1467 Incident Response Jobs - Page 43

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules-Work on RFPs and estimations related to SOC solutions-Good knowledge on popular EDR tools such as CrowdStrike and Microsoft Defender Professional & Technical Skills: -Experience working in SOC/SIEM-Incident handling, use case management development, risk assessment, playbook recommendation, fine-tuning -7+ years SIEM/SOC operations experience for very large enterprises-Act as a single POC for any major security incident-Knowledge on MITRE/CKC framework implementation-Security Analytical skills-Should have excellent customer handling skills-Basic understanding of Incident Response and other security technologies -User behavior/Malware Analysis, Knowledge on ServiceNow and Splunk Admin Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data.Key Responsibilities:- Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.- Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.- Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.- Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.- Participate in security assessments, rule base cleanups, and change management processes.- Assist in the development of network security policies and procedures.- Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.- Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with network security protocols and practices.- Strong understanding of threat intelligence and incident response.- Familiarity with compliance frameworks such as ISO 27001 and NIST.- Experience in conducting vulnerability assessments and penetration testing. Additional Information:- The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

JD: 1) 5+ yearsof experience in building and operating highly reliable SaaS/PaaS systems. 2) Experience with Kong API management platformand open-source technologies. 3) Strong understandingof cloud infrastructure, networking, and distributed systems. 4)Proficiency in scripting and automation languages(e.g., Python, Go). 5)Excellent communication and collaboration skills . 6) Experience with incident response and root cause analysis .

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a detail-oriented and proactive Application Security Analyst to join our security team. The ideal candidate will have hands-on experience with Black Duck software composition analysis and a strong background in conducting thorough source code reviews to identify and mitigate security vulnerabilities. This role involves collaborating closely with development teams to ensure secure coding practices and maintaining the security posture of applications throughout the SDLC.Key Responsibilities:- Perform security assessments and vulnerability analysis of applications using Black Duck to identify open-source component risks and compliance issues.- Conduct in-depth source code reviews to detect security flaws, including injection attacks, authentication weaknesses, insecure data handling, and other common vulnerabilities.- Collaborate with developers, DevOps, and QA teams to remediate identified security vulnerabilities and integrate security controls into development processes.- Develop and enforce security policies and best practices for secure coding and application security.- Support threat modeling, risk assessments, and security testing activities throughout the software development lifecycle (SDLC).- Stay updated with the latest application security trends, vulnerabilities, tools, and mitigation techniques.- Provide security training and awareness sessions for development teams.- Create clear and concise documentation on findings, recommendations, and remediation strategies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Knowledge of risk assessment methodologies and security compliance requirements.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 2 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls and Palo Alto Prisma Access.- Excellent knowledge on Palo Alto firewall, content update, wild fire , URL filtering, NAT.- Hands on Experience on Prisma, Prisma Gateway, security policy, dns security, decryption ,file block and Tunnel Management, Good Troubleshooting skill on Firewall issue, Global Protect, application slowness issue.- Understanding of Threat protection, EDL, SSL Inspection ,VPN technology.- Strong understanding of network security protocols and best practices.- Experience with security incident response and threat analysis.- Familiarity with compliance standards and regulatory requirements in security.- Ability to design and implement security architectures tailored to organizational needs. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with regulatory compliance frameworks relevant to cloud security.- Ability to analyze security logs and events for potential threats. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented Proofpoint Email Security and DLP Administrator to manage, maintain, and optimize our organization's email security infrastructure. This role will focus on administering Proofpoints security and DLP solutions to ensure strong email protection, policy enforcement, and data loss prevention. Roles & Responsibilities:-Administer and manage Proofpoint Email Protection platform including policy configuration, spam/quarantine management, and advanced threat protection (e.g., TAP, TRAP).-Configure and maintain Proofpoint DLP policies to detect and prevent unauthorized transmission of sensitive data.-Monitor and analyze email traffic for threats such as phishing, spoofing, malware, and ransomware.-Respond to security alerts and conduct incident investigations involving email-based threats and data exfiltration attempts.-Implement email filtering rules, quarantine settings, and encryption policies based on compliance and business requirements.-Regularly review and optimize security policies and rulesets to ensure alignment with organizational risk and compliance frameworks.-Collaborate with the IT security team to identify and mitigate vulnerabilities and emerging email-based threats.-Generate reports and dashboards on email security events, DLP violations, and compliance metrics.-Assist in integrating Proofpoint with SIEM and other threat intelligence platforms.-Perform user training and awareness for phishing and DLP-related topics.-Ensure proper backup and redundancy configurations are in place for email protection systems. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards such as ISO 27001, NIST, or GDPR.- Knowledge of risk assessment methodologies and security architecture design.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 5 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare, and similar WAF/CDN platforms, along with a strong grasp of application layer (Layer 7) attacks, web security vulnerabilities, and real-world mitigation strategies Roles & Responsibilities:-WAF Policy Management:Administer Web Application Firewall (WAF) rule sets and policies using industry-leading platforms such as Akamai -Kona Site Defender, Cloudflare WAF, AWS WAF, or similar solutions.-Application Layer Defense:Analyze, detect, and defend against a wide range of OWASP Top 10 and other Layer 7 threats, including:-SQL Injection (SQLi)-Cross-Site Scripting (XSS)-Remote Code Execution (RCE)-Cross-Site Request Forgery (CSRF)-HTTP protocol abuse-Malicious bot traffic and API abuse-Firewall & Network Security:Deploy and manage network firewalls and integrate them with other security technologies including Intrusion-Detection/Prevention Systems (IDS/IPS) and DDoS mitigation tools. Professional & Technical Skills: -Bot Protection Expertise:Strong understanding of automated bot attacks, with hands-on experience in detection and defense strategies using behavioral analytics, CAPTCHA, rate limiting, and JavaScript challenges.-Threat Monitoring & Incident Response:Proactively monitor and respond to threats across both application and network layers, leveraging SIEM tools and real-time alerting systems.-Cross-Functional Collaboration:Work in close partnership with DevOps, development, and security teams to enforce secure deployment practices and ensure robust application configurations.-WAF Tuning & Optimization:Perform continual WAF tuning, including signature refinement and custom rule development, to ensure an optimal balance between security coverage and application functionality.-Threat Intelligence & Research:Stay current on emerging application-layer attack vectors, tools, and adversary tactics to inform proactive defense measures.-Incident Handling:Participate in incident response, including threat hunting, forensic analysis, and contributing to post-mortem investigations to enhance organizational resilience. Additional Information:- The candidate should have minimum 7.5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations, Microsoft Active Directory Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Analyze and assess security risks associated with cloud operations and recommend appropriate mitigation strategies.- Develop and maintain comprehensive documentation of security policies, procedures, and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity and Access Management (IAM) Operations, Microsoft Active Directory.- Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration tools.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of security incident response and management processes. Additional Information:- The candidate should have minimum 3 years of experience in Identity and Access Management (IAM) Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. You will be responsible for overseeing the security aspects of cloud infrastructure. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security strategies for cloud environments.- Conduct security assessments and audits to identify vulnerabilities.- Stay updated on the latest security trends and technologies.- Lead security incident response and resolution efforts. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of security compliance standards and regulations.- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with Identity and Access Management solutions. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Urgent Opening for Security Analyst - Hyderabad Posted On 20th Dec 2016 11:18 AM Location Hyderabad Role / Position Security Analyst Experience (required) 3+ Description Our Client is a leading IT company Title :Security Analyst Location : Hyderabad Department Operations Overview: The Security Analyst will take ownership of existing Operations controls from Security Engineers, and then improve those controls. : Develop and execute the Security Operations function Identify systems and scan for network vulnerabilities. Partner with TechOps and others to ensure the vulnerabilities discovered are closed in a timely manner Assess vendors for information security risk and recommend whether or leadership should accept the risk Report metrics and escalate issues with management as appropriate Monitor security logs to detect intrusions Coordinate incident response With guidance from the Lead Security Engineer, assess new releases of the product for security issues and approve the release on behalf of Security Monitor Security controls to discover deviations. Follow up to resolve deviations Review and approve network firewall rule requests : 3+ years of Information Security experience 1 year of experience with network, server, or application administration Basic knowledge of programming and scripting languages as well as HTML Thorough and detail-oriented Available to meet with US colleagues during US Central Time hours every working night and sometimes during US Pacific Time hours Excellent communication and interpersonal skills Self-starter eager to take on new challenges at a growing, cloud-based company Preferred: Security certification (e.g. CISSP, OSCP, CEH) Experience with any SIEM tool in SOC environment (ArcSight, Splunk, RSA enVision,etc.) Experience with application security methodologies such as OWASP Experience responding to external audits Send Resumes to girish.expertiz@gmail.com -->Upload Resume

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development and documentation of security policies and procedures.- Evaluate and recommend security technologies and tools to enhance the security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Operations.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust and secure cloud environment that supports business operations effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Monitor and evaluate the effectiveness of implemented security measures, making adjustments as necessary. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks and compliance standards.- Ability to analyze and mitigate security risks in cloud environments.- Familiarity with incident response and disaster recovery planning. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We are looking for a skilled professional with 6-9 years of experience to join our team as an SIEM specialist. The ideal candidate will have a strong background in security information and event management. Roles and Responsibility Design, implement, and manage SIEM systems to ensure the security and integrity of our organization's data. Develop and maintain dashboards and reports to provide insights into security threats and trends. Collaborate with cross-functional teams to identify and mitigate potential security risks. Conduct regular vulnerability assessments and penetration testing to identify weaknesses. Analyze log files and system logs to detect anomalies and suspicious activity. Develop and enforce security policies and procedures to ensure compliance with industry standards. Job Requirements Strong understanding of security principles and technologies such as firewalls, intrusion detection systems, and encryption. Experience with SIEM tools such as Splunk, LogRhythm, or QRadar. Excellent analytical and problem-solving skills with attention to detail. Ability to work effectively in a fast-paced environment and meet deadlines. Strong communication and collaboration skills to work with technical and non-technical stakeholders. Familiarity with industry standards and regulations related to security such as HIPAA, PCI-DSS, or NIST.

Immediate Job Openings on Security Analyst _ Gurgaon_ Contract Experience 4+ Years Skills Security Analyst Location Gurgaon Notice Period Immediate . Employment Type Contract Work Mode WFO 1. 4 to 8 years of exp in Security Analyst. 2. 2 to 3 Years of exp in Fine-tune SIEM rules to reduce false positive and remove false negatives. 3. Good exp in SOC (Security Operation Center)

Greetings from IDESLABS PVT LTD !!! Working Mode Hybrid Payroll: IDESLABS Location Pan India PF Detection is mandatory : Primary Skills Expertise in conducting and managing Security baseline scans, including familiarity with tools like Rapid7Nessus/Qualys etc. Strong knowledge of SBC processes and standards such as CIS benchmarks. Experience in reviewing and interpreting SBC results and providing actionable recommendations for Windows or Unix/Linux environments. In-depth knowledge of security configurations, hardening techniques for Windows or Unix/Linux environments. Ability to understand and assess group policies, permissions, patches, and security settings for windows or Unix/Linux platforms. Proficiency in performing risk assessments and understanding the criticality of identified vulnerabilities. Ability to work and collaborate with technical teams to prioritize remediation based on business risk, asset criticality, and exposure to ensure vulnerabilities/SBC controls are remediated promptly and in line with organizational security policies. Strong ability to present scan findings and SBC review results clearly to technical and non-technical stakeholders.Secondary Skills Familiarity with key industry compliance frameworks (e.g., ISO 27001, PCI DSS, HIPAA) and how security baselines relate to compliance requirements. Experience in reviewing and coordinating patch management processes, ensuring that patches are applied in a timely manner while minimizing business disruption. Understanding of the relationship between vulnerabilities and potential incidents, with knowledge of how to collaborate with incident response teams to mitigate threats. Familiarity with network security concepts (e.g., firewalls, IDS/IPS, network segmentation) and how these relate to system vulnerabilities. Understanding of cloud and hybrid environments, and how baseline compliance scans are performed in cloud infrastructures like AWS, Azure etc. Familiarity with ticketing systems (e.g., Jira, ServiceNow) to streamline remediation workflows. Kindly Acknowledge back to this mail with updated Resume.

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

Responsible for monitoring and responding to security incidents within the SOC. Duties include analyzing security events, identifying vulnerabilities, and managing incidents using SIEM tools. The analyst must be adept at threat detection, incident response, and ensuring network security by implementing proactive measures to prevent data breaches.

Oversees IT incident response processes, ensuring timely resolution of critical system issues and minimizing downtime.

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.

Implement and manage cybersecurity measures to protect enterprise systems from external and internal threats. You will monitor, identify, and respond to security incidents. Expertise in network security, threat detection, and incident response is required.