275 Logrhythm Jobs - Page 9

Rackspace Security (Public Cloud) Security Engineer L3 (Endpoint Security) About Rackspace Cyber Defence Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments Reduce their exposure to risks that impact their identity and brand Develop operational resilience Maintain compliance with legal, regulatory and compliance obligations What We’re Looking For To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace’s strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure An individual who shows a willingness to go above and beyond in delighting the customer A good communicator who can explain security concepts to both technical and non-technical audiences Key Accountabilities Ensure the Customer’s operational and production environment remains healthy and secure at all the times Assist with customer onboarding – customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s) Advance platform administration Critical platform incident handling & closure As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc Co-ordinate with vendor for issue resolution Required to work flexible timings

Job Title: Senior Consultant – Pre and Post Sales Engineer No. of Positions: 1 Locations: Mumbai Position Type: Full-Time Job Overview: St. Fox is looking for a proactive and seasoned technically strong and client-focused Pre and Post Sales Engineer with hands-on experience in cybersecurity products and solutions. The ideal candidate will drive technical engagements with prospects, design secure architectures, conduct PoCs, and provide post-sales deployment and support, helping clients enhance their security posture. Key Responsibilities: Pre-Sales: • Engage with CISOs, IT security teams, and stakeholders to understand cybersecurity requirements. • Design and present security solutions aligned to threats, compliance, and business risks. • Deliver technical product demos for solutions like SIEM, SOAR, EDR, NDR, DLP, IAM, MFA, Firewall, Zero Trust, etc. • Support RFP/RFI responses with detailed technical documentation and solution design. • Support the sales team in responding to RFPs/RFIs with detailed technical inputs. • Design solution architecture in alignment with client needs and company offerings. • Execute Proof-of-Concepts (PoCs) and simulations for attack detection, response workflows, and threat hunting. Post-Sales: • Lead deployment, configuration, and tuning of cybersecurity solutions (e.g., SIEM rules, EDR policies, firewall rulesets). • Support incident response playbook creation, alert tuning, and integration with existing tech stack (SOC/SIEM/SOAR). • Conduct technical training for client SOC and IT teams postdeployment. • Troubleshoot and resolve technical issues in coordination with OEMs and internal support teams. • Maintain ongoing relationships with key technical stakeholders to ensure solution effectiveness and customer satisfaction. Skills and Qualifications: • 3–8 years in cybersecurity pre-sales/post-sales or technical consulting roles. • Strong understanding of threat vectors, attack lifecycle, and defense mechanisms. • Hands-on experience with tools like: o SIEM: Splunk, IBM QRadar, LogRhythm, ArcSight, etc. o SOAR: Palo Alto Cortex XSOAR, Splunk Phantom, etc. o EDR/XDR: CrowdStrike, SentinelOne, Trellix, Microsoft Defender. o Firewalls/NGFW: Fortinet, Palo Alto, Check Point, Cisco. o IAM & PAM: Okta, CyberArk, BeyondTrust. o Cloud Security: AWS/Azure/GCP security tools, CSPM, CWPP. • Familiarity with MITRE ATT&CK, OWASP Top 10, Zero Trust Architecture, etc. • Excellent client communication, technical documentation, and presentation skills. What We Offer: ● Competitive salary and benefits package. ● Opportunities for professional growth and advancement. ● Exposure to cutting-edge technologies and projects. ● A collaborative and supportive work environment. Please Share your Resume to sanjay@nteksol.com

: When you join Verizon You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What Youll Be Doing... The Threat Management Center (TMC) serves as the initial point of defense for Verizon's networks and information systems, safeguarding them against internal misconduct and cyber-attacks. The TMC Advanced Cyber Defense (TMC-ACD) team is tasked with responding to, investigating, hunting and managing all incidents. Collectively, the teams strive to protect Verizon's employees, customers, brand reputation, and revenue streams through proactive identification, response, and mitigation of potential threats that could adversely affect Verizon or its business partners. What Were Looking For... Verizon is looking for an innovative and motivated professional who will be responsible for safeguarding the Verizon enterprise. This individual will work on identified threats and will neutralize them through proactive hunting and detection, incident response and mitigation strategies, and ensure continuous operation of Verizons on-prem and cloud environments. The Digital Forensics & Incident Response role is an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats. This position plays a critical role in Verizons enterprise computing defense. Executing the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses. Operating as a trusted advisor on threat analysis during incidents for incident management teams and other stakeholders by following cybersecurity response methodologies such as the NIST CyberSecurity Framework. Serving as a primary point of contact during assigned on-call shifts, responding promptly to incidents, escalations, and critical alerts to minimize downtime and mitigate risks to the enterprise. Deploying security tools and leveraging logs and endpoint forensic analysis in order to complete a detailed and accurate assessment of security alerts and threats affecting the Verizon enterprise and cloud infrastructure. Assisting with the development of security controls for multiple platforms via automated capabilities by using advanced analysis and forensic techniques. Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices related to security and data privacy. Providing assistance and analytical evaluations for high-priority and significant security incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-related discussions. Identifying gaps in detections and collaborating with teams across Cyber Security to mitigate threats and improve the overall security posture. Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging data and knowledge to clearly communicate the use case for alert creation. Collaborating with cross-functional teams to respond, identify, and analyze the root cause of a cybersecurity incident. Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents. Enhancing, and/or implementing DFIR playbooks to ensure cohesive response repeatability. Assisting with producing operational read-outs and case reviews for peers and leadership that accurately capture the effectiveness of the DFIR organization. Continuously honing to build and maintain knowledge, skills, and abilities needed to maintain proficiency in producing thorough and accurate digital forensic analysis. Enhancing techniques, workflows and processes of security controls, compliance assessments, and DFIR procedures to drive the TMC operational and strategic growth (continuous improvement). Where you'll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Youll Need To Have Bachelor's degree or four or more years of work experience. Four or more years of relevant experience required, demonstrated through work experience and/or military experience. Experience working in Digital Forensic, Incident Response, and/or a Security Operations Center (SOC) environment(s). Even better if you have one or more of the following: Awareness of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martins Cyber Kill Chain. Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them. Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents. Programming and Scripting Experience to enhance automations, ad-hoc forensic analysis and speed-up response times. Previous experience with log aggregation platforms such as Splunk, Elastic, Snowflake, LogRhythm, etc. Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS Operating Systems. Demonstrates leadership and mentoring skills to help advance the overall capabilities of the TMC organization. Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills. Exhibits initiative, follow-up and follow through with commitments. Certifications like: Network , Security , CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific security certifications (e.g. AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer). If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every even better qualification listed above. #CISO Where youll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics. Locations Hyderabad, India Chennai, India

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Required Skills Siem,Splunk,Troubleshooting

5 - 7 Years 1 Opening Trivandrum Role description Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Skills Siem,Splunk,Troubleshooting About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation.  Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies.  Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents.  Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations.  Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications.  Conduct root cause analysis and post-incident reviews to enhance detection capabilities.  Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS).  Document configurations, detection logic, and incident response processes.  3+ years of experience in cybersecurity with direct hands-on Internal SIEM experience.  Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.).  Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework.  Experience with scripting and automation (e.g., Python, PowerShell) is a plus.  Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

 Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation.  Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies.  Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents.  Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations.  Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications.  Conduct root cause analysis and post-incident reviews to enhance detection capabilities.  Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS).  Document configurations, detection logic, and incident response processes.  3+ years of experience in cybersecurity with direct hands-on SIEM experience.  Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.).  Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework.  Experience with scripting and automation (e.g., Python, PowerShell) is a plus.  Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Overview Role description We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Skills Siem,Splunk,Troubleshooting

Qualifications • BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. • Security certifications like CEH or equivalent preferred. Experience and Skillset • Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). • In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. • Proficient in Incident Management and Response. • Basic knowledge of Windows and Unix environments. • Knowledge of OSI Model, TCP/IP Protocols, network security. • Knowledge about other security tools like – Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities • Responsible for working in a 24x7 Security Operation center (SOC) environment. • Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. • Monitor various dash boards from different security solutions on shift basis. • Work with the engineering team for Sensor and SIEM rules fine-tuning. • Prepare various management reports from SIEM and other security solutions. • Provide analysis and trending of security log data from a large number of heterogeneous security devices. • Provide threat and vulnerability analysis as well as security advisory services. • Analyze and respond to previously undisclosed software and hardware vulnerabilities. • Investigate, document, and report on information security issues and emerging trends. • Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. • Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If you’re interested please share below mention details for the same. Location Are you willing to relocate to Guwahati? : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:ashwini.chakor@ril.com Regards,

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on Internal SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Skills: Security Operations, Incident Response, Team Leadership, SIEM, Risk Assessment, Threat Intelligence, Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience And Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If youre interested please share below mention details for the same. Location Are you willing to relocate to Guwahati? : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:ashwini.chakor@ril.com Regards,

Skills: Security Operations, Incident Response, Team Leadership, SIEM, Risk Assessment, Threat Intelligence, Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience And Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If youre interested please share below mention details for the same. Location Are you willing to relocate to Guwahati? : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:ashwini.chakor@ril.com Regards,

Job Description: We are seeking an experienced Cyber Security Operations and GRC Manager to join our team at, a leader in blockchain technology and solutions. The ideal candidate will be Responsible for safeguarding an organizations information technology infrastructure and data from potential threats, vulnerabilities, and cyberattacks Develop and implement comprehensive security strategies and policies to protect the organization’s assets and data Design, configure, and deploy security infrastructure components such as firewalls, intrusion detection/prevention systems (IDS/IPS), secure access controls, encryption mechanisms, and security information and event management (SIEM) solutions Proactively conduct regular risk assessments and vulnerability analysis, Security Audits to identify potential security threats and weaknesses Review vulnerability assessments, penetration testing reports, and security audits to identify weaknesses and vulnerabilities in IT systems and applications Work closely with GRC team, review and implement corrective actions for GRC recommendation, audit observations and non-conformances. Additional Responsibilities: Threat Monitoring & Detection: Continuously monitor security alerts and events across all systems using SIEM tools and other monitoring platforms. Identify, analyze, and respond to security threats in real-time. Incident Response: Lead Incident Response team Vulnerability Management: Regularly assess and prioritize vulnerabilities, patch systems, and work with IT teams to implement secure configurations and updates. Security Tool Management: Configure, maintain, and optimize security tools, including firewalls, intrusion detection/prevention systems, antivirus software, and endpoint protection. Forensics & Analysis: Conduct forensic investigations to collect, analyze, and preserve evidence related to security incidents. Security Reporting & Documentation: Review reports on security incidents, vulnerabilities, and performance of security systems. Requirements: Educational Background: Bachelor’s degree in Computer Science, CyberSecurity, or a related field. Experience: Minimum of 10-20 years of experience in security operations, GRC Solid understanding of threat intelligence and incident handling frameworks (e.g., MITRE ATT&CK, NIST). Proficiency with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and other security monitoring solutions. Strong knowledge of networking protocols, firewall management, and intrusion detection/prevention systems. Experience with scripting languages (e.g., Python, PowerShell) for automation of tasks. Familiarity with forensic tools and methodologies (e.g., EnCase, FTK). Soft Skills: Strong problem-solving abilities, attention to detail, effective communication skills, ability to work under pressure, and a collaborative mindset. Preferred Qualifications: Security certifications such as CEH, GCIH, GCIA, or CISSP. Experience with cloud security (e.g., AWS, Azure, GCP) and securing cloud environments. Knowledge of regulatory and compliance requirements (e.g., PCI-DSS, GDPR).

Job Title: Senior Cyber Defense Operations Analyst Location: Bengaluru, India Experience: 8+ years Job Type: Full-time Department: Cybersecurity / Information Security / SOC Job Summary: We are seeking a highly skilled and experienced Senior Cyber Defense Operations Analyst to join our cybersecurity team in Bengaluru. The ideal candidate will lead and coordinate cyber defense activities, manage incident response efforts, monitor threats, and provide strategic guidance to strengthen our cyber defense posture. This is a hands-on technical and leadership role within a fast-paced, mission-critical environment. Key Responsibilities: Lead day-to-day operations of Cyber Defense including threat detection, response, and mitigation. Manage and mentor a team of SOC analysts and incident responders. Monitor SIEM and other security tools for indications of compromise, suspicious behavior, and known threats. Coordinate and manage high-severity incidents and support root cause analysis and post-incident reviews. Develop and implement advanced threat detection use cases and response playbooks. Work closely with IT, Infrastructure, and AppSec teams to address vulnerabilities and security gaps. Participate in threat hunting and proactive intelligence-driven defense activities. Collaborate with global security teams to align local and enterprise-wide defense strategies. Ensure compliance with internal security policies, industry standards, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR). Regularly review and improve security operations processes and toolsets. Provide executive-level reporting on threat landscape, incident metrics, and defense posture. Required Qualifications: 8+ years of experience in cybersecurity with a strong focus on Security Operations or Cyber Defense. Proven experience with SIEM (e.g., Splunk, QRadar, LogRhythm), EDR (e.g., CrowdStrike, SentinelOne), and SOAR platforms. Strong understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence frameworks. Expertise in incident response, digital forensics, malware analysis, and threat hunting. Familiarity with cloud security (AWS, Azure, or GCP), including monitoring and defending cloud-native environments. Experience with scripting (Python, PowerShell, etc.) for automation and analysis. Strong understanding of TCP/IP, network protocols, and security architectures. Certifications such as CISSP, GCIA, GCIH, CEH, or similar are highly desirable. Preferred Qualifications: Experience working in a global or large-scale enterprise security environment. Knowledge of DevSecOps and integration of security into CI/CD pipelines. Understanding of data privacy regulations relevant to cybersecurity (e.g., GDPR, HIPAA). Leadership experience in managing small-to-mid sized security teams. Benefits: Competitive salary and performance-based bonuses Health and wellness benefits Flexible work hours and hybrid work options Learning and development support (certifications, courses) Opportunity to work with cutting-edge cybersecurity technologies Please share your updated profiles to naseeruddin.khaja@infosharesystems.com

Greetings from Teamware Solutions a division of Quantum Leap Consulting Pvt. Ltd We are hiring a Consultant_DLP (Data Loss Prevention) Work Mode: Onsite; 5 days WFO Geography they support - US Work timings: 24x7 Rotational Shift Locations: Bengaluru Experience: 4 -8 Years ( Only Male ) Notice Period: Immediate to 15 days Qualification: BTECH/BCA/MBA/MCA strong knowledge of TPRM Interview process: 2-3 rounds Responsibilities Monitor and respond to alerts generated from the DLP systems to other technologies Understand and follow the incident response process through event escalations Follow processes to maintain the DLP system Utilize Splunk and Symantec DLP to respond to, investigate, triage and prevent client data loss via email and web Implement DLP fine-tuning rules/policies via Symantec DLP Track and present DLP metrics and findings on a monthly basis to senior management 3+ years of experience in information security preferably in the areas of incident response, investigations Experience working with SIEM solutions (Splunk, LogRhythm, QRadar, etc.) Hands on experience & working knowledge of ZScaler tools (Preferably) Certifications (e.g., GCIH, CISSP, CCSP) are preferred Familiarity performing packet analysis Zscaler : Zscaler provides users with seamless,secure and reliable access to applications and data. Please let me know if you are interested in this position and send me the resumes to netra.s@twsol.com

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Description About Exabeam Exabeam is a global cybersecurity leader that delivers AI-driven security operations. High-integrity data ingestion, powerful analytics, and workflow automation power the industry’s most advanced self-managed and cloud-native platform for threat detection, investigation, and response (TDIR). With a legacy rooted in SIEM, UEBA, and AI innovation, Exabeam empowers security teams around the world to combat threats, mitigate risk, and streamline operations. Learn more at www.exabeam.com. Position Summary We are seeking a data-driven and collaborative Program Manager to join our Global Partner Program Office. This role will focus on partner performance analytics, retention strategies, and program compliance. The ideal candidate will have experience in channel operations, strong analytical skills, and a passion for optimizing partner engagement and success. This role will report to the Sr Director of Global Channel Programs. Key Responsibilities Performance & Analytics Develop and maintain partner performance dashboards and scorecards. Analyze partner data to identify trends, opportunities, and areas for improvement. Collaborate with cross-functional teams to implement data-driven strategies for partner growth and retention. Partner Retention & Engagement Design and execute partner retention programs and initiatives. Monitor partner satisfaction and address concerns proactively. Facilitate regular communication and feedback loops with partners. Ensure adherence to partner program policies and guidelines. Manage deal registration processes and track MDF ROI. Support the development and maintenance of partner portals and tools. Program Compliance & Operations Ensure adherence to partner program policies and guidelines. Manage deal registration processes and track MDF ROI. Support the development and maintenance of partner portals and tools. Ensure adherence to contractual obligations, including compliance with program guidelines, certifications, and reporting requirements. Track partner performance against contractual terms to identify underperformance or breaches. Maintain partner compliance dashboards and audit trails. Support partner promotion processes based on performance metrics, certification levels, and strategic alignment. Participate in the partner deauthorization process, including documentation and communication, where necessary. Requirements Bachelor’s degree in Business, Computer Science, or related field. 3+ years of experience in program management, channel operations, or related roles. Strong analytical and problem-solving skills. Proficiency in data visualization tools and CRM systems. Excellent communication and interpersonal skills. Ability to work independently and collaboratively in a fast-paced environment. Bring your Whole Self to Work! Diversity, equity, and inclusion are at the core of who we are. At Exabeam, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors. Exabeam and LogRhythm have merged. You can learn more about our cybersecurity powerhouse here .

Greetings from Teamware Solutions a division of Quantum Leap Consulting Pvt. Ltd We are hiring a Consultant_DLP (Data Loss Prevention) Work Mode: Onsite; 5 days WFO Geography they support - US Work timings: 24x7 Rotational Shift; ( No female candidates) Locations: Bengaluru Experience: 4 -8 Years Notice Period: Immediate to 15 days Qualification: BTECH/BCA/MBA/MCA strong knowledge of TPRM Interview process: 2-3 rounds Qualifications: Three+ years of experience in information security preferably in the areas of incident response, investigations Bachelors degree from an accredited college/university or equivalent professional experience Understanding of Data Loss Prevention Experience working with SIEM solutions (Splunk, LogRhythm, QRadar, etc.) Familiarity performing packet analysis Hands on experience & working knowledge of ZScaler tools (Preferably) Additional Qualifications for Senior Associate: Three years of experience with information security or in a technology related field Strong knowledge base in operations, enterprise networking, systems evaluation and architecture Certifications (e.g., GCIH, CISSP, CCSP) are preferred Detailed, control oriented, and thorough Previous experience as a member of an Incident Response team is a plus. Please let me know if you are interested in this position and send me the resumes to netra.s@twsol.com

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Overview. ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area, Responsibilities. Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage, Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc, L2/L3 level is added advantage, Should have knowledge in managing Vulnerability tools and various remediation efforts, Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed, Enforce incident response service level agreement, Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company. Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks. Vulnerability management assessment and remediation. Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks. Research the latest information technology (IT) security trends. Help plan and carry out an organization’s way of handling security. Develop security standards and best practices for the organization. Recommend security enhancements to management or senior IT staff. Document security breaches and assess the damage they cause, Performs other duties as assigned. Qualifications. Tech, B. 2-5 years’ Experience working in a Security Operations Center. 2 years minimum in the computer industry. Knowledge working with complex Windows environments. Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001. Knowledge in design and administration of security tools. Good written and verbal communication skills. Show more Show less

Role: S enior SOC Analyst, Alerts & Automation Standard Title: Senior Analyst, Cyber Defence (SOC) Location: Bangalore, India About Us Founded in 2014, Circles is a global technology company reimagining the telco industry with its innovative SaaS platform, empowering telco operators worldwide to effortlessly launch innovative digital brands or refresh existing ones, accelerating their transformation into techcos. Today, Circles partners with leading telco operators across multiple countries and continents, including KDDI Corporation, Etisalat Group (e&), AT&T, and Telkomsel, creating blueprints for future telco and digital experiences enjoyed by millions of consumers globally. Besides its SaaS business, Circles operates three other distinct businesses: Circles.Life: A wholly-owned digital lifestyle telco brand based in Singapore, Circles.Life is powered by Circles’ SaaS platform and pioneering go-to-market strategies. It is the digital market leader in Singapore and has won numerous awards for marketing, customer service, and innovative product offerings beyond connectivity. Circles Aspire: A global provider of Communications Platform-as-a-Service (CPaaS) solutions. Its cloud-based Experience Cloud platform enables enterprises, service providers and developers to deliver and scale mobile, messaging, IoT, and connectivity services worldwide. Jetpac: Specializing in travel tech solutions, Jetpac provides seamless eSIM roaming for over 200 destinations and innovative travel lifestyle products, redefining connectivity for digital travelers. Jetpac was awarded Travel eSIM of the Year. Circles is backed by renowned global investors, including Peak XV Partners (formerly Sequoia), Warburg Pincus, Founders Fund, and EDBI (the investment arm of the Singapore Economic Development Board), with a track record of backing industry challengers. What You'll Do As a Security Incident and SIEM Specialist , you will support Circle’s SOC team in areas such as cybersecurity incident response, SIEM alert creation, fine-tuning, and noise reduction. Your role includes managing threat intelligence, monitoring security events, investigating incidents, performing forensic analysis, and coordinating global incident response efforts. You will play a key role in enhancing SOC monitoring capabilities by optimizing alert quality and reducing false positives, thereby improving overall SOC efficiency and productivity. What We’re Looking For Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience). 2+ years of hands-on SOC or information security experience in a global IT environment. Experience with SIEM tools (Graylog, Splunk, ELK, Rapid7, LogRhythm, QRadar). Relevant certifications (GCIH, GCIA, Splunk/QRadar) are a plus. Key Responsibilities Triage and analyze security alerts, assess threats, and prioritize based on risk and impact. Execute incident response procedures and document findings clearly. Distinguish false positives from real threats using SIEM and security tools. Understand common attack vectors, TTPs, and apply contextual log analysis. Collaborate with cross-functional teams to ensure effective incident response. Stay updated on emerging threats and security trends. SIEM & Scripting Strong UNIX/Linux skills and proficiency in Bash or Python scripting. Skilled in RegEx, log parsing, pipeline creation, and data normalization. Experience in SIEM tuning, use case development, and alert optimization. Familiar with building and enhancing detection rules and threat analytics. Exposure to AI/ML for noise reduction and threat detection is a plus. Other Requirements Willingness to work in a hybrid setup and 24x7 environment. To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program. Please do not forward resumes to our jobs alias, Circles employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS. Circles is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age.

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose – the relentless pursuit of a world that works better for people – we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. Inviting applications for the role of Consultant, Security Analyst Technical Skills: Strong understanding of network protocols, operating systems, and cybersecurity best practices. Analytical Skills: Ability to analyze security data, identify patterns, and assess risks. Communication Skills: Ability to communicate security information clearly and concisely, both written and verbally. Problem-solving Skills: Ability to identify and resolve security issues. Understanding of Threat Landscape: Knowledge of current cyber threats and vulnerabilities. Responsibilities Knowledge of Cybersecurity Tools: Falcon CrowdStrike, Defender 0356, LogRhythm, Azure sentinel, Knowb4 PhishER and Familiarity with firewalls, intrusion detection systems, anti-malware software, and other security tools. Microsoft defender 0365 email protection and exchange online protection Experience working with Microsoft Purview Experience working with defender for identity (formally advanced threat analytics) Qualifications we seek in you! Minimum Qualifications / Skills Bachelor's Degree required. Preferably in Computer Science, Information Systems, or related field. Preferred Qualifications/ Skills Competencies Fluent English, oral and written. Strong Analytical Thinking Excellent organisational – multitasking skills Flexibility, commitment, and ability to work under pressure, absolute integrity, and utmost discretion. Attention to detail, well organized, and able to set priorities. Ability to anticipate, identify and solve critical problems and conflicts. Proven experience in a network administrator role Hands on experience in Zscaler Experience with firewalls, Internet VPN’s remote implementation, troubleshooting, and problem resolution is desired. Great at organising, prioritising, and multitasking Juniper, Cisco, CWNA or BCNE training Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Get to know us at genpact.com and on LinkedIn, X, YouTube, and Facebook. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Consultant Primary Location India-Hyderabad Schedule Full-time Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 18, 2025, 12:25:36 PM Unposting Date Ongoing Master Skills List Consulting Job Category Full Time

Role & responsibilities Responsibilities: • Escalate validated and confirmed incidents to designated SOC Lead/ Incidents response team. • Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business. • Indepth knowledge on multiple SIEM platforms like Securonix, IBM QRadar, LogRhythm, Arcsight, FortiSIEM , Microsoft Sentinel, and others • Support the SOC Manager in his duties (e.g. extension of SOC services) • Update Security Operations reporting • Triage security events and incidents, detect anomalies, and report/direct remediation actions. • Development and execution of SOC procedures • Should have indepth knowledge of Firewall, EDR, IDS/ IPS, VPN, Cloud Security • Should have hands on Experience in Threat Hunting. • Should have good hands-on experience in VAPT. • Should have good knowledge in integrating TI feeds and Third-Party tools. • Should have knowledge in Building SIEM platform with SOAR, NBAD, UEBA Integration. • Should have hands on experience in developing Use case and Parser Creation. • Should have knowledge in Breach simulation attack. • Sound knowledge in Unix, Linux, Windows, and security devices like firewall, etc. • Preparation of RCA, Preparation of runbook and Training to L2 and L1 team. Qualification: B.E./B.Tech/MCA Certification CEH, ECIH, CISSP, CISM, GCIH, GCFA, Certified Threat Hunter, SIEM certifications for platforms like (Qradar, LogRhythm etc) Work experience: 8 + Years NOTE : Work location will be Mumbai Andheri Seepz, and this is permanent Work from Office role NO HYBRID Option

About Us Zelis is modernizing the healthcare financial experience in the United States (U.S.) by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers in the U.S. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts—driving real, measurable results for clients. Why We Do What We Do In the U.S., consumers, payers, and providers face significant challenges throughout the healthcare financial journey. Zelis helps streamline the process by offering solutions that improve transparency, efficiency, and communication among all parties involved. By addressing the obstacles that patients face in accessing care, navigating the intricacies of insurance claims, and the logistical challenges healthcare providers encounter with processing payments, Zelis aims to create a more seamless and effective healthcare financial system. Zelis India plays a crucial role in this mission by supporting various initiatives that enhance the healthcare financial experience. The local team contributes to the development and implementation of innovative solutions, ensuring that technology and processes are optimized for efficiency and effectiveness. Beyond operational expertise, Zelis India cultivates a collaborative work culture, leadership development, and global exposure, creating a dynamic environment for professional growth. With hybrid work flexibility, comprehensive healthcare benefits, financial wellness programs, and cultural celebrations, we foster a holistic workplace experience. Additionally, the team plays a vital role in maintaining high standards of service delivery and contributes to Zelis’ award-winning culture. Position Overview As a SOC Analyst at Zelis, you will play a critical role in maintaining the security of our clients' systems and data. You will be responsible for monitoring, analyzing, and responding to security alerts and incidents, ensuring that potential threats are identified and escalated for mitigation in a timely manner Primary Responsibilities Threat Detection: Continuously monitor security alerts and events to identify potential threats and vulnerabilities in Zelis environments. Incident Response: Investigate security incidents, including unauthorized access, malware infections, and data breaches, and take appropriate action to coordinate with NOC and SOC leads to initiate the Major Incident Management process. Key Tools M365 Defender Abnormal Email Security LogRhythm SIEM Sentinel One EDR ExtraHop Reveal NDR Experience And Qualifications To be successful in this role, you should possess the following qualifications and skills: Proven experience in a SOC Analyst role or similar cybersecurity position, with a minimum of 4 years of experience. Proficiency in using LogRhythm SIEM to monitor and analyze security events. Strong understanding of email security solutions and the ability to identify and respond to email-based threats. Experience with reviewing and analyzing network traffic i.e., through Network Detection and Response platforms, such as ExtraHop Reveal. Experience with Endpoint Detection and Response i.e., Sentinel One. Ability to read and analyze network packet captures. Excellent understanding of threat detection and incident response procedures. Strong analytical and problem-solving skills, with the ability to investigate and characterize security events effectively. Understanding of vulnerability assessment and penetration testing tools and methodologies. Strong communication and teamwork skills to collaborate with other IT and security professionals. Knowledge of security best practices, industry standards, and compliance. Ability to maintain detailed incident reports, security procedures, and documentation for compliance and future reference. Stay up to date with the latest security threats, technologies, and industry best practices to improve SOC effectiveness. Work in shifts as part of a 24/7 SOC team to ensure round-the-clock security monitoring and escalation Show more Show less