228 Malware Analysis Jobs

The ideal candidate for this position will succeed if they possess both knowledge and technical depth about the company and the industry. This is crucial as they are expected to play a central role in the decision-making process, collaborating with various individuals from different teams as needed. Additionally, they will be responsible for supervising specific personnel. Responsibilities - Manage and mentor a team of SOC analysts (Tier 1-3) across multiple shifts - Oversee threat hunting, incident response, and security monitoring operations - Develop and refine SOC procedures, playbooks, and escalation processes Qualifications - Bachelor's degree or equivalent experience - Proficiency in Malware Analysis, Threat Hunting, Triage, Incident Response, SIEM, and SOAR - Strong leadership skills,

We are looking for a certified ethical hacker to assist in enhancing the security of our network against potential threats. Your main responsibility will involve evaluating our company's network, servers, and overall infrastructure to discover any vulnerabilities that may exist. As a certified ethical hacker, you must possess the knowledge and expertise in utilizing various network and security tools, along with a high-level comprehension of computer and network security principles. This includes a deep understanding of encryption and cryptography. Responsibilities Your duties as a certified professional ethical hacker will encompass the following: - Conducting ethical hacking and penetration testing - Performing vulnerability assessments - Analyzing malware - Collaborating with other penetration testers and information security analysts - Ensuring web application security - Executing social engineering tactics - Enhancing database security - Implementing reverse engineering techniques - Safeguarding network security - Conducting threat modeling and risk assessment Job Qualifications and Skill Sets The qualifications necessary for a certified ethical hacker are as follows: - A Bachelor's degree in computer science, information technology security, or a related field - Security certifications such as Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) - Demonstrated proficiency in penetration tests, vulnerability assessment, and security monitoring - Knowledge of the OSI model, TCP/IP, HTTP, SSL, and wireless networking - Experience with common network infrastructure and security tools - Familiarity with web applications, including HTTP and SQL injection attacks - Understanding of security testing methodologies as per the EC-Council standards - Ability to thrive in a fast-paced work environment,

Vserv Academy is a leading provider of industry-recognized IT, hardware, computer networking, cloud infrastructure, and cybersecurity training modules in Noida. Our training programs cater to students and professionals seeking to join the IT industry and develop specialized skills. With courses ranging from computer hardware repair to advanced computer networking and cybersecurity, Vserv Academy ensures top-notch training for a skilled workforce. Our cybersecurity training module, designed by industry leaders with over 20 years of experience, focuses on data center management and security. This is a 3-month on-site role for a Cyber Security Trainer Freelancer at Vserv Academy in Noida. The role involves conducting cybersecurity training sessions, educating students and professionals on application security, network security, information security, and malware analysis. The trainer will work closely with industry experts to deliver high-quality training programs and help learners develop essential cybersecurity skills. The ideal candidate for this role should possess Cybersecurity and Information Security skills, Network Security and Application Security knowledge, Experience in Malware Analysis, a Strong understanding of cybersecurity principles, Relevant certifications in cybersecurity, Excellent communication and presentation skills, Ability to adapt training methods to different audiences, and Experience in the IT industry or cybersecurity training.,

As an integral part of Aptitech Education, located in New Delhi, you will hold the position of a Cyber Security Trainer, dedicated to enhancing the skills and knowledge of individuals seeking to excel in the field of cybersecurity. Your primary responsibilities will revolve around conducting training sessions, designing curriculum, executing assessments, and offering guidance on various aspects including Application Security, Cybersecurity, Network Security, Information Security, and Malware Analysis. To excel in this role, you are expected to possess a profound understanding and practical experience in Application Security, Cybersecurity, and Information Security. Proficiency in Network Security and Malware Analysis is crucial, alongside a track record in formulating educational content tailored for cybersecurity training. Your expertise should be underscored by recognized certifications like CISSP, CEH, or CompTIA Security+, complemented by a Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Your commitment to upholding the highest standards of integrity and confidentiality is paramount, as you engage in conducting assessments and delivering constructive feedback to learners. Effective communication skills, both verbal and written, are vital for engaging with students and facilitating their learning journey. Furthermore, your role will extend to mentoring students to align their current capabilities with future skill requirements, ensuring their preparedness for the professional landscape. Join Aptitech Education in empowering aspiring professionals to realize their career aspirations through comprehensive training and skill development in the realm of cybersecurity.,

Role & responsibilities • Security Incident monitoring & Security Incidents analysis. • Good experience in using SIEM tools. • Knowledge on Threat analysis, evolving Threat landscape. • Knowledge on Event logging and event analysis. • Knowledge on Corporate security products like firewalls, IPS, Web/content Filtering tools, Compliance tools, ITIL process. • Knowledge on Vulnerabilities and threats. • Knowledge on Packet Analysis and Forensic Analysis. • React to attacks observed during incidence monitoring. • Good knowledge about common security attacks, targeted attacks. • Define and act to common security incidents and reporting to stakeholders. • Contributing to continue monitoring and improvement of security posture of the organization.

Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc. SIRT/SIEM/Threat Hunting Background/intel, netwitness, splunk, qRadar, RSA Netwitness, Linux/python understanding/Ethical hiking/programming background added advantage. Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit Very good understanding of security fundamentals and principles, attack techniques, Mitre, TTP, hacking tools etc Having experience of managing team of 24X7 team members across multiple locations. Red/Blue teaming activities Hands on experience on Threat Intel Management/Platform (TIM/TIP) Leveraging knowledge of the Cyber Kill Chain Framework and working familiarity of the MITRE ATT&CK Framework. Location: Noida. Must be willing to work in 24/7 shifts (including night shifts).

What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organizations security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications: Experience:6-8 years in cybersecurity, with a focus on SOC operations and incident response. Environment:Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills: Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM:Splunk, CrowdStrike, QRadar EDR:CrowdStrike, Carbon Black, SentinelOne SOAR:Palo Alto XSOAR, Splunk SOAR Forensics:FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes: Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM 3:00 PM 2:00 PM - 11:00 PM IST

Role Overview: We are seeking a highly skilled and experienced Senior Data Scientist to join our innovative Data Science team. Reporting to the Data Science Director, you will contribute to the development of advanced Machine Learning (ML) solutions for cybersecurity challenges, including threat detection, malware analysis, and anomaly detection. Your expertise will help drive end-to-end ML product development, from data preparation to deployment, while ensuring seamless integration into our core products. What You Will Do: As a Senior Data Scientist, you will work in a team of smart data scientists reporting to the Data Science Director that does full-lifecycle full-stack Machine Learning product development, from feature engineering to model building and evaluation. Our team's use cases include but are not limited to threat detection, threat hunting, malware detection and anomaly detection, and MLOps. You will work with other Senior Data Scientists in the team to execute data science projects. You will identify issues with models running in production and resolve them. This may require retraining models from scratch, adding new features to model, set-up automated model training and deployment pipelines. These models will be integrated into popular products of the company to show maximum impact. About You: A Master Degree or Equivalent degree in Machine Learning, Computer Science, or Electrical Engineering, Mathematics, Statistics In-Depth understanding of all major Machine Learning and Deep learning algorithms, supervised and unsupervised both Passion for leveraging ML/AI to solve real-world business problems 4-7 years of industry experience in one or more machine/deep learning frameworks 4-7 years of industry experience with Python/Pyspark and SQL Experience solving multiple business problems using Machine Learning Experience with various public cloud services (such as AWS, Google, Azure) and ML automation platforms (such as MLFlow) Should be able to drive end-to-end machine learning project with limited guidance Solid computer science foundation Good written and verbal communication Ph.D in Cyber Security/Machine Learning or related field will be an added advantage 4-7 years of industry experience in the field of Data Science/Machine learning Prior experience in solving cyber security problems using machine learning Familiarity with Security Domain will be a plus Company Benefits and Perks: We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement

As a Cyber Security Analyst at our organization, you will play a crucial role in safeguarding our enterprise systems and networks. With a minimum of 1 year of experience in cybersecurity tools and operations, you will focus on endpoint protection, proxy management, and threat analysis. Your responsibilities will include monitoring, investigating, and responding to security incidents, administering McAfee endpoint security tools, managing web proxy solutions, identifying potential threats using SIEM tools, and collaborating with internal IT teams and external vendors to resolve security issues effectively. You will be required to perform vulnerability assessments, maintain detailed documentation of configurations and incident reports, support audits, and implement remediation plans based on security findings. To excel in this role, you should hold a Bachelor's degree in Computer Science, Information Technology, or a related field, along with hands-on experience with McAfee Endpoint Security suite, Zscaler, and Netskope Cloud Security Platform. Additionally, you should possess a good understanding of firewall rules, threat detection, malware analysis, and data loss prevention, as well as familiarity with security incident management processes and tools like SIEM. Your strong analytical and problem-solving skills, coupled with excellent communication and documentation abilities, will be essential for success in this position. This is a full-time, permanent role based in Navi Mumbai, Maharashtra, and proficiency in English is required. If you have the necessary experience and skills in domains like Proxy-Netskope, we encourage you to apply for this exciting opportunity to contribute to our cybersecurity efforts.,

We are seeking candidates who possess the following experience: - Mandatory experience with any of the following: - Cylance Protect and Optics - Crowdstrike Falcon Insight - Sentinel One ActiveEDR - Carbon Black EDR - Practical experience in the security incident response lifecycle and its various phases - Proficiency in L1 and L2 in EDR - Hands-on experience in event and log analysis on Windows endpoints - Total experience: 3-7 years, Relevant experience: 2+ years Please take note that candidates must have expertise in the following skills: - EDR Experience - Specific EDR products worked on and the level of support provided - Incident Response - Malware Analysis - Willingness to work flexible shifts Skills required: Cyber Security, Network Security, and Web application security,

CYFIRMA is a threat discovery and Cyber intelligence platform company that offers industry-disrupting solutions in the cybersecurity and threat intelligence category with innovative ways of deciphering threats. The company applies Cyber intelligence across all layers, including business controls. As a Cyber Threat Intelligence Lead/Manager at CYFIRMA, you will be responsible for conducting in-depth research on nation-state threat actors, campaigns, and malware from various sources, including public and dark/deep web. Your primary task will be to generate predictive and relevant threat intelligence for clients. Additionally, you will be required to outline risk scenarios and recommend actions based on the threat landscape to help clients make informed decisions regarding threat intelligence information consumption. You will also be expected to present research findings, reports, and advisories in both public conferences/seminars/blogs and private client meetings. Collaboration with international teams to enhance research, service operations, and service platform development is a crucial aspect of this role. The ideal candidate for this position should possess at least 10-12 years of experience in cyber threat intelligence research, incident response, forensic analysis, malware research, or EDR/SIEM event analysis (tier 2 or higher). Additionally, a minimum of 10-12 years of experience in OSINT or the usage of paid/private security analysis tools such as Shodan, Censys, BinaryEdge, Spiderfoot, Domain tools, Virus Total, Hybrid Analysis, EDR, SIEM, IDS/IPS, etc., is required. Proficiency in creating and enhancing the strategy for threat intelligence research, process automation, knowledge sharing, and training other team members is essential. Moreover, the ability to develop and write scripts/programs from scratch using at least one programming language such as python, perl, ruby, php, javascript, C, C++, C#, etc., is highly desirable. Strong communication skills are a must for writing and presenting technical documents, blogs, reports, and papers in both public conferences and private client meetings. A flexible mindset and a willingness to collaborate with various teams, including pre-sales, partner alliances, marketing, customer success, product management, etc., on local and international levels, are essential for success in this role. Proficiency in English, including reading, writing, and speaking, is required. This is a client-facing role that will be conducted remotely. The qualification required for this position is a Bachelors's degree in computer science/IT or an equivalent field, along with a security certification (GCTI, CHFI, CEH, Security +, etc.). The relevant experience expected for this role is 10 to 12 years, and the position will report to the Vertical SVP or a similar authority. Join CYFIRMA and be a part of a team dedicated to revolutionizing cybersecurity and threat intelligence solutions.,

The Threat Response Analyst position at Applied Systems, Inc. within the Corporate IT team requires a skilled professional with a background in security threat response activities. As a Threat Response Analyst, you will be responsible for conducting threat response activities, leveraging SIEM tools for security event analysis, and utilizing endpoint detection and response solutions. To qualify for this role, you must hold a BE or BTech degree and have a minimum of 5-6 years of experience, with at least 3 years specifically focused on threat response activities. You should possess a strong working knowledge of security log parsing, networking fundamentals, and information security incident investigation and response skillset. Key responsibilities include using a logging platform for security analytics, contributing to the creation of threat and incident response runbooks, and automating detection, analysis, and response actions using SOAR and platform integrations. Additionally, you will participate in the Security Incident Response Team on-call rotation, collect and analyze threat intelligence reports, and assist in the development of project plans and process documentation. The ideal candidate will be able to author threat intelligence reports based on our security operations team's incidents, analysis, and adversary engagements, as well as analyze event feeds and collected malware for trends and correlations. You will also be responsible for triaging and handling/escalating security events and issues as needed. If you are a proactive individual with a passion for cybersecurity and a desire to contribute to a high-energy, fast-paced environment in Bengaluru, we encourage you to apply for the Threat Response Analyst position at Applied Systems, Inc.,

Relevant Experience: 0 -2 years About The Role We are seeking a Junior Security Analyst with a keen interest in malware analysis, software safety, and secure application delivery You will assist in the validation and vetting of third-party applications and patches to ensure only safe, trusted content is distributed via our MDM platform Youll gain hands-on experience in a sandboxed analysis environment and grow under the mentorship of senior team members, Key Responsibilities Assist in analyzing third-party Windows apps and software patches for safety, authenticity, and compliance, Operate sandbox environments to observe application behavior and report findings, Support malware scanning, threat assessment, and signature validation workflows, Help document analysis results and generate reports for internal approvals, Perform basic reverse engineering tasks and learn malware behavior patterns under guidance, Work closely with the security and product teams to ensure timely and secure app onboarding, Keep up-to-date with the latest malware threats, vulnerabilities, and security advisories, Qualifications 02 years of experience in cybersecurity or a related field (internships or personal projects are a plus), Foundational understanding of malware types, threat vectors, and software vulnerabilities, Basic knowledge of Windows operating system internals and executable formats, Familiarity with tools like Wireshark, Process Monitor, VirusTotal, or Cuckoo Sandbox, Enthusiasm to learn malware analysis and reverse engineering, Comfortable with scripting or automation in Python, PowerShell, or Bash, A degree in Computer Science, Cybersecurity, or a related field (or equivalent experience), Certifications like Security+, GSEC, or a desire to pursue malware analysis certifications are a plus, Apply Name Email Address Phone Number Upload Resume Drag & Drop Files Here or Browse Files 0 of 1 File name should contain "A-B a-b 0-9 () -" File type: PDF, Maximum file size: 2MB, If you encounter any difficulties with uploading your resume, please feel free to email it to us at jobs@42gears , I hereby acknowledge that I have read and understood the 42Gears Applicant Privacy Policy, and agree to 42Gears' use of my personal data in accordance with the Applicant Privacy Notice, ? Show

Role Overview: Role Overview: As a Database Security Researcher, you will be an integral part of the Data Protection Group in India, developing cross-platform endpoint applications for Windows and Linux. To be successful in this role you should have exceptional technical skills, communication, and project management skills with multiple years of designing and implementing Enterprise class products along with ability to work in a team toward achieving organizational goals. In this position, you will be involved in all aspects of product development lifecycle - requirements discussion/analysis, design, scope estimation, planning, implementation, code reviews and unit testing, documentation, POCs, deployment and continuous engineering. You will also be responsible for release deployment and supporting customers using the products in production. Ideal candidates will foster a culture of innovation while displaying exemplary technical expertise, ownership, and commitment to delivering high quality endpoint security solutions on a variety of desktops. About the Role: Design and development of breakthrough multiplatform software for securing endpoints on a variety of desktop and cloud platforms Gather technical requirements and specifications from customers and business stakeholders and develop technical specifications according to which solutions are defined and delivered. Deliver solutions that meet the timeline, quality and costs for the projects and deliverable elements. Solutions must meet the preset goals for quality, security, and performance. Ensure compliance with our responsible disclosure process. Develop strategy of communicating key findings both internally and externally Work proactively to ensure our applications are resilient and secure. Shape and champion the future direction for the business unit to meet the changing needs of our clients and the market, inspiring teams within the business unit and cross functionally. Research, synthesize, and develop deep expertise on the landscape, trends, and future direction of the cybersecurity market to ensure Trellix remains visionary in its solutions. Review product strategy regularly with business leaders to ensure alignment with top priorities and key business initiatives. Work across teams to drive initiatives, allocate resources, and achieve joint goals. Improve overall collaboration between the technology groups in different geographical locations. Mentor and coach the team to master database security research to develop a high performance organization. Drive continuous improvement, leading the organization through change initiatives to deliver better and more effective performance. About You: The ideal candidate will have 5+ years of experience in Database Security Experience in Reverse Engineering, Malware analysis tools, Exploit methodologies. Experience in any Database Activity Monitoring products. Strong Knowledge on Database internal Architecture Knowledge on any of two database technologies like Oracle, MSSQL, mysql,IBM Db2, PostgreSQL,MariaDB, SYBASE, SAP HANA, mongoDB. Strong understanding of database security for various RDBMS and NOSQL databases Mandatory knowledge on Stay up to date on latest security threats and vulnerabilities targeted for databases. Experience in Database Patching is preferred. Experience in Python is preferred Participants in Cyber security competitions like Capture the flag or similar will be an added

Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : Microsoft Endpoint Configuration Manager Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time educationJob Title:MECM/SCCM L2 Support Engineer.Experience:56 YearsManagement level:CL10Job Type:Full-TimeWork Mode:HybridJob Summary :The MECM (Microsoft Endpoint Configuration Manager) / SCCM (System Center Configuration Manager) L2 Support Engineer will be responsible for providing second-level support for endpoint management systems, including patch management, software distribution, and compliance reporting. The role involves working closely with L1 support, IT operations, and security teams to ensure a stable and secure end-user computing environment.Key Responsibilities:Provide L2 support for MECM/SCCM-related issues, including troubleshooting client and server-side problems.Monitor and manage software deployments, patch compliance, and system updates.Support monthly patching cycles (WSUS integration, SUP, ADR, maintenance windows).Assist with application packaging and deployment using SCCM.Perform client health checks and remediation for non-compliant systems.Monitor SCCM infrastructure and perform basic administration tasks.Manage collections, task sequences, and operating system deployment (OSD) processes.Generate and analyze reports (via SSRS or Power BI) for patching, compliance, and inventory.Work on incident, problem, and change management processes (ITIL-based).Collaborate with vendors and cross-functional teams to resolve complex issuesTechnical Skills Required:Strong experience in MECM/SCCM administration and support.Good knowledge of Windows Server and Windows OS (7, 10, 11).Application packaging tools (MSI, PowerShell, VBScript) knowledge is an advantage.Familiarity with Active Directory, Group Policy, and WSUS.Understanding of Patch Management Lifecycle and Security Baselines.Scripting knowledge (PowerShell preferred).Experience with remote tools (CM Remote Tools, RDP, etc.).Reporting experience with SCCM reports and/or Power BI.Windows server administration and patch management. Soft Skills: Strong analytical and troubleshooting skills.Excellent communication and documentation skills.Ability to work independently and within a team.Customer-focused with a proactive mindset.Certifications (Preferred but not mandatory):Microsoft Certified:Endpoint Administrator AssociateITIL Foundation CertificationCompTIA A+ / Network+ / Security+ (optional) Qualification 15 years full time education

Job Description CyberSecOn is looking for a talented and dedicated Cyber Security Analyst who can work remotely. A Cyber Security Analyst is responsible for maintaining the security and integrity of data. The security analyst must possess knowledge of every aspect of information security to protect company assets from evolving threat vectors.The main responsibilities will include: Monitor and investigate security events and alerts from various sources, such as logs, network traffic, threat intelligence, and user reports. Conduct proactive and reactive threat hunting campaigns to uncover hidden or emerging threats on the cloud environment. Perform root cause analysis and incident response to contain and remediate cloud abuse incidents. Document and communicate findings, recommendations, and lessons learned to relevant stakeholders and management. Develop and update cloud abuse detection rules, indicators, and signatures. Research and stay updated on the latest cloud abuse trends, tactics, techniques, and procedures (TTPs) of threat actors. Provide guidance and training to other security teams and cloud users on best practices and standards for cloud security. Manage multiple client environment cyber security infrastructure and applications. Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc. Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable. Responsible for managing and improving the defined patch management & configuration review process and activities. Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with companys compliance requirements. Skills & Experience: 4 years + years of experience in a security analyst role, preferably in a SOC environment. Good knowledge on security analyst, engineering, and project management experience Experience in client management for security projects. Knowledge and hands-on experience with SIEM technologies such as Microsoft Sentinel, Rapid7 Insight IDR, Wazuh, etc. Create play books and automation on Microsoft sentinel is desirable. Strong experience in Virtualisation, Cloud (Azure, AWS, other service providers) design, configuration, and management. Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines. Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools. Experience and ability to perform Phishing campaign and/or similar social engineering exercise. Subject matter expert in one or multiple areas as Windows, Unix, Linux OS. Vendor or Security specific certifications is preferred. Demonstrated analytical, conceptual and problem-solving skills. Ability to work effectively with limited supervision on multiple concurrent operational activities. Ability to communicate effectively via email, report, procedures in a professional and succinct manner. Preferred : Candidates who can join immediately or within 15 days.

You will be joining CRYPTUS CYBER SECURITY, an IT company based in Roorkee, Uttarakhand, specializing in Advanced IT Security, Ethical Hacking, and Cyber Security training. As a Cyber Security Trainer, your primary role will involve creating and delivering training programs focused on cybersecurity, including application security, ceh, and vapt. Additionally, you will be conducting hands-on sessions in malware analysis and ensuring that the training materials align with the latest industry standards. To excel in this position, you should possess strong skills in Application Security, Cybersecurity, Information Security, and Network Security. Proficiency in Malware Analysis, along with excellent communication and presentation abilities, will be key to your success. You must be capable of developing training materials and conducting interactive sessions effectively. Previous experience in teaching or training would be advantageous, and possessing relevant certifications in cybersecurity will be considered a valuable asset. Ideally, you hold a Bachelor's degree in Computer Science, Information Technology, or a related field. This full-time on-site role in Roorkee requires a proactive individual who is dedicated to enhancing cybersecurity knowledge and promoting best practices within the industry.,

The Cyber Threat Intelligence Analyst role in the Identify Service Line involves being responsible for analyzing cyber threats and vulnerabilities that may impact the Group. Reporting to the IT Manager of the CyberSOC team in India and coordinating with the Identify Service Line Team Leader and Manager in France, you will focus on three main activities: Cyber Threat Intelligence, Vulnerability Assessment, and Sandboxing. Your primary responsibilities will include collecting, analyzing, and utilizing customized outputs from the Cyber Threat Intelligence partner and open-source intelligence to identify emerging cyber threats. This involves conducting cyber threat hunting on Indicators of Compromise (IoCs) using security tools and requesting the blocking of IoCs in advance. Additionally, you will communicate vulnerabilities related to the Company's software, maintain software inventory for Vulnerability Assessment, and analyze the maliciousness of packages and files in the sandbox. Regularly updating software inventory, producing monthly KPIs, and effectively communicating findings are crucial aspects of your role. Qualifications for this position include a Bachelor's Degree in Computer Engineering or Information Technology, along with experience in investigating and reporting on cyber-attacks. Strong technical skills, knowledge of security tools, and the ability to work collaboratively are essential. Excellent English writing skills and the capacity to convey technical challenges in a business context are also required. Overall, the Cyber Threat Intelligence Analyst should possess a proactive, autonomous, and rigorous approach to their work, with a keen eye for detail and the ability to prioritize tasks effectively. A team-oriented mindset and the capability to work within a collaborative environment are also key behavioral skills for success in this role.,

About Rippling Rippling, based in San Francisco, CA, has secured over $1.4B from renowned investors such as Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock. The company has been recognized as one of America's best startup employers by Forbes. Rippling prioritizes candidate safety, ensuring that all official communications are exclusively sent from @Rippling.com addresses. About The Role Rippling is seeking an experienced Security Engineer to join the Detection and Response Team (DART). As a member of the team, you will play a crucial role in establishing a top-notch incident response function that effectively handles challenging security incidents. Your responsibilities will include driving process enhancements, fostering an open culture of learning from mistakes, and constructing the necessary tools and detection infrastructure to scale our threat response capabilities across both Production and Corporate environments. What You Will Do - Respond promptly to security events, conduct triage, investigations, and incident analysis, and communicate findings effectively to stakeholders. - Contribute to the enhancement of processes, procedures, and technologies for detection and response to ensure continual improvement post-incident. - Develop and manage tools for collecting security telemetry data from cloud-based production systems. - Automate workflows to streamline identification and response times for security events. - Create and refine detection rules to focus efforts on critical alerts. - Establish runbooks and incident playbooks for new and existing detections. - Lead Threat hunting practices, recommend signals for detecting attacks in product and infrastructure, and incorporate discoveries into security controls. What You Will Need - Minimum of 12 years of full-time experience as a security engineer, encompassing security monitoring, incident response, and threat hunting in a cloud environment. - Possess a defensive mindset while understanding offensive security and the scenarios leading to compromise. - Proven experience in managing complex investigations involving numerous stakeholders. - Excellent communication skills with a track record of effectively engaging with internal and external stakeholders of all levels. - Expertise in AWS security controls and services. - Proficiency in coding for automation, alert enrichment, and detections. - Familiarity with adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles. - Hands-on experience in data analysis, modeling, and correlation at scale. - Strong background in operating systems internals and forensics for macOS, Windows, and Linux. - Domain expertise in handling current SIEM and SOAR platforms. - Experience in developing tools and automation using common DevOps toolsets and programming languages. - Understanding of malware functionality and persistence mechanisms. - Ability to analyze endpoint, network, and application logs for unusual events. Additional Information Rippling places significant value on having in-office employees to promote a collaborative work environment and company culture. For office-based employees residing within a specified radius of a Rippling office, working in the office for at least three days a week is considered an essential function of their role under the current policy.,

Technical Skills: Industry Certifications and an educational background from Information Technology Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis Practical knowledge with Windows, Linux, and TCP/IP networking Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage Hands-on experience on security incident response Any Additional Requirements Personal Attributes

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on any threat intelligence platform Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary: We are seeking a skilled Threat IntelligenceEngineer/Analyst with hands-on experience in managing and operating a UnifiedThreat Intelligence Platform (UIP). The ideal candidate will be responsible forintegrating, enriching, analyzing, and disseminating threat intelligence acrosssecurity systems (SIEM, SOAR, EDR) to enhance threat detection, hunting, andresponse efforts. Key Responsibilities: Administer and maintain the Unified Threat Intelligence Platform (e.g., MISP, Anomali, ThreatConnect, EclecticIQ, TIP from commercial vendors). Should have worked on any of the TI platform. Experience in Recorded future preferred. Aggregate, normalize, and enrich threat intel feeds from internal, commercial, and open-source sources (OSINT). Map Indicators of Compromise (IOCs), TTPs, and threat actor profiles using frameworks such as MITRE ATT&CK and STIX/TAXII. Integrate UIP with SIEM, SOAR, and EDR platforms to enable automated threat correlation and alert enrichment. Analyze and prioritize threat intelligence based on relevance, risk level, and business impact. Coordinate with threat-hunting and SOC teams to enable actionable use of threat intelligence. Create and manage threat intelligence dashboards, reports, and alerts. Continuously improve threat ingestion, enrichment pipelines, and integration workflows. Required Skills and Qualifications: Solid understanding of Threat Intelligence lifecycle: collection, processing, analysis, dissemination. Experience with commercial or open-source TIP/UIP tools (e.g., MISP, ThreatConnect, Anomali, EclecticIQ). Strong knowledge of STIX/TAXII, OpenIOC, YARA, Sigma rules. Experience integrating threat intel into SIEM (e.g., Splunk, QRadar, Sentinel) and SOAR platforms. Familiarity with threat actor behavior, campaigns, malware families, and IOC tracking. Working knowledge of scripting (Python preferred) for automation and data transformation. Ability to analyze complex data and present threat intelligence in clear, actionable formats. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : CEH/CSA/ NBAD certification

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Anti APT tool and in IR Reports To: Security Operations Lead / SOC Manager Job Summary: We are looking for a highly skilled Anti-APT and IncidentResponse Specialist to lead the detection, analysis, and remediation ofsophisticated cyber threats, including Advanced Persistent Threats (APTs). Thecandidate will work closely with threat intelligence, SOC, and forensic teamsto respond to incidents, contain threats, and fortify the environment againstfuture attacks. Key Responsibilities: Anti-APT Operations: Monitor for indicators of APT campaigns using threat intelligence feeds, SIEM, EDR, NBAD, and anomaly detection tools. Identify and analyze tactics, techniques, and procedures (TTPs) used by threat actors aligned with MITRE ATT&CK. Leverage threat intelligence to proactively hunt and neutralize stealthy threats. Incident Response (IR): Lead and execute all phases of incident response: identification, containment, eradication, recovery, and lessons learned. Perform forensic analysis on systems and logs to determine the root cause, scope, and impact of security incidents. Collaborate with IT, SOC, and legal/compliance teams during major incidents and breach investigations. Create and maintain IR playbooks, response workflows, and escalation procedures. Detection and Prevention: Work with SIEM and SOAR teams to improve alert fidelity and develop custom correlation rules. Coordinate with endpoint, network, and cloud teams to plug gaps and strengthen defenses post-incident. Assist in configuring anti-APT technologies like sandboxing, deception platforms, and EDR/XDR solutions. Required Skills and Qualifications: Strong knowledge of APT groups and attack frameworks (e.g., MITRE ATT&CK, Lockheed Martin Kill Chain). Hands-on experience in incident response, digital forensics, threat hunting, and malware analysis. Proficiency with tools such as: EDR (e.g., CrowdStrike, SentinelOne, Carbon Black) SIEM (e.g., Splunk, QRadar, ArcSight) Forensics tools (e.g., FTK, EnCase, Volatility) Threat intel platforms (MISP, Anomali, ThreatConnect) Strong understanding of Windows/Linux internals, memory/process analysis, and network forensics. Experience writing detection rules (Sigma, YARA) and incident reports. Preferred Qualifications: Certifications: GCIH, GCFA, GNFA, CHFI, OSCP, or similar. Experience with APT campaigns linked to sectors like government, BFSI, or critical infrastructure. Exposure to cloud incident response (Azure, AWS, GCP) and OT/ICS threat environments. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : CEH/CSA/CHFI

Roles/Responsibilities: Experiencein SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, MalwareAnalysis, Incident Response Experiencein handling SOC customer in MSSP/multi-tenant environment Responsiblefor the technical Administration or troubleshooting in SIEM ensuring theefficient functionality of the solution Responsiblefor Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation,installation, integration troubleshooting and overall functionalities of LogRhythm/ArcSight/QRadar/Splunk Arc Sight/LR/QRadar platformadministration, management experience, platform upgrade Experience in troubleshooting platformrelated issues, Data backup, restoration, retention Experience in creating content basedon MITRE Framework Exposure to SOAR, alert aggregation,automation, Playbook creation ArcSight/LRrule base fine tuning, Ongoing log source modifications, Configuration/policychanges, General SIEM Administration, SIEM Content Development Troubleshootingof an incident within IT Security incident response teams of SOC. Maintainsawareness of new and emerging cyber-attack threats with potential to harmcompany systems and networks. Devises and implements countermeasures tomitigate potential security threats. Assistswith the development and maintenance of IT security measurement and reportingsystems to aid in monitoring effectiveness of IT Security programs. Assistswith the development, revision, and maintenance of Standard OperatingProcedures and Working Instructions related to IT Security. Good Coordination skills with variousother teams for faster resolution/completion. Good to have threat huntingknowledge. Education/Skills: BE/B.Techor equivalent with minimum 7-10 years of experience Workexperience of minimum 6 years in SOC Incident Handling, Incident Response TrendAnalysis, administration/monitoring of SIEM Tool like ArcSight, LogRhythm SIEM,Threat Intelligence, Malware Analysis, Abilityto adapt and follow the processes and guidelines Possessan impeccable work ethic and a high degree of integrity GoodAnalytical & Problem Solving skills Ableto communicate with technical staff/management Flexibleto work after office and over weekend if required Highlymotivated & customer centric

CYFIRMA is a threat discovery and Cyber intelligence platform company that provides industry-disrupting solutions in the cybersecurity and threat intelligence domain, focusing on innovative ways to decode threats across all layers, including business controls. We specialize in: - Providing multi-dimensional and actionable strategic, management, and tactical cyber threat visibility and intelligence. - Anticipating cyberattacks that are most likely to occur in your industry and IT environment. - Delivering potential cyber-attack insights at the planning stage rather than the execution and exploitation phase. - Employing a predictive and deep understanding of threats through our unique Outside-In approach. We are currently seeking a dynamic individual with hands-on experience in threat intelligence research, malware analysis, forensic investigation, and/or security consulting to join our research team in the role of Cyber Threat Intelligence Lead/Manager based in Bangalore. **Role and Responsibility:** - Conduct in-depth research on nation-state threat actors, campaigns, and malware from public and dark/deep web sources to generate predictive and relevant threat intelligence for clients. - Develop risk scenarios and recommend actions based on the threat landscape to assist clients in consuming threat intelligence information effectively. - Present research findings, reports, and advisories at public conferences, seminars, blogs, etc., as well as in private client meetings. - Collaborate with international teams to enhance research, service operations, and service platform development. **Skills & Experience:** - Minimum 10-12 years of experience in cyber threat intelligence research, incident response, forensic analysis, malware research, or EDR/SIEM event analysis (tier 2 or higher). - Minimum 10-12 years of experience in OSINT or paid/private security analysis tools such as Shodan, Censys, BinaryEdge, Spiderfoot, Domain tools, Virus Total, Hybrid Analysis, EDR, SIEM, IDS/IPS, etc. - Proficiency in creating and enhancing the strategy for threat intelligence research, process automation, knowledge sharing, and training other team members. - Ability to develop and script programs from scratch using programming languages like python, perl, ruby, php, javascript, C, C++, C#, etc. - Strong skills in writing and presenting technical documents, blogs, reports, and papers for public conferences and private client meetings. - Adaptable mindset with a keen willingness to collaborate with various teams such as pre-sales, partner alliances, marketing, customer success, product management, etc., locally and internationally. - Fluent in English language for reading, writing, and speaking. **Client Facing Role:** Remotely **Qualification:** - Bachelor's degree in computer science/IT or equivalent. - Security certification (GCTI, CHFI, CEH, Security +, etc.). **Industry:** Cyber Security **Relevant Experience:** 10 to 12 Years **Reporting to:** Vertical SVP or similar,

Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes • Roles and Responsibilities Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes •