16 Mitre Attck Jobs

As a Senior Analyst IT Security at Carelon Global Solutions India, you will play a crucial role in supporting strategies, projects, and initiatives to effectively reduce organizational risk. Working closely with various stakeholders, you will gather requirements, identify security solutions, drive projects, support day-to-day operational needs, and provide clear reporting to leadership. Your responsibilities will include collaborating with business and IT stakeholders to understand cybersecurity requirements, developing and maintaining detailed documentation of security processes, recommending and implementing security countermeasures, creating cybersecurity reports for decision-making, staying updated on cybersecurity trends, participating in security-related projects, providing training on cybersecurity awareness, and implementing security tools and best practices. To qualify for this role, you should have a Bachelor's degree or equivalent experience in Information Security or a related field. You must possess knowledge of IT risks and security threats, be self-motivated, organized, and an analytical problem solver. Excellent communication skills, experience in creating executive-level communications, and proficiency in documenting information are essential. Key skills and competencies for this role include familiarity with security frameworks like MITRE ATT&CK and NIST, working knowledge of Power BI for creating dashboards, understanding of network protocols and operating systems, strong problem-solving and analytical skills, and the ability to track and report metrics associated with FIM technology. Experience with tools from MS Office for providing analytical reports is also required. Relevant certifications such as CISSP, CEH, GIAC, or equivalent are considered a plus. The role requires working full-time with shift timings from 5.30 PM to 2.30 PM. At Carelon Global Solutions, we offer a world of limitless opportunities to our associates, fostering growth, well-being, purpose, and a sense of belonging. Our culture focuses on learning and development, innovation, creativity, and freedom, along with comprehensive rewards and recognition, competitive health and medical insurance coverage, best-in-class amenities, and policies designed with associates at the center. Carelon is an equal opportunity employer that celebrates diversity in its workforce and work styles. If you require reasonable accommodation during the interview process due to a disability, please request the Reasonable Accommodation Request Form.,

The ideal candidate for the position should have expertise in Microsoft Sentinel (Not Azure Sentinel) along with strong skills in KQL, Incident Response, MS Defender, Content Management, MITRE ATT&CK, MITRE DEFEND, and Kusto Query Language. Additionally, experience in Threat Intelligence, Threat Hunting, Custom Workbooks, and familiarity with the Microsoft cloud platform Azure is required. The candidate should have a notice period of 0-30 days and hold a graduate degree. The job location options include Bangalore, Pune, Mumbai, Hyderabad, Chennai, Gurgaon, and Noida. For further details and application submission, please reach out to career@krazymantra.com.,

As a SOC Detection Lead at Airbus India Private Limited, you will be an integral part of the Digital function, dedicated to enhancing Airbus's information management capabilities and facilitating the adoption of new technologies and agile ways of working. Your primary responsibility will be to lead a team of detection engineers, guiding them in their research, suggesting security detection scenarios, and proposing automations to strengthen SOC detection and response capabilities. Developing a roadmap and strategies for threat detection, investigation, and response, as well as producing management information, reports, and KPIs, will also fall under your purview. Your role is crucial in contributing to the overall performance and success of the Security Operations Centre. The Airbus Detect and Response team focuses on identifying and responding to security threats that target Airbus company-wide. The mission of the Detection & Response (D&R) teams is to detect security incidents, propose appropriate security responses, and ensure the protection of Airbus businesses against cyber threats in an increasingly complex threat landscape. Your qualifications should include a Bachelor's degree in Computer Science, Engineering, or a related field, with a preference for a Masters in Information Security. You should have 6 to 10+ years of relevant experience as a Detection and Automation Engineer or SOC L2/L3 Analyst, along with industry certifications such as CASP+, SANS-GIAC, OSCP, CISSP, or equivalent. Additionally, proficiency in building and investigating threat scenarios for platforms like Windows, Network, Unix/Linux, Cloud (AWS/GCP), and Containers is required. Knowledge of automation, scripting using Python and JavaScript, network and web technology, encryption, cloud computing, firewalls, and security management is essential. Familiarity with Splunk Enterprise Security, SOAR technology, SOC referential such as Sigma, STIX/TAXII, MITRE ATT&CK, and proven abilities in workload prioritization and effective time management are valued. As a SOC Detection Lead, your responsibilities will involve conducting research on the latest threats, defining log configurations, developing detection use cases and dashboards, performing adversary emulation, and planning workshops between Detection Engineers, SOC Analysts, and Business Stakeholders. You will also be required to propose and develop investigative automations, support purple teaming activities, collaborate with SOC Product Manager, Security teams, and develop detailed documentation for SOC use cases. In this role, continuous learning and development are encouraged through participation in security forums, workshops, training, certifications, and conferences to stay updated on the latest security trends and practices. Success will be measured based on project delivery, innovative solutions, and customer satisfaction. As part of Airbus India Private Limited, you will have access to international travel opportunities, competitive remuneration, good work-life balance, career growth prospects, training and development opportunities, and a comprehensive benefits package. Airbus is committed to equal opportunities and does not engage in any monetary exchanges during the recruitment process. If you are a proactive and detail-oriented professional with a passion for cybersecurity and a desire to contribute to a dynamic and innovative team, this role offers a unique opportunity to make a significant impact in the field of cyber detection and response at Airbus.,

As a Sr Analyst IT Security at Carelon Global Solutions India, you will play a crucial role in supporting strategies, projects, and initiatives to effectively reduce organizational risk and measure progress. Your responsibilities will involve collaborating with business and IT stakeholders to understand cybersecurity requirements, developing detailed documentation of security processes, recommending security countermeasures, creating and presenting cybersecurity reports to leadership, staying up-to-date with the latest cybersecurity trends, participating in security-related projects, providing training on cybersecurity awareness, and continuously improving the organization's security posture. To qualify for this role, you should have a Bachelor's degree or equivalent experience in Information Security or a related field (4-8+ years), knowledge of IT risks and security threats, self-motivation, organization, analytical problem-solving skills, excellent communication skills, experience in creating executive-level communications and presentations, familiarity with security frameworks like MITRE ATT&CK and NIST, working knowledge of Power BI for creating dashboards, in-depth understanding of network protocols and operating systems, proficiency in documenting information, designs, and processes, tracking and reporting metrics using tools like MS Office, and experience in providing analytical reports. It would be advantageous to have relevant certifications such as CISSP, CEH, GIAC, or equivalent. The working hours for this position are from 5:30 PM to 2:30 PM. At Carelon Global Solutions, we offer a world of limitless opportunities to our associates, believing that commitment to a role extends beyond its responsibilities. We foster an environment that encourages growth, well-being, purpose, and a sense of belonging. Our focus on learning and development, innovative culture, well-being initiatives, rewards and recognitions, health and medical insurance coverage, workspaces, and policies designed with associates in mind make Life @ Carelon fulfilling and enriching. Carelon is an equal opportunity employer that values diversity and inclusivity. We celebrate the diverse ways we work and offer reasonable accommodations to empower all associates to deliver their best work. If you have a disability and require accommodation during the interview process, please request the Reasonable Accommodation Request Form. This is a full-time position at Carelon Global Solutions India, where you will have the opportunity to contribute to the cybersecurity initiatives of the organization and make a meaningful impact on improving healthcare systems and communities.,

As a Senior SOC Architect, you will play a crucial role in leading the design and evolution of our Security Operations Center (SOC) infrastructure and strategy. Your extensive expertise in security architecture, incident response frameworks, threat intelligence integration, and enterprise-grade SOC solutions will be essential for the success of this high-impact position. Your responsibilities will include designing and continually enhancing SOC architecture, processes, and automation frameworks. You will be responsible for evaluating and implementing various security technologies such as SIEM, SOAR, EDR, IDS/IPS, among others. Additionally, you will lead the integration of threat intelligence feeds, analytics, and response capabilities while ensuring alignment with business and compliance requirements such as ISO 27001 and NIST. In this role, you will provide strategic direction and architectural governance for SOC operations, mentoring SOC teams to ensure technology alignment with best practices. Collaboration with stakeholders, IT, and security leaders to define threat models and use cases will be a key aspect of your responsibilities. To be successful in this role, you should possess at least 10 years of experience in cybersecurity, with a minimum of 3 years in SOC architecture or design-focused leadership roles. Your proven experience in deploying and scaling SOC tools and platforms like Splunk, QRadar, Sentinel, Palo Alto XSOAR, and CrowdStrike will be valuable. A deep understanding of threat detection, incident response, security automation, network security, endpoint security, cloud security, and log management is essential. Familiarity with security frameworks and standards such as MITRE ATT&CK, NIST, and ISO is also required. Your exceptional leadership, communication, and documentation skills will be crucial for effectively fulfilling this role. This is a full-time on-site position located in Andheri East, Mumbai. The client interview process will consist of 5 rounds, with the first round being on-site and subsequent rounds conducted virtually. Join us as a Senior SOC Architect and be at the forefront of building a resilient and modern SOC capable of staying ahead of today's advanced threats.,

We are seeking a proactive and experienced L2 Security Operations Analyst to join our Security Operations Centre (SOC) team. In this role, you will play a crucial part in detecting, analyzing, and responding to cybersecurity incidents across a hybrid infrastructure that includes AWS Cloud, on-prem infrastructure, and various endpoint systems like Linux, Windows, and macOS. Your expertise with SIEM, EDR, firewalls, and cloud-native security tools, combined with a deep understanding of threat landscapes and incident response processes, will be essential. As an L2 Security Operations Analyst, your responsibilities will include acting as the primary escalation point for the L1 team, investigating, validating, and escalating security alerts, monitoring and analyzing security events from multiple sources, triaging security alerts, correlating data to identify malicious activity patterns, refining detection use cases, updating incident response runbooks, developing automation using SOAR platforms, documenting incidents and root cause analysis, providing status reports and metrics, and collaborating with various teams for investigation and remediation. To qualify for this role, you should have a Bachelor's degree in information security, Computer Science, or a related field, along with 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency in SIEM tools such as Sentinel and Splunk, hands-on experience with EDR/XDR platforms like CrowdStrike and Sentinel One, a strong understanding of network protocols, operating systems, malware analysis, and threat actor behavior, familiarity with frameworks like MITRE ATT&CK and NIST CSF, incident response and investigation skills, and experience with ticketing systems and incident tracking tools are required. If you are looking to join a dynamic team and contribute your expertise to enhancing our cybersecurity posture, we encourage you to apply for the L2 Security Operations Analyst position at mPokket.,

As a Red Teaming & Web Application Security Specialist at Hitachi Digital, your primary responsibility will be conducting advanced offensive security assessments to identify vulnerabilities across applications, infrastructure, and processes. In this role, you will combine adversary simulation exercises (Red Team) with deep web application penetration testing to proactively uncover and address security weaknesses before they can be exploited by malicious actors. Key Responsibilities: - Red Teaming & Adversary Simulation: You will plan, execute, and document red team engagements that simulate realistic cyberattacks against the organization's systems, applications, and users. This will involve emulating threat actors" tactics, techniques, and procedures based on frameworks like MITRE ATT&CK. You may also need to conduct physical security assessments, social engineering campaigns (such as phishing and vishing), and insider threat simulations as required. Additionally, collaborating with the Blue Team to validate detection and response capabilities and providing actionable improvement plans will be part of your responsibilities. - Web Application Security: Your role will also include performing manual and automated web application penetration testing using tools like Burp Suite, OWASP ZAP, and custom scripts. You will be expected to identify, validate, and exploit vulnerabilities such as injection flaws, authentication bypass, XSS, CSRF, SSRF, and insecure deserialization. Working closely with development teams to remediate findings and ensure secure coding practices will be essential. Furthermore, conducting source code reviews to detect and eliminate security flaws will fall under your purview. - Security Research & Tool Development: You will be tasked with developing and maintaining custom tools, scripts, and exploits to enhance testing capabilities. Staying current with emerging attack vectors, zero-days, and security trends, as well as performing threat modeling and providing secure architecture recommendations, will be crucial aspects of your role. If you have a minimum of 7 years of experience in web security and red teaming, possess a passion for cybersecurity, and are eager to work with a top-tier SOC team, we invite you to join us at Hitachi Digital. Our team values diversity, equity, and inclusion, and we are committed to creating a culture where diverse perspectives and unique experiences are celebrated. At Hitachi Digital, you'll have access to industry-leading benefits, support for your holistic health and well-being, and flexible work arrangements designed to help you achieve a sense of balance and fulfillment in both your personal and professional life.,

As a seasoned professional in the field of cybersecurity, you will be responsible for leading and managing large, complex penetration testing and security testing engagements from start to finish. Your role will involve serving as the primary technical and engagement lead for key client accounts, ensuring timely delivery, maintaining quality assurance, and facilitating stakeholder communication throughout project lifecycles. Furthermore, you will play a crucial role in providing mentorship and guidance to junior and mid-level consultants. In terms of technical execution, you will be expected to perform and review a wide range of security assessments including web, mobile, API, network, cloud, and configuration security assessments. It is essential to uphold technical excellence across multiple service lines by staying abreast of the latest vulnerabilities, tools, and attack techniques. Additionally, you will be involved in conducting business logic reviews, threat modeling, and red teaming exercises as necessary. Client engagement is a key aspect of this role, where you will act as a trusted advisor to clients by offering strategic security recommendations and actionable insights. This may involve participating in onsite visits, workshops, and executive-level presentations, as well as handling sensitive engagements with professionalism and discretion. Your support in presales activities will be invaluable, as you contribute to RFP responses, proposal writing, and technical solutioning. You will also be expected to participate in client sales meetings and scoping discussions, providing accurate effort estimations and assisting in defining delivery models. In terms of practice development, your input will be essential in refining security testing services and methodologies. You will be instrumental in driving internal initiatives aimed at enhancing quality, efficiency, and innovation in service delivery. Additionally, creating technical content, whitepapers, or knowledge base articles to support team growth will be part of your responsibilities. To excel in this role, you should possess a minimum of 5 years of hands-on experience in penetration testing or offensive security, with a proven track record of leading complex security assessments for large clients. Expertise in a variety of areas such as Web, Mobile, Network, API, Cloud, Configuration Reviews, and Red Teaming is required. Familiarity with security standards like OWASP, PTES, NIST, and MITRE ATT&CK is highly desirable. Strong communication and client-facing skills are essential, as well as experience in supporting presales efforts, including proposals, SOWs, and client discussions. Possessing certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar will be advantageous. Key competencies for success in this role include accountability, effective oral and written communication, strong analytical skills, passion for cybersecurity, and adaptability to evolving security landscapes.,

Your role at Avient Corporation as the Senior Manager of Security Operations and Identity Management involves overseeing the security monitoring and administration of identity management processes. You will lead a global team responsible for 24x7 alerting, triage, investigation, and Incident Response, ensuring compliance with regulations and frameworks across all divisions and markets. Additionally, you will manage the Cyber Threat Intelligence program and identity lifecycle functions to automate processes and enhance cyber maturity. Key Responsibilities: - Ensure that SIEM and SOAR environments cover known and emerging MITRE ATT&CK techniques - Manage the global SOC team and monitor Key Performance Indicators (KPIs) for continuous improvement - Track SOC Maturity and collaborate with the CISO to develop a roadmap for enhancing SOC capabilities and automation - Oversee forensics, litigation support, and e-discovery capabilities in response to Legal requests - Lead the team in implementing best practices for identity lifecycle functions and IAM architecture design - Collaborate with vendors, partners, and 3rd parties to deliver capabilities that meet target levels of cyber maturity and efficiency Qualifications: - Hold security certifications such as CISSP, CISM, GCIH, GSEC, etc - Have experience with modern cloud detection and response tools and processes - Possess Operational Technology (OT) experience In alignment with Avient's values, we believe in fostering a diverse and inclusive work environment where all employees are encouraged to lead, innovate, and drive growth. We promote equality of opportunity and base decisions on qualifications, abilities, experience, and performance, ensuring a fair and supportive workplace for all individuals. Join Avient to contribute your unique perspective and expertise towards shaping a sustainable future through innovative materials solutions.,

You will be joining Marvell as a CyberSecurity Analyst, where you will play a crucial role in identifying and responding to threats against Marvell data and systems. As part of the Security Operations Center (SOC), your responsibilities will include providing primary triage, analysis, and operational support for security events and alerts. You will utilize various security analytics tools, log aggregators, and threat intelligence repositories to perform correlation and investigate security incidents. Your role will involve real-time incident handling, intrusion correlation, threat analysis, and system remediation to support deployable Incident Response. Additionally, you will participate in analyzing the nature of attacks, conducting root cause analysis of incidents, and monitoring external data sources proactively to identify potential security issues that may impact the enterprise. Furthermore, you will document and publish incident findings, techniques, and reports to relevant stakeholders within Marvell. You will also contribute to improvement tasks such as false positive reduction and use case refinement, while effectively communicating both verbally and in writing updates on alerts and incidents. To be successful in this role, you should have at least 4 years of experience as a SOC Analyst, preferably in a large enterprise environment. You must possess strong communication skills and the ability to tailor your message to various audiences, ranging from technical subject matter experts to company executives. A deep understanding of MITRE ATT&CK framework, proficiency in technical writing, and the ability to solve problems in ambiguous situations are essential. Moreover, you should have experience working with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners. Industry security certifications like C|EH and relevant GIAC certifications are highly desirable, along with experience in IT service management and infrastructure operations in an enterprise-level organization. Marvell offers competitive compensation and benefits, fostering an environment of collaboration, transparency, and inclusivity. You will have access to resources and support to succeed in impactful work and opportunities for growth and development within the company. To learn more about working at Marvell, you can visit our Careers page.,

The Manager, Exposure Management plays a crucial role in identifying, analyzing, and mitigating cybersecurity exposures across enterprise systems. Your focus will be on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks impacting the organization's digital footprint. It is essential to possess strong technical expertise, attention to detail, and the ability to collaborate across teams to influence remediation activities and enhance security posture. Key Responsibilities - Operate enterprise vulnerability scanning platforms, validate findings, and monitor remediation efforts effectively. - Continuously assess the organization's internal and external attack surface for untracked assets, misconfigurations, and exposed services. - Identify and manage asset ownership across business units, ensuring accurate data consistently reflected in the configuration management database (CMDB). - Collaborate with infrastructure, application, and business stakeholders for prompt and comprehensive updates to asset and ownership records. - Configure, execute, and analyze web application security scans, working closely with development teams to address identified issues. - Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tools. - Prepare detailed reports and dashboards tailored for various audiences, from technical teams to executive leadership. - Partner with IT, infrastructure, and cybersecurity stakeholders to facilitate risk-informed remediation activities. - Contribute to continuous process enhancements and tool optimization throughout the exposure management lifecycle. Basic Qualifications - A Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field, along with a minimum of 10 years of experience in cybersecurity, focusing on vulnerability or exposure management. - A Master's degree in Computer Science, Information Security, Engineering, or a related technical field, combined with at least 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications - Hands-on experience with tools like Tenable, Qualys, Rapid7, or similar platforms. - Familiarity with web application scanning tools and techniques. - Experience in managing or supporting a CMDB and asset lifecycle processes in a large organization. - Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. - Strong communication and analytical skills to effectively communicate technical risks to business stakeholders. - Experience supporting compliance and regulatory programs within a global business context. In addition to competitive benefits programs, we offer health insurance, professional development opportunities, and an Employee Assistance Programme to help you achieve your personal goals. At our organization, we value the expertise, creativity, and passion of our employees and strive to create an inclusive environment that promotes growth, innovation, and diversity. Join us and be part of The Carrier Way, where you can make a difference. Apply now!,

As a seasoned Cybersecurity professional in a leadership role, you will be responsible for overseeing various aspects of Digital Forensics and Incident Response (DFIR) across Operational Technology/Industrial Control Systems (OT/ICS) and Information Technology (IT) environments. Your primary duties will involve conducting forensic investigations and root cause analyses of cyber incidents, coordinating incident response activities, and ensuring compliance with breach containment and recovery protocols. You will play a crucial role in the development and maintenance of playbooks, Standard Operating Procedures (SOPs), and readiness frameworks for both proactive and reactive DFIR measures. Additionally, you will be tasked with establishing and managing forensic labs and tooling infrastructure to support memory, disk, network, and cloud forensics. Collaborating with client Chief Information Security Officer (CISO) teams and legal/compliance counterparts during forensic escalations will also be a key aspect of your role. As a mentor and leader, you will guide junior investigators, ensuring their skill development through hands-on training. Your expertise will drive continuous improvement initiatives in forensic collection, chain of custody, and evidence handling procedures. Furthermore, you will be expected to provide support for expert testimony, litigation response, and legal documentation as needed. Your role will require close collaboration with red, blue, and purple teams to develop an integrated threat mitigation strategy. You will also conduct forensic workshops, table-top exercises, and readiness assessments for clients. Building relationships with global Original Equipment Manufacturers (OEMs) and DFIR product partners to enhance capabilities will be essential for the success of the organization. In terms of required skills and tools, you should be proficient in utilizing tools such as EnCase, FTK, Magnet AXIOM, Autopsy, Volatility, and Wireshark. Experience with Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) platforms like CrowdStrike, SentinelOne, and Carbon Black is crucial. Familiarity with OT forensic challenges, including air-gapped ICS/SCADA systems, and a deep understanding of ICS protocols such as Modbus, DNP3, and OPC-UA are also expected. Your personality traits and leadership abilities will be put to the test in this role. Strong analytical skills, attention to detail, and strategic thinking will be essential, especially in high-pressure situations. Your proven ability to lead in crisis scenarios, communicate effectively with stakeholders, and manage teams will be highly valued. Collaborating seamlessly with cross-functional teams, including Security Operations Center (SOC), engineering, legal, and client teams, will be instrumental in achieving the organization's cybersecurity goals. To qualify for this position, you should hold a Bachelor's or Master's degree in Cybersecurity, Computer Science, or related fields. Preferred certifications include GCFA, GCFE, CHFI, CISSP, or their equivalents. A minimum of 14 years of cybersecurity experience, with at least 5 years in DFIR leadership roles, and prior experience managing DFIR services for critical infrastructure or consulting environments are prerequisites for this role.,

As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will play a crucial role in identifying and addressing security vulnerabilities within IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your primary responsibilities will involve conducting thorough security assessments on critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. By simulating advanced adversary tactics, you will uncover vulnerabilities and offer strategic guidance for remediation. This position requires individuals with a comprehensive understanding of enterprise IT security and industrial/embedded system ecosystems. Your duties will encompass various key areas: 1. Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): - Conduct black-box, grey-box, and white-box VAPT on a range of assets including enterprise IT assets, OT/ICS assets, and IIoT platforms. - Simulate APT-level attacks across different IT-OT architectures and execute Red Team scenarios to replicate insider threats or supply chain compromise. 2. ICS Protocol & Field Device Security Testing: - Analyze and exploit vulnerabilities in various ICS protocols. - Perform live traffic analysis, packet manipulation, and protocol fuzzing to evaluate resilience. - Assess control logic vulnerabilities in ladder logic, structured text, and function blocks. 3. Firmware & Hardware Exploitation (IIoT/ICS Devices): - Extract and analyze firmware from industrial devices using specific interfaces. - Conduct static and dynamic analysis utilizing various tools. - Reverse engineer file systems and analyze web interfaces or CLI backdoors. - Exploit misconfigured bootloaders, firmware upgrade mechanisms, or exposed debug ports. 4. Network Architecture & Segmentation Testing: - Review and test IT-OT segmentation via different configurations. - Evaluate trust relationships, weak credential policies, and insecure remote access. - Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5. Cloud & IIoT Platform Security: - Evaluate MQTT brokers, telemetry, and analytics pipelines. - Test REST APIs, mobile app integrations, and cloud misconfigurations. - Identify insecure certificate handling, default API tokens, and encryption issues. You will also be responsible for developing detailed technical and executive-level reports, recommending hardening measures for IT and OT systems, ensuring compliance with industry frameworks, and aligning assessments with regulatory standards. Additionally, you should have a Bachelor's or Master's degree in a relevant field and possess deep knowledge of ICS/SCADA systems, embedded architectures, and real-time operating systems. Hands-on experience with various security tools and certifications such as OSCP, GRID, GICSP, or CISSP are preferred. This role may involve travel across the country for project execution, coordination with distributed teams, and effective communication skills are essential. If you meet the requirements and are passionate about cybersecurity and industrial systems, we encourage you to submit a cover letter summarizing your experience along with a resume and a recent passport-size photograph.,

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,

As a SOC Detection & Automation Engineer at Airbus India Private Limited, you will be an integral part of the Digital function, focusing on enhancing Airbus's information management capabilities through the adoption of new technologies, automation, and agile ways of working. Your primary responsibility will be to research and propose security detection scenarios, as well as develop automations to improve SOC investigation and response capabilities. Additionally, you will be tasked with creating a roadmap and strategies for threat detection, investigation, and response, while also producing management information such as reports and KPIs. Your role is crucial in contributing to the overall performance and success of the Security Operations Centre. The Airbus Detect and Response team plays a pivotal role in identifying and responding to security threats that target Airbus on a company-wide scale. As a SOC Detection & Automation Engineer, you will be involved in monitoring, detecting, and analyzing potential intrusions in real time, responding to confirmed incidents with appropriate countermeasures, and providing situational awareness and reporting on cybersecurity status and incidents. To be successful in this role, you should possess a Bachelor's degree in Computer Science, Engineering, or a related field, with a preference for a Master's in Information Security. You should have 4 to 8+ years of relevant experience as a Detection and Automation Engineer or SOC L2/L3 Analyst and hold certifications in Information Security and/or Information Technology (such as CASP+, SANS-GIAC, OSCP, CISSP). Strong automation and scripting skills using Python and JavaScript, as well as experience in investigating threat scenarios across different domains like Windows, Network, Unix/Linux, and Cloud (AWS/GCP), are required. Your responsibilities will include developing investigative automations using Python, JavaScript, and SOAR tools, building enrichment automations to support context building during investigations, and researching and understanding the latest threats targeting various operating systems and platforms. Collaboration with various teams within Airbus, documentation of SOC use cases, and continuous learning and development through workshops, training, and certifications are also key aspects of your role. In return, Airbus offers a truly international work environment, travel opportunities, competitive remuneration, bonus and incentives, good work-life balance, career growth opportunities, training and development opportunities, and a comprehensive benefits package including complementary health and life insurance. Your success in this role will be measured by your ability to ensure on-time delivery and quality of projects, bring innovative cost-effective solutions, and achieve customer satisfaction. As an employee of Airbus, you are expected to maintain awareness of compliance risks and act with integrity to contribute to the company's success, reputation, and sustainable growth. Airbus is committed to equal opportunities for all and will never ask for any monetary exchange during the recruitment process. If you are passionate about cybersecurity, eager to learn, and keen on driving innovative ways of working, then this role as a SOC Detection & Automation Engineer at Airbus India Private Limited could be the perfect opportunity for you to make a significant impact in the field of cybersecurity.,

Prudent Technologies and Consulting is seeking a Senior Application Security Consultant to join their rapidly expanding Cybersecurity team, dedicated to serving a diverse clientele that includes some of the world's largest organizations. In this role, you will be responsible for leading technical teams in conducting thorough security assessments and engaging in field-related research. We are looking for an experienced offensive consultant with a deep understanding of application security testing methodologies, tools, and reporting procedures across various technologies such as web, mobile, API, AI/LM, cloud, desktop, single sign-on, and OAuth. As a Senior Consultant, your responsibilities will include consulting with both technical and non-technical client stakeholders, collaborating with Sales teams to define project scopes, mentoring junior consultants, and leading projects to ensure adherence to industry best practices. You will be expected to conduct advanced penetration tests on a variety of environments, document vulnerabilities, provide proof-of-concepts, and offer tailored remediation steps. Additionally, you will actively contribute to research and development initiatives aimed at enhancing our Cybersecurity practice. The ideal candidate should possess a minimum of 8 years of hands-on experience in conducting manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, APIs, and AI/LM. Proficiency in utilizing penetration testing tools like Burp Suite, DAST scanners, Metasploit, and Nessus is essential for identifying and exploiting vulnerabilities effectively. Strong written and verbal communication skills are crucial for preparing comprehensive reports, executive summaries, and client presentations. Familiarity with security frameworks such as OWASP and MITRE ATT&CK, along with robust project management and leadership abilities, will be highly valued. Preferred qualifications include a Bachelor's degree in computer science, information security, or a related field, relevant certifications like OSCP and OSWE, proficiency in scripting languages such as Python and Bash, and a background in application development or systems engineering. Candidates with published CVE/CWE contributions, participation in CTF events, and independent research projects will be given preference. If you have a solid foundation in application security testing assessments and are eager to contribute to a dynamic Cybersecurity team, we encourage you to apply. Your direct work experience in this field will enable you to hit the ground running and make meaningful contributions while adhering to Prudent's specific approach and methodology.,