114 Malware Analysis Jobs - Page 5

Arcadis is the world's leading company delivering sustainable design, engineering, and consultancy solutions for natural and built assets. We are more than 36,000 people, in over 70 countries, dedicated toimproving quality of life. Everyone has an important role to play. With the power of many curious minds, together we can solve the worlds most complex challenges and deliver more impact together. Role accountabilities: Collaboration Proactively engages with Key Business Users to receive feedback, gauge satisfaction with system integrations, and address issues or concerns. Collaborates with OTE Application & Extension Manager to gather requirements and prioritize data transformation projects. Collaborates with OTE Team to deliver efficient and well-run processes. Application & Extension Services Supports development including: RequiredAPI Management RequiredDatabase Schema Design Ensures API endpoints conform to industry best practices and Oracle guidelines with focus on enterprise security and data privacy. Responsible for solution capacity planning, technical documentation, design review, refactoring and consolidation, upgrades and lifecycle for solutions. Establishes proactive application monitoring, alerting, and automating which adheres to industry best practices to ensure availability and performance to meet business demands. Coordinates with release manager the schedule of release activities across environments, teams, and vendors, identifying and resolving conflicts to minimize risk of business disruption. Accountable for incident and problem responses and resolutions, as well as service request queues to deliver high end-user satisfaction. Vendor Management Coordinates with 3rd parties who provide support for product enhancements, upgrades, patches and application monitoring. Key Profile Requirements Minimum of 8 years experience developing API endpoints, at least 4 of which with Oracle Cloud application services. Demonstrated experience successfully planning and implementing Cloud application services in a global company with a multi-national, multi-vendor environment. "‹Proven track record of achieving service excellence, including maintaining positive stakeholder relationships and coordinating multi-disciplinary teams with internal and external resources. Why Arcadis? We can only achieve our goals when everyone is empowered to be their best. We believe everyone's contribution matters. Its why we are pioneering a skills-based approach, where you can harness your unique experience and expertise to carve your career path and maximize the impact we can make together. Youll do meaningful work, and no matter what role, youll be helping to deliver sustainable solutions for a more prosperous planet. Make your mark, on your career, your colleagues, your clients, your life and the world around you. Together, we can create a lasting legacy. Join Arcadis. Create a Legacy. Our Commitment to Equality, Diversity, Inclusion & Belonging We want you to be able to bring your best self to work every day, which is why we take equality and inclusion seriously and hold ourselves to account for our actions. Our ambition is to be an employer of choice and provide a great place to work for all our people.

We are looking for a highly skilled and experienced Security Analyst to join our team in Bengaluru. The ideal candidate will have 7-10 years of experience in incident response, computer forensics, and malware reverse engineering. ### Roles and Responsibility Perform forensic and malware analysis to detect, investigate, and resolve security incidents. Engage in proactive threat hunting and provide expert security assessments using EDR, SIEM, and other tools. Communicate with IT stakeholders during incident response activities to ensure effective containment, remediation, and accurate identification of compromise indicators. Report on incident metrics, analyze findings, and develop reports to ensure comprehensive resolution and understanding of security events. Act as an escalation point for incident response, lead shifts, mentor junior team members, and contribute to team skill enhancement. Analyze security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture. ### Job Requirements Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT). At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and malware reverse engineering. Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations. Demonstrated experience in investigating security events, threats, and vulnerabilities. Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis. In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response. Possession of or willingness to obtain professional certifications like GREM, GCFE, GCFA, or GCIH. Experience with security incident response in cloud environments, including Azure. Knowledge of legal considerations in electronic discovery and analysis. Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python). Solid understanding of security best practices for network architecture and server configuration. Demonstrates integrity in a professional environment. Strong ethical behavior. Ability to work independently. Possesses a global mindset for working with diverse cultures and backgrounds. Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle. Positive attitude and Excellent teaming skills. Excellent social, communication, and writing skills. Good presentation skills. Excellent investigative, analytical, and problem-solving skills. Supervising Responsibilities: Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues. Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance.

We are looking for a skilled Senior (Endpoint Detection and Response) professional with 6 to 12 years of experience. The ideal candidate will have excellent teamwork skills, passion, and drive to succeed in combatting cyber threats. ### Roles and Responsibility Collaborate with team members to find creative and practical solutions to customers' challenges and needs. Design, implement, and operate EDR solutions such as Carbon Black, Tanium, Crowdstrike, Cortes XDR, Microsoft Defender ATP, MacAfee, Symantec, and similar technologies. Provide consulting services during testing, evaluation, pilot, production, and training phases to ensure successful deployment. Perform remote and on-site gap assessments, customization, installation, and integration of EDR solutions. Develop expertise in EDR use cases, including automated security event monitoring and alerting processes. Lead teams through various project phases and adapt to market trends. ### Job Requirements Minimum 6 to 12 years of experience in network administration or a related field. Strong oral, written, and listening skills are essential for effective consulting. Experience in cybersecurity operations, network security monitoring, host security monitoring, malware analysis, adversary hunting, modern adversary methodologies, all-source intelligence analysis, analytical methodologies, confidence-based assessments, and writing analytical reports is required. Working knowledge of Cuckoo, CAPE, or other sandbox platforms is necessary. Experience with security orchestration automation and response tools (Phantom, Resilient, XSOAR) and incident response platforms/DFIR toolsets is expected. Ability to lead teams and adapt to market trends. Certification in EDR or SIEM Solution is mandatory. Certifications in core security-related disciplines are an added advantage. A strong background in network administration is needed, with the ability to work at all layers of the OSI model and explain communication at any level. Knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security, and troubleshooting is required. Good understanding of programming/scripting languages such as Python, JavaScript, Bash, PowerShell, Ruby, Perl, etc. A degree in computer science, mathematics, engineering, or a similar field is preferred. At least 4 years of working in a security operations center.

Role: Anti SpamExperience: 3-5 YearsNP: 0-15 DaysLocation: HyderabadSKills : Analyze email threats,Malware Analysis,Encryption techniques. Job Description: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Required Details: Full Name: Current Organization: Current Role: Overall Experience: Relevant Experience: Current CTC: Expected CTC: Notice Period with current organization: Current location: Preferred Location: Reason for change: Contact Number: Email ID: Alternative Mail id: PAN Number: DOB: Please revert back with the updated resume & passport size photograph.

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

About Zscaler Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler. Our Engineering team built the world's largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy. We're looking for an experienced Staff Security Researcher to join our Zscaler Threat Hunting team. Reporting to the Director, Zscaler Threat Hunting, you'll be responsible for: Analyze emerging threats, adversarial behaviors, and tactics, techniques, and procedures (TTPs) to understand attacker methodologies and improve detection capabilities Conducting proactive and retroactive threat hunting using Zscaler telemetry drawing from proven experience in behavioral-based threat hunting Researching, analyzing, validating, and clearly documenting threat hunting findings Independently hunting and responding to customers while working flexible schedules, including weekend night shifts and providing on-call support as needed to meet operational demands while getting two days off during the weekdays What We're Looking for (Minimum Qualifications) Proven experience in one or more of the following - threat hunting, incident response, security operations, malware analysis, blue teaming, purple teaming or network defence Hands-on experience in a Security Information and Event Management (SIEM) tool, such as Splunk, Microsoft Sentinel, or ElasticSearch Familiarity with MITRE ATT&CK framework and modern Tactics, Techniques, and Procedures (TTPs) Bachelor’s or graduate degree from four-year college or university (preferably in Computer Science, Engineering, or a related discipline), or equivalent security industry work experience What Will Make You Stand Out (Preferred Qualifications) Must be able to validate findings, perform root cause analysis, and deliver recommendations Scripting and automation skills (Python preferable) Must have excellent reporting and analytical skills and experience writing IDS/IPS, YARA signatures Experience in network-based threat detection #LI-Onsite #LI-AC10 At Zscaler, we believe in innovation, productivity, and success. We are looking for individuals from all backgrounds and identities to join our team and contribute to our mission to make doing business seamless and secure. We are guided by these principles as we create a representative and impactful team, and a culture where everyone belongs. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: Various health plans Time off plans for vacation and sick time Parental leave options Retirement options Education reimbursement In-office perks, and more! By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here . Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

SOC analyst Job Statement: NopalCyber makes cybersecurity manageable, affordable, dependable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are tailored to clients needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. For attending the walk-in, we request you to fill out this quick registration form(mandatory) https://forms.gle/MEaAUivs2832ka5A8 Job responsibilities: Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents, and escalate issues as appropriate Responsible for monitoring, detection of analysis through various input tools and systems (SIEM, IDS / IPS, Firewalls, EDR, etc.) Conduct basic red team exercises to test the effectiveness of preventive and monitoring controls Provides support for complex system/network exploitation and defense techniques to include deterring, identifying, and investigating system and network intrusions Support malware analysis, host and network, log analysis, and triage in support of incident response Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats Monitoring threat/vulnerability landscape, security advisories, and acting on them as appropriate Continuously monitors the security alerts and escalation queue, triages security alerts Monitoring and tuning SIEM (content, parsing, maintenance) Monitoring Cloud infrastructure for security-related events Delivers scheduled and ad-hoc reports Develop and coach L1 analysts Author Standard Operating Procedures (SOPs) and training documentation Work the full ticket lifecycle; handle every step of the alert, from detection to remediation Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty Perform threat-intel research, learn new attack patterns, actively participate in security forums. Job specifications: Qualification: Bachelors degree in Engineering or closely related coursework in technology development disciplines Certifications like CISSP, CEH, CISM, GCIH, GCIA are desirable Experience with the following or related tools: SIEM Tools such as Splunk, IBM QRadar, SecureOnix; Case Management Tools such as Swimlane, Phantom, etc.; EDR tools such as Crowdstrike, Sentinel, VMware, McAfee, Microsoft Defender ATP, etc; Network Analysis Tools such as Darktrace, FireEye, NetWitness, Panorama, etc. Experience: 3-10 years of SOC related work experience Desired Skills: Full understanding of SOC L1 responsibilities/duties and how the duties feed into L2/L3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts. Advanced knowledge of TCP/IP protocols and event log analysis Strong understanding of Windows, Linux and networking concepts Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools Good understanding of security solutions including SIEMs, Web Proxies, EDR, Firewalls, VPN, authentication, encryption, IPS/IDS etc. Functional understanding of Cloud environments Ability to conduct research into IT security issues and products as required Working in a TAT based IT security incident resolution practice and knowledge of ITIL Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred Malware analysis and reverse engineering is a plus Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Job Title: Senior Product Manager, Threat Protection, URL Filtering and Common Platform Services Role Overview: Role DescriptionSenior Product Manager, SSE Threat Protection and Platform Services The Senior Product Manager, SSE Threat Protection and Platform Services will be responsible for defining and executing the roadmap for Skyhigh Securitys Advanced Threat Protection, URL Filtering, DNS Security, IPS ensuring customers networks and users are protected from evolving cyber threats by deeply understanding the threat landscape. In addition, the candidate is also responsible to oversee Platform Service capabilities across SSE products. The role requires a strategic mindset, technical expertise, and strong collaboration with engineering, sales, marketing, and customer success teams to deliver connectivity solutions that meet customer demands and maintain a competitive edge in the market. The Senior Product Manager will also engage directly with customers, partners, and analysts to understand needs, gather feedback, and shape product strategies. The Senior Product Manager, SSE Threat Protection and Platform Services will be responsible for defining and executing the roadmap for Skyhigh Securitys Advanced Threat Protection, URL Filtering, DNS Security, IPS ensuring customers networks and users are protected from evolving cyber threats by deeply understanding the threat landscape. In addition, the candidate is also responsible to oversee Platform Service capabilities across SSE products. The role requires a strategic mindset, technical expertise, and strong collaboration with engineering, sales, marketing, and customer success teams to deliver connectivity solutions that meet customer demands and maintain a competitive edge in the market. The Senior Product Manager will also engage directly with customers, partners, and analysts to understand needs, gather feedback, and shape product strategies. Key Responsibilities Develop a robust strategy for AntiMalware, URL Filtering, DNS Security, IPS solutions for Skyhigh Securitys platform, ensuring users are protected from latest cyber attacks. Gather, nurture product vision and define requirements by working with customers and prospects, market research and competitive analysis for Gateway Anti-Malware, URL Filtering, DNS Security and IPS Collaborate with engineering teams to design and implement protection against Anti-malware, phishing techniques using AI/ML Ensure compatibility across hybrid and cloud deployments, addressing the needs of regulated industries Managing the entire product life cycle from strategic planning to efficient execution and delivery. Ensure compatibility across hybrid and cloud deployments, addressing the needs of regulated industries Managing the entire product life cycle from strategic planning to efficient execution and delivery. Qualifications and Skills 5-10 years of experience as a Product Manager preferably with experience in cyber security. Strong technical background in cybersecurity with a deep understanding of malware analysis and detection techniques. Requires the ability to understand the SASE / SSE market with a strong grasp of Network Sandboxing, URL filtering Solution, Next-Generation Firewalls, Secure Web Gateway, IPS, DNS Security solution. Strong product management background with a proven track record of leading and delivering cyber security solutions. Ability to collaborate effectively across technical and business teams to achieve common goals. Exceptional communication and organizational skills to manage complex projects and align diverse stakeholders. Strategic thinker with a customer-first approach and a passion for innovation in networking and security. Prefer advanced technology degree or MBA. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement

•Review and triage information security alerts, provide analysis and determine and track remediation and escalate as appropriate •Assist with log management and security information and event management (SIEM) solutions design and configuration Required Candidate profile Scripting in one of the common scripting languages (Python, Bash, Powershell) is an asset. CISSP Certification is a plus.

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Note : Preferable Immediate Joiner Security Analyst - L2 Responsibility: Coordinate with associate L1 Analysts Handle all the escalation of associate L1 Serve as shift leader and point of escalation for level 1 analysts Provide operational and technical support to the customer Oversee completion of day-to-day checklist(s), including: log review, management report scheduling, alert analysis, and escalation follow up activity status Provide knowledge to L1 to maintain and improve the Operation Ensure all unresolvable cases are passed to the correct team for action as appropriate Support implementation of SOC processes and perform periodic check for compliance Handle configuration and change management of SIEM / Logger. Duties: Ensure high level of quality when managing tickets, requests and Customer queries Capture requirements of Customer and prepare SIEM Rules, Reports and Dashboards Prepare reports & distribute in readiness for Customer tuning calls Arrange & manage client calls. Take actions accordingly. Create scheduled Customer reporting, from existing reports, whenever appropriate. Checklist Task for L2 Analyst : Handle all the escalation request of associate L1 Verify incident reported by associate L1 analyst Verify Reports made by associate L1 analyst

Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response : Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation : Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis : Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography : Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security : Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting : Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance : Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs) : Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools : Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms : Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions : Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools : Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools