2693 Information Security Jobs - Page 42

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure Cloud Workload Security.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure Cloud Workload Security.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure Cloud Workload Security.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure Cloud Workload Security.

Under the direction of the Security Administration Manager, the Security Administration Engineer will manage and administer security technologies and provide security management services, requirements, direction, and support. The Security Administration Engineer is responsible for the quality control within the Security infrastructure and tools. This includes building and defending scalable, secure, and robust systems; defining security requirements for operational systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect networks. This role will be responsible for execution of the vulnerability management program and assist the Security Administration Manager with improving processes and reducing the time remediate vulnerabilities. This leader must be current and keep current with changing technology, industry best practices, and standard security frameworks. Assign remediation tasks and assist application owners and remediation teams by providing vulnerability analysis and remediation prioritization. Maintain the vulnerability scanning infrastructure, scan schedules, and risk scoring adjustments Participates in direct support of security systems and tools, including installation, configuration, security, and maintenance. Implements upgrades, enhancements, and fixes following established change management procedures. Maintains security tool disaster recovery and DEV/Test environments. Execute and improve vulnerability management processes (vulnerability scanning, remediation, exceptions, etc.) and maintain process documentation. Participates as a technical lead in the execution of the security program roadmap across the enterprise by providing expert guidance and solutions engineering services as part of initiatives and day-to-day operations. Stays current with emerging identity technologies, solutions and best practices. Advises Security Administration Manager on related risk and security posture. Performs troubleshooting and remediation of security tool issues. Participates in scheduled and unscheduled after-hours system maintenance and support. Performs rotational on-call duty. Provides implementation assistance for onboarding new security tools and processes. Updates team training documentation, technical processes, and testing plans. Education/Certifications Preferred: CompTIA Security+ Technical/Soft skills Required: Thorough understanding of vulnerability management concepts and processes. Demonstratesstrongproblemsolving,analytical,interpersonalandownershipskills. Proficiency with cloud, hybrid cloud, and on-prem Security Administration models. Thoroughunderstandingofsecurityprotocols/methodologiesandcontrols. Preferred: Knowledge of all aspects of the software development lifecycle Knowledge of web development technologies EXPERIENCE Preferred: Microsoft Defender - Endpoint Vulnerability Management Delinea Privilege Manager 2+years of experience in an information securityrole LEADERSHIP SKILLS Required: Strong leadership skills and the ability to work effectively with business managers, Enterprise Architecture, IT engineering and IT operations staff. Ability to break down technically complex and ambiguous concepts and rationalize into simple concepts and ideas. Ability to understand and articulate business imperatives as well as the business impact of security tools, technologies and policies. Ability to mentor and provide coaching to team members.

Key Responsibilities: Assist in developing, implementing, and maintaining information security policies, standards, and procedures in line with industry best practices and regulatory requirements. Conduct regular risk assessments and vulnerability scans to identify potential security risks and recommend appropriate mitigation strategies. Monitor security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) tools to detect and respond to security incidents. Support incident response activities by investigating security breaches and coordinating with relevant teams to remediate vulnerabilities. Conduct security awareness training and promote best practices across the organization to foster a security-conscious culture. Collaborate with IT and business teams to ensure security controls are integrated into system development and operational processes. Maintain documentation related to security policies, incident reports, and audit trails. Assist in internal and external security audits and compliance assessments (e.g., ISO 27001, GDPR, HIPAA). Stay updated with the latest cybersecurity trends, threats, and technologies to proactively enhance security measures.

About Organization: Larsen & Toubro Ltd, commonly known as L&T, is an Indian multinational conglomerate company, with business interests in engineering, construction, manufacturing, technology, information technology and financial services, headquartered in Mumbai. The company is counted among world's top five construction companies. The L&T Group comprises of 93 subsidiaries, 5 associate companies, 27 joint ventures and 35 jointly held operations, operating across basic and heavy engineering, construction, realty, manufacturing of capital goods, information technology, and financial services. Specialties: Aerospace, Infrastructure, Shipbuilding, Construction, Defense, Finance, Forging, Hydrocarbon, Information Technology & Engineering Services, Construction Equipment, Railways, Boilers, Process Plant, Turbines, Power, Renewable Energy, Manufacturing, and Green Hydrogen. Job Title: Assistant Manager/Manager - Technology support & excellence Job Location: Powai, Mumbai Working Model: Work from office Operating Model: 6 days (2nd and 4th Saturdays Off) EDUCATIONAL QUALIFICATIONS: B.Tech/B.E./MCA/M.Sc. In Cyber Security Specialization EXPERIENCE: Min 4-6 years in Information Security Job Profile: Should have handled latest security tools, technologies (EDR, PIM, WAF, SASE, Proxy etc) & maintained compliance to standards (e.g. ISO27001:2022) Remediate cyber security incidents as per agreed service levels with Central Cyber Security operation Center As SME of security technology, evaluate & deploy security technologies Establish vendor selection criteria (RFP, Evaluation, Short listing, Selection) Ensure implementation of security tools & technologies as per project plans Managing & ensuring service delivery of partners with agreed SLA & payments as per schedule Conducting security awareness trainings for stakeholders in respective areas Run technology excellence program (CoE) with KPIs in line with industry standards Adherence to Budgets (Capex, Opex)

We are seeking a highly skilled Security Administrator with 10+ years of experience in data, system, and application security, specifically within the banking domain. In-depth knowledge of security tools, SIEMs, firewalls, IDS/IPS,secure application

Responsibilities 1. Candidate should have experience in a. Network security b. Analyze and recommend solutions for client-based networking security measures. c. Evaluating firewall rule base, identifying vulnerable rules or ports and providing security recommendation as per organization practicesd. Knowledge of change management system e. Capable of requirement gathering, documenting and updating processes f. Knowledge on patch and security update management g. Knowledge on Security tools that would be used to safe guard Company Networks. h. Knowledge on technologies related to Encryption, log monitoring, Network Sniffing would be of added advantage i. Knowledge on Cloud solution and architecting solution on cloud would be a added advantage. Technical and Professional Requirements: 1 Monitors alerting tools, handles escalated incidents from helpdesk/desk side and end users2 Respond to suspicious alerts in a consistent and repeatable manner from multiple alerting sources3 Provide 24x7 coverage through a combination of onsite normal business hours monitoring and after hours on call 4 Responsible for triage of C2 alerts, Phishing attempts & AV Alerts and botnets which will make up the majority of the day-to-day threats Preferred Skills: Cloud Security Additional Responsibilities: 1. Candidate should have basic knowledge of Information Security2. Candidate should possess good communication skills3. Experience in interacting with clients or external stakeholders. Educational Requirements Bachelor of Engineering Service Line Information Security Group * Location of posting is subject to business requirements

Assist in defining security Policies Standards and reference Architecture for Network design and deployment related to above technologies. Proactive analysis of Network for secure deployments, secure configurations against Global Security Best Practices. Assisting network design team with security inputs while designing an architecture for new offices/ branches/ data centres etc. for Security by Design. Developing network security standards and guiding network design to meet corporate requirements. Strategize and formulate high and low-level monitoring mechanism for security posture of network deployments and advise measures to improve them. Possess and maintain technical knowledge of aspects of DDoS mitigation, NAC, Internet Proxy, DNS etc. Conducting analysis of network security and Strategize and formulate high and low-level monitoring mechanism for DDoS mitigation, NAC, Internet Proxy, DNS. Taking proactive measures for enhancing the security posture of the Bank's network by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERTetc. Working with internal and external business stakeholders on ensuring that IT infrastructure meet global network security standards. Produce and track metrics for the effectiveness and maturity of Secure network deployments.

Qradar Design, implementation, SIEM administration and setting up SOC support from global security operation center Operation Support Installation, configuration management using SIEM product/tool Dashboard reports, Use cases creation, parser development Complete Life-cycle management with event source system administrators/owners Including coordination and planning for system upgrades, new systems, as well as maintaining current operational event flows Provide optimization of connector interfaces, aggregation, and data normalization Experience on Writing and debugging correlation rules, reports, filters, dashboards queries Alert simulation for detecting new threats and vulnerabilities Capacity planning, change management and process enhancement Apply Configuration Management disciplines to maintain hardware/software revisions, SIEM Content (default and custom), security patches/hardening, and documentation

Atlas Energy - Cybersecurity Analyst Security Analyst - Threat Management and Vulnerability Assessment Seeking a skilled Security Analyst (4-6 years) specializing in threatmanagement and vulnerability assessments. The ideal candidate will haveexperience with Defender for Cloud (migration from L1 to L2), Rapid7, andIntune, and a foundational understanding of Operational Technology (OT)systems, particularly the Dragos platform. This role involves advanced threatdetection and remediation, vulnerability assessments, patching, and hardeningtasks. Qualifications: - Experience with Defender for Cloud and Rapid7. - Proficiency in vulnerability assessments, patch management, and systemhardening. - Familiarity with Intune and Rapid7 agent deployment issues. - Basic understanding of OT systems and security, particularly the Dragosplatform. - NIST controls implementation. - Excellent communication and documentation abilities. Shift Timing - US CST hours

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Manual Penetration Testing using OWASP checklists, Penetration Testing, Vulnerability Assessment, OWASP Top 10, OWASP ZAP, AWS Cloud, Azure Cloud, Cyber Security, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Data Security Assessment Consulting Perform Penetration testing Develop and recommend mitigation strategies to enhance the defense mechanisms of critical infrastructure components Collaborate with IT and security teams to refine security measures and response strategies Prepare detailed reports on findings from simulations and suggest improvements Facilitate training sessions for internal teams on security awareness and breach response tactics

Windows, Linux OS We are looking for a skilled and proactive Security Analyst to join our Server and Vulnerability Management team The ideal candidate will possess expertise in identifying, assessing, and mitigating vulnerabilities across operating and non-operating systems The role requires proficiency in BigFix and Qualys, along with experience in providing solutions for vulnerabilities A strong background in scripting and the ability to conduct impact analysis for critical non-OS vulnerabilities is essential

a.Identify follow-up with users for updating system as required b.Validate compliance of the system ( AV, Bitlocker, Vulnerabilities, OS updates etc) c.If system is not in Intune, ensure it is migrated to Intune d.Raise tickets where required for faster resolution e.Work with compliance team for reporting the SLA, compliance levels Deskside Support, Service Desk, END User Computing, Vulnerability Mitigation, Microsoft Intune, Access Management (SSO/MFA).

Data Network Security - Firewalls, Data Network - Routing Switching Routing and Switching Strong Knowldege Any 1 Firewall Knowledge Knowldge on WLAN Efficient Communication with the stakeholders Network Certification is good to have CCNA, CCNP, NSE 3-4, CCNP, PCNSE and PCNSA

Implementation and Deployment: - Design and deploy IDS (ARMIS)solutions tailored to OT environments. - Develop comprehensive deploymentarchitectures, ensuring seamless integration with existing systems. - Configure and optimize network andfirewall settings to support IDS deployments. Data Network Security - IDS, Cybersecurity.

Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, Static/dynamic testing of mobile applications, Static Code analysis Artifacts/Grey box Infra Activity (VA/CA) Windows Server - Performing Scanning and preparing reports - application Security Testing/ Infra VACA

Static Code analysis Static/dynamic testing of mobile applications Vulnerability Assessment Penetration Testing. SAST Penetration testing Vulnerability Assessment

10 - 12 Years of Exepereice Working experience in technical implementation ofnetwork devices and security solutions like Firewall, IPS, DDoS mitigationetc , and deployment/management of large networks Hands-on experience on anytwo technologies out of Firewall, IPS, Internet Proxy, VPN, DDoS mitigation,NAC, Honeypot, Wi-Fi, DNS Working experience in providing securityrecommendations for deployment/ management of large Networks Experience inInter-technology, Inter-OEM and inter-datacentre integration from securityperspective Highly proficient with latest Networking Technologies includingFirewall, IPS, Load Balancer, Routers and Switches / Internet Proxy/ AntiDDoS/DNS/ NAC/ AAA/ etc Experience in designing implementing Network Securitysolutions like Firewalls, Intrusion Prevention Systems, etc Excellentunderstanding of Network Security/ Networking Concept/ with knowledge ofrouting, switching protocols, networking devices Web Application Firewalls Intrusion Prevention Systems Routing and L2 Switching URL Filtering, Proxy, Next Generation firewalls (Checkpoint, Cisco ASA/Firepower, Fortigate, Palo Alto etc.) Vulnerability assessment Load Balancing, SSL Virtual Private Network (Juniper, Array, F5, Cisco, Checkpoint etc.) Anti-Virus (Trend Micro OfficeScan/Apex One and Symantec Endpoint Protection etc.), Single Sign on Patch Management (Windows Server Update Services)

10+ years Experience in AWS, Azure and GCP Candidate should have good hands on experience on Cloud Native Services of AWS,Azure and GCP. Candidate should have performed multiple Cloud Security Assessment Candidate also should have good exposure in Designing, Architecting, Documentation Candidate should have good hands-on experience in CNAPP and Cloud NativeSecurity Services Should have good communication and good customer facing experiences Good to have containers, Dockers experiences along with DevSecOps AWS, Azure, AWS Security, Best practices to secure your Account, Cloud Security Assessment, Google cloud Security. 10+ years Experience in AWS, Azure and GCP Candidate should have good hands on experience on Cloud Native Services of AWS, Azure and GCP. Candidate should have performed multiple Cloud Security Assessment Candidate also should have good exposure in Designing, Architecting, Documentation Candidate should have good hands-on experience in CNAPP and Cloud Native Security Services Should have good communication and good customer facing experiences Good to have containers, Dockers experiences along with DevSecOps

Manual Penetration Testing using OWASP checklists, Penetration Testing, Security Configuration Review, Cloud Security Assessment, Cyber Security, Manual Penetration Testing using OWASP checklists, Penetration Testing, Security Configuration Review, Cloud Security Assessment, Cyber Security 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms Notice: Immediate to 15 days

Senior Cybersecurity Analyst with a minimum of 6+ years of experience in thefield of Operation technology, particularly focusing on Endpoint Detection andResponse (EDR) and Intrusion Detection System #40;IDS#41; monitoringtools. The ideal candidate will have demonstrated expertise in Carbon Black AppControl. Carbon Black, MS Defender for Endpoints (EDR/ATP),Data Network Security - IDS, Unix Administration, Windows, Carbon Black, MS Defender for Endpoints (EDR/ATP), Data Network Security - IDS, Unix Administration, Windows. Senior Cybersecurity Analyst with a minimum of 6+ years of experience in the field of Operation technology, particularly focusing on Endpoint Detection and Response (EDR) and Intrusion Detection System (IDS) monitoring tools. The ideal candidate will have demonstrated expertise in Carbon Black App Control.

Static/dynamic testing of mobile applications, Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cyber Security Assessment Consulting, Cloud Security Assessment 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms Notice: Immediate to 15 days