19 Mitre Jobs

Role & responsibilities Client Engagement & Solutioning: Engage with clients to understand their cybersecurity requirements, challenges, especially around SOC operations. Design and propose tailored SOC solutions including SIEM, SOAR, threat intelligence, incident response, and managed detection & response (MDR). Lead technical discussions, presentations, and demonstrations to articulate the value of proposed solutions. Proposal & Bid Management: Respond to RFPs/RFIs/RFQs with detailed technical content and solution architecture. Collaborate with internal teams to develop Statements of Work (SOW), pricing models, and delivery plans. Technical Leadership: Stay updated on cybersecurity trends, SOC technologies, and threat landscapes. Provide thought leadership in SOC design, architecture, and operations. Support the development of new service offerings in the SOC and cybersecurity domain. Collaboration & Enablement: Work with product, engineering, and delivery teams to ensure feasibility and alignment of proposed solutions. Train and support sales teams on SOC capabilities and value propositions. Required Skills & Experience: 8+ years in cybersecurity pre-sales, solution architecture, or consulting roles. Strong understanding of SOC operations, SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel), and incident response workflows. Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001). Experience with cloud security, endpoint protection, and threat intelligence platforms is a plus. Excellent communication and presentation skills, with the ability to simplify complex technical concepts. Relevant certifications such as CISSP, CEH, or CISM are highly desirable.

As a Cyber Architect / Firmware Architect, you will be leading the Cyber-related deliverables for the BA SAS India product line. Your responsibilities will encompass various key areas, including: - Demonstrating working knowledge and experience in the secure lifecycle development process. - Applying secure design principles for Hardware, firmware, and software. - Understanding end-to-end solutions architectures involving IoT devices, firmware, software, REST API cloud, etc. - Collaborating with cross-functional teams, including development, pen testing, and marketing teams. - Conducting product cybersecurity risk assessments and implementing threat modeling and threat mitigation. - Utilizing security requirements using SD elements and coordinating with the development team. - Ensuring compliance with data privacy rules and regulations by working closely with data privacy and legal teams. - Familiarity with cybersecurity frameworks like NIST, MITRE, and tools used in pen testing. - Knowledge of open-source scanning tools like Blackduck, static code analysis tools, and reverse engineering tools. - Understanding STQC compliance requirements, IEC62443, GDPR, and experience with CCTV Camera products and building automation. - Proficiency in programming languages like C, C#, Java, Python, Angular, React, Linux OS, and REST API. - Hands-on experience with IoT-based Embedded firmware development, and understanding of hardware devices, physical networks, and network protocols. - Designing and developing Firmware/Software using C/C++/Python in a real-time embedded environment. This role requires a proactive approach to cybersecurity, strong collaboration skills, and a deep understanding of firmware development and cybersecurity principles.,

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels, holiday properties, flights, activities, and more. As part of Booking Holdings and based in Asia, we have a diverse team of 7,100+ employees from 95+ nationalities across 27 markets. At Agoda, we believe in bridging the world through travel, enabling people to enjoy, learn, and experience the amazing world we live in while bringing individuals and cultures closer together. The Security Department at Agoda is responsible for overseeing security, compliance, GRC, and security operations to ensure the safety and protection of the company and its employees. We are currently seeking an experienced and highly motivated Incident Response Specialist to join our team. In this role, you will be tasked with addressing security incidents and threats promptly, strategizing and leading incident engagements, monitoring threats targeting Agoda, and preventing attacks from occurring or escalating. Key Responsibilities: - Handling critical, high, and medium cyber security incidents at Agoda - Drafting incident reports and communicating summaries to senior leadership, end users, and legal teams - Developing playbooks for different cyber security incidents and utilizing automation to reduce MTTR time - Automating incident response tasks and developing custom security tools - Tuning security controls to optimize alerts and reduce false positives - Gathering threat intelligence and performing threat hunting across the enterprise - Supporting legal and regulatory teams as a technical subject matter expert for cyber incidents - Evaluating new technologies and conducting POCs for new security products Requirements for Success: - 5+ years of experience in Cyber Security with a focus on Incident Response and working with 24/7 SOC teams - Strong understanding of NIST, CSF, MITRE, and other cyber security frameworks - Proficiency in programming or scripting skills (e.g., Python or C++) for automating tasks and developing security tools - Hands-on experience with major security incidents and incident response automation - Knowledge of malware analysis and digital forensics is a plus - Certification in Cyber Security, Forensics, and Incident Response (e.g., CISSP, ECSA, GISP, GCIH, GCFE, GCFA) is advantageous - Excellent communication skills in English (both oral and written) - Ability to be flexible, fast-moving, adaptable, and skilled in multitasking Agoda offers a relocation package to Bangkok, Thailand, along with a range of benefits including a hybrid working model, WFH Set Up Allowance, remote working opportunities, accommodation discounts, and more. Join us in our mission to make travel easy and rewarding for everyone and contribute to a dynamic and innovative work environment that values diversity, creativity, and collaboration. Equal Opportunity Employer,

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Senior Manager- Offensive Security Engineer We are seeking a highly skilled and experienced offensive security engineer to join our team. The ideal candidate will have at relevant experience in the security testing domain, with offensive security engagements . Responsibilities: Offensive Security Engagements: Conduct system-level and network-level red team exercises along with penetration testing activities. Tool Proficiency: Utilize offensive security tools and frameworks like Metasploit, Burp Suite, custom exploit tools, and more. Documentation & Reporting: Ensure comprehensive documentation of assessment findings along with remediation recommendations. Research & Development: Develop new attack vectors and exploit techniques while validating their effectiveness. Collaboration: Work closely with development teams and other security teams to ensure effective communication and collaboration. Project Management: Manage multiple projects simultaneously while maintaining high organizational standards. Qualifications we seek in you! Minimum Qualifications Relevant years of experience working on offensive security engagements and security testing domain Excellent proficiency with OWASP, MITRE, Generative AI security, offensive security tools, penetration testing, and red teaming frameworks Experience using tools such as Metasploit, Burp Suite, custom exploit tools and s tay updated with the latest security trends, tools and strategies. Strong problem-solving skills for researching, developing, and validating new attack vectors Excellent written and verbal communication skills for clear documentation Highly organized individual capable of managing multiple projects simultaneously Effective communication skills for collaborating closely with development teams Preferred Qualifications/ Skills Proven track record in executing high-risk ethical hacks on both internal and external applications globally Experience integrating MITRE ATT&CK framework TTPs into red team exercises for emulating advanced threat actors Proficiency in creating scripts or frameworks designed for complex undetectable attacks Ability to coordinate operational briefings alongside presentations tailored for nontechnical audiences including executive management Support during security incidents by identifying root causes while recommending detection measures alongside prevention measures Perform research on emerging technologies while designing frameworks suited for red team exercises involving new technologies Must be flexible with work timings. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Design and build a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to form hypotheses and validate them through structured hunts. Leverage existing tools/technologies to automate hunts, visualise results, and create reusable artifacts for future investigations and detections. Collaborate with detection engineering to convert threat hunt findings into high fidelity detection content. Document and maintain a robust repository for hunting methodologies, tooling, and findings to enable continuous improvement and team scaling. Provide regular reports and presentations to stakeholders, with clear articulation of threats, methods, and risk impact. Idea candidate should have: The ideal candidate is a highly skilled and proactive Threat Hunter with a strong background in hypothesis-driven hunting, adversary TTP analysis, and cross-functional collaboration. They should have a minimum of 8 years Cyber Security Domain Experience preferably in Red or Blue team and 35 years of hands-on experience in Threat Hunting, with a deep understanding of the MITRE ATT&CK framework and a proven ability to detect and investigate advanced threats beyond signature-based solutions. Adept at leveraging Google SecOps, CrowdStrike EDR, Palo Alto, Splunk for data analysis and they bring strong scripting capabilities (e.g., Python, PowerShell, SQL) and experience using power BI Reporting capabilities to document and visualise results. This individual has successfully built or significantly contributed to threat hunting programs, translating threat intelligence into actionable insights and working alongside detection engineers and security analysts to operationalize findings. They should be driven by curiosity and methodical thinking, constantly seeking to improve visibility and detection coverage across complex environments—including hybrid or cloud-native architectures like AWS, Azure, or GCP. They would be a self-starter with strong autonomy and analytical acumen; they thrive in dynamic environments and are passionate about staying ahead of evolving threats.

Hiring: Threat Detection & Response Engineer (8-10 Years)** for a Japanese investment bank in Bangalore! Seeking an experienced cybersecurity professional skilled in threat detection, incident response, and security frameworks like MITRE ATT&CK and Cyber Kill Chain. Responsibilities include developing advanced use cases, proactive threat hunting, forensic investigations, and collaborating with Threat Intelligence and Security Ops teams. Must have hands-on experience with SIEM tools (Splunk), forensic tools (EnCase, FTK), network security controls, and cloud security in the banking/financial sector. Strong analytical, problem-solving, and leadership skills required, with certifications like CISSP, GIAC, or SANS preferred. Share your updated profile at **babita.raut@talentnetworks.co.in** to join a leading global financial institution committed to cybersecurity excellence!

As a shift lead in the Security Operations Center (SOC) at Virtusa, you will play a crucial role in supporting SOC operations by conducting detailed threat-based investigations, making recommendations for incident detection methodologies, and offering expert assistance for incident response and monitoring activities. Your responsibilities will include being a technical and strategic leader in driving key performance indicator (KPI) metrics, promoting automation, analytics, and operational efficiencies to enhance the overall security posture. You will be tasked with providing suggestions to enhance security postures, minimize security risks, and identify opportunities for automation to streamline manual efforts. Your role will involve ensuring the highest quality of SOC service delivery and aiding in the development of incident response actions, policies, and procedures, including process enhancements. As the escalation point for advanced security incident escalations from Level 1 SOC analysts, you will oversee all SOC activities and business-as-usual (BAU) tasks during your shift, which involves 24/7 support. Additionally, you will review and improve run books, operating procedures, and playbooks, as well as assign and prioritize tasks and incidents for Level 1 SOC team members. You will manage the incident pipeline, including escalating outstanding incidents, updating incidents as needed, and escalating open incidents when necessary. Furthermore, you will be responsible for meeting service level agreements (SLAs) and leading SOC shift handover calls. Your role will also involve providing continuous improvement initiatives and on-the-job training for Level 1 SOC analysts. Your expertise will be paramount in analyzing logs from various sources such as network devices, applications, infrastructure services, security products, and endpoint data using Security Information and Event Management (SIEM) tools and other security technologies. You will also lead security event and incident investigations, applying industry-recognized incident detection and response frameworks like NIST, MITRE, and others. At Virtusa, we prioritize teamwork, quality of life, and professional development. Join our global team of 30,000 professionals who are dedicated to fostering your personal and career growth. We offer exciting projects, opportunities to work with cutting-edge technologies, and a collaborative environment where great minds come together to innovate and excel.,

Job description What You'll Do Identify and analyze cyber threats / incidents as part of Eaton's Cyber Security Incident Response Team (CSIRT). Play a key role in the Prevent, Detect, respond strategy to protect Eaton's intellectual property and brand in a highly complex, global, multi-technology, regulated and diversified business environment. Responsible for the health and engineering services of security tools, investigating, analyzing, containing and remediating any potential cyber threat, or cyber security incident that could impact the organization. Provide Eaton with 24/7/365 (on-call rotation) cyber security incident response service with a focus on responding, containing, remediating and recovering cyber incidents across the organization. Respond, investigate, and resolve information security issues, following compliance and investigative standards Manage and coordinate response to any malicious cyber activity inside or against Eaton's assets. Work alarms, cases or incidents from the Level 1 SOC analysts, perform in-depth analysis and triage of threat activity Executes ITSM processes (Change, Request, Incident, Problem management) on technical IT systems at the component level Perform Threat Hunting based on emerging IOCs or vulnerabilities Develop, Refine and maintain incident and alarm rules to focus detection operations Develops and Refines operating procedures to improve efficiency and effectiveness of incident response, e-discovery, internal investigations Execute activities to eliminate malware, advanced persistent threats within a remediation event Execute project tasks to enhance IT Cyber Security capabilities Responsible for Security Engineering Services to include deployment, management, and updating of security stack. Responsible for developing advanced queries, detections, and automation to enhance the organization's security posture and detection capabilities . Improve and enhance detection capabilities to identify insider threats and build Zero Trust foundation Qualifications Bachelor's degree in a technical discipline with 3+ years of relevant experience in cybersecurity. Skills Experience in security operations, cyber security incident response, vulnerability management or IT operations Experience in correlating events from multiple sources to detect suspicious and/or malicious activity. Working knowledge of a broad range of current IT platforms and technologies. Understanding of TTPs, MITRE ATT&CK framework Understanding of operating systems, applications, infrastructure, and cloud computing services. Capacity to comprehend complex technical infrastructure, managed services, and third-party dependencies. Understanding of Cyber Security with relevant work experience and/or relevant certifications. Understanding of common threats, penetration/intrusion techniques and attack vectors. Strong analytical and problem-solving skills Excellent proficiency with the English language (written and verbal). Strong analytical and problem-solving skills. Ability to communicate effectively across all levels of the organization Project management skills: Strong project management, multitasking, and organizational skills.

The SecOps Engineer Lead position requires 5 to 12 years of experience in the field. It is desirable for the candidate to have strong Linux and patching skills, along with an understanding of the Change Management Process. Familiarity with tools like Telegraph, Influxdb, Chronograph, Kapacitor, Grafana, Indeni, and Mandiant would be beneficial. The ability to work in different shifts is also necessary. Knowledge of MITRE and cyber security threats is a plus, as well as having at least 2 years of experience in Linux Patching. Responsibilities of the role include proactively planning and remediating vulnerabilities and technical security requirements. The candidate is expected to communicate and report progress on patching activities to stakeholders, as well as monitor and track the progress of other team members in different engineering towers. Additionally, the SecOps Engineer Lead will be responsible for helping and coordinating team members in onboarding or offboarding processes, building relationships with relevant stakeholders, monitoring security controls against various threats, and discussing weaknesses with the relevant teams. The candidate should also have the ability to carry out other technical responsibilities and provide consultations to relevant stakeholders.,

Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers. As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity Tech controls, you are an integral part of a technical team that works to develop high-quality cybersecurity solutions for various software applications and platform products supporting encryption and key management operations. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. Job responsibilities Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks Regularly provides technical security guidance and direction to support the business and its technical teams, contractors, and vendors. Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability Serves as function-wide subject matter expert in one or more areas of focus (Key management, HSM operations, Tokenization,..etc) Influences peers and project decision-makers to consider the use and application of leading-edge technologies Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on Cybersecurity concepts and 5+ years applied experience Hands-on practical experience high quality threat models and knowledge of MITRE framework and kill chains Proficient in Cryptographic Security Controls (Key Management Systems, Tokenization, encryption solutions). Proficient knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (eg, public cloud, artificial intelligence, machine learning, mobile, etc) Manage to evaluate current and emerging technologies to recommend the best solutions for the future state architecture Proficient in Payment HSMs and PCI , AWS cloud experience. Solid knowledge of PKI and digital certificates Preferred qualifications, capabilities, and skills Familiar with Confidential Computing. Proven track record in working with diverse teams to achieve goals and drive enterprise-wide transformative security technology initiatives. MS or PhD in computer science with a focus on security. Familiarity with post-quantum cryptography standards and related migration efforts Familiarity in key management best practices

Responsibilities: Cyber Security Event Review & Leadership: Review cyber security events analyzed by Level 2 security analysts and act as the team lead, serving as the escalation point for detection, response, and remediation activities. Monitoring & Guidance: Monitor and guide the team in triaging cyber security events, prioritizing them, and recommending/performing appropriate response measures. Technical Support: Provide expert technical support for various IT teams in response and remediation activities for escalated cyber security events/incidents from L2 analysts and stakeholders. Incident Follow-up & Closure: Ensure all cyber security incident tickets are followed up diligently until full closure. Analyst Guidance & Mentorship: Provide clear guidance and mentorship to L1 and L2 analysts in analyzing events and executing response activities. Incident Response Expediting: Intervene and expedite Cyber incident response and remediation-related activities in case of any delays, coordinating effectively with various teams, including L1 and L2 team members. Policy & Best Practice Review: Review and provide valuable suggestions during the preparation of information security policies and best practices for client environments. SLA & Communication: Ensure that all Service Level Agreements (SLAs) and contractual requirements are met in a timely manner, maintaining effective communication with all stakeholders. Reporting & Dashboards: Review Daily, Weekly, and Monthly dashboard reports and share them with relevant stakeholders, providing clear insights into security posture. Documentation & Playbooks: Review all security-related documents, update playbooks, and maintain other standard operational procedures to ensure accuracy and relevance. System Documentation Validation: Validate client systems and IT infrastructure documentation, ensuring all records are current and accurate. Knowledge Sharing & Threat Intelligence: Share knowledge with team members on current security threats, trends in attack patterns, and new security tools. Use Case Development & Validation: Review and create new use cases based on emerging attack trends. Validate these use cases through selective testing and logic examination. Threat Detection Rule Development: Develop and maintain threat detection rules, parsers, and use cases to enhance the SIEM's detection capabilities. Security Analytics Understanding: Possess a strong ability to understand security analytics and data flows across various SaaS applications and cloud computing tools. SIEM Solution Deployment: Be capable of deploying SIEM solutions in customer environments. Required Skills: Core SOC Monitoring experience. Proficiency with SOC tools such as FortiSOAR, IBM QRadar, MS Defender, and Cisco Umbrella . Strong experience in analyzing malicious traffic and building detections. Experience in applications security, network security, and systems security. Knowledge of MITRE or similar frameworks and adversary procedures. Expertise with SIEM Solutions (Securonix / Splunk / Sumologic / LogRhythm / ArcSight / Qradar). Strong communication skills, both written and oral, capable of effectively communicating with internal teams and external stakeholders. Experience working on SMB & large enterprise clients. Good understanding of ITIL processes , including Change Management, Incident Management, and Problem Management. Strong expertise on multiple SIEM tools & other devices found in a SOC environment. Good knowledge in firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Good understanding of raw Log formats of various security devices like Proxy, Firewall, IDS/IPS, DNS. Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Knowledge of regex and parser creation . Ability to mentor and encourage junior teammates. Strong work ethic with good time management skills. Coachability and dedication to consistent improvement. Good to Have: Master's degree. Relevant certifications like CEH, CISA, CISM. Be a key person for developing Thought Leadership within the SOC.

Responsibilities: Cyber Security Event Review & Leadership: Review cyber security events analyzed by Level 2 security analysts and act as the team lead, serving as the escalation point for detection, response, and remediation activities. Monitoring & Guidance: Monitor and guide the team in triaging cyber security events, prioritizing them, and recommending/performing appropriate response measures. Technical Support: Provide expert technical support for various IT teams in response and remediation activities for escalated cyber security events/incidents from L2 analysts and stakeholders. Incident Follow-up & Closure: Ensure all cyber security incident tickets are followed up diligently until full closure. Analyst Guidance & Mentorship: Provide clear guidance and mentorship to L1 and L2 analysts in analyzing events and executing response activities. Incident Response Expediting: Intervene and expedite Cyber incident response and remediation-related activities in case of any delays, coordinating effectively with various teams, including L1 and L2 team members. Policy & Best Practice Review: Review and provide valuable suggestions during the preparation of information security policies and best practices for client environments. SLA & Communication: Ensure that all Service Level Agreements (SLAs) and contractual requirements are met in a timely manner, maintaining effective communication with all stakeholders. Reporting & Dashboards: Review Daily, Weekly, and Monthly dashboard reports and share them with relevant stakeholders, providing clear insights into security posture. Documentation & Playbooks: Review all security-related documents, update playbooks, and maintain other standard operational procedures to ensure accuracy and relevance. System Documentation Validation: Validate client systems and IT infrastructure documentation, ensuring all records are current and accurate. Knowledge Sharing & Threat Intelligence: Share knowledge with team members on current security threats, trends in attack patterns, and new security tools. Use Case Development & Validation: Review and create new use cases based on emerging attack trends. Validate these use cases through selective testing and logic examination. Threat Detection Rule Development: Develop and maintain threat detection rules, parsers, and use cases to enhance the SIEM's detection capabilities. Security Analytics Understanding: Possess a strong ability to understand security analytics and data flows across various SaaS applications and cloud computing tools. SIEM Solution Deployment: Be capable of deploying SIEM solutions in customer environments. Required Skills: Core SOC Monitoring experience. Proficiency with SOC tools such as FortiSOAR, IBM QRadar, MS Defender, and Cisco Umbrella . Strong experience in analyzing malicious traffic and building detections. Experience in applications security, network security, and systems security. Knowledge of MITRE or similar frameworks and adversary procedures. Expertise with SIEM Solutions (Securonix / Splunk / Sumologic / LogRhythm / ArcSight / Qradar). Strong communication skills, both written and oral, capable of effectively communicating with internal teams and external stakeholders. Experience working on SMB & large enterprise clients. Good understanding of ITIL processes , including Change Management, Incident Management, and Problem Management. Strong expertise on multiple SIEM tools & other devices found in a SOC environment. Good knowledge in firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Good understanding of raw Log formats of various security devices like Proxy, Firewall, IDS/IPS, DNS. Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Knowledge of regex and parser creation . Ability to mentor and encourage junior teammates. Strong work ethic with good time management skills. Coachability and dedication to consistent improvement. Good to Have: Master's degree. Relevant certifications like CEH, CISA, CISM. Be a key person for developing Thought Leadership within the SOC.

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries. Arctiq is currently seeking a candidate to fulfill the role of a Splunk Consultant within our managed services practice. This position requires expertise in Splunk and related technologies, and a passion for continuous learning. In this role you will have an opportunity to deliver Splunk services to our managed services customers, and occasionally work within our professional services with new clients. Lead project delivery by defining, maintaining and communicating systems requirements, solution approach & design, standards and standardized methodologies across the enterprise. Develop and assist clients with creating requirements, identifying gaps and translating business requirements into technical solutions. Regularly develop methods of improvement for internal processes related to Splunk administration. Work closely with clients to execute a common strategy across multiple functions. Define and implement effective and efficient solutions to challenges and opportunities. Seize opportunities to make use of Splunk technology to drive greater operational intelligence. Create and maintain documentation related to implementations at managed clients. Possesses Splunk ES, ITSI, or Cloud accreditations. Experience with storage technologies, platform administration on Linux and Windows, computer networks, experience with AWS or Azure and experience with many of today's security tool sets. Creating production quality dashboards, reports and threshold alerting mechanisms. Experience with other Splunk products (eg. Splunk UBA, Splunk Observability Cloud, Splunk SOAR). Proficiency in developing add-ons or DevOps. Expertise with MITRE and developing security use cases. Have a strong background working in the IT and IT Security arena. Splunk Enterprise Experience: 5-8 years experience implementing or administering large scale business systems with at least three large scale implementations. Expert in working across Splunk and related utilities. At a minimum, is a Splunk Core Certified Consultant. Have a bachelor's degree in computer science or a related field, or have a minimum of 5 years relevant experience. Excellent planning and execution skills with a demonstrable history of establishing and meeting impactful goals and objectives with regards to data integration. Ability to work in project teams and complete individual tasks in a timely manner. Have a sense of personal accountability. Must be a U.S. Citizen, working within the continental US, and will be subject to standard background checks. Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply. We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.,

5 years in sec ops with focus on SOC operations & incident response Indepth knowledge of sec technologies, tools, & methodologies SIEM, IDS/IPS, EDR Understanding of cyber threats, attack vectors Exp with security compliance frameworks NIST ISO 27001 Required Candidate profile Technical Leadership Soc Process Optimization Tool Evaluation Incident Response & Threat Intelligence Strong Scripting skills- mandatory Exp-Tomcat/JBoss/Apache/Ruby/ NGINX Ability to work with Devops Perks and benefits Mediclaim + Additional 10% variable

Job description Job Title: Senior Security Researcher About Role : Develop cutting-edge IPS signatures that shield against emerging threats and Zero/N days vulnerabilities. Analyze and reverse engineer cyber-attacks and new vulnerabilities (CVEs) and effectively implement preventive measures to stay ahead of evolving threats. Develop and improve tools to automate analysis tasks, simulation software and administer a lab environment to replicate attacks. Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Experience with MITRE evaluation process would be added advantage. Vulnerability RCA, reverse engineering and POC verification and signature development for MAPP program Capable of working with little to no supervision. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement Were serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Senior Security Consultant (Network Penetration Tester) NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers. Join the mission as a Senior Security Consultant. We are seeking a skilled expert and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. You will be responsible for performing Network (InPen) Penetration Testing, in addition to competencies in problem solving, client service, written/verbal communication, and project execution. You will work to deliver clear, actionable reports and contribute to the development of security best practices. Responsibilities : Conduct engagements on Network (InPen) Penetration Testing independently and provide technical oversight Perform internal, external and wireless network penetration tests Create, review and deliver reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Act as a resource for internal team members as it relates to in-depth technical questions or best practices Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations. Minimum Qualifications : Bachelors degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience Minimum of 5+ years of experience in Network Penetration Testing with expertise on InPen testing. Experience with offensive toolkits used for network and web or mobile penetration testing Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals and administration Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 5-10%, as required. This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs Preferred Qualifications: Ability to provide technical and QA oversight on Network (InPen) service line Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, CISSP, GWAPT) We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Your key responsibilities Administration and management support of CrowdStrike Next-Gen SIEM/EDR Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development (Use case development) which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing and administering security solution CrowdStrike Next-Gen SIEM/EDR Hands-on expertise in Security use case development and log source integration Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security Analysts point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in ELK Stack Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Role & responsibilities Responsibilities: clout security, cloud architect, This role is responsible for leading the Cyber related deliverables BA SAS India product line. The key areas of responsibilities include - Must have working knowledge and experience in secure lifecycle development process - Must be aware of secure design principles for Hardware, firmware, software - Must have keen understanding of end to end solutions architectures with IoT devices, firmware, software, REST API cloud, - Must have worked with cross functional team including various development teams, pen testing team, marketing team etc. - Must have knowledge of product cybersecurity risk assessment - Must have worked on threat modelling and threat mitigation using MS Threat modelling tool - Must have knowledge of security requirements using SD elements and implements with the help of development team. - should be aware of data privacy rules and regulations and should coordinate with data privacy and legal team for related risks and mitigation. - Must have knowledge of cybersecurity framework like NIST, MITRE etc.. - Must have knowledge of tools used in the pen testing, must be able to analyze the product cybersecurity issues and work on the mitigation. - Must have knowledge of open-source scanning Blackduck and static code SonarQube, Coverity and reverse engineering tools. Must be able to analyze the risk and resolves with the help of development team. - Knowledge related to STQC compliance requirements, IEC62443 and GDPR - Good to have worked on CCTV Camera products , Building automation. - Good to have knowledge of programming languages like C,C#, Java, Python, Angular, React, Linux OS, REST API - - Hands-on experience with IoT-based Embedded firmware development. - Must understand hardware devices, physical networks, network protocols (such as MQTT, TCP-IP, HTTP) , and non-functional requirements (such as security, scalability, performance, reliability, storage, latency, etc.) - Design and development of Firmware/Software using C/C++/Python real-time embedded environment. - Experience in software development with an Embedded Linux environment - System programming which involves multithreading, IPC mechanisms, etc. - Solid understanding of hardware, firmware and chipsets in IoT - Experience in software architecture and API development - Experience in firmware development for Linux operating systems - Experience developing software drivers and interfacing with hardware modules - Knowledge IoT cloud platforms and device SDKs (AWS, Azure) - Working with firmware development for IoT connected products is an added advantage. - Knowledge of Software version controlling (git) and software development process. - Good understanding of networking protocols relevant to video such as UDP, TCP - Excellent Communication Skills (in Speaking & Writing)

Cyber Architect / Firmware architect Position - Cyber Architect/ Firmware architect Experience - 6-8 yrs Client Name - Honeywell International Ltd Payroll Company - Bramha Tech CTC - As per industry norms Job Location - Pune Notice Period - Immediate/ serving Notice Responsibilities This role is responsible for leading the Cyber related deliverables BA SAS India product line. The key areas of responsibilities include Must have working knowledge and experience in secure lifecycle development process Must be aware of secure design principles for Hardware, firmware, software Must have keen understanding of end to end solutions architectures with IoT devices, firmware, software, REST API cloud, Must have worked with cross functional team including various development teams, pen testing team, marketing team etc. Must have knowledge of product cybersecurity risk assessment Must have worked on threat modelling and threat mitigation using MS Threat modelling tool Must have knowledge of security requirements using SD elements and implements with the help of development team. should be aware of data privacy rules and regulations and should coordinate with data privacy and legal team for related risks and mitigation. Must have knowledge of cybersecurity framework like NIST, MITRE etc.. Must have knowledge of tools used in the pen testing, must be able to analyze the product cybersecurity issues and work on the mitigation. Must have knowledge of open-source scanning Blackduck and static code SonarQube, Coverity and reverse engineering tools. Must be able to analyze the risk and resolves with the help of development team. Knowledge related to STQC compliance requirements, IEC62443 and GDPR Good to have worked on CCTV Camera products , Building automation. Good to have knowledge of programming languages like C,C#, Java, Python, Angular, React, Linux OS, REST API Hands-on experience with IoT-based Embedded firmware development. Must understand hardware devices, physical networks, network protocols (such as MQTT, TCP-IP, HTTP) , and non-functional requirements (such as security, scalability, performance, reliability, storage, latency, etc.) Design and development of Firmware/Software using C/C++/Python real-time embedded environment. Experience in software development with an Embedded Linux environment System programming which involves multithreading, IPC mechanisms, etc. Solid understanding of hardware, firmware and chipsets in IoT Experience in software architecture and API development Experience in firmware development for Linux operating systems Experience developing software drivers and interfacing with hardware modules Knowledge IoT cloud platforms and device SDKs (AWS, Azure) Working with firmware development for IoT connected products is an added advantage. Knowledge of Software version controlling (git) and software development process. Good understanding of networking protocols relevant to video such as UDP, TCP Excellent Communication Skills (in Speaking & Writing) Qualifications & Experience Graduate or masters in BE/B.Tech/MCA in Computers science, Electronics, IT with 7+ Yrs. of experience