228 Malware Analysis Jobs - Page 7

Not Applicable Specialism Risk Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Responsibilities Minimum 35 years of experience Strong communication and presentation skills Basic knowledge on Cybersecurity and Network concepts. Good understanding and working exposure towards endpoint security, data security, network security and cloud security. Previous or current experience in managing a highlevel corporate breach. Understanding of Mitre Framework and Cyber kill chain techniques and how to implement it in the client infrastructure to detect and mitigate threats, Exposure towards technologies such as SIEM, EDR, Email Security, DLP, Vulnerability Management and Network Monitoring technologies (CrowdStrike, Palo Alto, Digital Guardian, Proofpoint) Good to have knowledge and experience on malware analysis, reverse engineering and performing deep dive forensic investigations. Willing to learn and put in the thought process to solve complex problems within the Security domain. Willing to work in 24/7 rotational shift. Good to have certifications such as CEH, GCIH, Network & Security Fundamentals. Mandatory Skill Sets SIEM , EDR , Crowdstike , Mitre , DLP , Proofpoint Preferred Skill Sets SIEM , EDR , Crowdstike , Mitre , DLP , Proofpoint Years of Experience 3+ Years Educational Qualification BE, B.Tech, M.Tech, MCA, MBA graduates. Education Degrees/Field of Study required Bachelor of Technology, Bachelor of Engineering, Master of Business Administration Degrees/Field of Study preferred Required Skills SoCs Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis, Malware Detection Tools {+ 16 more} No

The primary responsibility of this role is to provide advanced incident analysis and management within our SOC environment, while also leading the development and training of the L1 SOC team in incident analysis, parsers creation, rule views, and report management. The ideal candidate will have a strong background in cybersecurity, incident response, and leadership skills. Responsibilities: Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 3 years of experience in a SOC environment, with a focus on incident analysis and response. Strong understanding of cybersecurity principles, including threat detection, malware analysis, and vulnerability management. Experience with SIEM platforms (e.g., Securonix, QRadar) and familiarity with creating and managing parsers and rule views. Leadership experience, with the ability to mentor and motivate team members effectively. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

2 years of experience in endpoint security implementation and management. Hands-on experience with CrowdStrike Falcon, Trend Micro Apex One/Deep Security, and EDR solutions. Strong knowledge of endpoint security, malware analysis, and threat detection methodologies. Experience in PowerShell, Python, or Bash scripting for automation and security tasks. Familiarity with Windows, macOS, and Linux endpoint security best practices. Understanding of network security, firewalls, and SIEM platforms (Splunk, Sentinel, etc.). Security certifications such as CrowdStrike CCFA/CCFR, Trend Micro Certified Professional, CEH, or CISSP (preferred).

Assist in defining security Policies Standards and reference Architecture for Network design and deployment related to above technologies. Proactive analysis of Network for secure deployments, secure configurations against Global Security Best Practices. Assisting network design team with security inputs while designing an architecture for new offices/ branches/ data centres etc. for Security by Design. Developing network security standards and guiding network design to meet corporate requirements. Strategize and formulate high and low-level monitoring mechanism for security posture of network deployments and advise measures to improve them. Possess and maintain technical knowledge of aspects of DDoS mitigation, NAC, Internet Proxy, DNS etc. Conducting analysis of network security and Strategize and formulate high and low-level monitoring mechanism for DDoS mitigation, NAC, Internet Proxy, DNS. Taking proactive measures for enhancing the security posture of the Bank's network by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERTetc. Working with internal and external business stakeholders on ensuring that IT infrastructure meet global network security standards. Produce and track metrics for the effectiveness and maturity of Secure network deployments.

Implementation and Deployment: - Design and deploy IDS (ARMIS)solutions tailored to OT environments. - Develop comprehensive deploymentarchitectures, ensuring seamless integration with existing systems. - Configure and optimize network andfirewall settings to support IDS deployments. Data Network Security - IDS, Cybersecurity.

Senior Cybersecurity Analyst with a minimum of 6+ years of experience in thefield of Operation technology, particularly focusing on Endpoint Detection andResponse (EDR) and Intrusion Detection System #40;IDS#41; monitoringtools. The ideal candidate will have demonstrated expertise in Carbon Black AppControl. Carbon Black, MS Defender for Endpoints (EDR/ATP),Data Network Security - IDS, Unix Administration, Windows, Carbon Black, MS Defender for Endpoints (EDR/ATP), Data Network Security - IDS, Unix Administration, Windows. Senior Cybersecurity Analyst with a minimum of 6+ years of experience in the field of Operation technology, particularly focusing on Endpoint Detection and Response (EDR) and Intrusion Detection System (IDS) monitoring tools. The ideal candidate will have demonstrated expertise in Carbon Black App Control.

Job Description: At least 10 years of experience in Information Security operations & management with hand on experience in large security operations center using IBM QRadar/Splunk/ArcSight or similar SIEM tool. Manage network, endpoints and forensics initiatives, malware triage and cyber security incident response Managing Cyber Security Services engagements and engagement teams Recognizing common attacker tools, tactics, and procedures Providing oversight for on-site examinations and collections and technology advisory services to enhance forensic client engagements Researching and developing new digital forensics scripts, tools, and methodologies Assessing and troubleshooting a variety of technical issues and support a cyber response lab on our clients SIEM tool and UEBA platform Assist in conducting peer reviews and providing quality assurance reviews for junior personnel and will support the mentoring of junior incident managers and provide guidance to others on incident management prioritization, triage and report writing in support of onsite engagements. Guiding the team to Monitor, identify and investigate the security alerts and perform incident response activities related to cybersecurity incidents Creates new trouble tickets for alerts that signal an incident and require Tier 2 / Incident Response review Respond to cybersecurity incidents, conduct threat analysis as directed and address detected incidents for resolution Should be able do multitasking to coordinate incident with Sr analyst and escalation manager Recommend enhancements to SOC security process, Operations efficiencies. Create Incident response (IR) plan, IR play books, manage all incidents and crisis situations. Log Analysis, handle, resolve security incidents. Collaborate with respective tracks/technical team for remediation of the incident. Periodical review of incident response plan and procedures. Recommend and document specific countermeasures and mitigating controls Develop comprehensive and accurate reports and presentations for both technical and executive audiences Preferred Skills: Strong knowledge of cyber-attacks and techniques, Cyber Kill chain, incident management best practices. A high-level understanding of multi-tiered applications and various network and security devices/protocols Knowledge of various operating system flavour including but not limited to Windows, Linux, Unix Proficient in preparation of reports and documentation. Knowledge of Cyber-criminal techniques, Compliance, and regulatory standards. Excellent verbal and written communication skills.

Job Description: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps.

About Target As a Fortune 50 company with more than 400,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. At Target, we have a timeless purpose and a proven strategy and that hasn t happened by accident. Some of the best minds from diverse backgrounds come together at Target to redefine retail in an inclusive learning environment that values people and delivers world-class outcomes. That winning formula is especially apparent in Bengaluru, where Target in India operates as a fully integrated part of Target s global team and has more than 4,000 team members supporting the company s global strategy and operations. Joining Target means promoting a culture of mutual care and respect and striving to make the most meaningful and positive impact. Becoming a Target team member means joining a community that values diverse backgrounds. We believe your unique perspective is important, and you'll build relationships by being authentic and respectful. At Target, inclusion is part of the core value. We aim to create equitable experiences for all, regardless of their dimensions of difference. As an equal opportunity employer, Target provides diverse opportunities for everyone to grow and win. About Target Tech Every time a guest enters a Target store or browses Target.com, they experience the impact of Target s investments in technology and innovation. We re the technologists behind one of the most loved retail brands, delivering joy to millions of our guests, team members, and communities. The Sr. Engineering Manager (SEM) is responsible for a managing a team of engineers. This role is accountable for leading a team, developing code, deploying and managing in production. You will be called upon to be the technical representative for your team during cross-team collaborative efforts and planning. Success in this role will require strong and innovative approaches to problem solving, great technical leadership, excellent communication (written and verbal, formal and informal), flexibility, accountability and a self-motivated working style with attention to detail. About Team Our mission is two-foldwe protect the hundreds of thousands of Target endpoints (such as user laptops, in store devices, distribution center technology, servers and containers) from cyber threats while balancing the stability and functionality needs of Target s technology environment. To do this, we use a combination of vendor tools, in-house developed utilities and strong organizational partnerships to achieve shared goals. Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Sr. Engineering Manager, you ll take the lead as you Optimize a suite of products to secure Target endpoints. Use innovation and critical thinking to solve complex security and technology problems. Test the efficacy of tools by leveraging adversary emulation tools. Establish good stakeholder relationships and work closely with Tech teams, influence the product roadmap and help drive requirements while being a strong advocate of agile and DevOps practices across the team. Execution of the team-developed strategy, solving enterprise-wide problems and addressing key security concerns. Provide career development and performance management to a team of engineers. Industry endpoint security domain expert, benchmarking with other retailers and companies, staying on top of new trends and technology in a quickly-moving space. About you 4 year degree in Computer Science or equivalent experience 9+ years of engineering experience 1-3 years of managing teams with a strong track record of delivery for cross-functional products Strong written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to variety of audiences Team-orientated, passionate about developing others skills and capabilities Successful track record of working in large enterprise technology ecosystems leading complex technology teams Deep understanding of agile development processes and methodology including continuous integration and delivery, with a mindset of building incrementally and delivering business value quickly Strong collaboration skills, effective management of complex cross-team initiatives and leads with the desire to enable our engineering teams.

Lead the fine-tuning and domain adaptation of open-source LLMs (eg, LLaMA 3) using frameworks like vLLM, HuggingFace, DeepSpeed, and PEFT techniques. Develop data pipelines to ingest, clean, and structure cybersecurity data, including threat intelligence reports, CVEs, exploits, malware analysis, and configuration files. Collaborate with cybersecurity analysts to build taxonomy and structured knowledge representations to embed into LLMs. Drive the design and execution of evaluation frameworks specific to cybersecurity tasks (eg, classification, summarization, anomaly detection). Own the lifecycle of model development including training, inference optimization, testing, and deployment. Provide technical leadership and mentorship to a team of ML engineers and researchers. Stay current with advances in LLM architectures, cybersecurity datasets, and AI-based threat detection. Advocate for ethical AI use and model robustness, especially given the sensitive nature of cybersecurity data Required Skills: 5+ years of experience in machine learning , with at least 2 years focused on LLM training or fine-tuning . Strong experience with vLLM , HuggingFace Transformers, LoRA / QLoRA , and distributed training techniques . Proven experience working with cybersecurity data \u2014ideally including MITRE ATT&CK, CVE/NVD databases, YARA rules, Snort/Suricata rules, STIX/TAXII, or malware datasets . Proficiency in Python , ML libraries ( PyTorch , Transformers), and MLOps practices. Familiarity with prompt engineering, RAG (Retrieval-Augmented Generation), and vector stores like FAISS or Weaviate . Demonstrated ability to lead projects and collaborate across interdisciplinary teams. Excellent problem-solving skills and strong written & verbal communication. Nice to Have Experience deploying models via vLLM in production environments with FastAPI or similar APIs. Knowledge of cloud-based ML training (AWS/GCP/Azure) and GPU infrastructure. Background in reverse engineering, malware analysis, red teaming, or threat hunting. Publications, open-source contributions, or technical blogs in the intersection of AI and cybersecurity.

Incident handling, forensic analysis, and VAPT SIEM tools cybersecurity frameworks Log analysis, monitoring, detecting and investigating security incidents and breaches. CEH,CSA,CompTIA Security+,GCIH,security incidents

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member s contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Monitor all the endpoint , Network , Cloud and application security incidents. As SOC team member , perform the basic investigation and all the security incidents and document the evidence. Performing Security controls health & Compliance check. Adhere to shift timings and provide uninterrupted 24/7 monitoring . Properly share shift handovers, updating the next shift on ongoing incidents and activities. Respond to all security incidents within a SLA period Resolve incidents assigned to the shift promptly and escalate to the Senior team when necessary. Work across all categories of incidents without limiting to specific types. Follow the incident handling as per the docum ented SOP . Complete and close all assigned task requests within SLA timelines. Attend weekly and monthly team meetings as mandatory. Qualifications OSINT : knowledge about open-source platforms for analyzing URL, IP Addresses , suspicious files. Email Analysis : Operating Systems: Basics of Linux and Windows, kernel concepts, and system differences. Networking: OSI model, TCP/IP, firewalls, VPNs, proxies, IP addressing, and subnetting. SIEM Tools: Basics of SIEM operations, alerts, and dashboards (e.g., Splunk). Authentication & Access Control: MFA, SSO, and password management best practices. Malware Protection: Antivirus strategies, malware analysis, phishing email analysis, and IOC gathering. Trending Cyber Attacks : update knowledge about the trending cyber-attacks & its attack patterns .

Job Functions/Responsibilities: Minimum 5+ years as a SOC analyst with exposure to Digital Forensics, Threat Hunting and Incident Response Management. Experience in Linux Operating Security and Active Directory Security Able to do Research and analysis on any Security incidents. 24/7 support. Should be able to work on Saturday and Sunday To prevent, detect, assess, and respond to cybersecurity threats and incidents To assist the Compliance Team in digital forensics and information gathering To monitor different tools for intrusions, malicious traffic, threats etc Malware analysis Network Security Threat Intel and Threat Hunting Vulnerability Assessments Log Analysis Endpoint Security Physical Access Control Systems Digital Forensics Windows and Linux Good knowledge on Mitre Att&ck framework Experienced with Sysmon logs and investigation is a must To investigate the attack techniques using Sysmon logs and hunt for the IOCs collected. Preferred candidate profile Experienced in Incident Response Management (L1 & L2) and should be familiar with Incident Response Lifecycle Firewall knowledge IDS/IPS experience Log Management/SIEM tool experience Network Analysis tool System Analysis Malware Analysis Endpoint Security DLP Familiar with Cyber Kill Chain or Mitre Att&ck Operating Systems (Linux and Windows) Vulnerability assessment tool experience RSS Feeds/Updates familiarity Malware signatures and latest vulnerabilities updates familiarity Must be excellent in Verbal and Written Communication Digital Forensics Experience/Education Requirements Any Graduate 5+ Years of experience as SOC Analyst and in Incident Response Management, Digital Forensics (Windows and Linux) and Threat Hunting Certified in Ethical Hacker, Certified Incident Handler, Comptia Security+, CHFI preferred

Hiring for SOC Analyst in one of our Top Banking company @ Chennai & Hyderabad location Job Title: SOC Analyst Experience : 6 - 9 Years Department: Cybersecurity / Information Security Location: Chennai & Hyderabad Employment Type: Hybrid Mode - 3 days WFO and 2 days WFH . Job Summary: We are seeking a skilled and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. The SOC Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and techniques. This role is critical to maintaining and improving our organization's security posture by ensuring real-time threat detection and incident response. Key Responsibilities: Monitor security alerts and events from SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel). Analyze and triage events to determine impact and severity. Investigate security incidents and provide incident reports with detailed analysis. Escalate validated threats and vulnerabilities to the appropriate teams and assist in mitigation efforts. Coordinate with IT teams to ensure containment, eradication, and recovery actions are taken for confirmed incidents. Perform threat intelligence analysis to support proactive detection and defense. Document incident handling procedures and maintain an incident knowledge base. Participate in continuous improvement of SOC operations, including playbooks and automation. Stay current on the latest cybersecurity trends, threats, and tools. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent work experience. 13 years of experience in a SOC or information security role. Experience with SIEM platforms, IDS/IPS, firewalls, and endpoint protection tools. Understanding of TCP/IP, DNS, HTTP, VPN, and network protocols. Knowledge of common threat vectors, MITRE ATT&CK framework, and kill chain. Strong analytical and problem-solving skills. Excellent communication skills and ability to work under pressure. Preferred Qualifications: Certifications such as CompTIA Security+, CEH, GCIA, GCIH, or Splunk Certified Analyst. Experience with scripting (e.g., Python, PowerShell) for automation. Familiarity with cloud security monitoring (e.g., AWS GuardDuty, Azure Defender). Exposure to incident response frameworks and forensic tools. Work Schedule: [24x7 shift-based / Regular business hours / On-call rotation as applicable]

Role & responsibilities Cyber Threat Intelligence Operating System-Understanding of how different system work, especially windows, Linux, MacOS. Programming Languages: Java, Python (Basic Understanding needed) Malware Analysis Techniques: Static & Dynamic analysis, code analysis, behavioral analysis, forensic analysis. Malware Analysis Tools: Need to have proficiency in using various malware analysis tools Static Analysis- CFF Explorer, PEiD, PEStudio, Stings, FLoss, ExeInfo PE, SSDEEP Dynamic Analysis Tools: Process Monitor, Process, Process Hacker, Sysmon, Autoruns, Regshot Reverse Engineering Tools: IDA Pro, Ghidra Analyzing Suspicious Files / Sandboxing by using :Virus Total, Hybrid Analysis , Cuckoo , Any.run , Intezer, Joe Sandbox Network Tool: Wireshark, InetSim. Malware Mitigation strategies: Have knowledge of various malware mitigation strategies such as preventation, detection removal , recovery and response. Good understanding on MITRE framework(TTP, IOC ,Threat Actor). Cyber kill chain, Dark web Analysis Should be able to setup the malware analysis lab with minimum support Threat Analysis- Analyze threat data from various sources to identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Incident Response: Collaborate with the incident response team to provide intelligence support during security incidents. Reporting: Prepare and present intelligence reports to stakeholders, highlighting significant threats and recommended actions. Research: Conduct research on emerging threats, vulnerabilities, and security trends to inform strategic decisions. Collaboration: Work with internal teams and external partners to share intelligence and improve threat detection capabilities. Tool Utilization: Use threat intelligence platforms and tools to gather, analyze, and disseminate threat information-MISP, Threat Connect, Cyble , Anomali Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) are preferred. Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Responsibilities: Monitor systems, respond to incidents. Collaborate with teams on threat management strategies. Manage access control & encryption. Maintain compliance standards. Conduct regular security assessments. Office cab/shuttle Food allowance Health insurance Provident fund

Understanding of network defence principles, common attack vectors, and attacker techniques. Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies Basic Linux/Windows OS knowledge, firewall rules and policy fundamentals. Excellent analytical and problem-solving skills. Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency. Windows, Linux, Network Security, Phishing, Splunk, Malware

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025

Client Server Tech is looking for System Security / Engineer to join our dynamic team and embark on a rewarding career journey. Develop and implement system security strategies and solutions. Monitor and analyze security incidents and threats. Conduct incident response and investigation. Collaborate with cross-functional teams on security projects. Ensure compliance with security standards and regulations. Provide training and support on security best practices.

locationsBangalore, Indiaposted onPosted 10 Days Ago job requisition id30684 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Detect, identify, and analyze vulnerabilities across FICO environment. Assess the risk of vulnerabilities detected to determine true impact. Support stakeholders as a SME to understand technical details of vulnerabilities and steps to carry out remediation. Coordinate with stakeholders to track issues remediation until closure. Act as a SME for new projects in terms of vulnerability management lifecycle. Manage, maintain, and tune tools used to support the VM process. Update yourself with the latest security and technology developments. What Were Seeking Experience in a similar role such as vulnerability management specialist. Experience with Qualys or other security vulnerability detection technology required. Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines. Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities. Must be able to multi-task and keep track of large amounts of information across disparate systems. Ability to keep making progress and define future strategy/policy with regards to Enterprise. Adherent to continuous monitoring and continuous improvement thought process. Demonstrated technical IT skills, ability to understand and manage different OS flavors, network technologies and topologies. Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred). Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture. Ability to effectively translate and present solutions in business or management terms. Ability to work effectively in a team environment. Knowledge of Python scripting or other languages is nice to have. Moderate documentation and analytical skills; documenting processes, policies, and standards. Moderate ability to provide end-to-end support to enterprise counterparts, identifying root- cause of complex enterprise initiatives. Moderate trouble shooting skills across complex enterprise applications, server, and endpoint environments. Moderate ability to learn onboard and adapt to new technologies. Basic privileged access management/right management experience, designing solutions based on least privilege. Basic knowledge of malware operation, indicators or threat. Moderate knowledge of current threat landscape Entry Cybersecurity certifications, such as CompTIA Security +, GIAC Security Fundamentals, GIAC Security Essentials, ISC2 Associate, ISACA Cybersecurity Fundamentals are nice to have. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Integrated Security Risk Management Good to have skills : Security GovernanceMinimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have influencing and Advisory skills.- Engage with multiple teams and responsible for team decisions.- Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems.- Lead the implementation and delivery of Security Services projects.- Utilize global delivery capability including methods, tools, training, and assets.- Provide expert advice and guidance on security governance.- Collaborate with various teams to ensure effective security solutions. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Governance.- Strong understanding of security risk management principles.- Knowledge of security governance frameworks and best practices.- Experience in leading security service delivery projects.- Excellent communication and leadership skills. Additional Information:- The candidate should have a minimum of 18 years of experience in Integrated Security Risk Management.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that security measures are effectively integrated into the cloud environment and aligned with organizational objectives. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules Professional & Technical Skills: - Exp working in SOC/SIEM-Incident handling, use case management development , risk assessment, playbook recommendation, fine-tunings-SIEM/SOC operations experience for very large enterprises-Knowledge on MITRE/CKC framework-Security Analytical skills and analysis-Should have good customer handling skills-SIEM, Incident Response, Basic understanding of security technologies-User behavior/Malware Analysis, Knowledge on Securonix, Defender, CrowdStrike, FortiSOAR and Splunk Admin Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE