assessments to ensure the effectiveness of security measures within the cloud segment Business Partnership: Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Proven experience in developing and implementing cloud security strategies Experience in leading cloud incident response efforts Experience in conducting cloud security audits and assessments Solid knowledge of cloud risk management and security architecture Familiarity with cloud compliance regulations and security monitoring tools Proven excellent collaboration and communication skills Demonstrated ability to conduct training and develop cloud security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Key Responsibilities: Threat Assessment: Identifying potential security risks and vulnerabilities in the client's surroundings. Security Planning: Developing and implementing security strategies and routes to minimize threats. Close Protection: Providing physical protection to the client, both in public and private settings. Escorting and Transportation: Ensuring safe transportation of the client and coordinating logistics. Surveillance and Monitoring: Observing the client's environment for suspicious activity and responding to potential threats. Communication and Coordination: Maintaining clear communication with other security personnel and emergency services. Conflict Resolution: Managing potentially volatile situations and de-escalating conflicts. Emergency Response: Responding effectively to security breaches or emergencies, including evacuating the client when necessary. Confidentiality: Maintaining the client's privacy and discretion. Background Checks: Conducting background checks on employees, staff, and vendors who may interact with the client. Essential Skills: Security Expertise: Strong knowledge of security protocols, risk assessment, and defensive tactics. Physical Fitness: Ability to handle physical challenges and react quickly to threats. Situational Awareness: Excellent observational skills and the ability to remain alert in dynamic environments. Communication Skills: Effective verbal and non-verbal communication, both with the client and other security personnel. Problem-Solving Skills: Ability to analyze situations, identify solutions, and make quick decisions. Professionalism and Discretion: Maintaining a professional demeanor, adhering to strict confidentiality, and respecting the client's privacy. Adaptability: Ability to adjust to changing situations and environments

Architect, implement, and maintain secure, high-performance network infrastructure. Deploy and manage firewalls, routers, switches, VPNs, IDS/IPS, and secure wireless environments. Lead network security initiatives including segmentation, policy enforcement, and hardening. Conduct network security audits and vulnerability assessments with detailed reporting. Proactively monitor for threats, perform incident response, and mitigate risks. Ensure compliance with cybersecurity best practices, industry frameworks, and client policies. Help deploy, configure, and maintain SIEM platforms (e.g., Splunk, LogRhythm, Sentinel, etc) to aggregate logs and detect anomalies. Perform log analysis, threat hunting, and correlation rule tuning within SIEM systems. Help manage and monitor endpoint protection platforms (e.g., CrowdStrike, SentinelOne, Sophos, EDR/XDR solutions). Collaborate with internal teams and clients to develop tailored network and endpoint security solutions. Act as a subject matter expert (SME) on networking and cybersecurity during sales, planning, and strategy sessions. Document network architectures, policies, configurations, and processes. Manage and lead infrastructure upgrades, migrations, and disaster recovery planning. Stay current with emerging threats, technologies, and compliance regulations. Requirements Degree in Information Systems, Computer Science, Cybersecurity, or equivalent work experience. 8-10 years of enterprise networking and infrastructure experience.

The role is within the Information Security Risk Management (ISRM) Cyber Fusion Engineering team responsible for the support of Thomson Reuters Cyber Defense Engineering Tools. The successful candidate will have the opportunity to learn - and provide skilled technical support - for our current infrastructure security toolset as well as our future security services within the technical operations environment. About the role: Support the development and maintenance of security tools and infrastructure such as Confluence, MISP Threat Intelligence Platform, and ServiceNow Security Incident Response. Help build and maintain cloud infrastructure in support of our technologies Collaborate with Cyber Defense teams such as the SOC, Threat Detection, Threat Intel, and Incident Response teams to understand feature and support needs. Act as an interface with other IT disciplines inside the larger organization to develop deployment pipelines for AWS infrastructure to meet Enterprise standards. About You: Bachelor's Degree with 3+ years IT or Information Security experience Scripting experience with Python and bash Foundational knowledge of AWS Application/Infrastructure administration experience in an Enterprise environment. Excellent customer service and communication (oral / written) skills required. Strong critical thinking, analytical, and troubleshooting skills. Must be able to accept delegated work on assigned projects and initiatives and complete them successfully with minimum supervision. Preferred Qualifications: Knowledge of/and experience with a Linux OS distribution. Hands on experience deploying and managing infrastructure in AWS Knowledge of/or experience with Infrastructure as Code technologies (e.g. Terraform, CloudFormation) and/or CI/CD pipeline technologies (e.g. AWS CodeBuild, CodePipeline, etc) Understanding of the principles of IaaS, PaaS, SaaS cloud environments Knowledge of/and experience in Cyber Security or Security+ certification Knowledge of/or experience with security orchestration, automation, and response (SOAR) tools. Understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.) Experience working in a large enterprise environment #LI-HS1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Job Summary The Cyber Security Architect will play a crucial role in designing and implementing security solutions to protect the companys digital assets. With a focus on Fortigate Next Gen Firewalls the candidate will ensure robust security measures are in place. The role involves collaborating with various teams including Sales & Marketing to align security strategies with business objectives. This hybrid position offers a dynamic work environment with a day shift schedule. Responsibilities Develop comprehensive security architecture strategies to safeguard digital assets and ensure compliance with industry standards. Implement Fortigate Next Gen Firewalls to enhance network security and protect against cyber threats. Collaborate with cross-functional teams to integrate security measures into business processes ensuring seamless operations. Analyze security systems and identify areas for improvement to optimize protection and efficiency. Conduct regular security assessments and audits to maintain the integrity of the companys digital infrastructure. Provide expert guidance on security best practices to internal teams fostering a culture of security awareness. Monitor emerging cyber threats and develop proactive strategies to mitigate risks effectively. Design and deploy security solutions that align with the companys objectives and enhance overall resilience. Oversee incident response activities ensuring swift resolution and minimal impact on business operations. Evaluate new security technologies and recommend implementations that enhance the companys security posture. Collaborate with Sales & Marketing teams to ensure security measures support business goals and customer trust. Lead training sessions to educate employees on security protocols and the importance of data protection. Maintain documentation of security policies and procedures ensuring accessibility and compliance. Qualifications Possess extensive experience in Fortigate Next Gen Firewalls demonstrating expertise in configuration and management. Have a strong understanding of cybersecurity principles and practices with a focus on network security. Experience in Sales & Marketing domain is advantageous providing insight into aligning security with business strategies. Demonstrate excellent analytical skills with the ability to identify vulnerabilities and propose effective solutions. Exhibit strong communication skills capable of conveying complex security concepts to non-technical stakeholders. Show proficiency in conducting security audits and assessments ensuring compliance with industry standards. Display a proactive approach to threat detection and mitigation staying ahead of potential risks.

Role: The Security Operations (SOC) - Engineer is responsible for monitoring the environment, identifying, reporting, and responding to security threats that put the organization at risk. The primary function of this position is to monitor the security tools and perform alert management and initial incident qualification. Job Description Acknowledge, analyze, and validate incidents triggered from multiple security tools like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response tools, and events through SIEM solution Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc. Collection of necessary logs that could help in the incident containment and security investigation Escalate validated and confirmed incidents to Security administrators Undertake first stages of false positive and false negative analysis Understand the structure and the meaning of logs from different log sources such as FW, IDS/IPS, WAF, Windows DC, Cloudflare, AV and antimalware software, O365 email security etc. Open incidents in ticketing platform to report the alarms triggered or threats detected. Track and update incidents and requests based on updates and analysis results Report infrastructure issues to the IMS Team Working with vendors to work on security issues. Perform other duties as assigned Skills: Strong security knowledge Should have expertise on TCP/IP network traffic and event log analysis Experience with Linux, Windows and Network Operating Systems required. Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM Knowledge and hands-on experience in Log management & Endpoint detection and response tools Knowledge of ITIL disciplines such as Incident, Problem and Change Management Strong interpersonal skills including excellent written/verbal communication skills Interview Process: Technical Interview HRBP Interview Consent: Consent: we will use your resume for current full-time job openings with us and retain it for future opportunities

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

Objective: Serve as L1/L2/L3 level core security domains. Lead architecture reviews, complex troubleshooting, performance tuning, threat modeling, and support design/implementation changes. Technologies Supported Domain Platform DDoS Protection Radware DefensePro / Cloud DDoS NGFW Palo Alto (Panorama, Cortex XSOAR) SIEM & IDAM OpenText ArcSight / CyberRes WAF & LB Radware AppWall / Alteon VX Endpoint Security Trend Micro Apex One / Vision One VAPT Tenable.io / SecurityCenter HSM Thales Luna / payShield APM & Logging Elastic Stack (ELK + Observability) Advanced Skill Set Expert in one or more: DDoS, NGFW, SIEM, WAF, VAPT Protocol-level packet analysis Threat intelligence and hunting workflows SIEM correlation strategy and content development Complex API integrations and automation scripting (Python/Shell) Familiarity with Zero Trust, MITRE ATT&CK, SOAR

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.