1467 Incident Response Jobs - Page 41

About Qylis Qylis is a leading provider of innovative cybersecurity solutions. We are committed to empowering organizations to safeguard their digital assets, mitigate cyber threats, and optimize their operations. Job Description As the Cybersecurity Department Head, you will play a pivotal role in driving the growth and success of our cybersecurity practice. You will be responsible for overseeing a wide range of services, including Security Operations Center (SOC), Managed Detection and Response (MDR), Extended Detection and Response (XDR), Vulnerability Assessment and Penetration Testing (VAPT), Digital Forensics, Pre-sales, Client Management, and Cyber Forensics. Key Responsibilities: • Strategic Leadership: Develop and execute a comprehensive cybersecurity strategy aligned with Qylis' overall business objectives. Identify emerging trends and technologies in cybersecurity to drive innovation and competitive advantage. Foster strong relationships with key stakeholders, including clients, partners, and industry experts. Practice Development: Build and scale high-performing cybersecurity teams through effective recruitment, training, and development. Ensure the cybersecurity team delivers high-quality services across SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). Sales and Business Development: Lead pre-sales activities, including solution demonstrations, proposals, and RFP responses, for cybersecurity services. Identify and pursue new business opportunities, leveraging your deep understanding of the cybersecurity market. Collaborate with the sales team to drive revenue growth and achieve sales targets. Customer Success: Ensure high levels of customer satisfaction through exceptional service delivery and proactive support for cybersecurity services. Manage client relationships, address concerns, and identify upsell and cross-sell opportunities. Conduct regular business reviews with key clients to assess performance and identify areas for improvement. Technical Expertise: Possess a deep understanding of cybersecurity principles, technologies, and industry best practices. Stay up to date with the latest threats, vulnerabilities, and mitigation techniques in the cybersecurity domain. Provide technical guidance to the team and contribute to the development of innovative security solutions. Qualifications and Experience: • Proven track record in leading and growing successful cybersecurity practices. • Extensive experience in SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). • Strong technical expertise in cybersecurity technologies and frameworks. • Experience in managing client relationships and delivering pre-sales solutions. • Excellent communication, presentation, and interpersonal skills. • Strong leadership and team management skills. • A passion for cybersecurity and a commitment to delivering exceptional results. • Advanced certifications (e.g., CISSP, CISM, CISA) are highly valued.

Implement, monitor, and enhance IT security infrastructure; manage SIEM, endpoint protection, vulnerability scanning, and incident response within IT environments. Required Candidate profile Experienced IT security professionals with strong knowledge of enterprise cybersecurity tools, SIEM, firewalls, and security standards like NIST, ISO 27001.

Role & responsibilities Content Specialist, along with Assessment Process Specialist, is expected to prepare incident documents. Forecasting Less focus on data analysis; more on coordination, collating program components from various teams. Project & Workflow Management (with Tools) Streamline and monitor operational workflows for efficiency. Plan and track development activities and deliverables. Use tools like Power BI, Smartsheet, Microsoft Project, and Jira for scheduling, reporting, and issue tracking. Align project timelines with master schedules and update key stakeholders. Lead or participate in team meetings to communicate progress and resolve issues. • Meeting & Committee Coordination Plan and schedule committee meetings and facilitator training. Coordinate preparation and shipping of meeting materials. • Stakeholder Communication & Liaison Liaise with ETS staff, vendors, clients, and internal teams. Serve as a contact for business units, professional services, and operations. May support clients and candidates with program guidance and representation. • Schedule & Budget Tracking Prepare and monitor project timelines and deliverables (e.g., recordings, test forms, exports). Support budget development (cost and staffing estimates). Track project expenses and revise monthly forecasts. • Documentation & Quality Management Support documentation and tracking in the Quality Management System. Assist with test-related materials (reports, proposals, surveys). Oversee copyright activities for assigned groups. Preferred candidate profile Strong communication skills are essential. Assessment Process Specialist, along with Content Specialist, is expected to prepare incident documents. Academia or EdTech background is preferred. Power BI preferred (though not mandatory). Forecasting Less focus on data analysis; more on coordination, collating program components from various teams.

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : GSOC SIEM Splunk Incident Response Interested candidates for above position kindly share your CVs on chitralekha.so@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Dear Candidate, Seeking a Security Automation Engineer to automate detection and remediation of threats. Key Responsibilities: Build SOAR workflows and automated playbooks. Monitor logs and alerts using SIEM tools. Respond to security incidents and conduct root cause analysis. Required Skills & Qualifications: Experience with tools like Splunk, XSOAR, Sentinel. Scripting in Python or Bash. Familiar with SOC and threat intel operations. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Novo Nordisk Global Business Services ( GBS) India DepartmentGlobal Information Security Advisory Are you passionate about IT security and eager to make a difference in safeguarding critical sys-temsDo you thrive in a global, collaborative environment where your exper-tise can help protect a leading healthcare organisationIf so, we invite you to join us as a Security Operations Analyst at Novo Nordisk. Read on and apply today for a life-changing career! About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets. The position As a Cybersecurity Analyst I, you will play a pivotal role in enhancing and maintaining the IT security posture at Novo Nordisk. Your responsibilities will include: Effectively monitor and manage IT security incidents by analyzing logs, identifying vulnerabilities, managing unauthorized user activity, and handling security notifications from users and regional teams to ensure timely resolution and ad-herence to SLAs. Analyzing and responding to suspicious and malicious emails received through the Phish alarm solution. Provide support to the Vulnerability Management Office (VMO) in the Critical Vul-nerability Response (CVR) process while collaborating with the GSO Data Analyt-ics team to en-hance the SIEM system's accuracy by reducing false positives, demonstrating strong analytical skills and a commitment to cybersecurity excel-lence Managing the Global Intrusion Defense (GID) system, ensuring services like log collection, intrusion detection, and vulnerability assessment are operational. Actively participates in incident response drills and the Major IT Security Incident Response Process (MSIRP), while engaging stakeholders to communicate risks, facilitate vulnera-bility remediation, and support global security initiatives. Qualifications Bachelor of Engineering with relevant IT experience and business experience. Overall 5+ years of core IT security experience with at least 3+ years in relevant security tool. Demonstrated proficiency in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms, coupled with expertise in Windows Operating Systems and enterprise network security. Solid knowledge of Security Operations Center (SOC) operations with Standard Operating Procedure (SOP). Familiarity with forensics, Email Analysis and Cloud. Coordinate with internal teams and external stakeholders to manage the incident response process and collaborate cross-functionally to ensure adherence to secu-rity policies and procedures. Respond to and investigate security incidents such as data breaches, malware in-fections, and unauthorized access attempts while analyzing incidents to deter-mine root cause, scope, and impact. Develop and implement comprehensive incident response plans and procedures for timely and effective responses to security incidents. Security certifications like CEH etc (Good to have). About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets.

We are looking for a skilled Team Manager - IT Security with 5-8 years of experience to lead our team in Chennai. The ideal candidate will have a strong background in IT security and management.Roles and Responsibility Manage and oversee the implementation of IT security measures to ensure data integrity and confidentiality. Develop and implement incident response plans to mitigate potential security threats. Conduct regular security audits and risk assessments to identify vulnerabilities. Collaborate with cross-functional teams to ensure compliance with security policies and procedures. Provide training and guidance on security best practices to employees. Monitor and analyze security event logs to detect potential security incidents. Job Strong knowledge of IT security principles, including threat analysis and mitigation strategies. Experience with security information and event management (SIEM) systems. Excellent leadership and communication skills, with the ability to motivate and guide team members. Strong problem-solving skills, with the ability to analyze complex security issues. Ability to work in a fast-paced environment and adapt to changing priorities. Familiarity with industry standards and regulations related to IT security, such as HIPAA or PCI-DSS. Omega Healthcare Management Services Private Limited is a leading provider of healthcare management services, committed to delivering high-quality patient care and innovative solutions. We leverage technology and expertise in CRM/IT enabled services/BPO to drive business growth and improvement.

Lead Security Operations Engineer is a technical subject matter expert responsible for executing key functions of CDKs Security Monitoring and Response strategy with an automation first mindset. This individual plays a key technical role in our Security Operations organization and enables effective incident response via automated workflows and efficient threat detection content. Key Responsibilities : 1. Technical Leadership: Exemplify security principles and culture Develop, implement, and tune automation playbooks that enable incident response Effectively partner across security, technology, and business teams Provide technical leadership to the security operations team Develop effective metrics and use them to drive meaningful improvements 2. Automated Detection & Response Work with security operations team members to identify response actions which can be automated to drive efficiency throughout response Build automation workflows to contribute to auditable and efficient incident response Drive continuous improvement in CDKs detection capability using automation, threat and anomaly detection, coverage assurance, and external threat intelligence Build threat detection queries based on attacker techniques and threat intelligence Support and tune threat detection content and automation workflows based on metrics and security operations feedback 3. Incident Response: Develop incident response playbooks and drive response playbook automation, regularly test playbook effectiveness and drive improvement Lead response to medium or higher criticality impact security incidents in accordance with the incident response plan, and effectively coordinate with internal and external parties Effectively triage and identify root cause of security alerts and incidents Serve as a technical leader for significant security incidents Assure 24x7x365 incident response coverage and escalation processes Regularly update the list of likely security incident scenarios using external threat intelligence, collaboration with internal technology teams, and other data sources 4. Security Posture Improvement Use offensive security techniques and exercises to identify detection and response gaps and drive remediation Regularly practice incident response plans and procedures in collaboration with internal and external stakeholders Required Qualifications: Education: Bachelors degree in computer science, information security, or an equivalent experience Experience: Minimum of 6 years in cybersecurity, with at least 3 years in a developer role Expert technical expertise in python, javascript, and powershell Experience building SOAR workflows Experience building and tuning threat detection content Experience leading the response to enterprise security alerts and incidents Strong background in security monitoring, automation, and incident response, preferably in a complex SaaS environment Experience with SIEM tools, process automation, cloud environment monitoring, IDS/IPS, firewalls, EDR solutions, MDR/MSSP providers

Hi All, Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed product based MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : GSOC SIEM Splunk Incident Response Vulnerability management Note : Candidate should be fine wit rotational shift

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : GSOC SIEM Splunk Incident Response Interested candidates for above position kindly share your CVs on chitralekha.so@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Required Skills Siem,Splunk,Troubleshooting

EDR Analyst -Endpoint Security (L1 or L2 Support) for Reputed MNC Position: EDR Analyst -Endpoint Security (L1 OR L2 Support) Position Type: Full Time- Permanent Experience: 3 to 5 yrs Job Locations: South India Mode: Office Notice Period: Immediate to 15 days Note: We expect your cooperation to attend online/F2F interviews (if any) whenever the interviews scheduled. Must-Have Skills: Minimum 3 years of experience in EDR (Endpoint security) Minimum experience of 3 years as L1 level or L2 Level Only need L1 level or L2 Level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

EDR Analyst -Endpoint Security (L1 or L2 Support) for Reputed MNC Position: EDR Analyst -Endpoint Security (L1 OR L2 Support) Position Type: Full Time- Permanent Experience: 3 to 5 yrs Job Location: Gujrath, Delhi, NCR Mode: Office Notice Period: Immediate to 15 days Note: We expect your cooperation to attend online/F2F interviews (if any) whenever the interviews scheduled. Must-Have Skills: Minimum 3 years of experience in EDR (Endpoint security) Minimum experience of 3 years as L1 level or L2 Level Only need L1 level or L2 Level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

EDR Analyst -Endpoint Security (L1 or L2 Support) for Reputed MNC Position: EDR Analyst -Endpoint Security (L1 OR L2 Support) Position Type: Full Time- Permanent Experience: 3 to 5 yrs Job Location: Mumbai,Bhopal, Pune Mode: Office Notice Period: Immediate to 15 days Note: We expect your cooperation to attend online/F2F interviews (if any) whenever the interviews scheduled. Must-Have Skills: Minimum 3 years of experience in EDR (Endpoint security) Minimum experience of 3 years as L1 level or L2 Level Only need L1 level or L2 Level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat management.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to analyze security logs and identify potential threats. Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure SentinelMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Implement security measures to protect systems, networks, and data.- Conduct security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures.- Stay updated on the latest security trends and technologies.- Collaborate with cross-functional teams to enhance security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Good To Have Skills: Experience with Microsoft Azure Sentinel.- Strong understanding of security principles and practices.- Knowledge of threat intelligence and incident response.- Experience in security monitoring and analysis. Additional Information:- The candidate should have a minimum of 3 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full-time education is required. Qualification 15 years full time education

For IR L2-Position: 5Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), T Location: Pune Roles and Responsibilities For Soc/IR L2-Role: 5Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7) Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight, 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Network monitoring Tool (Cisco Nbad) 9.Use case Creation Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedure Please share your profile to anwar.shaik@locuz.com

Must-Have Skills: Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities: Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Required Skills L3 SOC Analyst, Qradar OR Sentinel OR Splunk or Google Chronicle) - Any 2 of the SIEM tools required EDR tools (Crowdstrike OR Defender OR SentinelOne) - Any 2 of the EDR tools required

Location: Bangalore Department: InfoSec About Zybisys: At ZyBiSys , our success is driven by innovation and technical excellence. We deliver top-tier IT solutions and services, ensuring seamless connectivity and efficient infrastructure management for our clients. Additionally, we specialize in managing cybersecurity , information security , and compliance to safeguard our customers' digital environments. As we continue to grow, we are seeking skilled professionals to join our SOC Team . If you are passionate about information technology and eager to make a difference, we invite you to be part of our journey! Role Overview: A SOC-Analyst is the first line of defence in a Security Operations Center, responsible for monitoring, detecting, and responding to security incidents in real-time. Key Responsibilities: Monitoring & Alerting Use SIEM and EDR tools to continuously monitor system alerts and network traffic. Identify suspicious activities and indicators of compromise (IoCs). Incident Handling Perform initial triage of alerts and determine severity levels. Escalate incidents with clear documentation and context. Threat Investigation Investigate alerts for root causes and determine actionable steps. Analyze phishing attempts, flagged URLs, and suspicious file attachments. Documentation & Reporting Maintain detailed incident logs and generate regular security activity reports. Assist in creating playbooks and refining response workflows. Collaboration Work with IT teams to remediate vulnerabilities and support compliance audits. Participate in war-room discussions during critical incidents. Analytical Thinking Root cause analysis for distinguishing false positives from genuine threats. Ability to correlate data from diverse sources to identify complex attack vectors. Threat Intelligence Integration Leverage threat intelligence feeds to compare alerts with known signatures. Identify emerging threats and communicate insights to senior analysts. Technical Expertise Hands-on experience with SIEM platforms (e.g., Splunk, QRadar) and EDR tools (e.g., CrowdStrike, Carbon Black). Basic scripting knowledge for automating repetitive SOC tasks. Adaptability & Learning Stay updated on the latest cyber threats, tools, and techniques. Contribute to continuous improvement of SOC processes and detection capabilities. Interpersonal Skills Strong communication skills for effective coordination with cross-functional teams. Mentorship of junior team members to foster team growth and resilience. Qualifications: Education: - Tech degree or equivalent (B. Tech/MCA/BCA/M.Tech)] Required Key Skills Key Tools & Hands-on Experience Technical Proficiency Familiarity with SIEM platforms (Splunk, Azure Sentinel) and EDR tools (Microsoft Defender, Sentinel One). Basic understanding of IDS/IPS, vulnerability scanning tools (Nessus, Qualys), and packet analysis tools (Wireshark). Firewalls and Network Security Solid understanding of TCP/IP, DNS, DHCP, ARP, HTTP/HTTPS, and other protocols. Knowledge of packet capture and analysis tools like Wireshark or tcpdump. Operating Systems Windows: Event logs, registry analysis, PowerShell basics. Linux/Unix: Command-line utilities, syslogs, and basic shell scripting.( Bash , Python, etc ) Active Directory (AD) Vulnerability Management Basic understanding of vulnerability scanning tools like Nessus, Qualys, or OpenVAS. Knowledge of collecting and analyzing evidence (e.g., memory dumps, disk images). Certification: - Mandatory: Certified Ethical Hacker (CEH) Preferred: CompTIA Security+, Certified SOC Analyst (CSA), or GSEC. Communication Skills: Strong communication and documentation skills, with the ability to work collaboratively with other teams. Problem-Solving Ability Strong analytical and troubleshooting skills to address complex security incidents effectively. Shift Flexibility:- Willingness to work in shifts, including weekends and off-hours if required. __________________________________________________________________________________ To Apply: Are you an experienced IT professional with a passion for tackling complex challenges and enhancing information security and cybersecurity? If you're driven to make a meaningful impact, we want to hear from you! Submit your resume and a cover letter showcasing your relevant experience and why you're the ideal candidate for the SOC-Analyst role at ZyBiSys . We look forward to welcoming you to our team!

Technical Skills & Competencies: Cyber Security: 8-10+ years of hands-on experience in cybersecurity and incident response. Proficient in: Risk Assessment & Penetration Testing IDS/IPS SIEM platforms Endpoint Protection Incident Management Tools Strong understanding of malware, spyware, ransomware, and advanced persistent threats. Familiarity with operating systems: Linux, Windows, macOS. Knowledge of infrastructure environments such as VMware, Windows domains, Kubernetes, AWS, and Azure. Splunk: 5+ years of Splunk administration experience. Expertise in: Splunk Universal & Heavy Forwarders Add-ons and app management Log parsing and ingestion Data source onboarding Custom SPL query development Scripting knowledge: Python, Shell, or PowerShell (basic level). Familiar with data formats like JSON, XML, and CSV. Understanding of TCP/IP, firewalls, and syslog protocols.

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Associate Director - Cyber Security Risk Vulnerability Scoring What can you expect To oversee and manage the Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. Leadership and Collaboration 1. Cross Functional CollaborationSupport and collaborate with development, business CISOs, operations, and cloud teams across the enterprise to ensure effective vulnerability management practices. 2. Support VMED with various project-based initiatives (creation of KPIs, onboarding of new tools, etc.).3. Drive ongoing assessments of RAVS programs effectiveness, identify areas for tuning, optimization, or automation. 4. Collaborate with governance, risk, and compliance teams to align scoring outcomes with organizational risk thresholds and reporting needs.5. Lead training and onboarding of cross-functional stakeholders who interact with RAVS platform and outputs.6. Partner with Security Operations and other Detection & Response Teams (DART) to embed RAVS data into incident response and remediation workflows.7. Support audit and regulatory readiness activities by ensuring RAVS processes and records meet enterprise and compliance standards. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 10+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields, with at least 3 years experience in a senior technical role. Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Attachments Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.