17 Malware Jobs

Qualcomm India Private Limited is seeking a dedicated individual to join the Information Technology Group as part of the Cyber Security Engineering team. As a member of this team, you will play a crucial role in supporting 24x7 operations, which may involve working night and weekend shifts on a rotational basis to meet the organization's business requirements. Your primary responsibilities will include monitoring and triaging security events received by the SOC/CDC from various sources such as social engineering attacks, malware, DDoS, data exfiltration, ransomware, among others. You will be expected to follow standard operating procedures to triage events for the first 20 minutes, engaging Tier2 for further assistance as needed. Utilizing Orchestration tool workflows and knowledge base, you will analyze security event and incident data, update the Ticketing system promptly, and communicate with stakeholders to provide recommendations on mitigation and prevention techniques. In this role, you will work closely with Tier3 teams, escalate security events in a timely manner, stay updated on new Use Cases and process changes, and actively participate in brown bag sessions. The ideal candidate should possess a good understanding of current and emerging security threats and technologies, along with strong proficiency in security event investigations and excellent written and verbal communication skills in English. Prior experience in 24x7 SOC or CDC operations is preferred, along with a Bachelor's or Master's degree in Computer Sciences or Cyber Security. Qualifications for this position include 3-5 years of experience working with a SIEM tool, a solid background in security incident response and system operations, and certifications such as CEH, Security+, OSCP, or other industry-relevant cyber-security certifications. Knowledge of ITIL V3.0 is considered a plus. Minimum qualifications consist of a Bachelor's degree in Engineering, Information Systems, Computer Science, or a related field along with 2+ years of cybersecurity-relevant work experience. Alternatively, a High school diploma or equivalent with 4+ years of relevant work experience is also acceptable. If you are an individual with a disability requiring accommodations during the application/hiring process, please contact Qualcomm at disability-accommodations@qualcomm.com. Qualcomm is dedicated to providing a supportive and accessible process for all individuals. As an equal opportunity employer, Qualcomm expects all employees to adhere to applicable policies and procedures, including those related to the protection of confidential information. Staffing and recruiting agencies are advised not to submit profiles, applications, or resumes through Qualcomm's Careers Site, as unsolicited submissions will not be considered. For more information about this exciting opportunity, please reach out to Qualcomm Careers.,

NTT DATA Services is looking for individuals who are exceptional, innovative, and passionate about cybersecurity technologies. As part of our team, you will provide operational support for various technologies such as CrowdStrike, Zscaler, Checkpoint Harmony, and others within scope. Your responsibilities will include communicating plans and updates on tasks and projects, as well as identifying and escalating issues and risks. Additionally, you will schedule and lead working group meetings, prepare meeting agendas and minutes, and ensure timely closure of action items. You will also be responsible for offering ad-hoc operational support, ensuring the integration of functions align with business goals, and identifying problem causality, business impact, and root causes. As a senior member of the team, you may advise or mentor junior team members, coordinate with cross-functional Operations and Technology (O&T) counterparts to enhance risk oversight, and address non-compliant items through collaboration with Business Managers and staff from various sectors. To qualify for this role, you should have at least 6 years of relevant experience, preferably in a bank or financial institution setting. Strong expertise in Cyber Security and antivirus/malware technologies, specifically CrowdStrike, Trellix, and Zscaler, is required. Excellent written and verbal communication skills are essential, along with knowledge of Scripting and Programming Languages. You should also demonstrate the ability to interpret and apply information security policies, standards, and procedures, as well as possess influencing and relationship management skills. Ideally, you will hold a Bachelor's degree or equivalent experience, with a Master's degree being preferred. If you are ready to be part of a dynamic and forward-thinking organization, apply now and join us in tackling security challenges across multiple businesses. #LI-MIWS,

As a Technical Support Specialist at Palo Cortex XDR, you will be responsible for providing technical support to customers and partners. Your role will include offering technical services such as writing scripts, troubleshooting, and sharing best practices with customers. You will manage support cases efficiently to ensure that issues are properly recorded, tracked, resolved, and followed up on in a timely manner. Additionally, your responsibilities will involve fault isolation and root cause analysis for technical issues, as well as publishing Technical Support Bulletins and other technical documentation in the Knowledge Base. You will review technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, and more. In critical situations, you may need to travel to customer sites to expedite issue resolution. You will also be required to provide on-call support 24x7 on an as-needed basis. Collaborating with the Engineering team, you will have the opportunity to influence the operability of the product and contribute to regular weekend on-call rotation. To excel in this role, you should possess at least 3 years of related experience. Strong expertise in providing configurations, troubleshooting, and best practices to customers is essential. Proficiency in supporting EndPoint software products, along with experience in Windows OS, Linux OS, macOS, and Android OS-based applications is required. Familiarity with MS environment tools like SCCM, GPO, AD, MSSQL, and IIS is crucial. Furthermore, experience with EndPoint security software, SIEM, vulnerability management tools, firewalls, and understanding of malware, exploits, and operating system behavior will be beneficial. Proficiency in batch scripting and Python is a plus. You should have the ability to independently troubleshoot, reproduce issues, and identify feasible workarounds in varied and complex environments. A knowledge of Cloud infrastructure, VDI technologies (VMWare Horizon, Citrix XenApp, and XenDesktop), and a BS/MS degree or equivalent experience will be valuable assets in this role. Effective communication skills to engage with stakeholders internally and externally on complex technical issues are essential for success in this position.,

Role Summary: We are looking for an experienced Microsoft Security Solutions Architect to lead the design, implementation, and support of Microsoft security ecosystem across identity, endpoint, threat protection, and compliance. This role requires deep hands-on knowledge of Microsoft Intune, Defender suite, Entra ID , and Microsoft Sentinel , with a strong emphasis on real-world threat mitigation , including malware attack handling and DNS firewall configuration . Key Responsibilities: Solution Design & Implementation Architect and implement Microsoft Intune for device compliance, app management, conditional access, and policy deployment across Windows, macOS, iOS, and Android environments. Deploy and optimize Microsoft Defender for Endpoint, Identity, Office 365 , and Defender for Cloud Apps in alignment with organizational security frameworks. Configure Microsoft Entra ID (Azure AD) features including Conditional Access, SSO, MFA, PIM, RBAC, and Identity Protection policies. Drive the adoption of Zero Trust Architecture , aligning endpoint protection and identity governance with customer risk management objectives. Implement and manage DNS Firewall solutions to block malicious domains and enhance threat visibility and control. Lead the detection, response, and mitigation of malware attacks , leveraging Microsoft security tools and incident response strategies. Client Engagement & Advisory Conduct client security assessments and define Microsoft-centric security roadmaps and architectural recommendations. Deliver technical workshops, POCs, and pilot deployments for Intune, Defender, and Entra ID solutions. Act as a trusted advisor on Microsoft Security best practices , data protection (e.g., GDPR, ISO 27001 ), governance, and regulatory compliance. Operations & Support Guide operational teams in incident detection, investigation, and remediation , especially related to malware, phishing, and endpoint threats. Maintain and update technical documentation including architectures, policies, configurations , and incident response procedures . Support scripting and automation for policy deployment, compliance monitoring, and operational efficiency using PowerShell and other tools. Required Skills & Experience: 6+ years of hands-on experience with Microsoft security solutions and enterprise IT environments. Deep expertise in: Microsoft Intune / Endpoint Manager Microsoft Defender Suite (Defender for Endpoint, Identity, Office 365, Cloud Apps) Microsoft Entra ID / Azure AD , including Identity Governance, Conditional Access, and PIM Endpoint threat protection and malware remediation DNS Firewall technologies (e.g., Microsoft Defender for DNS, third-party DNS protection tools) Strong proficiency in PowerShell scripting , automation of compliance policies, and endpoint configurations. Familiarity with Microsoft Sentinel , Zero Trust frameworks , and modern workplace security models. Solid experience with incident response , endpoint telemetry, and real-world malware analysis and resolution. Excellent verbal and written communication skills; able to engage both technical and non-technical stakeholders. Preferred Certifications: SC-200 : Microsoft Security Operations Analyst SC-300 : Microsoft Identity and Access Administrator SC-400 : Microsoft Information Protection Administrator MD-102 : Microsoft Endpoint Administrator Knowledge of integrations with third-party MDM, SIEM, DNS security , and IAM platforms is a plus.

Design,implement,maintain & troubleshoot AD domain,Exchange & Messaging,Administer & support MS Exchange Server,Manage & support MS Exchange Online within MS 365,mail flow rules & antispam/malware policies, Also monitor Azure health,performance.

The role of a Splunk Security Solution Architect is to serve as a subject matter expert for Splunk Security products and provide expertise on the broader security landscape. Your primary responsibility will be to support Splunk account teams, including sales and pre-sales resources, in developing tailored security solutions for customers. As the "eyes and ears" for the field, you will offer expert guidance and recommendations to help customers enhance the security and resiliency of their organizations. Your key responsibilities will include establishing and maintaining strong relationships with clients and partners, collaborating closely with account teams to align with sales strategies, and conducting demonstrations of Splunk's security products and services to customers. Additionally, you will be required to respond to functional and technical aspects of RFIs/RFPs, provide hands-on leadership in resolving technical issues, and demonstrate a strong ability to collaborate effectively. To excel in this role, you should possess a Splunk Certified Administrator certification or have sufficient knowledge to administer Splunk Enterprise and solutions. You must have at least 5 years of experience as a successful pre-sales engineer, systems integrator, or similar role within the cybersecurity domain. Familiarity with cyber threats, incident response practices, SIEM, automation tools, endpoint technology, threat intelligence, and enterprise hardware and software technologies is essential. Experience with operating systems, networking technology, enterprise software, cloud platforms, scripting languages, and industry certifications such as SANS GIAC, CISSP, CISM, etc., will be advantageous. Furthermore, you should demonstrate strong interpersonal skills, effective communication abilities across different audience types, and a self-motivated attitude with an insatiable curiosity for technological possibilities. A positive and fun-loving demeanor, along with a desire to work with a dynamic team, is key for success in this role. Please note that we are committed to providing guidance on technology, supporting your soft skills development, and educating you on processes. Your passion for technology, motivation, and enthusiasm for working in a collaborative team environment will be highly valued in this position.,

You are invited to join our Information Security team as a 1st Line Security Engineer in the role of Network Associate. This entry-level position offers an excellent opportunity for individuals who are enthusiastic about commencing their career in cybersecurity. As a Network Associate, your primary responsibility will be to serve as the initial point of contact for security alerts and incidents. You will be tasked with monitoring our systems, identifying potential threats, and promptly escalating issues to senior engineers when necessary. To support your professional development in a dynamic and rapidly evolving security environment, we are committed to providing comprehensive training and mentorship. Your main duties will involve monitoring security tools and dashboards, such as SIEM, endpoint protection, and firewalls, to detect any suspicious activities. You will be responsible for conducting initial triage and analysis of security alerts, documenting incidents accurately, and maintaining organized records in the ticketing system. Additionally, you will assist in vulnerability scanning, follow-ups on patch management, participate in user awareness campaigns and phishing simulations, and contribute to compliance audits and documentation efforts. It is crucial to stay informed about the latest cyber threats and attack vectors to effectively fulfill your role. To qualify for this position, you should hold a Bachelor's degree in information security, Computer Science, or a related field, or possess equivalent experience. A basic understanding of networking principles (TCP/IP, firewalls, DNS) and operating systems (Windows/Linux) is essential. Familiarity with common cybersecurity tools and concepts, such as antivirus, phishing, malware, ransomware, and SIEM, is advantageous. Strong communication skills, problem-solving abilities, and a willingness to work in shifts or participate in on-call rotations, if necessary, are key attributes we are looking for in potential candidates. While not mandatory, having certifications like CompTIA Security+, CEH, or equivalents would be beneficial. Hands-on experience with tools like Splunk, CrowdStrike, Microsoft Defender, Wireshark, or previous involvement in cybersecurity-related internships or academic projects focused on incident response are considered as preferred qualifications for this role. Join us in this exciting opportunity to kickstart your cybersecurity career and make a meaningful impact in the field of Information Security.,

As an Intelligence Analyst at Fortinet, you will be part of the Cyber Threat Intelligence (CTI) Collections/Analysis team, a dedicated group of skilled analysts, collectors, and specialists committed to safeguarding customers and their assets from external threats. Leveraging our advanced hybrid intelligence platforms and methodologies, your primary role will involve utilizing your writing and editing abilities to contribute to the generation of actionable intelligence for our client base. This includes assessing existing and emerging threats related to cybercrime and various forms of malicious exploitation. Your responsibilities will include monitoring and analyzing cybersecurity events, incidents, and vulnerability reports sourced from multiple outlets. You will be involved in reviewing and interpreting data from various sources such as OSINT, Darknet, and TECHINT. Collaborating closely with the Internal Research team, you will help identify threats specific to individual customers and create tailored analytical reports based on your findings. Additionally, you will be responsible for producing regular Security Trend reports using information from the internal threat repository and collaborating with customer points of contact to understand their threat landscape and customize service delivery accordingly. Furthermore, you will play a crucial role in monitoring, analyzing, and reporting on cybersecurity events, intrusion events, security incidents, and other indicators of potential threats. Adhering to operational security best practices is essential to safeguard sources and methods effectively. To excel in this role, you should possess strong fundamentals in Information Security, a solid understanding of Cyber Threat Intelligence, and the ability to produce high-quality Security Analysis reports. Your skill set should include the capacity to comprehend and analyze various threat vectors proficiently, along with knowledge of cyber threats, malware, APTs, exploits, etc. Familiarity with the DarkNet, DeepWeb, as well as open-source, social media, and other platforms of cyber-criminal activity is highly beneficial. Strong communication skills in English, along with the ability to engage effectively with diverse clients and articulate technical details clearly and concisely, are essential. A willingness to learn new technologies and skills, adapt to evolving circumstances, and innovate as needed is paramount. Previous experience in a Security Operations Center (SOC) environment or Cyber Crime Research will be advantageous, although not mandatory. Possession of certifications such as CEH, OSCP, or other cybersecurity credentials is a plus, while programming/scripting knowledge would be considered an additional asset. Maintaining the utmost discretion and confidentiality is crucial in this role. Proficiency in languages such as English, Hindi, and any other international languages like Arabic, Russian, Japanese, Chinese, German, or Italian would be advantageous.,

Role & responsibilities Investigate high complexity cyber security incidents (2nd Level) with minimal direction, determine the root cause and establish defense measures as part of the global Cyber Defense Center team. Analyze operational logs and event console activities to identify security related events; Develop targeted defense response measures for implementation Create Management communication for Major Incidents and drive and facilitate Communication bridges/briefs to upper management as necessary Improve and maintain cyber defense related processes and procedures . Provide strong technical expertise in using and customizing of cyber defense tools like SIEM, AEP, DLP or UEBA solutions for CIRT actions Participate in the "on-call" duty of the global incident response team, and provide the fallback insurance for IT and SOC Participate in international IT security projects Represent Bayer in external technical user groups. Prepare and design system security reports by framing data, insights, and trends to support the proposal of proactive cyber defense capabilities.

Key Skills: Vulnerability, DLP, Crowdstrike, Malware, Cyber Security, Threats, Cyber Threat, SIEM, Siemens Ops center Roles and Responsibilities: Operational Maturity: Create clear documentation for processes, metrics, and outcomes, ensuring adherence to Service Level Agreements (SLAs) and compliance requirements. Promote continuous improvement in threat hunting and DLP management. DLP Leadership: Offer technical leadership in developing and enhancing the DLP program at Fortive. Establish metrics to measure the program's success. Security Tool Operations: Manage and oversee relevant security tools, ensuring comprehensive coverage and effectiveness across the enterprise while continuously enhancing detection and prevention mechanisms. Cloud and DevOps Security: Drive security capabilities by embedding security into DevOps workflows, leveraging cloud-native tools, and advancing automation for detection and response. Continuous Improvement: Stay current and share best practices in both threat hunting and data loss prevention. Leverage artificial intelligence to reduce manual work. DLP Programme: Collaborate with other security teams, legal, IT, and key stakeholders to document and drive a DLP program to protect Fortive data. Change Management: Adhere to change management processes in managing security platforms. Ensure proper lifecycle management of threat hunting artifacts. Collaboration: Work with cross-functional teams in both proactive and reactive security scenarios. Collect and analyze feedback to continuously refine tools, platforms, and support processes. Skills Required: 5+ years of experience in cybersecurity, with a focus on DLP and threat detection. Hands-on experience with CrowdStrike Platform; NG SIEM an advantage. Strong knowledge of IT security principles and compliance standards. Familiarity with at least one DLP solution. Demonstrated ability to balance strategic vision with hands-on implementation. Exceptional communication and problem-solving skills. A driven and self-starting individual who can work independently and take initiative. Experience working across multiple countries and time zones is an advantage. Education: Bachelor's degree in Cyber Security, Information Technology or related field.

LTI Mindtree hiring Malware Analyst role. Roles and Responsibilities: Static and dynamic malware analysis(aware of file structure like, PE, PDF, OLE, windows short cut files etc...) someone who has hands on writing signatures for malware samples(at-least initial vector malware). Aware of trending malware family campaign and analysis for threat write ups for that follow up family. (example malware family - Emotet/Qakbot/AgentTesla etc..) Email security and Endpoint Security (EOP) Investigating the Phishing campaign and spam emails which users have received and reported. Threat Intelligence analysis/ Threat hunting Analyzing PE files (Dynamic and static analysis) and providing detection for malicious PE files.(RE/Malware Analysis) Analyzing non-PE file s (like OLE / PDF / HTML / HTA / VBS|VBE /JS/ WSF/JAR/LNK) andproviding detection for malicious files. Malware Analysis and Reversing. Reverse Engineering skills: familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms, Classification, clustering and labelling of Malware. Knowledge of Advanced Techniques of Malware Analysis. Knowledge of Malware kill chain and MITRE ATT&CK techniques and tactics. Knowledge of AV evasion techniques and Pen testing tools like - Veil (equal rank), PowerShell Empire, Meterpreter, Unicorn, Cactus Torch, and Any other similar tools Additionally, Experience with advanced persistent threats, human adversary compromises and incident response. Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements. Excellent analytical skills and ability to identify patterns and trends. Strong research skills, data knowledge, and ability to analyze and present complex data in a meaningful way. Strong understanding of Cyber Security, modern security problems and threat landscape, Operating Systems (internals), computer networking concepts. Required Skills: Olly DBG, IDA PRO, Static and dynamic malware analysis, PE and non-PE file analysis Job Location: Pan India Experience: 3 to 5 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

Key Responsibilities • Design, implement, and manage email security solutions. • handle Trend Micro CAS & Cisco Umbrella, monitor threats. • respond to incidents, update policies, collaborate with teams • stay updated on email & DNS security trends.

Role & responsibilities 1. Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . 2. Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates . 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) . 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Preferred candidate profile Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

Monitor,analyze security events,alerts across various platforms. Investigate potential security incidents,escalate as appropriate,following defined incident response processes. Correlate events from multiple sources to identify patterns or anomalies Required Candidate profile Lead,participate in threat hunting activities to proactively identify potential threats vulnerabilities Serve as the administrator for SOC tools including SIEM, EDR, SOAR,threat intelligence platforms Perks and benefits To be disclosed post interview

Job Title: MDR Analyst Duration: Full time role Location: Remote (Bengaluru) This position is a Shift Position (Sunday - Friday Evening & Saturday Evening) Job Description: Duties: Join a new emerging team who is going to be part of clients Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire clients customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats Required Skills: 3+ years of experience in a multi-tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well-established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage.

Location: Mumbai (Candidates should be born and brought up in Mumbai) Experience: 5-7 years Notice Period: Immediate to 30 days ________________________________________ We are seeking a Pen tester (Penetration Testing) to join our cybersecurity team. The ideal candidate will have proven experience in penetration testing, vulnerability assessment, and offensive security operations. Key Responsibilities: Conduct penetration testing on web applications, ERP, SAP systems, and infrastructure assets. Draft business risk-oriented reports and assist teams in mitigating identified vulnerabilities. Contribute to the creation and implementation of security tools to secure the Saint-Gobain environment. Participate in Red Team and Purple Team exercises. Define and implement quality and performance metrics for the cybersecurity roadmap. Qualifications: Educational Background: Bachelors degree in Computer Science or Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+) are a plus. Technical Expertise: Hands-on experience in web application and API penetration testing tools. Knowledge Areas: o Strong understanding of OWASP Top 10 or SANS Top 25. o Familiarity with malware, TCP/UDP packets, IDS/IPS, web proxies, SIEM, DNS security, and firewalls. o Basic knowledge of ERP and SAP systems. o Mobile and thick client application penetration testing. Skills: Scripting experience (e.g., Python, Bash, Powershell, C#) for automation. Participation in CTF challenges (Hack the Box, Root Me, TryHackMe) is a plus.

ESSENTIAL SKILLS: Candidate should be comfortable to work in 24/7 environment. Diploma or equivalent in IT or related fields with 3 years of work experience in IT hardware/software required. Microsoft Certified Desktop Technician preferred. TECHNICAL SKILLS: Extensive knowledge of troubleshooting Windows 10 and Mac Monterey operating systems. Expertise in installing, configuring, and troubleshooting Microsoft Office 365 applications. Expert level knowledge of troubleshooting Internet technology and networking concepts such as VPN. Should be skilled in virus/malware removal and troubleshooting customized applications. Coordinate activities with third party vendors as needed for Order fulfillment, Warranties and so forth. Knowledge of mobile device COMMUNICATION SKILLS: Candidate should have excellent communication - Strong command of English sentence structure, vocabulary, and grammar. Neutral accent, suitable speech rate, appealing voice, and confident tone. Ability to talk naturally with no need for filler. Call management and effective email communication skills.