63 Microsoft Sentinel Jobs

Job Discribtion: Global Security Operation Center (GSOC) KPMGs Global Security Operations Centre (GSOC) is internal SOC team supporting KPMG member firms to detect and respond to cyber-attacks to KPMG across locations. GSOC Operation – Monitoring & Alerting (M&A) GSOC – Engineering Services (ES) – SIEM technology management including onboarding /off-boarding /content update. Role & REsPonsibilty – Analyst (Monitoring & Alerting) Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat intelligence, Phishing email analysis for MFs, Raising incidents in Pastebin inte Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers. Ability to Triage and assignment Incident Handling. Ability to Follow Playbooks instructions- Incident Response Playbooks Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance) Understand and imbibe current SOC process Perform quality assessment on SOC operations being performed as per existing process Record and deviations identified into tracking tool(s)/spreadsheets Perform follow-ups with respective error owners to mitigate process deviations Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed. Perform RCA into observed errors / trends and generate recommendations for process improvement Generate personnel specific recommendations for performance enhancement Contribute in overseeing quality assessment process for multiple SOC verticals In-line alignment with SOC operations for quick-detection / prevention of process deviations Support as QA touchpoint in critical cyber incidents to enhance quality of service Assessment of investigation report with assertions, evidences and recommended actions Communicate effectively and collaborate with teams in different geographie

Role Overview: You will be joining the Defender Experts (DEX) Research team within Microsoft Security, whose mission is to protect customers from advanced cyberattacks by transforming raw signals into intelligence. As a Threat Researcher, you will collaborate with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats impacting both Microsoft and third-party products. Your work will directly contribute to developing real-time protections for enterprises worldwide and enhancing threat detection and response capabilities within Microsoft Sentinel. This role offers a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Key Responsibilities: - Execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Develop and refine detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel, to ensure comprehensive threat coverage and response capabilities. - Collaborate with internal and external security teams to implement scalable solutions for multi-cloud threat intelligence, detection, mitigation, and response. - Translate complex raw security data into actionable intelligence to enhance cloud security operations for a global customer base. - Mentor and guide researchers and detection engineers on advanced threat hunting and incident response best practices across diverse SIEM ecosystems. - Contribute to industry knowledge and Microsoft's security posture by publishing research, developing threat models, and identifying threats and attack trends in the cloud. Qualifications: - 3+ years of relevant experience in security research, detection engineering, threat lifecycle, and cloud security in large-scale complex cloud environments. - Proven ability in executing advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Demonstrated experience in developing and refining detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel. - Extensive hands-on experience with cloud platforms, including Azure, and understanding of multi-cloud security challenges and solutions. - Strong practical experience in identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. - Ability to work independently, deliver complete solutions, articulate technical insights effectively, and influence multidisciplinary teams.,

Role Overview: As a Cloud Security Specialist, your role involves designing and implementing cloud security solutions using tools such as Microsoft Sentinel. You will lead the development of security strategies, policies, and procedures to safeguard client data in the cloud. Collaborating with DevOps teams, you will integrate security into the continuous delivery pipeline using automation tools like Terraform and AKS. Additionally, you will be responsible for conducting risk assessments, threat modeling, and security testing to identify and address vulnerabilities, while providing expertise on cloud security best practices to clients and team members. Key Responsibilities: - Stay updated with industry trends in cloud security and recommend necessary changes to security strategies and practices. - Mentor and train junior security personnel to ensure adherence to security best practices. - Work with cross-functional teams to ensure the security of cloud-based systems and applications. - Communicate security risks and potential impacts to stakeholders and provide guidance on risk mitigation. - Lead client engagements, offering technical guidance and support for successful delivery of cloud security solutions. Qualifications Required: - Bachelor's degree in computer science, information technology, or a related field. - Minimum 7 years of experience in Information Security, with at least 3 years focused on SaaS security or cloud platforms. - Strong understanding of SaaS-specific risks, architecture, and controls. - Experience with CASB, SSPM, and SIEM tools (e.g., Microsoft Defender, Splunk). - Knowledge of data protection, encryption, secure integration practices, and incident response procedures. - Familiarity with industry frameworks such as NIST SP 800-53, CSA, CIS. - Technical expertise in cloud-native platforms and integrations. - Soft skills including excellent written and verbal communication, analytical skills, and ability to work independently. - Preferred certifications like CCSK, CRISC, CISA, ISO 27001, or similar cloud/security-related certifications. Company Details: (Omitted as not present in the provided Job Description),

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engineering & Delivery (Primary) Deploy and configure Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps). Implement and tune Microsoft Sentinel SIEM/SOAR: log sources, analytics rules, playbooks. Configure Microsoft Purview for DLP, insider risk, information governance, and compliance reporting. Lead threat modelling, vulnerability remediation, attack surface reduction, and security hardening . Align customer environments to Zero Trust and compliance frameworks (ISO 27001, SOC 2, NIST). SOC & Operational Security Provide Level 3/4 escalation for incidents across identity, endpoint, and cloud security. Partner with Oreta’s SOC for threat hunting, investigation, and incident response. Conduct proactive security health checks and ensure patch/vulnerability compliance . Maintain security documentation, runbooks, and incident response playbooks . Cloud Security (Supporting) Apply security architecture and controls to Azure, Microsoft 365, and hybrid workloads. Support secure cloud migrations and integrations, focusing on IAM, encryption, and monitoring. Configure Intune for endpoint compliance and secure device lifecycle management. Leadership & Practice Development Mentor and coach junior engineers in security engineering and incident handling . Contribute to Oreta’s security playbooks, frameworks, and managed service enhancements . Participate in customer workshops and advisory sessions , translating risks into solutions. Required Skills & Experience 5–8+ years’ experience in security engineering/operations (with Microsoft stack focus). Hands-on expertise in: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender Suite (Endpoint, Identity, O365, Cloud Apps) Microsoft Purview (DLP, compliance, insider risk) Entra ID (MFA, Conditional Access, Identity Governance, PIM) Strong understanding of threat detection, incident response, and SOC workflows . Familiarity with Azure/M365 cloud security controls (landing zones, governance, monitoring). Experience with compliance frameworks (ISO 27001, SOC 2, NIST CSF). Preferred certifications: SC-200, SC-300, AZ-500 (core); additional Azure/AWS security certs a plus. Excellent communication skills with customer-facing experience in delivery and operations . Role & responsibilities

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engineering & Delivery (Primary) Deploy and configure Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps). Implement and tune Microsoft Sentinel SIEM/SOAR: log sources, analytics rules, playbooks. Configure Microsoft Purview for DLP, insider risk, information governance, and compliance reporting. Lead threat modelling, vulnerability remediation, attack surface reduction, and security hardening . Align customer environments to Zero Trust and compliance frameworks (ISO 27001, SOC 2, NIST). SOC & Operational Security Provide Level 3/4 escalation for incidents across identity, endpoint, and cloud security. Partner with Oreta’s SOC for threat hunting, investigation, and incident response. Conduct proactive security health checks and ensure patch/vulnerability compliance . Maintain security documentation, runbooks, and incident response playbooks . Cloud Security (Supporting) Apply security architecture and controls to Azure, Microsoft 365, and hybrid workloads. Support secure cloud migrations and integrations, focusing on IAM, encryption, and monitoring. Configure Intune for endpoint compliance and secure device lifecycle management. Leadership & Practice Development Mentor and coach junior engineers in security engineering and incident handling . Contribute to Oreta’s security playbooks, frameworks, and managed service enhancements . Participate in customer workshops and advisory sessions , translating risks into solutions. Required Skills & Experience 5–8+ years’ experience in security engineering/operations (with Microsoft stack focus). Hands-on expertise in: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender Suite (Endpoint, Identity, O365, Cloud Apps) Microsoft Purview (DLP, compliance, insider risk) Entra ID (MFA, Conditional Access, Identity Governance, PIM) Strong understanding of threat detection, incident response, and SOC workflows . Familiarity with Azure/M365 cloud security controls (landing zones, governance, monitoring). Experience with compliance frameworks (ISO 27001, SOC 2, NIST CSF). Preferred certifications: SC-200, SC-300, AZ-500 (core); additional Azure/AWS security certs a plus. Excellent communication skills with customer-facing experience in delivery and operations . Role & responsibilities

Role & responsibilities About the Role: The Senior Cybersecurity SOC Engineer role is a key position within CA One Tech Cloud Clients . This role involves designing scalable applications and ensuring the delivery of high-quality projects. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring Interested candidates please share your resume to Sirishad@ca-one.com

Microsoft Security Architect -JD Location: Bangalore Department: Security Practice Reporting To: Head of Security Practice Job Summary We are seeking a Microsoft Security Architect to lead the design and governance of enterprise security solutions based on Microsofts security technologies. The role will involve defining architecture standards, solution blueprints, and working closely with both pre-sales and delivery teams to ensure secure and scalable implementations of Microsoft Sentinel, Defender, Entra, Intune, Purview, and Priva. The ideal candidate will have a strong technical background, excellent customer engagement experience, and a strategic mindset to drive cybersecurity transformations. Key Responsibilities Design and own end-to-end Microsoft security architecture for enterprise and MSSP environments. Provide technical leadership and architecture governance across security projects and managed services. Develop scalable architecture patterns and blueprints using Microsoft Defender suite, Entra, Sentinel, and Intune. Define and review HLDs, LLDs, and security solution artifacts. Guide implementation teams and ensure solution delivery adheres to architecture standards. Support pre-sales teams with architecture design, SOWs, and technical proposal inputs. Assess client environments, identify gaps, and propose architecture roadmaps. Align security solutions to compliance frameworks such as NIST, ISO 27001, RBI, GDPR. Participate in client architecture boards, technical governance, and project planning sessions. Continuously update reference architectures to incorporate evolving threat landscape and Microsoft updates. Required Skills and Experience 10+ years of experience in cybersecurity, with 4+ years in architecture or principal consultant roles. Strong hands-on experience designing with Microsoft Sentinel, Microsoft Defender, Microsoft Entra, and Intune. In-depth understanding of Zero Trust architecture, hybrid environments, and Microsoft’s security stack. Ability to lead technical workshops, architecture reviews, and strategy sessions with enterprise customers. Proficiency in developing security architecture diagrams, KQL queries, and logic apps. Familiarity with cloud security, identity governance, data protection, and threat detection techniques. Experience with architecture governance, audits, and design assurance practices. Preferred Certifications SC-100: Microsoft Cybersecurity Architect (highly recommended) SC-200: Microsoft Security Operations Analyst AZ-500: Azure Security Engineer Associate SC-300: Microsoft Identity and Access Administrator TOGAF, CISSP, CISM (preferred but optional)

As a Cloud Security Analyst & Incident Response Specialist, you will be responsible for monitoring and investigating high-risk alerts from Wiz across AWS, Azure, and GCP environments. Your role will involve analyzing attack paths, exposed services, and identity risks using Wiz Security Graph. You will collaborate with DevSecOps and Cloud Platform teams to triage and contain incidents, correlating Wiz alerts with signals from SIEM, endpoint, and identity tools to understand the full attack context. Supporting incident response efforts by conducting root cause analysis and post-incident reviews will also be part of your responsibilities. Your critical skills should include a degree in Cybersecurity, Information Security, Computer Science, or equivalent practical experience. You should have 3-6 years of experience in security operations, incident response, or threat detection, ideally with a cloud focus. Familiarity with Wiz, including security graph analysis, alert triage, and custom WQL queries is required. Understanding common cloud threats and misconfigurations in AWS, Azure, and/or GCP is essential, along with experience in tools like Microsoft Sentinel, Defender for Cloud, or other SIEM/SOAR platforms. Knowledge of core security concepts such as IAM, network security, and the MITRE ATT&CK framework is crucial. In this role, you will develop or improve playbooks for automated cloud incident response and stay current on evolving threats in cloud environments, such as identity-based attacks, privilege escalation, and lateral movement. Documenting response workflows, findings, and lessons learned to support continuous improvement is also expected. You should be comfortable working in fast-paced environments with cross-functional teams, possessing strong analytical and communication skills for documenting and sharing threat insights.,

You are invited to join our Information Security team as an Enterprise IT Security Analyst specializing in Security Operations Center (SOC) activities. In this role, you will play a crucial part in maintaining the security and effectiveness of our security operations by monitoring security alerts, analyzing incidents, and contributing to incident response processes. Your expertise in SOC operations, incident response, and security monitoring tools will be invaluable in supporting SOC initiatives. Your key responsibilities will include monitoring security alerts and events using tools such as Splunk, Microsoft Sentinel, Kusto (KQL), or Splunk Search Processing Language (SPL). You will be tasked with analyzing and triaging security incidents, assisting in incident response processes, handling security incidents and tickets, conducting security assessments, and contributing to the design of SOC use cases. Additionally, you will provide technical support for SOC-related issues, leverage AWS skills for cloud security monitoring, and stay up-to-date with the latest SOC trends and technologies. To excel in this role, you must possess a Bachelor's degree in computer science or a related field, along with 3 years of experience in SOC operations. A CompTIA Security+ certification or similar qualification is required, as well as experience with SIEM technologies and a strong understanding of SOC principles, practices, and frameworks. Your proven experience in incident response and management will be highly beneficial. While not mandatory, proficiency in AWS cloud security and Windows Defender, excellent problem-solving and analytical skills, strong communication abilities, and the capacity to work both independently and as part of a team are considered advantageous. Experience in a SOC analyst role within a security operations team and knowledge of cloud security challenges will also be beneficial. At Notified, we value diversity and are committed to providing equal opportunities for all. This role is based out of The Leela Office in Bangalore, with a hybrid work schedule that allows flexibility in your working arrangements. By joining our team, you will have the opportunity to work in an international environment, foster innovation and creativity, and benefit from comprehensive health insurance and extensive learning opportunities. Your contributions will help us amplify stories globally and support our clients in reaching their audiences effectively.,

The ideal candidate for the position should have expertise in Microsoft Sentinel (Not Azure Sentinel) along with strong skills in KQL, Incident Response, MS Defender, Content Management, MITRE ATT&CK, MITRE DEFEND, and Kusto Query Language. Additionally, experience in Threat Intelligence, Threat Hunting, Custom Workbooks, and familiarity with the Microsoft cloud platform Azure is required. The candidate should have a notice period of 0-30 days and hold a graduate degree. The job location options include Bangalore, Pune, Mumbai, Hyderabad, Chennai, Gurgaon, and Noida. For further details and application submission, please reach out to career@krazymantra.com.,

This job is with Kyndryl, an inclusive employer and a member of myGwork the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you ready to take on an exhilarating role as a Program Manager at Kyndryl Prepare to embark on a journey where you will be at the helm of delivering value-add transformative programs for Kyndryl and our customers. Your ultimate mission To deliver a truly extraordinary outcome for our customers and propel our business to new heights. As a Program Manager, you have the ability to break down a strategic vision into discrete interconnected projects, each one delivering its own critical component to realize the vision. As the interface for the project managers leading each interconnected project, your choices will have a resounding impact across projects and secure successful program outcomes. Equipped with the power of data and analysis, you will possess the unique ability to predict, understand, and influence the outcomes of each project. Your strategic foresight will fuel effective decision-making, as you navigate the intricate complexities of our interconnected projects, establishing objective and milestone commitments, managing risk, and ensuring budgets and time requirements are appropriately defined. You will successfully deliver the scope of each program by assembling a Kyndryl team with the required skills and provide ongoing coaching and mentoring to our dedicated project managers and teams. As a Kyndryl Program Manager, you&aposll play a vital role in our mission, bringing innovation and collaboration to the table. Join us and be part of a team that&aposs revolutionizing the future while charting an exciting career path filled with growth and opportunities. Apply now and let&aposs transform the future together. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won&apost find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You&aposre good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you&aposre open and borderless - naturally inclusive in how you work with others. Required Skills And Experience Having 7+years of Experinece in Transition Manager - CDC role responsible for the end-to-end governance, delivery, and transformation of Cyber Defense Center operations. This role oversees a multi-tiered team of around100 security professionals across L1-L4, spanning SOC, SecOps, Threat Hunting, Engineering, AppSec, DevSecOps, VM, AI and Automation domains. The CDC Head acts as the single point of accountability for service delivery, SLA adherence, and strategic alignment with client security objectives. Strategic Leadership & Governance Define and drive the CDC&aposs vision, roadmap, and transformation strategy, including the shift toward autonomous SOC operations using GenAI and agentic AI Lead governance forums with client stakeholders, ensuring alignment with business risk, compliance, and regulatory frameworks Own the CDC&aposs SLA/KPI framework, including MTTR, MTTD, containment rate, and automation coverage Service Delivery Oversight Oversee 24x7 operations across SOC, IR, Threat Hunting, Engineering, and Automation towers Ensure seamless coordination between L1-L3 analysts, incident managers, and platform SMEs. Manage escalations, RCA reviews, and continuous improvement initiatives People & Capability Management Lead a team of over 100 resources, including: 16+ L1 SOC Analysts 20+ L2 Engineers (SOC, IR, Endpoint, Network, DLP, IAM) L3 SMEs (Threat Hunter, IR, Engineering, AppSec, Data Protection) Automation Engineers, Content Developers, and GenAI Developers Drive talent development, cross-skilling, and succession planning Preferred Skills and Experience : Technology & Platform Integration: Oversee integration of Microsoft Sentinel, Defender XDR, Azure Logic Apps, and Security Copilot Agents into CDC workflows Ensure platform health, telemetry coverage, and detection efficacy across SIEM, SOAR, EDR, DLP, and VM tools Reporting & Stakeholder Engagement Report to the Account Delivery Partner Executive and interface with: Service Delivery Managers from other Towers of IT operations Overall Incident Managers Client CISOs and Risk Officers Deliver monthly and quarterly business reviews (MBRs/QBRs) with insights on threat trends, SLA performance, and roadmap progress Being You Diversity is a whole lot more than what we look like or where we come from, it&aposs how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we&aposre not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That&aposs the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked &aposHow Did You Hear About Us' during the application process, select &aposEmployee Referral' and enter your contact&aposs Kyndryl email address. Show more Show less

The role of SOC Automation requires a minimum of 4 years of experience in managing and operating Microsoft Sentinel. Your responsibilities will include onboarding and troubleshooting log sources on premises and cloud to the Sentinel platform using syslog APIs and other mechanisms, ensuring data integrity, reliability, and proper formatting. Additionally, you will need hands-on experience with log collection, parsing, and analysis from various sources such as firewalls, endpoints, and cloud environments. A strong defensive mindset with an understanding of security events of interest for building detection rules is essential, along with proficiency in query languages like KQL. Advanced threat intelligence using Kusto Query Language (KQL), expertise in use case creation and parser development, as well as knowledge of DevOps practices including CICD pipelines, GIT, ARM templates, and Azure Automation will be required. You will be responsible for creating automation rules, utilizing threat intelligence in Azure Sentinel, and implementing and optimizing security controls in cloud environments like AWS, Azure, and GCP while enforcing security as code principles and compliance automation. Experience with SOAR tools like Sentinel SOAR, programming skills in Javascript, Python, REST API automation, or machine learning, and proven experience in SIEM migration projects are preferred. Proficiency in the English language, both written and verbal, is necessary. As an Infoscion, you will be part of the Infosys consulting team where your primary role will involve diagnosing customer issues, designing innovative solutions, and facilitating deployment to ensure client satisfaction. You will develop proposals, configure products, conduct demonstrations, and actively contribute to projects and organizational initiatives to provide high-quality solutions to customers. In addition to technical requirements, you should have the ability to develop value-creating strategies, good knowledge of software configuration management systems, awareness of latest technologies, logical thinking, problem-solving skills, and the ability to collaborate effectively. Understanding of financial processes, industry trends, client interfacing skills, project management, and team management are also important skills for this role. Preferred skills for this position include experience in SOC Operations, SOAR tools like Cortex XSOAR (Demisto), threat hunting with SIEM tools, and cloud security focusing on Microsoft Azure's Threat Detection & Response, specifically Azure Sentinel.,

As an L1 SOC Analyst with 3 to 5 years of experience, you will be responsible for expertise in Triage, Threat Detection and Response, Threat Hunting, and SOC Assessment. Your role will involve utilizing your in-depth knowledge of Sentinel and Crowdstrike, along with security event collection, monitoring, analysis, issue investigation, and incident response leveraging automated SOAR tools. Your primary duties will include real-time monitoring, data enrichment, event correlation, OS/application event analysis, and IOC based threat hunting. Additionally, you will be tasked with email analysis, investigation, and phishing detection. You will play a key role in incident workflow management, issue escalation, and assisting stakeholders with issue containment, remediation, and risk mitigation. In this role, you will provide valuable input into enhancing threat detection rules and optimizing response playbooks. You will actively participate in operational meetings and war-room sessions, offering insights into issue eradication and security posture improvement. Key Skills required for this role include proficiency in Microsoft Defender E5 Security Suite, Microsoft Sentinel, and security suite. Your expertise in these areas will be crucial in ensuring the effective operation and security of the organization's systems and data.,

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you'll do: . Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging . Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities . Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time . Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities . Perform proactive threat hunting to identify and mitigate advanced threats . Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation . Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats . Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership . Continuously improve SOC processes and playbooks to streamline operations and response efforts . Mentor junior SOC analysts and provide guidance on security best practices . This role requires participation in a rotational shift . Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you'll bring: . Strong analytical and problem-solving abilities . Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams . Proven ability to remain calm and efficient under a high-pressure environment . Proficient in using SIEM tools, such as Microsoft Sentinel . Experience with data migration strategies across SIEM platforms . Experience on Cloud Security Operations and Incident Response platforms such as Wiz . In-depth understanding of cyber threats, vulnerabilities, and attack vectors . Proficient in creating KQL queries and custom alerts within Microsoft Sentinel . Expertise in developing SIEM use cases and detection rules . Skilled in incident response and management procedures . Experienced in conducting deep-dive investigations and root cause analysis for incidents . Adept at collaborating with stakeholders to resolve complex cybersecurity challenges . Ability to automate routine SOC processes to enhance operational efficiency . Experienced in mentoring and guiding junior analysts in security operations . Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: . Excellent interpersonal (self-motivational, organizational, personal project management) skills . Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System . Ability to analyze cyber threats to develop actionable intelligence . Skill in using data visualization tools to convey complex security information Academic Qualifications: . Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) . 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management . Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks . Experience with SIEM migration . Expertise in incident response, threat detection, and security monitoring . Solid understanding of Windows, Linux, and cloud security concepts . Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred . Preferred Security Cloud Certifications: AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we honor the visible and invisible elements of our identities, personal experiences, and belief systems-the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities, and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives, and experiences. about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive. If you're eager to grow, contribute, and bring your unique self to our work, we encourage you to apply. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To complete your application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At:

Join our dynamic team as a Cyber Security Analyst where you will play a crucial role in safeguarding our digital assets. With a focus on Security Operations Center (SOC), you will monitor and respond to security incidents, ensuring the integrity and confidentiality of our systems. This hybrid role offers the opportunity to work both remotely and on-site with occasional travel required. Your responsibilities will include monitoring security alerts and incidents using SOC tools, analyzing security incidents to determine root causes, collaborating with IT teams to develop and implement security measures, conducting regular security assessments, providing expert guidance on security best practices, developing incident response plans, utilizing Microsoft Sentinel for threat detection, preparing detailed reports on security incidents, staying updated on cybersecurity threats and trends, participating in policy development, conducting training sessions, and coordinating with external partners and vendors for comprehensive security coverage. To qualify for this role, you should possess a strong understanding of SOC and Security Information and Event Management (SIEM) technologies, demonstrate expertise in cybersecurity principles and practices, have hands-on experience with C-SOC and Microsoft Sentinel, exhibit knowledge of compliance standards such as SOC1 Type1&2 SAAE18 and SSAE16, show proficiency in conducting security assessments and audits, display excellent analytical and problem-solving skills, and communicate effectively with technical and non-technical stakeholders. The certifications required for this position are Certified Information Systems Security Professional (CISSP) and Certified SOC Analyst (CSA).,

You should have at least 6-10 years of experience, with a minimum of 5+ years specifically in Microsoft DLP (Microsoft Defender/MS Purview & Compliance) and Microsoft Sentinel, or equivalent tools for data leakage prevention. Your role will involve evaluating data loss products, building and implementing them, integrating with existing systems, and providing technical support and stakeholder management. Your responsibilities will include hands-on experience in rule creation and maintenance, antispam and anti-phishing administration, report analysis, and making recommendations for future configurations and rules. Knowledge or exposure to Data Loss Prevention integration with SIEM technologies like Splunk, HP ArcSight, etc., will be beneficial. It would be advantageous to have knowledge of programming languages such as Java, .NET, Python, etc. The top 3 skills required for this role include proficiency in MS Purview & Compliance (MS DLP), MS Sentinel, and basic scripting for automation. If you find this opportunity exciting, please share your resume at deepika.eaga@quesscorp.com.,

As an Endpoint DLP Specialist, your main responsibilities will include implementing Endpoint DLP Solutions by deploying and configuring Microsoft Endpoint DLP solutions using Microsoft Purview. You will be tasked with ensuring seamless integration with existing systems. Additionally, you will be responsible for developing, implementing, and managing DLP policies tailored to endpoint devices using Microsoft Purview to ensure data protection and compliance. Generating detailed reports on DLP incidents, trends, and system performance using Microsoft Purview for management review will also be part of your role. Troubleshooting endpoint DLP systems within Microsoft Purview to ensure optimal performance and providing support to pilot end-users in testing DLP policies and documenting feedback will be crucial tasks. Preferred experience in integrating DLP logs with monitoring and reporting systems such as Microsoft Sentinel and Power BI will be an advantage. To excel in this role, you should have proficiency in Microsoft Endpoint Manager (Intune), Microsoft Defender for Endpoint, and Microsoft Purview. A strong understanding of endpoint security, data classification, and regulatory compliance requirements will also be essential. If you are passionate about endpoint security, data protection, and compliance, and possess the technical skills and knowledge required for this position, we encourage you to apply and be a part of our team.,

Hi Job seekers, We are hiring for Cloud Security engineer hiring For the client: carelon Global solution Payroll: Spsoft(C2H) NP:0 to Immediate Loc:Bangalore/Hyd/Gurgoan Job Description: 8+ years of exp in Azure Secuirty Services ( Security Center, Microsoft Sentinel, Azure AD, Azure Policy etc). Good to have Azure Security Engineer certification If Any One interested please share to sayini.prasanthi@spsoftglobal.com

Position Purpose Looking for highly skilled and experienced SIEM Specialist to join our Infosec team. The ideal candidate will have a strong background in security information and event management, with a focus on monitoring, analysing, and responding to security incidents. This role requires expertise in configuring and managing SIEM tools, Threat Intel Tool, conducting detailed incident investigations, and implementing effective security measures to protect our organization's digital assets. Position Responsibilities Continuously monitor security alerts and incidents using Microsoft Sentinel. Respond to and investigate security incidents, perform root cause analysis, and implement corrective actions. Utilize threat intelligence to identify and mitigate potential security threats. Configure and manage security tools and technologies, including SIEM, Cyble, Izoologic, Deception, Dark web and endpoint protection. Ensure all identified gaps gets implemented with appropriate security measures. Work closely with other security team members and stakeholders to enhance security measures. Review daily operational activities and provide timely mentorship to junior SOC analysts. Conduct detailed investigations of escalated alerts. Validate closed incidents to ensure accuracy. Manage shifts and facilitate knowledge transfer during shift handovers. Perform deep-dive incident analysis by correlating data from various sources. Document and archive artifacts for future reference. Lead junior SOC analysts in investigations, analysis, and alert categorization. Monitor various technology dashboards to identify suspicious anomalies. Ensure quality checks for alerts raised by Level 1 SOC analysts. Track and report on SLA compliance. Fine-tune alerts to improve detection accuracy. Submit audit data as required. Qualifications and Experience Requirement Essential Bachelor's degree in any steam or in Computer Science, Information Security. Any one or two certification in security frameworks such as MS sentinel SIEM, CISSP, CISM, CEH, CHFI Essential Minimum of 4-8 years of experience in a SOC environment, with at least 2 years of experience with Microsoft Sentinel. Strong understanding of security concepts, including network security, Knowledge of regulatory requirements. Sound Knowledge on security solutions Antivirus, IDS/IPS, EDR-XDR, Anti apt solutions, TACAS, NAC, DAM, IDAM Proficiency in SIEM tools, threat intelligence platforms, and incident response methodologies. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Well versed with emerging technologies, associated risks and associated controls to manage risks. Ability to work effectively in a team-oriented environment. Threshold Competencies Technical Expertise: Deep understanding of security technologies, tools, and best practices. Problem-Solving: Ability to identify, analyze, and resolve complex security issues. Decision-Making: Ability to make sound judgments in high-pressure situations. Communication: Effective communication skills, both written and verbal. Leadership: Ability to lead and motivate a team of security professionals. Leadership Competencies Strategic Thinking: Ability to develop and implement long-term security strategies. Innovation: Drive innovation and continuous improvement in risk management Influence: Ability to influence and persuade others, including senior management. Relationship Building: Ability to build and maintain strong relationships with stakeholders. Change Management: Ability to manage change effectively and adapt to new challenges.

Degree in IT/CS 12 years of exp in Security Operations Experience with Microsoft Sentinel and Microsoft Defender Familiarity with monitoring and analysing security events in SIEM , EDR , and NDR platforms Please mail resume at Jude28x@gmail.com

Join our Security Operations Center (SOC) team in Jaipur, India as a Cyber Security Trainee. If you are an engineering graduate with a passion for cybersecurity, this is the perfect opportunity to kickstart your career. We are looking for local candidates based in Jaipur to fill this position. As a SOC Analyst Trainee, you will be responsible for assisting in threat detection, threat hunting, reporting, and incident response. You will work with a variety of security tools including firewalls, IDS, SIEM (Sentinel), and antivirus software. Additionally, you will be involved in supporting research, documentation, and testing tasks. To be eligible for this position, you should have completed B.Tech, MCA, M.Tech in IT, Computer Science, or Cybersecurity, and possess some industry experience. A strong understanding of networking, operating systems (Windows/Linux), encryption, and pentesting is required. Working knowledge of SQL, KQL, and Python is preferred. Experience with security tools such as EDR, SIEM, Microsoft Sentinel, and Defender is advantageous. Possessing certifications like Security+, CEH, or NASSCOM will be considered a plus. Excellent communication and problem-solving skills are essential for this role. If you are ready to start your journey in cybersecurity and meet the above requirements, send your resume and a short cover letter with the subject "Cyber Security Trainee Jaipur" to ManishaY@OpalSoft.com. Don't miss this opportunity to grow your career in the exciting field of cybersecurity. Apply now and take the first step towards becoming a cybersecurity professional. #JaipurJobs #CyberJobsIndia #EngineeringJobsIndia #CyberSecurityIndia #SecurityOperationsCenter #EDR #SIEM #MicrosoftSentinel #MicrosoftDefender #ForensicEngineering #InfoSecIndia #ThreatHunting,

As a Senior Information Security Specialist at our organization, you will be responsible for investigating and responding to alerts raised by the Security Operations Center (SOC). You will play a key role in coordinating security incidents and serving as part of the 24-hour on-call Security Incident Response Team. Additionally, you will be tasked with monitoring and investigating security alerts from SIEM systems, handling malware, and performing malware analysis. Your role will also involve correlating information from various security tools during incident investigations and analyzing threat intelligence feeds to identify relevant threats. You will be expected to enter identified vulnerabilities into the vulnerability management process and execute vulnerability management processes. Furthermore, you will configure IT security tools such as Microsoft Defender, Sentinel, and Intune. Monitoring the security email inbox, responding to received notifications and requests, and collaborating with teams to enhance security education and awareness across the organization will also be part of your responsibilities. To excel in this role, you should have proficiency in coordinating all phases of security incident response, including identification, containment, eradication, recovery, and post-incident analysis. You should be skilled in analyzing logs from SIEM systems, firewalls, and network devices to identify malicious activity. Possessing relevant certifications such as GCIH, ECIH, or equivalent will be advantageous. Candidates with experience working in a SOC and sound knowledge of Microsoft and AWS security tools will be preferred. Familiarity with tools such as Dynamic Application Scanning Tools (DAST), network scanners, open-source forensic tools, Microsoft/AWS security tools, anti-malware scanners, and web application firewalls is also desirable for this role.,

As a Cloud Security Expert, you will be responsible for designing and implementing secure cloud security solutions using tools such as Microsoft Sentinel. You will lead the development of security strategies, policies, and procedures to safeguard client data in the cloud. Your role will involve collaborating with DevOps teams to integrate security into the continuous delivery pipeline using automation tools like Terraform and AKS. Additionally, you will conduct risk assessments, threat modeling, and security testing to identify and address security vulnerabilities. Your expertise will be crucial in providing guidance on cloud security best practices and technologies to clients and team members. To excel in this role, you are required to stay updated with industry trends and advancements in cloud security. You will mentor and train junior security personnel to ensure adherence to security best practices. Building strong relationships with cross-functional teams is vital to ensure the security of cloud-based systems and applications. You will be expected to communicate security risks and potential impacts to stakeholders and provide guidance on risk mitigation. Your leadership will be pivotal in leading client engagements, providing technical support, and ensuring successful delivery of cloud security solutions. Key Responsibilities: - Design and implement secure and scalable cloud security solutions that meet client needs and requirements - Develop and implement security strategies, policies, and procedures to protect client data in the cloud - Conduct risk assessments, threat modeling, and security testing to identify and address vulnerabilities - Provide technical leadership and guidance to team members and lead client engagements - Build strong relationships with cross-functional teams, stakeholders, and clients to communicate security risks and potential impacts - Continuously improve security strategies, practices, and technologies to protect clients from evolving threats - Stay updated with industry trends in cloud security and provide expertise to clients and team members Required Skills: - Proficiency in Microsoft Sentinel for configuration, deployment, and management - Knowledge of Terraform for automating infrastructure deployment and management in the cloud - Proficiency in AKS (Azure Kubernetes Service) for deploying, managing, and securing Kubernetes clusters - Strong understanding of DevOps practices and tools for continuous integration and delivery pipelines - Expertise in risk assessments, threat modeling, and security testing techniques - Strong leadership skills Qualifications: - Bachelor's degree in computer science, Information Security, or a related field - Minimum 8 years of expertise in application security with proficiency in development - Advanced degree or relevant certifications (e.g., CISSP, CISM) would be advantageous - Familiarity with cloud security concepts, cloud services, and cloud security controls - Strong analytical and prioritization skills with the ability to manage multiple projects simultaneously If you are a seasoned professional with a robust background in cloud security and a passion for protecting client data, we invite you to apply for this challenging role.,

You are an experienced Azure Cloud Specialist with advanced development skills in .NET and Go (Golang), possessing solid hands-on experience in Azure-native cloud architecture. Your primary responsibility will be designing, developing, and deploying scalable applications and services using Microsoft Azure. Additionally, you must have strong database skills with Azure PostgreSQL, Azure SQL, and Databricks. Your role includes implementing secure networking, hybrid cloud integrations, and full lifecycle DevOps pipelines within enterprise environments. You will be involved in building and deploying cloud-native applications using .NET and Go, following best practices for scalability and maintainability. In terms of Azure Platform Architecture, you will architect and implement services using Azure Kubernetes Service (AKS), Service Fabric, Service Bus, API Management, and Azure Functions. You will also design auto-scaling environments using Azure VM Scale Sets, App Services, and Load Balancers while managing Azure Key Vault for secure secrets and certificate storage. Database Engineering is a crucial aspect of the role, involving designing and optimizing database schemas using Azure Database for PostgreSQL, Azure SQL, and Databricks. You will implement data replication, backup, high availability, and disaster recovery strategies. Networking & Hybrid Integration tasks include configuring and managing Azure Virtual Networks, NSGs, Application Gateways, and ExpressRoute circuits. You will integrate on-premises infrastructure with Azure using hybrid cloud models, including VPN Gateways and AD Connect. Security & Monitoring are essential components where you will apply enterprise-grade security using Microsoft Sentinel, Azure Security Center, and RBAC policies. Ensuring environment compliance with industry standards and internal policies is vital. DevOps Enablement will require setting up CI/CD pipelines using Azure DevOps, Terraform, and GitHub Actions. You will containerize applications and manage deployments on AKS and Docker-based environments. Collaboration & Communication skills are vital for documenting architectures, workflows, and deployment models clearly. You must work across teams to understand requirements and deliver secure, performant, and scalable solutions. To excel in this role, you should have 5+ years of experience in cloud-native software development with .NET (C#) and Go, along with 3+ years of hands-on experience with Microsoft Azure. Strong expertise in various Azure services, database technologies, networking, security, and DevOps practices is required. Additionally, excellent communication and collaboration skills are necessary. Preferred certifications include Microsoft Certified: Azure Solutions Architect Expert, Azure Administrator Associate, Azure Developer Associate, Azure Database Administrator Associate, Azure Security Engineer Associate, and DevOps Engineer Expert.,

Azure Cloud Specialist .NET and Golang Location: Dubai, UAE Department: Cloud Engineering & DevOps Reporting To: Head of Cloud and Infrastructure Employment Type: Full-time Job Summary: We are seeking an experienced and versatile Azure Cloud Specialist with advanced development skills in .NET and Go (Golang), and solid hands-on experience in Azure-native cloud architecture. The ideal candidate will be adept at designing, developing, and deploying scalable applications and services using Microsoft Azure, while also possessing strong database skills with Azure PostgreSQL, Azure SQL, and Databricks. This role also involves implementing secure networking, hybrid cloud integrations, and full lifecycle DevOps pipelines within enterprise environments. Key Responsibilities: Application Development: Build and deploy cloud-native applications using .NET and Go, following best practices for scalability and maintainability. Azure Platform Architecture: Architect and implement services using Azure Kubernetes Service (AKS), Service Fabric, Service Bus, API Management, and Azure Functions. Design auto-scaling environments using Azure VM Scale Sets, App Services, and Load Balancers. Manage Azure Key Vault for secure secrets and certificate storage. Database Engineering: Design and optimize database schemas using Azure Database for PostgreSQL, Azure SQL, and Databricks. Implement data replication, backup, high availability, and disaster recovery strategies. Networking & Hybrid Integration: Configure and manage Azure Virtual Networks, NSGs, Application Gateways, and ExpressRoute circuits. Integrate on-premises infrastructure with Azure using hybrid cloud models, including VPN Gateways and AD Connect. Security & Monitoring: Apply enterprise-grade security using Microsoft Sentinel, Azure Security Center, and RBAC policies. Ensure environment compliance with industry standards and internal policies. DevOps Enablement: Set up CI/CD pipelines using Azure DevOps, Terraform, and GitHub Actions. Containerize applications and manage deployments on AKS and Docker-based environments. Collaboration & Communication: Document architectures, workflows, and deployment models clearly. Work across teams to understand requirements and deliver secure, performant, and scalable solutions. Required Skills & Experience: 5+ years of experience in cloud-native software development with .NET (C#) and Go. 3+ years of hands-on experience with Microsoft Azure. Strong experience with: Azure Kubernetes Service, Service Fabric, API Management, Azure Functions Azure PostgreSQL, Azure SQL, Cosmos DB, Databricks Azure Networking VNETs, ExpressRoute, DNS, NSGs, Hybrid Setups Key Vault, Security Center, Microsoft Sentinel CI/CD using Azure DevOps and Infrastructure as Code (IaC) tools like Terraform or Bicep Strong understanding of microservices, RESTful APIs, and distributed systems. Excellent communication and cross-functional collaboration skills. Preferred Certifications: ? Microsoft Certified: Azure Solutions Architect Expert ? Microsoft Certified: Azure Administrator Associate ? Microsoft Certified: Azure Developer Associate ? Microsoft Certified: Azure Database Administrator Associate (with PostgreSQL or SQL Server) ? Microsoft Certified: Azure Security Engineer Associate ? Microsoft Certified: DevOps Engineer Expert Show more Show less