1461 Incident Response Jobs - Page 4

The role of an OT Cybersecurity Consultant at NetConnect Global (NCG) in Mumbai is crucial in safeguarding operational technology (OT) environments from evolving cyber threats. In this position, you will take charge of security initiatives, conduct risk assessments, and collaborate closely with engineering and operations teams to implement robust cybersecurity measures. By fulfilling this role, you will have the opportunity for significant professional growth while directly contributing to the resilience and security of the systems. Your key responsibilities will include developing and implementing cybersecurity policies and procedures specifically tailored for OT environments. You will be required to conduct risk assessments and vulnerability analyses to identify and mitigate potential threats to OT systems. Additionally, you will lead incident response efforts, working with internal teams and external partners to resolve security incidents efficiently. Designing and executing cybersecurity projects, integrating security monitoring tools and incident response frameworks, will also be part of your responsibilities. Furthermore, you will be expected to develop strategic roadmaps to enhance the OT security posture, collaborate with IT, engineering, and operations teams for seamless integration of cybersecurity measures, and communicate security risks while promoting cybersecurity awareness across the organization. Identifying opportunities for innovation in OT security practices will also be a key aspect of your role. To qualify for this position, you should hold a Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field. Possessing relevant certifications such as CISSP, CISM, or GICSP would be advantageous. Moreover, you should have 2-3 years of experience in cybersecurity, with a specific focus on OT or industrial control systems (ICS). A strong understanding of ICS, SCADA, and OT protocols is essential, along with proficiency in network security for OT environments, including segmentation, firewalls, IDS/IPS, and secure remote access. Excellent communication skills are also required to effectively engage with both technical and non-technical stakeholders. NetConnect Global (NCG) is a Great Place to Work Certified digital transformation, engineering, and professional services company that has been partnering with leading global enterprises since 1997. NCG delivers Cloud & Infrastructure, Cybersecurity, AI/ML, and Advanced Data Analytics solutions to enable businesses to scale securely and efficiently. NCG offers various benefits to its employees, including 6 months fully paid maternity leave, 5 days paid paternity leave, medical insurance from day 1 with the option to cover spouse, children, and parents, a Group Personal Accident Policy providing 2x annual salary coverage, immediate Workmen's Compensation & Gratuity in cases of permanent disability, and an Employee Assistance Program for confidential personal and professional support. This is a full-time position at Level 2 (2-3 years of experience) in the software engineering industry.,

You are an experienced and highly motivated Global Data Privacy Manager responsible for leading and supporting the global data protection and privacy program at our organization. Your role involves managing and evolving the data privacy program to ensure compliance with various global privacy regulations, such as GDPR, CCPA/CPRA, PDPA, PIPEDA, and others. Collaboration with legal, IT, HR, marketing, and security teams is crucial to support privacy-by-design initiatives, assess privacy risks, and align with company strategy. Your responsibilities include leading and managing the global data privacy compliance program across all geographies and business units. You will need to analyze and interpret complex international privacy laws and regulations, act as a subject matter expert on data privacy for global clients, develop and maintain privacy policies and procedures, conduct privacy impact assessments, and collaborate with different teams to implement privacy-by-design in new offerings. As a Global Data Privacy Manager, you will also be responsible for aligning with information security teams on data protection controls, incident response, and breach notification protocols. Supporting incident response teams in managing privacy breaches, responding to Data Subject Access Requests (DSARs), client audits, and regulatory inquiries are part of your role. Additionally, you will review, negotiate, and advise on privacy-related contractual documents and drive awareness and training programs across delivery centers. Key attributes for this role include the ability to interpret and implement multi-jurisdictional privacy laws, integrity, excellent organizational and project management skills, strong communication skills, a collaborative mindset, and a proactive problem-solving orientation. Qualifications required for this role include 6-9 years of hands-on experience in data privacy, a Master's degree or equivalent in related fields, and relevant certifications. In return, we offer you a strategic role at the intersection of privacy, technology, and global service delivery, exposure to international regulations and high-impact client engagements, a collaborative and inclusive culture committed to ethical data stewardship, competitive compensation, remote/flexible work options, and continuous learning support. Join us at Virtusa, where teamwork, quality of life, professional and personal development are valued. With a global team of 27,000 professionals, we are committed to providing exciting projects, opportunities, and state-of-the-art technologies for your career growth. Embrace collaboration, innovation, and excellence at Virtusa.,

Join a company that is pushing the boundaries of what is possible. NTT DATA is renowned for its technical excellence, leading innovations, and making a difference to clients and society. The workplace embraces diversity and inclusion, providing a space where you can grow, belong, and thrive. As a Senior Associate Information Security Incident Response Analyst at NTT DATA, you will be a developing subject matter expert responsible for assisting in detecting and monitoring threats and suspicious activities within the organization's technology domain. You will support technical staff from various business areas and third-party experts, utilizing your technical competencies to detect unauthorized activity on company information assets. Key responsibilities of this role include assisting in preventing and resolving security breaches, supporting access management activities, implementing security service audit schedules, supporting a global team of Cyber Security Analysts, and communicating effectively with stakeholders regarding incident response and resolution. To excel in this role, you should have knowledge of technological advances in information security, an understanding of system inter-relationships, familiarity with information security management and policies, and the ability to think critically and solve problems. Academic qualifications and certifications required for this role include a Bachelor's degree in Information Technology, Computer Science, or a related field, along with certifications such as SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA), and SANS GIAC Certified Incident Handler (GCIH). The ideal candidate will have moderate experience in the Technology Information Security industry, using End Point Protection Software, Enterprise Detection and Response software, SIEM and IPS technologies, as well as Wireshark or tcpdump for identifying abnormal/malicious traffic patterns. This is a remote working position at NTT DATA, a trusted global innovator of business and technology services with a commitment to helping clients innovate, optimize, and transform for long-term success. NTT DATA invests significantly in R&D each year to support organizations and society in confidently transitioning into the digital future. As a Global Top Employer, NTT DATA boasts diverse experts in over 50 countries and a robust partner ecosystem. Services offered by NTT DATA include business and technology consulting, data and artificial intelligence, industry solutions, as well as application, infrastructure, and connectivity development, implementation, and management. NTT DATA is also a leading provider of digital and AI infrastructure globally, and is part of the NTT Group headquartered in Tokyo. NTT DATA is an Equal Opportunity Employer, committed to providing an inclusive and diverse workplace for all employees.,

As a Security Analyst at our high-performance team in Mumbai, you will be responsible for monitoring security events and alerts to identify potential malicious behaviors. Your role will involve evaluating the type and severity of security events using packet analyses, an in-depth understanding of exploits and vulnerabilities, and providing incident response and escalation to the incident response team. This is a 24x7 role with a fully work from office option only. Your responsibilities will include using SIEM technologies and other native tools for 24x7 monitoring of security events, managing inbound requests via the ticketing system and telephone calls, and providing security notifications through incident tickets, emails, and telephone calls. You will conduct analysis on logs produced by network devices, perform security events analysis, identify potential threats and anomalies, document findings, provide recommendations, and perform cybersecurity root-cause analysis for any unresolved tickets. To excel in this role, you will need a Bachelor's degree or equivalent in Computer Science, Systems Engineering, Cybersecurity, Information Technology, or a related area, along with a minimum of 4 years of monitoring experience in a Cyber Security Operations Center. Technical expertise in troubleshooting Microsoft products and operating systems is essential, with desirable knowledge of MAC OS and Linux. An understanding of basic network services, TCP/IP, IP Routing, attacks, exploits, vulnerabilities, experience with VPN, SSL, encryption methodology, and working knowledge of Security Operations Center protocols is required. Desired certifications for this role include CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), Certified SOC Analyst (CSA), and Microsoft Certified: Security Operations Analyst Associate. Experience with security tools and technologies such as SIEM, IDS/IPS, Web application firewalls, Antivirus, Proxy and Url filtering, DLP, and Vulnerability scanner is preferred. At Kroll, we bring clarity and truth into focus with the Kroll Lens, using sharp analytical skills and the latest technology to provide clients with valuable insights across various business areas. We value diverse backgrounds and perspectives that enable us to think globally and offer a supportive and collaborative work environment. As part of One team, One Kroll, you will contribute to an environment that empowers you to excel. Kroll is a global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, compliance, and regulatory consulting. Our professionals leverage analytical skills, market insight, and independence to help clients make informed decisions. We think globally as an organization and encourage our employees to do the same. Kroll is committed to equal opportunity and diversity in recruitment based on merit. To be considered for a position, please apply formally via careers.kroll.com.,

As a mid-level Endpoint Security Analyst, you will be responsible for managing endpoint security, responding to security incidents, and supporting solutions such as SentinelOne. Your key responsibilities will include monitoring endpoint security alerts and events, responding to and investigating security incidents, assisting in the deployment and configuration of endpoint security tools, and supporting the team in maintaining endpoint security policies. Your role will be crucial in ensuring the security of our organization's endpoints and data, contributing to the overall security posture. Your attention to detail, proactive approach to security incidents, and ability to work effectively with the team will be essential in this position.,

As a professional services firm affiliated with KPMG International Limited, KPMG entities in India have been established since August 1993. With offices spread across various cities in India including Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara, and Vijayawada, our professionals leverage a global network of firms while maintaining a deep understanding of local laws, regulations, markets, and competition. Key Responsibilities: Team Leadership: You will be responsible for managing and mentoring a team of forensic technology professionals, ensuring efficient workflow and adherence to best practices, with experience in managing 5-10 team members. Digital Forensic and eDiscovery: Hands-on experience in digital forensic and eDiscovery, including a good understanding of the EDRM framework and processes. Client Management: Manage communications with internal and external stakeholders to ensure effective collaboration and client satisfaction. Investigation Oversight: Plan, execute, and document digital forensic investigations related to cybercrime, fraud, and regulatory compliance. Evidence Management: Maintain a strict chain of custody for digital evidence, ensuring integrity and admissibility in legal proceedings. Data Analysis & Reporting: Conduct forensic data acquisition, preservation, and analysis from various digital devices, preparing detailed forensic reports. Incident Response: Lead cyber forensic investigations related to security breaches, network intrusions, and data leaks. Technology Implementation: Utilize advanced forensic tools such as EnCase, FTK, Cellebrite, and other digital forensic software for efficient investigations. Cross-Department Collaboration: Work closely with internal teams to identify collaboration opportunities and enhance overall efficiency. Qualifications & Skills: Educational Background: BE/B.TECH/MCA/M. Tech-(Computers/Electronics/IT) Experience: 7+ Years Tools: Hands-on experience in Cellebrite, Encase, Nuix, Relativity, Splunk, Axiom, SQL, and other relevant tools. Certifications: Preferred certifications include EnCE, Relativity (RCA, Master), PMP, or any other industry-recognized certification. Technical Expertise: Strong knowledge of forensic tools, data analytics, and cybersecurity frameworks. Communication & Leadership: Ability to translate complex forensic findings into understandable reports and lead forensic teams effectively. KPMG entities in India provide equal employment opportunities, fostering a diverse and inclusive work environment.,

As a skilled and proactive SOC Lead, you will play a crucial role in managing and enhancing our Security Operations Center capabilities. Your strong experience in cybersecurity operations, threat analysis, incident response, and team leadership will be instrumental in establishing and overseeing the SOC process. You will lead the day-to-day monitoring, manage a team of analysts, and drive the evolution of our threat detection and response processes. Your key responsibilities will include implementing various SIEM / XDR solutions, leading and coordinating the daily operations of the Security Operations Center, and supervising and mentoring SOC analysts. You will provide guidance on threat detection, triage, and incident handling, as well as review, escalate, and respond to security incidents in a timely manner. Continuous improvement of SOC playbooks, procedures, and incident response plans will be under your purview, along with overseeing threat intelligence gathering and its integration into detection capabilities. Collaboration with IT, network, and application teams to enhance security posture, leading threat-hunting initiatives, and proactively identifying potential risks are also part of your responsibilities. Moreover, you will be responsible for maintaining and optimizing SIEM, SOAR, and other security tools for effective coverage and alerting, while staying current on emerging threats, vulnerabilities, and best practices in security operations. To qualify for this role, you should have a Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent experience. A minimum of 5-6 years of experience in cybersecurity, including at least 2 years of team handling experience, is required. Deep understanding of XDR / SIEM platforms, hands-on experience with incident response, threat analysis, malware analysis, and vulnerability management, as well as knowledge of attack frameworks and regulatory frameworks are essential. Strong analytical, problem-solving, and communication skills are also necessary. Preferred qualifications include professional certifications such as GCIA, GCIH, CEH, CISSP, ECIH, CHFI, experience with SOAR platforms and automation of security workflows, and exposure to cloud security environments and monitoring. If you are looking to make an impact in the field of cybersecurity and lead a dynamic team in safeguarding our organization's assets, this role as a SOC Lead is the perfect opportunity for you. Join us in our mission to stay ahead of emerging threats and ensure the highest level of security for our operations.,

Key Responsibilities NAC Implementation & Management : Design, deploy, upgrade and manage HPE Aruba ClearPass Policy Manager for zero-trust security, enforcing role-based access controls across wired, and VPN infrastructures Configure authentication methods (e.g., 802.1X, PEAP, MAC Auth, EAP-TLS) and troubleshoot issues like captive portal redirections or MAC address conflicts. Integrate ClearPass with third-party systems (e.g., SIEM, firewalls, TACACS+, RADIUS for contextual security enforcement. Perform PoC for the different Network vendor devices to check compatibility with Aruba ClearPass NAC. Policy Automation & Threat Response : Creation of policy, profile, cluster and enforcement. Automate responses to security incidents (e.g., quarantine non-compliant endpoints via ClearPass OnGuard) Posture policy testing and compliance check. Work with Network teams to implement Switch with Radius and TACACS+ workflow Integrate ClearPass with Active Directory, LDAP, Radius, DHCP, and other identity sources. Security & Compliance : Conduct vulnerability assessments, audits, and root-cause analyses for NAC/wired environment incidents. Perform regular Compliance checks, patching and upgrades of the ClearPass environment Monitor logs and alerts, and work with Security/Network team on Incident response related to Network Access Control. (NAC) Training & Documentation : Train IT teams/end-users on ClearPass workflows (e.g., guest access portals, self-service device onboarding) Maintain documentation for configurations, policies, and integrations (ex. SOP, Report, Returns etc.) Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Skills & Qualifications Technical Expertise : Proficiency in ClearPass Policy Manager, Onboard, OnGuard, and Guest modules. Hands-on experience with RADIUS, TACACS+, LDAP, and 802.1X protocols. Familiarity with network tools (Wireshark, SolarWinds) and troubleshooting. Soft Skills : Ability to collaborate with cross-functional teams (IT, security, vendors) Problem-solving for complex NAC/wireless issues (e.g., docking station MAC conflicts) Preferred technical and professional experience Certifications (Preferred) : Aruba Certified ClearPass Associate (ACCA) Aruba Certified ClearPass Professional (ACCP) Cisco CCNA/CCNP Security or CWNP

Are you passionate about building and maintaining large-scale production systems that support advanced data science and machine learning applications Do you want to join a team at the heart of NVIDIA's data-driven decision-making culture If so, we have a great opportunity for you! NVIDIA is seeking a Senior Site Reliability Engineer (SRE) for the Data Science & ML Platform(s) team. The role involves designing, building, and maintaining services that enable real-time data analytics, streaming, data lakes, observability and ML/AI training and inferencing. The responsibilities include implementing software and systems engineering practices to ensure high efficiency and availability of the platform, as well as applying SRE principles to improve production systems and optimize service SLOs. Additionally, collaboration with our customers to plan implement changes to the existing system, while monitoring capacity, latency, and performance is part of the role. To succeed in this position, a strong background in SRE practices, systems, networking, coding, capacity management, cloud operations, continuous delivery and deployment, and open-source cloud enabling technologies like Kubernetes and OpenStack is required. Deep understanding of the challenges and standard methodologies of running large-scale distributed systems in production, solving complex issues, automating repetitive tasks, and proactively identifying potential outages is also necessary. Furthermore, excellent communication and collaboration skills, and a culture of diversity, intellectual curiosity, problem-solving, and openness are essential. As a Senior SRE at NVIDIA, you will have the opportunity to work on innovative technologies that power the future of AI and data science, and be part of a dynamic and supportive team that values learning and growth. The role provides the autonomy to work on meaningful projects with the support and mentorship needed to succeed and contributes to a culture of blameless postmortems, iterative improvement, and risk-taking. If you are seeking an exciting and rewarding career that makes a difference, we invite you to apply now! **What You'll Be Doing** - Develop software solutions to ensure reliability and operability of large-scale systems supporting machine-critical use cases. - Gain a deep understanding of our system operations, scalability, interactions, and failures to identify improvement opportunities and risks. - Create tools and automation to reduce operational overhead and eliminate manual tasks. - Establish frameworks, processes, and standard methodologies to enhance operational maturity, team efficiency, and accelerate innovation. - Define meaningful and actionable reliability metrics to track and improve system and service reliability. - Oversee capacity and performance management to facilitate infrastructure scaling across public and private clouds globally. - Build tools to improve our service observability for faster issue resolution. - Practice sustainable incident response and blameless postmortems. **What We Need To See** - Minimum of 6+ years of experience in SRE, Cloud platforms, or DevOps with large-scale microservices in production environments. - Master's or Bachelor's degree in Computer Science or Electrical Engineering or CE or equivalent experience. - Strong understanding of SRE principles, including error budgets, SLOs, and SLAs. - Proficiency in incident, change, and problem management processes. - Skilled in problem-solving, root cause analysis, and optimization. - Experience with streaming data infrastructure services, such as Kafka and Spark. - Expertise in building and operating large-scale observability platforms for monitoring and logging (e.g., ELK, Prometheus). - Proficiency in programming languages such as Python, Go, Perl, or Ruby. - Hands-on experience with scaling distributed systems in public, private, or hybrid cloud environments. - Experience in deploying, supporting, and supervising services, platforms, and application stacks. **Ways To Stand Out From The Crowd** - Experience operating large-scale distributed systems with strong SLAs. - Excellent coding skills in Python and Go and extensive experience in operating data platforms. - Knowledge of CI/CD systems, such as Jenkins and GitHub Actions. - Familiarity with Infrastructure as Code (IaC) methodologies and tools. - Excellent interpersonal skills for identifying and communicating data-driven insights.,

You will be joining M&G Global Services Private Limited, a subsidiary of the M&G plc group of companies, dedicated to providing valuable services since 2003. Our core purpose is to empower individuals to confidently invest their money. With a history spanning over 170 years, we offer a variety of financial products and services in Asset Management, Life, and Wealth sectors, all aimed at delivering strong financial results for our clients and shareholders. As an oversight consultant specializing in Cyber Security, your role will involve evaluating the security risk of our on-premise and cloud-based infrastructure and applications. Your main focus will be to identify vulnerabilities, assess risks, and offer recommendations to enhance the security of our cloud environment. Key Responsibilities: - Develop and uphold a high-level Cyber Risk policy in alignment with relevant Group, regulatory, and industry best practices - Manage the risk appetite statements related to technology and digital risks concerning cyber and provide performance reporting to the Risk committee - Supervise Cyber Risk mitigation projects and controls enhancement initiatives. Lead Red/Blue/Purple teaming activities and oversee regulatory testing like CBEST/FCA Audits - Evaluate the efficiency of processes and internal controls implemented by the first line and infrastructure functions through a sampling program, providing feedback for improvement - Ensure oversight of cloud security and services, encompassing AWS, Azure, GCP, or other cloud providers - Participate in cyber incident response planning, testing, and execution during real incidents - Lead deep dive and thematic reviews related to cyber across all business areas and outsourced service providers when necessary - Assess first line processes and technical analysis of cyber security events, identifying root causes and proposing effective solutions - Provide guidance on compliance with regulatory requirements concerning cyber risk and support regulatory inquiries - Manage the identification, assessment, analysis, and reporting of tactical and strategic threat intelligence to aid decision-making and counter threats targeting our organization. Join us at M&G Global Services to be part of an exceptional team, contributing to the success of a leading savings and investments company.,

As an Information Security Analyst at our organization, you will play a critical role in enhancing the overall security posture. Your responsibilities will include evaluating, testing, and documenting security solutions and controls while collaborating closely with other team members to mitigate risks and foster innovation within the business. In this dynamic role, you will need to stay proactive in anticipating and countering cyber threats by staying updated on the latest infiltration techniques employed by attackers. Continuous learning and growth mindset are essential in this position, reflecting your commitment to ensuring the security of our business operations. Your role will involve collaboration with both internal and external stakeholders, technology management, and business units to address security challenges effectively. Key duties include configuring technical systems for monitoring suspicious activities, establishing security standards, supporting change management processes, and participating in various projects that require information security oversight. To excel in this position, you should have a solid background with at least 6-8 years of experience in incident response, system monitoring, and analysis. Familiarity with compliance requirements such as GLBA, PCI, HIPAA, and SOX is preferred, along with the ability to communicate business risks related to information security effectively. Moreover, your expertise in conducting risk assessments, knowledge of various computing platforms, cloud services, threat intelligence, and vulnerability analysis will be invaluable. Experience in working with Managed Security Service Providers (MSSPs) for monitoring and response purposes will be an added advantage. In addition to technical skills, possessing effective communication, problem-solving, and decision-making abilities are crucial for success in this role. You will be expected to demonstrate integrity, adaptability, organization, and efficiency while working under pressure and tight deadlines. Continuous learning about the evolving threat landscape is essential to stay ahead in this field. A Bachelor's degree in computer science, information assurance, or related fields is required for this role. However, relevant experience can be considered in lieu of a degree. Certification in Cybersecurity Analysis, Incident Response, or Risk Management is desired to further strengthen your credentials. At our company, we are committed to fostering a diverse, inclusive, and equitable workplace where every individual is valued and empowered to contribute to their fullest potential. We encourage candidates from all backgrounds, including traditionally underrepresented groups, to apply for our open roles. Our dedication to diversity and inclusion is integral to our success, and we strive to provide fair opportunities for all employees. If you require any accommodations during the application process due to a disability, please contact us at taglobal@prismhr.com. We are dedicated to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans. Join us at PrismHR and be part of a team that values diversity, inclusion, and employee well-being, creating a workplace where everyone feels a sense of belonging and can thrive. Your unique skills and experiences could be the perfect fit for our team, so don't hesitate to apply and explore the exciting opportunities we have to offer.,

You will be responsible for defining and implementing DevOps strategies that are in line with the business objectives. Your role will involve leading cross-functional teams to enhance collaboration between development, quality assurance, and operations departments. Additionally, you will be tasked with designing, implementing, and overseeing Continuous Integration/Continuous Deployment (CI/CD) pipelines to streamline release cycles. Automation will be a key aspect of your job, as you will need to automate build, test, and deployment processes to expedite software releases. Furthermore, you will work on implementing and managing Infrastructure as Code using tools like Terraform, CloudFormation, and Ansible. Managing cloud platforms such as AWS, Azure, or Google Cloud will also fall under your purview. Ensuring the security of CI/CD pipelines and infrastructure will be critical, requiring you to monitor and address security risks proactively. You will set up observability tools like Prometheus, Grafana, Splunk, and Datadog to maintain visibility into system performance and health. Implementing effective alerting mechanisms and incident response procedures will be part of your responsibilities. In the event of incidents, you will be leading the response efforts and conducting root cause analyses (RCA) to prevent recurrences. Your role will also involve documenting DevOps processes, best practices, and system architectures to ensure knowledge sharing and consistency within the team. Additionally, you will be evaluating and integrating new DevOps tools and technologies to enhance operational efficiency. Overall, you are expected to cultivate a culture of continuous learning and knowledge sharing within the organization to drive innovation and improvement in DevOps practices.,

As a mid-Level Endpoint Security Analyst, you will play a crucial role in safeguarding our organization's endpoint security infrastructure. Collaborating closely with senior security professionals, you will be tasked with implementing and managing endpoint security solutions, responding to security incidents, and ensuring adherence to security policies and best practices. Your responsibilities will include managing endpoint security solutions like antivirus, anti-malware, and endpoint detection and response (EDR) tools. Additionally, you will investigate and address security incidents, conduct forensic investigations, and suggest remediation actions. Monitoring endpoint security systems for potential threats, performing security assessments, and developing endpoint security policies and procedures will also be part of your role. Collaboration with IT teams and other departments will be essential to ensure the effectiveness of endpoint security measures across the organization. You will also provide training to end-users on security best practices and the proper usage of endpoint security tools. Keeping accurate records of endpoint security configurations, incidents, and actions taken will be crucial, as well as preparing reports for management review. Staying informed about the latest security trends, threats, and technologies will be important, and evaluating new security tools and solutions to enhance endpoint protection will be encouraged. Preferred certifications include CompTIA Security+, Certified Ethical Hacker (CEH), or any other security-related certificates. Proficiency in endpoint security tools and technologies, knowledge of operating systems (Windows, macOS, Linux), analytical skills, and strong communication abilities are also essential for success in this role.,

As a SOC Analyst at Airtel, you will be responsible for conducting information security investigations in response to security incidents identified through various SOC entry channels including SIEM, Tickets, Email, and Phone. You should have at least 3 years of experience in this field and experience with tools like Seceon. Your role will involve acting as a point of escalation to provide guidance on incident resolution and containment techniques. You will be required to create and maintain SOC Run books for SIEM tools, document incidents from detection to resolution, and participate in vulnerability management. Additionally, you will lead the coordination of responses to individual security incidents, mentor security analysts on various operational tasks, and communicate effectively with customers, teammates, and management. You will be responsible for preparing Monthly Executive Summary Reports for managed clients and continuously improving their content and presentation. It will be part of your responsibilities to provide recommendations for tuning and optimizing security systems, SOC security processes, procedures, and policies. You will also define, create, and maintain SIEM correlation rules, customer build documents, and security processes. Adhering to ITIL practices regarding incident, problem, and change management is essential. Staying up to date with emerging security threats and regulatory requirements is crucial for this role. Preferred certifications include CEH and CompTIA Security+. In addition to the mentioned responsibilities, you may be assigned other duties as directed by the SOC Manager.,

You will be leading the implementation of enterprise cybersecurity programs in India, ensuring alignment with global strategy and compliance with local regulations. As the primary cybersecurity liaison for India operations, you will collaborate with Enterprise Cyber Security and IT functions, local IT teams, and business partners. Your responsibilities will include aligning India's business cybersecurity posture with global enterprise strategy, serving as the main cybersecurity contact in India, and leading cybersecurity integration for acquisitions and new business units. Additionally, you will represent the company's cybersecurity position in approved external industry forums. In terms of governance and compliance, you will ensure compliance with applicable cybersecurity regulations in India and work with CERT-In for incident reporting and regulatory coordination. You will oversee the implementation of cybersecurity certifications and regulatory directives, stay informed about evolving Indian cyber laws, and suggest policy updates when necessary. Risk management will be a key focus, as you will conduct regular cyber risk assessments tailored to India's threat landscape, report the risk posture to enterprise and local leadership, and implement controls to mitigate identified risks. During cybersecurity incidents, you will act as the in-country liaison, coordinating responses with the global Cyber Incident Response team and local authorities. You will also be responsible for developing and delivering localized cybersecurity training programs to enhance the resilience of individuals in India. Collaboration with global teams to customize content for Indian employees and contractors is essential. Additionally, you will provide oversight to cybersecurity staff in India, supporting the delivery of global cybersecurity services effectively and mentoring staff when needed. To qualify for this role, you should have a Bachelor's degree in Information Security, Computer Science, or a related field, or equivalent experience. A minimum of 12 years of hands-on experience directly related to threat and vulnerability management, web application security, penetration testing, or cyber threat intelligence is required. Experience in large/matrixed environments like Abbott, along with at least 3 years of experience with vulnerability scanners such as Nucleus or Qualys, is preferred. Possession of applicable cybersecurity certifications, with CISSP being preferred, is also necessary.,

The Sr Software Engineer role at Abnormal Security within the MPP organization involves being a feature lead for the Customer Journey (CJ) team. This team focuses on optimizing the customer onboarding process and enhancing the initial user experience of Abnormal's products. As a Sr Software Engineer, you will play a crucial role in building systems that streamline onboarding processes, reduce manual steps, and accelerate time-to-value for customers. Your responsibilities will include full-stack development, collaborating closely with cross-functional teams, and directly influencing customer experience outcomes. Your primary responsibilities will revolve around technical delivery and operational excellence. This includes building and iterating on product offerings, APIs, platforms, frameworks, and tools to ensure a world-class user experience. You will be accountable for designing, developing, and maintaining feature buildouts that contribute to system stability and reliability. Additionally, you will participate in code and design reviews, as well as team-wide on-call rotations, to uphold quality standards and ensure error-free code. Communication plays a vital role in your role, as you will need to effectively engage with team members, provide updates, discuss challenges, propose solutions, and collaborate with product managers, designers, and engineers. To excel in this role, you should possess at least 7+ years of industry experience as a Sr Software Engineer with a strong foundation in software engineering. Your futuristic mindset should enable you to anticipate growing system needs and make informed decisions that align with long-term goals. You should demonstrate a growth-oriented approach, seeking to increase impact, responsibility, and ownership over time. Proficiency in writing production Python code, working with Postgres databases, system design, and building resilient, scalable applications is essential. Attention to detail, code quality, testing, and performance are key attributes that you should prioritize in your work. Your ability to make practical trade-offs, propose technical solutions, write technical design documents, and lead their adoption will be highly valuable. Furthermore, familiarity with Golang, airflow orchestration, ChatGPT, Cursor, and other GenAI productivity tools are considered nice-to-have skills. Strong communication skills, mentorship capabilities, and the ability to work autonomously and asynchronously with remote collaborators and stakeholders are essential for success in this role. Your contributions to team-wide engineering practices, knowledge sharing, and professional development activities will be crucial in driving positive impact within the organization.,

As a Senior Software Security Architect at our company, you will be responsible for leading the design and implementation of robust security architectures for our AI and machine learning platforms. Your role will involve ensuring the secure design, implementation, and operation of various AI systems, including agentic AI, large language model (LLM) integrations, and machine learning pipelines, while aligning with modern DevSecOps and enterprise compliance standards. Your key responsibilities will include designing end-to-end security for AI/ML systems, conducting threat modeling and risk assessments for AI applications, establishing and enforcing AI-specific security policies, guiding engineering teams on secure development practices, ensuring data privacy and compliance with regulatory standards, evaluating and implementing security automation tools, defining observability and response strategies for incident management, and collaborating with cross-functional teams to drive secure-by-design principles across the AI ecosystem. To be successful in this role, you should have over 12 years of experience in software engineering with significant hands-on development experience, including at least 8 years of experience in software security architecture, with a focus on AI/ML platforms. You should have a deep understanding of software and cloud security principles, familiarity with AI security risks, model lifecycle management, and ML pipeline security, as well as hands-on experience with securing LLM-based applications, API endpoints, and model endpoints. Additionally, you should possess strong coding and architecture skills in languages such as Python, TypeScript, or Java, experience with secure CI/CD practices, knowledge of infrastructure-as-code and Kubernetes security best practices, excellent communication and documentation skills, and a Bachelor's or Master's degree in Computer Science, Engineering, or a related field. Preferred qualifications include certifications such as CISSP, CCSP, OSWE, or AI-specific certifications, experience with agentic AI frameworks, and prior experience implementing AI governance frameworks or responsible AI initiatives. If you are a highly experienced Senior Software Security Architect with a passion for ensuring the security of AI systems and a strong background in software engineering and security architecture, we encourage you to apply for this exciting opportunity.,

As a Global Cyber Incident Response and Recovery Analyst at SAP, you play a crucial role in protecting SAP's digital enterprise. Your responsibilities include monitoring security events, assessing severity and urgency, and determining if a cyberattack is in progress. Collaborating closely with Global Security Operations, you will help contain potential incidents, scope their impact, and assist in forensic investigations to understand the nature of the attack. In this role, you will be the first line of response for security events with a global scope. You will triage security alerts, analyze data to determine severity and priority, and take appropriate follow-up actions, including escalating to an IR Investigator when necessary. Your role involves validating potential cyberattacks, scoping suspected attacks, coordinating containment efforts, supporting forensic investigations, and providing guidance on remediation actions. We are looking for individuals who are analytical, detail-oriented, and excel in dynamic environments. You should be a fast learner who can adapt quickly to changing circumstances and focus on finding solutions. Preferred Technical Skills and Experience: - Strong analytical and critical thinking skills - Ability to adapt and respond effectively to changing situations - Experience with Enterprise Detection, SIEM, and incident response - Knowledge of cybersecurity best practices and tools - Strong communication and collaboration skills At SAP, we are committed to fostering a culture of inclusion, health, and well-being. Our diverse and talented team is dedicated to personal development and collaboration, ensuring that every challenge receives the best possible solution. We believe in unleashing the full potential of all our employees and creating a better world together. SAP is an Equal Employment Opportunity employer that provides accessibility accommodations for applicants with disabilities. If you require assistance during the application process, please reach out to our Recruiting Operations Team at Careers@sap.com. Please be aware that successful candidates may undergo a background verification process conducted by an external vendor. For further details on AI usage in our recruitment process, we encourage you to review our Guidelines for Ethical Usage of AI in the Recruiting Process. Adherence to these guidelines is crucial, as any violation may lead to disqualification from the hiring process. Requisition ID: 435081 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid,

As a Cyber Security professional, your primary responsibilities will include: Risk Management: - Identifying, assessing, and prioritizing cybersecurity risks. - Developing risk mitigation strategies and ensuring timely resolution. - Defining and monitoring Key Risk Indicators (KRIs) to assess the effectiveness of cyber security controls. Policy and Regulatory Compliance: - Developing security policies and processes in alignment with industry standards and regulatory guidelines such as ISO 27001, BCAS, Data Privacy regulations, etc. - Assisting IT and business units in implementing the defined policies and processes. Incident Response and Recovery: - Developing and managing security incident response plans. - Collaborating with the cybersecurity team to analyze and respond to security events. - Assisting in forensic investigations in case of security breaches affecting IT/OT infrastructure. Collaboration and Communication: - Working closely with IT and business teams to integrate cybersecurity measures across all functions. - Managing relationships with external vendors and cybersecurity service providers. - Providing training and guidance to employees to enhance cybersecurity awareness. Technology and Trend Monitoring: - Staying updated with emerging threats and trends in IT/OT security. - Evaluating new security technologies and recommending improvements for existing systems. Qualifications: Educational Qualification: - Degree or equivalent in IT or a similar discipline from an institute recognized by UGC/AICTE. Certifications (Preferred): - CISSP, CISA, CISM, etc. Work Experience: - 12 - 18 years of experience with a minimum of 5 years in Cyber Security.,

As an Incident Manager at Lenovo, you will play a crucial role in managing incidents and emergencies within the organization. Your primary responsibility will be to assess and prioritize incidents, communicate effectively with stakeholders, and guide response efforts to ensure business continuity and minimize the impact on operations. To succeed in this role, you must have a strong technical knowledge of information technology systems and infrastructure, as well as an understanding of risk management, mitigation, and incident response frameworks. You should also have experience in communicating with senior management and executives, and knowledge of relevant laws and regulations related to incident response and data privacy. Your duties as an Incident Manager will include overseeing the incident management process, identifying, logging, categorizing, prioritizing, and driving resolution of incidents. You will be responsible for promptly identifying the type and severity of incidents and initiating appropriate response procedures. Additionally, you must have a well-documented incident response procedure in place to ensure the right actions are taken in response to an incident. Effective communication and coordination with internal and external stakeholders are critical aspects of the role. You will need to communicate with the organization's employees, clients, vendors, and partners to provide accurate and timely updates about incidents. As an Incident Manager, you will also be responsible for assessing the situation, prioritizing actions, and ensuring that necessary resources are deployed efficiently and timely. Constant evaluation and adjustment of action plans based on severity and urgency of incidents are essential for success in this role. To excel as an Incident Manager at Lenovo, you must possess a balanced set of competencies and skills. This includes technical expertise in systems and processes, strong soft skills such as effective communication, negotiation, conflict management, and crisis management abilities. The ability to think on your feet and make sound decisions under pressure are critical skills required for this role. Ideally, you should have at least 5-6 years of experience in incident management, with a proven track record of technical proficiency, analytical thinking, and crisis management capabilities. Your role as an Incident Manager at Lenovo will be pivotal in ensuring a more inclusive, trustworthy, and smarter future for everyone, everywhere.,

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

A UEBA (User and Entity Behavior Analytics) Administrator is a cybersecurity professional responsible for deploying, configuring, maintaining, and optimizing UEBA solutions to detect and respond to anomalous user and entity behavior within an organization's network. This role is crucial in identifying insider threats, compromised accounts, and sophisticated attacks that might bypass traditional security measures. -------------------------Key ResponsibilitiesThe UEBA Administrator's responsibilities:*Deployment and Configuration:*Installing and setting up UEBA platforms and related components. *Integrating UEBA solutions with various data sources (e.g., SIEM, Active Directory, network devices, applications, cloud services, endpoint logs) to ensure comprehensive data ingestion. *Defining and configuring behavioral baselines for users and entities, utilizing machine learning algorithms.*Monitoring and Analysis:*Continuously monitoring UEBA dashboards and alerts for deviations from established baselines. *Analyzing anomalous activities to determine their risk level and potential impact. *Investigating security incidents triggered by UEBA alerts, collaborating with SOC teams and other security personnel. *Performing threat hunting activities using UEBA insights to proactively identify hidden threats.*Rule and Policy Management:*Developing, refining, and implementing correlation rules and policies within the UEBA platform to enhance threat detection accuracy. *Tuning the system to minimize false positives and ensure high-fidelity alerts. *Automating response actions where appropriate, such as locking accounts or blocking access.*System Maintenance and Optimization:*Performing regular health checks, upgrades, and patching of the UEBA infrastructure. *Optimizing the performance and efficiency of the UEBA solution. *Documenting configurations, procedures, and incident response playbooks related to UEBA.*Reporting and Compliance:*Generating reports on user and entity behavior, detected anomalies, and security posture. *Assisting with compliance requirements by providing data and insights from UEBA. * Staying updated with the latest threat landscape and UEBA capabilities.------------------- Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise ------Required Skills and Qualifications*Technical Expertise:*Strong understanding of UEBA conceptsHow machine learning and behavioral analytics are applied to security. *Proficiency with UEBA platformsExperience with leading UEBA solutions (e.g., Gurucul UEBA, Splunk UEBA, Exabeam, Fortra, Microsoft Sentinel UEBA, IBM QRadar UEBA). *Networking KnowledgeUnderstanding of network protocols, traffic analysis, and common attack vectors. *Operating SystemsFamiliarity with Windows, Linux, and other relevant operating systems. *Security Information and Event Management (SIEM)Experience with SIEM tools and their integration with UEBA. *Data AnalysisAbility to work with large datasets, perform data correlation, and extract meaningful insights. *Scripting/AutomationKnowledge of scripting languages (e.g., Python, PowerShell) for automation and data manipulation is a plus. *Cloud SecurityUnderstanding of cloud environments and their unique security challenges if applicable.*Analytical Skills: *Critical ThinkingAbility to analyze complex data and identify subtle behavioral anomalies. *Problem-SolvingAptitude for troubleshooting and resolving issues related to UEBA systems and security incidents. *Attention to DetailMeticulous approach to configuring systems and investigating alerts.*Soft Skills: *CommunicationExcellent written and verbal communication skills to articulate technical concepts and findings to both technical and non-technical stakeholders. *TeamworkAbility to collaborate effectively with SOC analysts, incident response teams, and other IT departments. *Continuous LearningEagerness to stay abreast of evolving cybersecurity threats and technologies.*Qualifications:*Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Preferred technical and professional experience 3-5 yrs exp in managing Gurucul UEBA Platform Administration & Ops Relevant industry certifications (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), GSEC, vendor-specific UEBA certifications) are highly advantageous. Proven experience in a security operations center (SOC) or a similar cybersecurity role.

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities. Hands on experience in Secure SDLC, DAST, SAST etc Provide strategic advice and insights to clients based on deep domain knowledge and industry best practices. Identify potential risks and develop mitigation strategies to ensure project success and client satisfaction. Lead and coordinate incident response activities, including investigation, containment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE/Btech/MCA/M.Tech. 3-4yrs hands on experience. Preferred technical and professional experience CEH Certificate mandatory

* Lead Incident Response (IR): * Act as the Subject matter expert for security incidents. * Analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts. * Provide leadership during incident investigations, ensuring rapid and thorough handling. * SOC Automation & Integration: * Leverage Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities. * Design, implement, and maintain playbooks within XSOAR to address emerging security threats. * Threat Hunting & Monitoring: * Proactively perform threat hunting activities to detect advanced threats that may bypass existing security solutions. * Leverage both internal and external threat intelligence to identify and mitigate potential security risks. * OSINT Utilization: * Utilize Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information for early identification of threats. * Collaboration & Communication: * Collaborate with other teams (IT, legal, risk) to align incident response strategies. * Clearly communicate complex security issues to both technical and non-technical stakeholders through reports and presentations. * Provide security awareness training and mentoring to SOC analysts and other team members. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 6+ years of experience in IT security with SOC Operations * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting * Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc * Expertise in Python scripting and Palo-alto XSOAR

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with regulatory compliance frameworks relevant to cloud security.- Ability to analyze security logs and events for potential threats. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education