82 Osint Jobs - Page 2

About HackIT HackIT Technology and Advisory Services is an IT / Cyber Security company, operating since 2009. HackIT is an Indian Computer Emergency Response Team, CERT-IN (www.cert-in.org.in) empaneled provider for IT Security Audit Services. HackIT provides a broad range of security consulting and advisory services to a diverse group of clients, including government organizations, corporations, Military establishments, financial institutions and start-up, to name few. Our work spans multiple sectors and industries, including Telecommunications, Defense and Military, ITeS, Financial Services, Aviation, Hospitality, Healthcare and Research. We work end-to-end—from diagnosis to delivery of lasting impact — together generating tangible results that are improving the security posture of organizations worldwide. Job Title : Security Analyst (VA/PT) (Web / Mobile / Thick Client Application) Location : Kochi Job Overview : We are seeking a Security Analyst (VA/PT) to join our dynamic Security Testing team in performing security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques. Job Responsibilities : Hands-on role that also requires client interaction on a regular basis. Manual and automated security testing of Web applications, APIs, and Mobile Applications. Static and Dynamic testing (SAST & DAST) of thick clients / applications Develop Proof-of-Concept (PoC) for the identified vulnerabilities. Provide remediation guidance to identified vulnerabilities. Develop and execute security testing project plans. Incorporate metrics providing comprehensive insight about the security posture of an organization that will help senior management with decision making. Build and maintain strong relationships with key stakeholders. Technical Skillsets (Mandatory) : Hands on experience in Penetration Testing Strong analytical and problem-solving skills and the ability to explain complex technical concepts in a clear and concise manner and to provide remediation recommendations. Knowledge of / or experience with both Enterprise and open source offensive security tools for reconnaissance, scanning, exploitation Sound understanding of security frameworks (OWASP Top 10, NIST, MITRE ATT&CK). Technical Skillsets (Preferred) : Proficiency in a programming language(s) (e.g. Python, Ruby, Perl, PowerShell) Exposure to DevSecOps, Security Architecture review and Network Security assessment would be a bonus. Hands-on experience in Red Team Exercises, Threat Hunting, OSINT and Threat Modelling Job Types: Full-time, Permanent Pay: ₹300,000.00 - ₹600,000.00 per year Benefits: Cell phone reimbursement Health insurance Internet reimbursement Leave encashment Paid sick time Paid time off Provident Fund Schedule: Day shift Monday to Friday Work Location: In person

Outreach is the first and only AI Sales Execution Platform built for intelligent revenue workflows. Built on the world’s largest foundation of customer interactions and go-to-market team data, Outreach’s leading revenue AI technology helps go-to-market professionals and their companies win by intelligently accelerating decision making and elevating sellers to do their best work. Our powerful platform gives revenue teams the tools they need to design, measure, and improve a revenue strategy for every stage of the customer journey, improving efficiency and effectiveness across the entire revenue cycle. Over 6,000 customers, including Zoom, McKesson, Snowflake, SAP, and Okta use Outreach to power workflows, put customers at the center of their business, improve revenue results, and win in the market. Outreach is a privately held company based in Seattle, Washington, with offices worldwide. To learn more, please visit www.outreach.io. The Role Bridging Intelligence and Action The Cyber Intel Fusion Analyst is a pivotal role within our security program. This position serves as a critical bridge, linking strategic threat intelligence with tactical security operations. The analyst will be instrumental in evolving our security practices beyond traditional, siloed functions while ensuring that intelligence capabilities are not merely insightful but are directly integrated and operationalized within our security framework. This proactive operationalization of intelligence is key to anticipating emerging threats and developing innovative countermeasures to counter sophisticated cyber threats before they can impact our services or compromise sensitive information. The ability to quickly fuse intelligence into operational defense mechanisms provides a distinct security advantage, crucial for maintaining service reliability and customer trust. Your Daily Adventures Will Include Core Responsibilities: Shaping Our Defenses The responsibilities of the Cyber Intel Fusion Analyst are multifaceted, demanding a blend of analytical acumen, technical expertise, and collaborative skill. Intelligence Cycle Management & Requirements Definition: The analyst will manage the intelligence analysis cycle as it pertains to team operations. This includes working closely with team operators and other stakeholders to identify and refine intelligence requirements that drive threat emulation assessments and inform defensive strategies. A key function involves identifying intelligence requirements for diverse areas such as security operations, cloud security, enterprise security, and application security, including those related to artificial intelligence. This broad scope necessitates an understanding of the unique intelligence needs of various teams, positioning the analyst as a strategic partner who can tailor and deliver relevant intelligence to enhance the effectiveness of multiple security functions. Tactical Intelligence Analysis & Adversary Understanding: A core function is providing tactical cyber intelligence analysis, meticulously identifying specific adversary tactics, techniques, and procedures (TTPs). This analysis will be consistently tied back to established frameworks like the MITRE ATT&CK® Framework, leveraging intelligence provided by relevant organizations. The role involves recognizing and researching attacks and attack patterns based onpublished open-source intelligence (OSINT) and other intelligence sources. The analyst will be adept at handling and organizing disparate data concerning detections, attacks, and attackers to accurately identify adversary groups and their modus operandi, thereby driving assessments pertinent to the company. This process transforms general threat data into a refined understanding of adversaries specifically targeting our environment, such as those focusing on SaaS platforms if applicable. Developing Actionable Intelligence & Driving Threat Emulation: The analyst is tasked with developing, producing, and managing Adversary Response Playbooks. These playbooks are crucial for supporting and driving threat emulation assessments, ensuring our defenses are tested against realistic adversary behaviors.1 This involves translating analyzed intelligence on adversary TTPs and campaign indicators into actionable detection strategies, such as developing custom SIEM correlation rules or contributing to Security Orchestration, Automation, and Response (SOAR) playbooks. This operationalization of intelligence is fundamental, turning analytical findings into tangible, proactive defensive measures that strengthen our security posture. Collaboration, Liaison & Stakeholder Management: Effective relationship management is paramount. The analyst will manage relationships with organizations, both internal and external, that provide requested intelligence to the team or receive information from it. A significant part of the role includes representing the team in cyber threat intelligence-related meetings and matters, acting as a crucial liaison. This collaboration extends across multiple organizational functions, potentially including cloud engineering teams, DevSecOps personnel, SOC analysts, incident responders, and even executive leadership. By effectively sharing tailored intelligence, the analyst acts as a force multiplier, enhancing the capabilities and preparedness of various teams across the organization. Our Vision of You Core Competencies: Mastery of the Intelligence Cycle: Expertise in managing the intelligence analysis cycle, encompassing planning, collection (including OSINT and multi-source intelligence), processing, in-depth analysis of adversary TTPs, and the production and dissemination of timely, accurate, and actionable intelligence products tailored to diverse internal audiences. Strategic Requirements Identification: Proven ability to identify and refine intelligence requirements for a wide array of security functions, includingsecurity operations, cloud security, enterprise security, and application security (potentially including AI), ensuring intelligence efforts align with business and operational needs. Tactical Intelligence & TTP Expertise: Strong skills in tactical cyber intelligence analysis, identifying specific adversary TTPs and mapping them to frameworks like MITRE ATT&CK®. This includes researching current attacks, attack patterns, and understanding threats specific to modern environments (e.g., SaaS-specific attack patterns). Actionable Output Development: Demonstrable experience in developing, producing, and managing resources like Adversary Response Playbooks to support and drive threat emulation assessments, effectively translating intelligence into practical defensive measures. Data Synthesis & Adversary Profiling: Capability in handling and organizing disparate data about detections, attacks, and attackers to properly identify adversary groups and develop comprehensive threat actor profiles, particularly those relevant to the company’s operational landscape. Exceptional Collaboration & Liaison Skills: Excellent relationship management abilities with internal and external intelligence providers and consumers, and proven experience acting as an effective liaison and team representative in intelligence matters. Education and Experience: A minimum of 5 years of progressive, hands-on experience in the cybersecurity domain, with a demonstrable track record in roles that combine cyber threat intelligence analysis with security operations or incident response functions. Experience in environments with a significant cloud and SaaS focus is highly advantageous. This emphasis on combined experience highlights the need for individuals who have practically applied the "fusion"concept. Technical Prowess: The analyst must possess a robust set of technical skills to effectively investigate security incidents, analyze threat data, and implement defensive measures, especially within cloud environments. Essential Technical Competencies Are Outlined Below An in-depth understanding of core networking protocols (TCP/IP, UDP,HTTP/S, DNS, SMTP, etc.), network traffic analysis methodologies, and the function of common networking ports and protocols. Proficiency with cloud security architectures (IaaS, PaaS, SaaS) and hands-onexperience with security tools native to major cloud platforms (e.g., AWS,Azure, GCP). Expertise with Security Information and Event Management (SIEM) platforms for log correlation, advanced analysis, and the development of custom detection rules. Hands-on experience with Endpoint Detection and Response (EDR/XDR) solutions for endpoint threat detection, investigation, and response. Strong skills in comprehensive log analysis from diverse cloud and on-premises sources, including operating systems (Windows, Linux, macOS), applications, network devices, and cloud service logs (e.g., CloudTrail, Azure Monitor). A solid understanding of Windows and Linux operating systems (including distributions such as RHEL, Ubuntu, CentOS) and macOS, encompassing system administration fundamentals, security configurations, logging mechanisms, and common attack vectors. Scripting skills for automation of analytical tasks, data manipulation, tool integration, or the development of custom detection scripts using languages such as Python, PowerShell, or Bash. Deep understanding and practical application of threat intelligence frameworks such as the MITRE ATT&CK® Framework, the Cyber Kill Chain®, and the Diamond Model of Intrusion Analysis. The following outlines core technical competencies and representative toolsets relevant to this role: Category Examples/Specific Tools (Tailored for SaaS) Cloud Platform Security: AWS (GuardDuty, Security Hub, Macie, Inspector), Azure (Sentinel, Defender for Cloud), GCP (Security Command Center) SIEM: Google SecOps, CrowdStrike NG SIEM, Sumologic CloudSiem EDR/XDR: CrowdStrike Falcon, JAMF Protect Network Analysis: Wireshark, Zeek (formerly Bro), Suricata, Cloud-native traffic mirroring/analysis tools Vulnerability Management: CrowdStrike Exposure Management, Wiz, Cloud-native vulnerability scanners Scripting Languages: Python, PowerShell, Bash Operating Systems: Windows (Client/Server), Linux (various distributions such as RHEL, Ubuntu, CentOS), macOS Threat Intelligence Platforms: (TIPs) MISP, ThreatConnect, Anomali ThreatStream,Recorded Future. Analytical and Communication Skills: Exceptional analytical and problem-solving skills, with a demonstrated ability to correlate disparate datasets, identify subtle patterns of malicious activity, and make sound, evidence-based judgments, often under pressure. Excellent written and verbal communication skills, with the proven ability to articulate complex technical information, security concepts, and intelligence findings clearly and concisely to diverse audiences, including technical peers and management. Work Requirements This position requires participation in an on-call rotation to provide expert support during critical security incidents. This role does not involve regular shift work. Bonus Points: Preferred Qualifications While not mandatory, the following qualifications will significantly differentiate strong candidates and indicate a deeper specialization. Advanced Industry-recognized Cybersecurity Certifications. Examples Include GIAC Cyber Threat, SANS/GIAC Cyber Threat Intelligence, Intelligence (GCTI), GIAC Certified Intrusion, SANS/GIAC Network Security Monitoring, Analyst (GCIA), Intrusion Detection, GIAC Certified Incident, SANS/GIAC Incident Response, Handler (GCIH), CISSP (ISC)² Broad Cybersecurity, Management & Operations, AWS Certified Security – Amazon Web Services AWS Cloud Security Specialty, Azure Security Engineer, Microsoft Azure Cloud Security, Associate (AZ-500), CompTIA Cybersecurity, CompTIA Cybersecurity Analysis, Analyst (CySA+), Intrusion Detection, Offensive Security Certified, Offensive Security Penetration Testing, Professional (OSCP), (Understanding Attacker Methods) Practical experience utilizing Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali ThreatStream, or Recorded Future. Experience with Security Orchestration, Automation, and Response (SOAR) platforms and playbook development. Knowledge of malware analysis (static and dynamic) and reverse engineering techniques, and familiarity with associated tools. Familiarity with DevSecOps principles and experience securing CI/CD pipelines. Understanding of compliance frameworks relevant to SaaS environments (e.g.,SOC 2, ISO 27001/27701/42001, GDPR, HIPAA). Why You’ll Love It Here Highly competitive salary 25 days annual vacation time + sick time and casual leave Group medical policy coverage available to employees and up to 5 eligible family members OPD benefit covered up to INR 10,000 Life insurance and personal accident insurance at 3x annual CTC 26 weeks of maternity leave pay, and 15 days of paternity leave pay Opportunity to be part of company success via the RSU program Diversity and inclusion programs that promote employee resource groups like OWN+ (Outreach Women's Network), Adelante (Latinx community), OBX (Outreach Black Connection), Mosaic (AAPI community), Pride (LGBTQIA+), Gender+, Disability Community, and Veterans/Military Employee referral bonuses to encourage the addition of great new people to the team Fun company and team outings because we play just as hard as we work Our success is reliant on building teams that include people from different backgrounds and experiences who can elevate assumptions and ideas with fresh perspectives. We're dedicated to hiring the whole human, not just a resume. To that end, we look for a diverse pool of applicants-including those from historically marginalized groups. We would like to invite you to apply even if you don't think you meet all of the requirements listed below. We don't want a few lines in a job description to get between us and the opportunity to meet you. Show more Show less

Ready to be pushed beyond what you think you’re capable of? At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system. To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems. Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be. Security Operations Team Security is a primary competency at Coinbase, and the Security Operations team keeps a watchful eye over every aspect of it. Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience. As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we’re well-equipped to protect the next billion users of crypto. What you’ll be doing: The Security Operations group is a multi-functional organization that includes our CSIRT, Trust & Safety, Insider Threat, and Threat Intelligence. While no two days will end up looking the same, generally-speaking you’ll be responsible for the following things: You’ll serve as the first line of response when a security alert needs to be triaged, and lead the incident response/ management as needed You’ll also refine our detection rules to improve our signal/noise ratio, because no one wants to be a button-pusher or SOC monkey If something happens twice, you’ll write a runbook for it. If it happens three times, you’ll figure out a way to automate that runbook You’ll partner with Trust & Safety and Threat Intelligence on some of our attacker investigations to build TTP profiles You’ll have a clear communication strategy and be able to assist with Coinbase emerging Web3 launches around the lines of Incident Response and Threat Detection You’ll be part of a light on-call rotation with counterparts in multiple time zones You’ll lead a culture of excellence by mentoring peers and share knowledge You’ll collaborate with cross functional teams like engineering, product development, compliance to ensure timely Incident Response What we look for in you: Some security teams have strict requirements about certifications, degrees, years of experience, and things like that. Not us! We’re more interested in the unique perspectives and expertise you’ll bring to the team, rather than the acronyms on your resume. However, you’ll be much more likely to be successful in this role if these bullet points seem like a good description of you: You’ve been doing practical security things (incident response, phishkit/malware analysis, investigating account compromises, etc) for a while now, probably in the realm of 7+ years You have got a knack for identifying threats and measuring coverage / visibility across a vast amount of log sources - Multicloud, SaaS, Container Environment, MnAs log sources You consider “Automation as a Force Multiplier”, you prefer spending time in building automation so you don’t have to do manual work tasks You don’t just reflexively open up a Jupyter Notebook during an investigation, you’ve actually got favorite Jupyter Notebooks you’ve built up over the years, because you like backing up your conclusions with data, and you like automating things You are good in understanding and analyzing multitude of artifacts across network and host level You frequently get praise from your peers and coworkers about your communication skills, both written and verbal Your high degree of empathy means that your coworkers trust you to help solve their security problems, because you never come across as judgmental or condescending Pressure doesn’t get to you, even in high intensity situations or environments Nice to haves: You would bring a diverse perspective to the team: for example, maybe you took an unconventional route to get into your current security career You’ve got a passing familiarity with blockchains and cryptocurrency, or at least a good story about how you thought about investing in Bitcoin in 2014 but decided not to You’re comfortable doing some basic scripting and writing alert rules in Python and running queries in SQL/Snowflake You’ve good understanding of Cloud and SaaS technologies You are good in analyzing data at scale and perform investigations to identify adversary behavior You’ve got some experience with OSINT and threat hunting You‘ve got some experience doing incident response in the cloud You’d prefer if everyone just settled on using the ATT&CK framework already You have got experience in analyzing attacker methodologies and build detections that will enhance the existing security posture ID: P69470 Pay Transparency Notice: The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision). Pay Range:: ₹6,612,600 INR - ₹6,612,600 INR Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Know Your Rights notice here . Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here) . Global Data Privacy Notice for Job Candidates and Applicants Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Team Rubrik Zero Labs is on a mission to deliver actionable, vendor-agnostic insights to reduce data security risks. We assess real-world cyber threats to advance cyber resilience best practices for global organizations. About the Role As a Security Researcher within Rubrik Zero Labs , you will be at the forefront of security research, analyzing evolving cyber threats, ransomware trends, and adversary tactics. Your research will be leveraged for Zero Labs publications, threat intelligence briefings, blogs, white papers, and other thought leadership content. This role requires a balance of technical expertise, analytical thinking, and a passion for uncovering hidden threats and trends in cybersecurity. What you'll Do Conduct threat intelligence research , focusing on ransomware, nation-state threats, and emerging cyber risks. Identify trends and patterns in cyberattacks, using internal telemetry, open-source intelligence (OSINT), and third-party threat feeds. Author technical reports, white papers, and blogs to inform and educate security practitioners, executives, and the broader cybersecurity community. Work closely with incident response teams, threat hunters, and data analysts to validate findings and enhance Rubrik’s security posture. Develop actionable threat models and collaborate with Rubrik’s detection engineers to inform security controls. Present findings at industry conferences, webinars, and internal briefings . Participate in industry working groups and standards initiatives such as Cloud Security Alliance , etc. Experience you'll need 10+ years of experience in cybersecurity research, threat intelligence, or incident response. Proficiency in analyzing threat actor behaviors, TTPs (Tactics, Techniques, and Procedures), and attack frameworks like MITRE ATT&CK . Familiarity with threat intelligence platforms (TIPs), SIEMs, EDRs, and malware analysis tools . Strong writing skills with the ability to translate complex technical research into digestible content. Experience with scripting languages ( Python, PowerShell, or Bash ) is a plus. Industry certifications such as GCTI, GCFA, or OSCP are a bonus. To know more about Zero Labs - https://zerolabs.rubrik.com/ Join Us in Securing the World's Data Rubrik (NYSE: RBRK) is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked. Inclusion @ Rubrik At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world’s data. Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential. Our inclusion strategy focuses on three core areas of our business and culture: Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here. Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries. Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities. Equal Opportunity Employer/Veterans/Disabled Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at hr@rubrik.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. GDS SaT – EYP IDD IT – Cyber - Manager – India Competitive business today is all about making intelligent, informed decisions. As a Manager within EY GDS SaT you will help make that happen. You will be an important part of our diversely talented, highly experienced Cyber team and work at the forefront of high-profile transactions. The cyber team is part of the Integrated due diligence (IDD) team which is a competency within SaT EYP. GDS EYP IDD has a market-leading proposition to create and maximize value for our clients, whether they are acquiring or divesting assets, or undertaking operational restructuring. The opportunity Cyber team of EYP IDD competency works on the most complex and high-profile global transactions, across a broad portfolio of clients and industry sectors. We are a group of experienced cyber professionals bringing deep sector and functional knowledge to our clients. As a team, we provide variety of cyber services to our clients helping them with during the transaction life cycle i.e. Predeal, sign to close and post deal stages of any transaction. We offer services like Cyber due diligence, Cyber security (Maturity) assessment, Cyber Red flag assessment, Cyber PMO support for Buy & Integrate / Sell & Separate projects, Target operating model (ToM), etc. We prepare and execute separation and integration plans, identify ideas and sources of value enhancement, as well as advise on risk mitigation. Your key responsibilities As a Manager of Integrated due diligence function, you will be a vital member of the team supporting global EY practice teams to sell, manage and execute Cybersecurity focused projects. Lead client conversations and meetings, guide and mentor junior team members, understand the business requirements in transactions space and develop new cyber services to support the growth of cyber team. Part of your role will also involve developing experience across a range of different type of engagements, including pre-deal (e.g. Cyber due diligence, remediation cost estimates, Security spend benchmarking) and post-deal (e.g. integration / separation planning, Day 1 readiness, TSA support, project tracking etc). Having a commercial mind-set is key to this consulting-based role. Conduct security assessments, identify gaps and red flags assessing client’s on prem / cloud hosted applications, data and infrastructure Conduct research on deep and dark web using various open-source intelligence (OSINT) tools to reveal potential data breaches, provide recommendations and roadmap to mitigate the security gaps. Develop assessment reports, target operating models, target state security strategy, security roadmaps, data privacy and protection assessment reports, Day one readiness plans, 100 days plan, benchmarking analysis from security costing perspectives. You will be exclusively focused on supporting transactions from a Cybersecurity perspective pre and post deal working primarily with Private Equity and Corporate clients executing deal mandates. You will be a vital member of the team advising clients across all industries and sectors. Supporting key decision makers in developing and executing strategies for transactions. You will work in a transaction environment operating under tight M&A timeframes and demands. Develop strong relationships with regional EYP practice teams and establish yourself as a trusted point of contact. You will also assist in aspects of business origination, including pitches and presentations, and attending meetings with clients to generate new business opportunities. Demonstrate strong knowledge in the Information and Cyber security and Data privacy area. Should be able to translate Cyber and data privacy risks in business language for business leaders at client side. Experience on strategic consulting engagements developing detailed, compelling and analytical PowerPoint/Word/Excel/Visio deliverables to convey complex thoughts and ideas. Skills and attributes for success Experience in a range of different type of engagements, including pre-deal (e.g. operational Cyber due diligence, carve-out planning), post-deal (e.g. integration planning, tracking) and restructuring (e.g. rapid cost reduction). Lead work-streams comprising members of the client and colleagues from our transactions and advisory practices. Lead meetings with senior client stakeholders to advise, shape and drive the strategy and planning for pre-deal diligence, integration, carve-out / separation and operational restructuring. Contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work. Have innovative mindset to think out of the box for development of new services as per client needs Act as a role model and support development of junior team members, coupled with the recruitment and training responsibilities. Be flexible to support for broader IT, Cyber & Operational transaction work. Willingness to undertake international travel as per business requirement To qualify for the role, you must have 10-14 years with technical experience in information and cybersecurity management, security testing, privacy and data protection, IT Audits etc B Tech / M. Tech. / MCA/MBA /PGDM (part time / full time) from a reputed institute with a technology background. Excellent presentation and analytical skills to produce quality presentations for client executives. A leading cybersecurity qualification, such as CISSP, CISA, CCSP, CISM or ISO 27001 ISMS. Well versed with cybersecurity and privacy requirements as defined in GDPR & CCPA. Practical exposure to security framework and standards such as PCI, NIST & CIS, ISO 27001. Good understanding about cloud security risks and controls. Hands-on experience with internal/external security audits assessment and readiness around SOC 1, SOC 2 or SOX controls. In-depth knowledge on various security platforms and technologies such as DLP, Firewalls, Vulnerability Scanning, Penetration Testing & Security Incident Response. Ideally, you’ll also have Project management skills Strong communication and presentation skills with proven experience of producing high quality reports, papers, presentations and thought leadership Program and project management expertise with demonstrable experience in managing and being responsible for the delivery of successful cyber programs • What we offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We are seeking a highly analytical and resourceful Global Media Specialist with a strong background in journalism to join our team. The ideal candidate will possess a keen passion for verifying news across various channels and delivering actionable insights drawn from diverse media sources spanning different regions, cultures, and languages. In this role, you will play a pivotal part in analyzing and investigating global media narratives, identifying disinformation, assessing reputational risks, and tracking emerging issues that may impact our clients or organization. Responsibilities: Monitor and analyze global media content (print, broadcast, digital, and social media) to identify narratives, disinformation, or key trends. Investigate complex stories involving multinational actors, political issues, or business entities using open-source intelligence (OSINT), investigative journalism techniques, and digital tools. Conduct source verification, fact-checking, and analysis of global media reports, with a focus on accuracy and context. Produce detailed investigative summary reports, briefings, and media intelligence summaries tailored to internal stakeholders or clients. Engage with global media outlets, journalists, and information networks to validate or expand investigations when necessary. Qualifications: Bachelor’s or Master’s degree in Journalism, Political Science, or a related field . 2+ years of professional experience in investigative journalism, media monitoring, or intelligence analysis. Proven experience in researching complex international issues or political stories. Strong command of media ethics, verification techniques, and open-source intelligence (OSINT) tools. Ability to work under tight deadlines, manage multiple priorities, and maintain confidentiality. Familiarity with media monitoring platforms, investigative databases, and digital research tools . If you are passionate about investigative journalism, media monitoring, or intelligence analysis, we encourage you to apply. Show more Show less

Position Summary We are seeking a skilled and highly motivated Cyber Security Analyst (Offensive Operations) to join our team . The selected candidate will be responsible for conducting offensive cyber operations against illicit online platforms, including illegal websites, dark web services, unauthorized Android apps, and digital services engaged in unlawful activities. You will play a key role in data infiltration, extraction, analysis, and reporting, helping enforce national cybersecurity laws and protecting national digital infrastructure. Key Responsibilities: Conduct penetration testing, exploitation, and vulnerability assessment of illegal websites and mobile apps. Perform ethical offensive operations to identify, infiltrate, and collect actionable intelligence from online targets. Analyze Android apps (APK reverse engineering) to discover malicious or illegal functionalities. Use OSINT (Open Source Intelligence), dark web monitoring, and custom tools for tracking illicit cyber activities. Develop and deploy custom exploits, payloads, and scripts for covert cyber operations. Work with legal teams and law enforcement to ensure compliance with laws during operations. Document operational procedures, create detailed technical reports, and maintain digital evidence. Collaborate with cyber forensic, malware analysis, and incident response teams as needed. Preferred Skills (Not Mandatory) : Prior work experience with intelligence agencies or law enforcement cyber units. Certifications: OSCP, CEH, GPEN, or equivalent. Familiarity with C2 frameworks like Cobalt Strike or Empire. Experience with mobile malware analysis and custom payload creation Show more Show less

What You’ll Do This security analyst will be part of a team tasked with identifying, tracking and verifying the remediation of vulnerabilities in internal and external applications and systems. This role involves performing deep-dive analysis of vulnerabilities, operating vulnerability scanning tools, and building relationships with other groups within the IT organization. You will work closely with IT infrastructure, product teams, supply chain, and Cyber Security operations to reduce Eaton's attack surface. Stay up to date with the evolving technological and threat landscape and its potential impact on modern and legacy technologies, applications, and business processes. Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services. Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets. Advise employees responsible for remediation on the best reduction and remediation practices. Review and analyze vulnerability data to identify trends and patterns. Regularly report on the state of vulnerabilities, including their criticality, exploit probability, business impact, and remediation strategies. Serve as a point of contact for new and existing vulnerability-related issues. Collaborate with business teams and cyber security stakeholders to ensure appropriate governance structures are in place and that risks are documented. Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed. Maintain documentation related to vulnerability policies and procedures. Assist maintaining records for Eaton assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business. Identify areas of opportunity for improvement and automation within team processes. Perform other duties as assigned, including on-call rotations. Qualifications Bachelor’s degree in a technical discipline Overall 5-8 years of experience 3+ years of experience in security operations or vulnerability management. Skills Ability to analyze and understand vulnerabilities and exploits Proficiency with commercial and open source vulnerability management solutions. Understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques. Understanding of operating systems, applications, infrastructure, and cloud computing services. Understanding of OWASP, CVSS, MITRE ATT&CK framework. Capacity to comprehend technical infrastructure, managed services, and third-party dependencies. Preferably some experience with vulnerability management across AWS, Azure, or Google cloud Platform. Experience in Python or Powershell, with an emphasis on scripting, automation, and integrations. Experience in threat hunting or red teaming exercises is a plus. Strong communication skills: Ability to communicate effectively across all levels of the organization. Project management skills: Strong project management, multitasking, and organizational skills ]]> Show more Show less

Civica develops software for local and national government, education, health and care. Over 5,000 public bodies across the globe use our software to help deliver critical services to over 100 million citizens. Our aspiration is to be a GovTech champion everywhere we work around the globe, supporting the needs of citizens and those that serve them every day. Building on 21 years of continuous growth and success, we're at a pivotal point on our journey to realise that aspiration. As a company, we're passionate about what we do and the citizens we help to serve. If you too would like to help champion the use of technology in public services, to improve outcomes for citizens and public sector organisations, then Civica is the right place for you. We will help you unlock the best version of yourself, achieve growth in your career whilst making a real difference to people and communities. Why will you love this opportunity as Security Operations Centre (SOC) at Civica? As a vital member of our dynamic Security Operations Centre (SOC) team, comprising Analysts, Engineers, and a SOC Manager, you'll take the lead in monitoring our SIEM and various security systems to safeguard both CIVICA Group and our valued customers. Your keen eye will assess real-time and historical logs across multiple technologies, helping to uncover potential attack patterns, instances of compromise, and security vulnerabilities. Working closely with your team, you'll swiftly determine the most effective response to security events and incidents, while meticulously documenting every step taken to contain and resolve the issues. You'll also manage internal customer requests, particularly in relation to phishing, spam, and Anti-virus challenges. Additionally, you'll evaluate risks using a Surface Attack Tool, develop and utilize OSINT tools to gather open-source intelligence from various published sources, and collaborate with different business units to inform, mitigate, or remediate any issues. In this role, you'll be in charge of supervising Microsoft Sentinel and Microsoft Defender systems, while also managing other technologies as needed, including IPS, Email Gateways, Web Filtering services, and Antivirus solutions. You'll be on the lookout for patterns of misuse or recurring issues, working together with the team to contain, control, and resolve any incidents. Plus, you'll have the chance to identify opportunities for improvement in our personnel, processes, or technology to enhance the team's overall effectiveness. Requirements A deep understanding of security principles Use of Microsoft Sentinel and/or Defender Minimum 3 years' experience working in IT, with at least 1 year in a security-based role. Any recognised certifications in security or evidence that you are studying for an exam Excellent problem-solving skills and the ability to "think outside the box" under pressure. Security Incident Response and Handling techniques An expert knowledge of enterprise and cloud security infrastructure and systems, Ability to identify Email, IPS and Anti-Virus events and take appropriate action. Ability to research and develop new practices for self-development, but also to enhance the teams' capabilities. Excellent communication skills Knowledge of threat intelligence platforms or scripting (e.g., PowerShell) Understanding of Vulnerability management tools and/or Surface Attack Tools. Be able to work in rotating shift patterns (changing monthly) to help secure offices in different time zones Benefits We know that when our people are happy, they will work better and have greater work satisfaction. Here's what you can expect: We provide an inclusive, safe, and welcoming environment to all staff Training - CIVICA offers training to help learn about our changing technical environment and also help you develop new skills. Mentoring - Within the wider security team (Blue team, red team strategic security) there are opportunities to learn from others. Giving culture - we encourage you to "give back" with benefits such as our Days of Difference leave where you can volunteer for a charity of your choice. Apply for this job - If you have a diverse background in IT, enjoy solving problems with your teammates, have organisational skills to pull complex findings together and are a critical thinker, who can think about the impact of events and/or actions you might take, this role is perfect for you. Show more Show less

Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk. Your Role And Responsibilities Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Required Technical And Professional Expertise Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Preferred Technical And Professional Experience Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Show more Show less

About Cyble: Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India Our mission: To provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone. At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. About the Role: As part of our growing Threat Research & Intelligence team, we’re looking for a highly motivated Vulnerability Research and Intelligence Analyst to help us track, assess, and report on emerging vulnerabilities and exploitation trends. You’ll play a key role in strengthening our defensive posture by turning threat data into actionable intelligence. What You'll Do At CYBLE: Monitor and analyze newly disclosed vulnerabilities (CVEs, KEV, 0-days, PoCs). Develop custom scripts and tooling to automate data enrichment, correlation, and reporting across various vulnerability feeds and threat sources. Track exploitation activity across threat actor groups and malware campaigns. Collaborate with detection, response, and risk teams to drive mitigation efforts. Author technical advisories and executive summaries on high-impact threats. Maintain and enrich internal vulnerability intelligence platforms. What You’ll Need: 1-2 years in OSINT, Threat Intel, vulnerability research, or security operations. Strong understanding of CVSS, CWE, CPEs, and vulnerability disclosure ecosystems is a must. Familiarity with MITRE ATT&CK, CISA KEV, NVD, and vendor advisories. Ability to communicate complex technical concepts clearly and concisely. Bonus: experience with CTF, Bug bounty, or automation (e.g., Python). If you like working in an inclusive environment, you want to advance your career quickly, and your opinion is valued, look no further than Cyble, Inc. We are young, hungry, and ready to impact the cyber security landscape! Cyble, Inc. takes into consideration an individual’s skillset, experience and location in making final salary determination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law. Show more Show less

Full time | Work From Office This Position is Currently Open Department / Category: CYBER SECURITY Listed on Jun 04, 2025 Work Location: CHENNAI HYDERABAD Job Descritpion of Cyber Threat Intelligence Analyst 4 to 6 Years Relevant Experience Roles & Responsibilities Effectively communicate cyber threat intelligence and analysis in both written reports and executive briefings tailored for senior-level stakeholders. Analyze threat actor tactics, techniques, and procedures (TTPs) using established frameworks such as the Cyber Kill Chain, Diamond Model, and MITRE ATT&CK. Develop deep subject-matter expertise and identify complex threat actor patterns to provide actionable intelligence on current and emerging threats. Create analytical threat models relevant to the financial services sector and other high-risk industries. Identify intelligence gaps and generate requests for information (RFIs) to support ongoing threat analysis. Work closely with internal stakeholders and external entities (ISACs, law enforcement, intelligence agencies, etc.) to enhance threat visibility and response. Conduct threat hunting and retroactive hunting using known Indicators of Compromise (IOCs). Deliver high-quality finished intelligence reports to business units, including strategic and tactical insights. Participate in the development of alerting rules and assist in improving security monitoring capabilities. Support senior leadership by aligning threat intelligence with organizational risk and critical asset priorities. Conduct internal briefings across various business and security teams. Required Skills & Experience 4 to 6 years of relevant cyber threat intelligence experience. Strong experience in analyzing cyber threat data and generating relevant recommendations. In-depth understanding of: MITRE ATT&CK, Cyber Kill Chain, Diamond Model methodologies. Threat Intelligence Platforms (TIPs) such as Anomali, Recorded Future, ThreatConnect, etc. SIEM platforms like Splunk, and tools such as Maltego, XSOAR, OSINT aggregators. Strong knowledge of: Networking concepts and enterprise infrastructure. STIX/TAXII standards. Intrusion Detection/Prevention Systems (IDS/IPS) and load balancing technologies. Experience with: Cloud environments (e.g., AWS, Azure). Malware analysis and network-based forensic tools. Both qualitative and quantitative intelligence analysis from diverse sources. Preferred Qualifications SANS GCTI certification (or equivalent). Familiarity with threat actors targeting the US financial sector (Nation-State, Cybercrime, Hacktivists, etc.). Knowledge of security priorities and TTPs associated with sector-specific threats. Required Skills for Cyber Threat Intelligence Analyst Job GCTI Threat Intelligence Threat Intel Platform Our Hiring Process Screening (HR Round) Technical Round 1 Technical Round 2 Final HR Round

Company Profile: Max is Global Risk Management organization based out in Tel Aviv, Israel and its APAC HQ is based out of Mumbai. Led by veterans from Israeli Military Special Forces, Intelligence, Cyber and Secret Services we operate in 160 countries across the globe. We have capabilities in every continent across the world and carry the experience of 25 + successful years in the intelligence, operations, and consulting sector. MAX provides Fortune 500 organizations with the tools to enable them to carry out business in some of the most challenging and severe environments. Position: Protective Monitoring Analyst. We are looking for graduates / experienced individuals to work as a Protective Monitoring Analyst in the world of security and risk consulting. Analysts scan, research, and present findings of online-based or originated threats for a variety of clients. Job Requirements : Academic degree (Bachelor’s or Higher). Preferably in geopolitics, international relations, journalism, criminology, forensics sciences (preferably: cyber/digital), or related domains. Ability to write professional-level reports in English with a very high level of fluency suitable for technical and non-technical audiences. Practical experience with Open-Source Intelligence (OSINT), web investigations, online due diligence, and social media monitoring, for the purpose of carrying out complex research operations online. Outstanding knowledge of open-source research methodologies (e.g. Boolean logic) and environments (including forums, message boards etc.), as well as web intelligence techniques (including deep and dark), link analysis, data mining, and other online intelligence tools, is essential. Highly motivated to contribute and grow within a fast-paced and demanding working environment. Excellent analytical and problem-solving skills with an eye for detail. Excellent written and verbal communication skills and effective time management. Ability to multi-task, take initiative, work independently, and establish priorities under time sensitive conditions. Experience of working with threat intelligence, risk analysis, or security assessments (advantage) Experience of online brand or reputational monitoring (advantage) Additional languages (advantage) Experience: Individuals with 1-3 years of relevant work experience would receive a preference, however we are open to candidate profiles who can demonstrate similar capabilities. Show more Show less

Position Title Analyst, Global Security Operations Center Function/Group Global Security Location India GBS – Mumbai Ventura Office Shift Timing 6:30 AM to 3:30 PM IST and 1:30 PM to 10:30 PM IST (monthly rotational) Role Reports to Regional Security Lead Remote/Hybrid/in-Office Hybrid The post will close on 05/12/25 at 11:59 PM IST About General Mills We make food the world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Häagen-Dazs, we’ve been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out http://www.generalmills.com General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of our global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS).For more details check out https://www.generalmills.co.in We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. Job Overview The Global Intelligence Management Center is a centralized intelligence hub that integrates data from cybersecurity, physical security, and geopolitical sources to provide real-time threat monitoring, analysis, and incident response support. It synthesizes information from various internal and external sources to produce actionable intelligence, helping to protect our people, operations, and reputation worldwide. The center facilitates cross-functional collaboration, shares critical information with partners, and delivers strategic insights to guide proactive decision-making and mitigate emerging risks. For more details about General Mills please visit this Link Key Accountabilities Intelligence Collection and Analysis: Gather and analyse data from a variety of intelligence sources, including open-source intelligence (OSINT), internal systems, and vendor feeds, to identify emerging threats and risks. Threat Monitoring: Continuously monitor cyber, physical, and geopolitical landscapes for security developments that may impact the organization. Incident Detection and Support: Collaborate with the Regional Security Leads (RSLs) and other response teams to provide support during incidents, identifying root causes and providing context to enhance response efforts. Data Fusion: Synthesize information from multiple streams (cybersecurity, physical security, geopolitical data) to produce comprehensive intelligence assessments. Information Sharing: Coordinate and share intelligence with internal teams, leadership, and external partners (e.g., law enforcement, government agencies, industry groups) to enhance situational awareness and response strategies. Reporting and Briefing: Develop intelligence briefs, routine analysis, and threat assessments to inform senior leadership and operational teams of current and potential threats. Risk Forecasting: Conduct risk forecasting and scenario analysis to provide insights into future threats, enabling proactive security measures. Tool and Technology Utilization: Leverage advanced intelligence platforms and tools to enhance data collection, analysis, and reporting capabilities. Collaboration: Work closely with internal teams such as cybersecurity, physical security, and risk management, ensuring intelligence informs security operations and aligns with organizational priorities. Continuous Improvement: Stay updated on emerging threats, intelligence techniques, and tools, continually improving analytical methods to ensure effective risk mitigation. Minimum Qualifications Education – Full time graduation from an accredited university Bachelor's degree in Intelligence Studies, Security, Cybersecurity, Political Science, or a related field. 1+ years of experience in intelligence analysis, security operations, or a related field. Strong analytical and critical thinking skills with the ability to synthesize complex information from diverse sources. Proficient in using intelligence and data analysis platforms/tools and analytic techniques. Excellent written and verbal communication skills, capable of delivering concise and actionable intelligence reports to diverse stakeholders. Ability to work in a fast-paced, dynamic environment, adapting to rapidly changing threat landscapes. Preferred Qualifications Certifications in intelligence analysis, cyber threat intelligence, or related fields. Knowledge of global geopolitical issues, cyber threats, and physical security risks. Experience working with law enforcement, government agencies, or industry groups. Familiarity with security operations center (SOC) processes and incident response. Company Overview We exist to make food the world loves. But we do more than that. Our company is a place that prioritizes being a force for good, a place to expand learning, explore new perspectives and reimagine new possibilities, every day. We look for people who want to bring their best — bold thinkers with big hearts who challenge one other and grow together. Because becoming the undisputed leader in food means surrounding ourselves with people who are hungry for what’s next. Show more Show less

Rackspace Cyber Defense Security Lead, Security Operations Shift Timings: 1 pm to 10 pm IST About Rackspace Cyber Defence Rackspace Cyber Defence is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence-driven security services. Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud, and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric, fully integrated 24x7x365 cyber defense capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Proactively detect and respond to cyber-attacks – 24x7x365 Defend against new and emerging risks that impact their business Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments Reduce their exposure to risks that impact their identity and brand Develop operational resilience Maintain compliance with legal, regulatory and compliance obligations What We’re Looking For To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for a Security Lead for security Operations. This role is particularly well-suited to a self-starting, experienced, and motivated Security Lead, who is commercially aware, service-oriented, and has a proven record of accomplishment in delivering and managing a security operations centre (SOC.) The Security Lead will be the face of Rackspace’s security services and responsible for the leadership and management of a multi-disciplinary security operations center (SOC) that serve Rackspace Cyber Defense customers. Key Accountabilities Should have experience of 12 years in SOC and Security Eng Managing a team of first responders, as part of a resolver group (or pod), you will ensure the Customer’s operational and production environment remains secure and any threats are raised and addressed promptly. This can include monitoring at both the network and application level Identification of a customer’s critical assets using technical tools and interviews Use of, enhancement of, or implementation of new, relevant technology tooling to ensure a customer’s configuration and security policies are enforced Use of threat intelligence platforms such as OSINT, to understand the latest threats. Researching and analysing the latest threats to better understand an adversary’s tactics, techniques, and procedures (TTPs) Automation of security processes and procedures to enhance and streamline monitoring capabilities Ensure any reported vulnerabilities are resolved within agreed SLA timeframes In-depth knowledge of each Rackspace customer’s environment Providing relevant reporting and analysis (including breach root cause analysis, if required) to customers, on an agreed frequency Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc May be required to work flexible working hours Critical Incident Handling & Closure and Deep investigation and analysis of critical security incidents Post-breach forensic incident analysis reporting and Advanced threat hunting Assist with customer onboarding – loading of feeds, etc. to Sentinel Develop custom dashboards and reporting templates and Develop complex to customer-specific use cases Advanced platform administration and Solution recommendations for issues Co-ordinate with different teams for issue resolution Skills & Experience Experience of managing a team of Security Operations Engineers, or equivalent Experience of working in large-scale, public cloud environments and using cloud-native security monitoring tools such as: - Azure Security Centre and Sentinel o GCP Security Command Centre, Chronical AWS Security Hub including AWS Guard Duty, AWS Macie, AWS Config, AWS Security Lake and AWS CloudTrail Vulnerability Management: Qualys, Microsoft Defender Endpoint Management: CrowdStrike and Microsoft Defender for Point Knowledge of security standards (good practice) such as NIST, ISO27001, CIS, OWASP and Cloud Controls Matrix (CCM) etc Experience of security controls, such as network access controls; identity, authentication and access management controls (IAAM); and intrusion detection and prevention controls Adept at analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis Computer science, engineering or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - o Certified Information Security Systems Professional (CISSP) o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) o GIAC Security Operations Certified (GSOC) A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture Highly organized and detail oriented. Ability to prioritise, multitask and work under pressure An individual who shows a willingness to go above and beyond in delighting the customer A good communicator who can explain security concepts to both technical and nontechnical audiences About Rackspace Technology We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace Technology Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know. Show more Show less

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Monitor all the endpoint , Network , Cloud and application security incidents. As SOC team member , perform the basic investigation and all the security incidents and document the evidence. Performing Security controls health & Compliance check. Adhere to shift timings and provide uninterrupted 24/7 monitoring . Properly share shift handovers, updating the next shift on ongoing incidents and activities. Respond to all security incidents within a SLA period Resolve incidents assigned to the shift promptly and escalate to the Senior team when necessary. Work across all categories of incidents without limiting to specific types. Follow the incident handling as per the docum ented SOP . Complete and close all assigned task requests within SLA timelines. Attend weekly and monthly team meetings as mandatory. Qualifications OSINT : knowledge about open-source platforms for analyzing URL, IP Addresses , suspicious files. Email Analysis : Operating Systems: Basics of Linux and Windows, kernel concepts, and system differences. Networking: OSI model, TCP/IP, firewalls, VPNs, proxies, IP addressing, and subnetting. SIEM Tools: Basics of SIEM operations, alerts, and dashboards (e.g., Splunk). Authentication & Access Control: MFA, SSO, and password management best practices. Malware Protection: Antivirus strategies, malware analysis, phishing email analysis, and IOC gathering. Trending Cyber Attacks : update knowledge about the trending cyber-attacks & its attack patterns . Show more Show less

Company Description DefHawk is a cybersecurity company based in Gurugram, specializing in cybersecurity simulation and providing research and consultations in all areas of cybersecurity. With a team of experts from top industry players and renowned universities, we offer unique methodologies to help organizations secure their services and protect against cyber threats. Our vision is to build a holistic cybersecurity ecosystem by empowering students, professionals, and organizations to learn, explore, and grow in cybersecurity. Role Description This is a full-time on-site role as a Cyber Security Instructor at DefHawk in Gurugram. The Cyber Security Instructor will be responsible for conducting cybersecurity training sessions, developing course materials, and mentoring students on application security, network security, information security, and malware analysis. The role will involve staying updated on the latest cybersecurity trends and technologies. Qualifications Application Security and Information Security skills Cybersecurity and Network Security expertise Proficiency in one of these fields: Web Exploitation Cloud Security Cryptography Artificial Intelligence Blockchain Malware analysis Digital Forensics Reverse Engineering Binary Exploitation Mobile Hacking OSINT (Open-Source Intelligence) Threat Hunting Strong knowledge of cybersecurity principles and practices Experience in developing cybersecurity training materials Strong presentation and communication skills Relevant cybersecurity certifications (e.g., CISSP, CEH) are a plus Bachelor’s or Master’s degree in Computer Science or related field Show more Show less

Description As a Blockchain Intelligence Analyst, you will collect, analyze, and report on intel leads (e.g., crypto exchanges, fraud) ensuring best-in-class intelligence, problem solving, and ability to turn data into insights. You will collaborate with expert minds in academics, industry, and Law enforcements to build scalable systems to detect, prevent, and mitigate cryptocurrency fraud and financial crime. This is an exciting opportunity to make a measurable impact within a corporate environment that values precision, innovation, and strategic thinking. Responsibilitie s ● Analyze user behavior on different virtual asset service providers (such as marketplaces, and exchanges). This task requires one to perform OSInt and extract relevant information about the platform. ● Develop related pipeline using Python and other technologies. ● Support product and analytics teams in building data-pipelines and business logic. ● Develop strategies to counter concealment measures used by service providers (captchas, closed group invites etc). ● Establish partnerships with 3rd party data vendors, research bodies, anti-cybercrime groups. ● Monitor forums for cybercrime intelligence. ● Develop intelligence reports for marketing and SAR reports for Law Enforcement Agencies. Eligibility ● Proven work experience in intelligence-related positions, ideally in Blockchain Intelligence (This is not an entry-level position). ● Proficiency and expertise in different methods used for OSInt. ● Strong ability to synthesize, interpret, and report complex information clearly and accurately. ● Knowledge of blockchain technologies and different platforms, with a focus on tracing transactions and identifying malicious activity. Also have working knowledge of cryptocurrencies, darknet marketplaces, Tor, experience in making payments with Bitcoin and Ethereum. ● Excellent communication skills to collaborate with cross-functional teams and able to explain to others with no technical knowledge. ● Ability to research in another language also (Please specify the language(s) in your application). ● Proficiency in Python, MongoDB, Neo4j, Cypher, Git. Desired Eligibility ● Relevant certifications and experience in cybersecurity or intelligence gathering. ● Working knowledge of SQL is preferred. ● Bachelor's degree or above in Computer Science or related field. ● Prior experience working in fast-paced environments or startups. ● Prior experience in publishing research oriented articles in A* journals. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

Job Title: OSINT Lab Lead Department: Intelligence & Investigations Location: On-site (Mumbai, Goregaon office) Reports To: COO Role Overview: We are seeking an experienced and highly analytical OSINT Lab Lead to head our Open-Source Intelligence (OSINT) operations. This is a strategic leadership role at the intersection of journalism, data intelligence, and digital investigations. The OSINT Lab Lead will drive the collection, verification, and analysis of open-source information to support investigative reporting, public interest research, and narrative monitoring. Key Responsibilities: • Lead OSINT Operations: Build and manage a high-performing OSINT team specializing in digital investigations, geolocation, metadata analysis, and real-time monitoring. • Investigative Research & Analysis: Oversee the identification, collection, and validation of publicly available data (social media, forums, government databases, satellite imagery, etc.) to generate actionable insights. • Verification & Fact-Checking: Develop protocols for content verification—images, videos, user-generated content—and coordinate with editorial and research teams to ensure accuracy. • Tool Development & Integration: Recommend and deploy OSINT tools, platforms, and automation solutions to enhance the lab’s efficiency and output quality. • Training & Knowledge Sharing: Conduct internal workshops and training sessions on OSINT techniques, digital hygiene, and verification methodologies for journalists and analysts. • Strategic Intelligence & Reporting: Produce detailed reports, threat assessments, and narrative maps for political, social, or election-related developments across regions. • Cross-Team Collaboration: Work closely with editorial, consultancy, legal, and data science teams to support multi-disciplinary projects. Key Qualifications: • 4-5 years of experience in investigative journalism, threat intelligence, digital forensics, IT or a related field. • Proven expertise in OSINT tools and techniques (e.g., Meltwater, HootSuite, Innsight, Google Earth, Exif tools, etc.). • Strong understanding of digital ecosystems, disinformation tactics, and verification processes. • Exceptional analytical and written communication skills. • Demonstrated experience managing teams and coordinating across verticals. • Experience with scripting, APIs, or data visualization tools is a plus. Who You Are: • A detail-oriented investigator with a deep curiosity for how information moves and morphs online. • A strategic thinker with a journalist’s instinct and an analyst’s discipline. • Passionate about truth, transparency, and the responsible use of public data. Compensation: Commensurate with Industry Show more Show less

Join us as a AVP - Cyber Operations at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards. You'll spearhead the evolution of our digital landscape, driving innovation and excellence. You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences. To be successful as a AVP - Cyber Operations you should have experience with: Proficiency in Develop and maintain audit documentation and reports. Proficiency in SIEM technologies & usability in a Large & Complex Computing Environment. Analysis and response of detected security incidents, timely escalation and drive to ensure the closure of incidents. Knowledge of auditing standards and frameworks (e.g., CSF, Mitre Att£ck & Detection Lifecycle Management). Incident Response skills including proficiency in PCAP Capture, Network Analysis, and Traffic Patterns. Identify attacks and malware (Trojans, Ransomware, etc.) analysing event data generated from proxy, endpoints, IDS, MPS, network devices etc. Some Other Highly Valued Skills May Include Perform SIEM Monitoring and Cyber Security alerts creation process Collaborate with audit teams and stakeholders. Support audit planning, fieldwork, and reporting. Support risk assessments and internal control evaluations. Develop and maintain audit documentation and reports. Provide support for audit activities, ensuring effective risk management and compliance. Understanding of risk management principles, including risk assessment, mitigation, and monitoring. Familiarity with regulatory requirements (e.g., SOX ) and industry standards. Knowledge of internal control frameworks and testing procedures. Understanding of traditional ITIL concepts Incident, Change and Problem management; Understanding of Cloud Security Principles (AWS/Google/Azure) Understanding of Open Source network analysis tools, and Open-source intelligence tools (OSINT). In-depth knowledge of the Cyber Kill-Chain, Intelligence-driven defence and security architectures. Ability to help write concise reports based on complex data with accuracy, brevity, and speed. Appreciation of End Point security products including firewalls, Anti-virus and network access control. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. This role is based in Pune. Purpose of the role To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats. Accountabilities Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage. Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise. Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats. Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network. Management of cyber security incidents including remediation & driving to closure. Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions. Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others. OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes. Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues. Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda. Take ownership for managing risk and strengthening controls in relation to the work done. Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively. Communicate complex information. 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience. Influence or convince stakeholders to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave. Back to nav Share job X(Opens in new tab or window) Facebook(Opens in new tab or window) LinkedIn(Opens in new tab or window) Show more Show less

Gather & analyze OSINT from social media, forums, dark web Use tools like Maltego, Shodan, Recon-ng Support investigations & risk assessments Collaborate with security & law enforcement teams Prepare intelligence reports & improve methods

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. GDS SaT – EYP IDD IT – Cyber - Manager – India Competitive business today is all about making intelligent, informed decisions. As a Manager within EY GDS SaT you will help make that happen. You will be an important part of our diversely talented, highly experienced Cyber team and work at the forefront of high-profile transactions. The cyber team is part of the Integrated due diligence (IDD) team which is a competency within SaT EYP. GDS EYP IDD has a market-leading proposition to create and maximize value for our clients, whether they are acquiring or divesting assets, or undertaking operational restructuring. The opportunity Cyber team of EYP IDD competency works on the most complex and high-profile global transactions, across a broad portfolio of clients and industry sectors. We are a group of experienced cyber professionals bringing deep sector and functional knowledge to our clients. As a team, we provide variety of cyber services to our clients helping them with during the transaction life cycle i.e. Predeal, sign to close and post deal stages of any transaction. We offer services like Cyber due diligence, Cyber security (Maturity) assessment, Cyber Red flag assessment, Cyber PMO support for Buy & Integrate / Sell & Separate projects, Target operating model (ToM), etc. We prepare and execute separation and integration plans, identify ideas and sources of value enhancement, as well as advise on risk mitigation. Your Key Responsibilities As a Manager of Integrated due diligence function, you will be a vital member of the team supporting global EY practice teams to sell, manage and execute Cybersecurity focused projects. Lead client conversations and meetings, guide and mentor junior team members, understand the business requirements in transactions space and develop new cyber services to support the growth of cyber team. Part of your role will also involve developing experience across a range of different type of engagements, including pre-deal (e.g. Cyber due diligence, remediation cost estimates, Security spend benchmarking) and post-deal (e.g. integration / separation planning, Day 1 readiness, TSA support, project tracking etc). Having a commercial mind-set is key to this consulting-based role. Conduct security assessments, identify gaps and red flags assessing client’s on prem / cloud hosted applications, data and infrastructure Conduct research on deep and dark web using various open-source intelligence (OSINT) tools to reveal potential data breaches, provide recommendations and roadmap to mitigate the security gaps. Develop assessment reports, target operating models, target state security strategy, security roadmaps, data privacy and protection assessment reports, Day one readiness plans, 100 days plan, benchmarking analysis from security costing perspectives. You will be exclusively focused on supporting transactions from a Cybersecurity perspective pre and post deal working primarily with Private Equity and Corporate clients executing deal mandates. You will be a vital member of the team advising clients across all industries and sectors. Supporting key decision makers in developing and executing strategies for transactions. You will work in a transaction environment operating under tight M&A timeframes and demands. Develop strong relationships with regional EYP practice teams and establish yourself as a trusted point of contact. You will also assist in aspects of business origination, including pitches and presentations, and attending meetings with clients to generate new business opportunities. Demonstrate strong knowledge in the Information and Cyber security and Data privacy area. Should be able to translate Cyber and data privacy risks in business language for business leaders at client side. Experience on strategic consulting engagements developing detailed, compelling and analytical PowerPoint/Word/Excel/Visio deliverables to convey complex thoughts and ideas. Skills And Attributes For Success Experience in a range of different type of engagements, including pre-deal (e.g. operational Cyber due diligence, carve-out planning), post-deal (e.g. integration planning, tracking) and restructuring (e.g. rapid cost reduction). Lead work-streams comprising members of the client and colleagues from our transactions and advisory practices. Lead meetings with senior client stakeholders to advise, shape and drive the strategy and planning for pre-deal diligence, integration, carve-out / separation and operational restructuring. Contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work. Have innovative mindset to think out of the box for development of new services as per client needs Act as a role model and support development of junior team members, coupled with the recruitment and training responsibilities. Be flexible to support for broader IT, Cyber & Operational transaction work. Willingness to undertake international travel as per business requirement To qualify for the role, you must have 10-14 years with technical experience in information and cybersecurity management, security testing, privacy and data protection, IT Audits etc B Tech / M. Tech. / MCA/MBA /PGDM (part time / full time) from a reputed institute with a technology background. Excellent presentation and analytical skills to produce quality presentations for client executives. A leading cybersecurity qualification, such as CISSP, CISA, CCSP, CISM or ISO 27001 ISMS. Well versed with cybersecurity and privacy requirements as defined in GDPR & CCPA. Practical exposure to security framework and standards such as PCI, NIST & CIS, ISO 27001. Good understanding about cloud security risks and controls. Hands-on experience with internal/external security audits assessment and readiness around SOC 1, SOC 2 or SOX controls. In-depth knowledge on various security platforms and technologies such as DLP, Firewalls, Vulnerability Scanning, Penetration Testing & Security Incident Response. Ideally, you’ll also have Project management skills Strong communication and presentation skills with proven experience of producing high quality reports, papers, presentations and thought leadership Program and project management expertise with demonstrable experience in managing and being responsible for the delivery of successful cyber programs What We Offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Title : Security Analyst (OPS) Location : Delhi Job Overview : We are seeking a Security Analyst (OPS) to join our dynamic Security Testing team. Hands-on role that also requires client interaction on a regular basis. Job Responsibilities : Data Collection: Utilize a variety of tools and techniques to collect information from open sources such as social media platforms, news websites, forums, and other online resources. • Analysis: Analyze large volumes of data to identify relevant trends, patterns, and anomalies. Utilize critical thinking and problem-solving skills to assess the credibility and reliability of sources. Reporting: Prepare clear and concise reports summarizing key findings and insights obtained from OSINT activities. Present findings to stakeholders in a timely manner, highlighting potential recommendations. risks, opportunities, and Threat Monitoring: Monitor online platforms and sources for potential threats, risks, or emerging issues that may impact the organization. Stay updated on current events, geopolitical developments, and industry trends. Collaboration: Work closely with other team members, including intelligence analysts, cybersecurity professionals,and law enforcement agencies, to share information and insights gathered through OSINT activities. Tool Development: Contribute to the development and enhancement of tools and methodologies for OSINT collection, analysis, and dissemination. Compliance: Ensure compliance with relevant laws, regulations, and ethical standards governing OSINT activities, including privacy and data protection requirements. Technical Skillsets (Mandatory) : Hands on experience in OSINT and Social Engineering Basic Knowledge in Penetration Testing Strong analytical and problem-solving skills and the ability to explain complex technical concepts in a clear and concise manner and to provide remediation recommendations. Knowledge of / or experience with both Enterprise and open source offensive security tools for reconnaissance, scanning, exploitation Technical Skillsets (Preferred) : Proficiency in a programming language(s) (e.g. Python) Hands-on experience in Threat Hunting, OSINT, and Threat Modelling Experience : Minimum 1 to 3 years’ experience Job Type: Full-time Pay: ₹296,651.07 - ₹900,000.00 per year Benefits: Cell phone reimbursement Health insurance Internet reimbursement Leave encashment Paid sick time Paid time off Provident Fund Schedule: Day shift Work Location: In person

Job Summary The Director, TSG Information Security, Cyber Threat Management is a position within Bain's Cyber Security Department, whose mission is to define and enable strategies to safeguard the digital assets and integrity of the organization. In this role, the Director understands how security measures align with the overall organizational strategy and will begin to organize and lead in the development and implementation of security controls that adhere to regulatory requirements and best practices. The Director combines a strong level of technical and managerial skills and business alignment to build and guide a growing team and resources across a spectrum of capabilities. The position primarily focuses on the efficient, effective and reliable resolution of Bain's defensive strategy as well as focuses on improving our offensive strategy to help the company meet its overall business objectives. The position therefore must have the technical skills to troubleshoot and resolve complex issues as well as excellent communication and upward management. These measures require taking a leadership position in coordinating activities across the team working with Technical, IT and Cybersecurity leadership. The Director role has expertise and experience in multiple disciplines, including Threat Intelligence programs, Detection and Deterrence systems, Threat Exposure Management, Incident Response, Forensics and Evidence gather and Pro-Active Security probing capabilities (Red/Blue/Purple teaming & Penetration Testing). Principal Accountabilities Monitoring & Detection Oversee and strategize on developing advanced security monitoring, analysis, and correlation platforms to detect cybersecurity events. Direct cross-functional efforts in the identification and in-depth analysis of sophisticated security threats, including malware, APTs (Advanced Persistent Threats), and targeted attacks. Enable a wide range of security tools and technologies, including SIEM, IDS/IPS, or next gen/advanced threat detection solutions. Partner with organizations and vendors to identify and integrate new data sources. Incident Response & Analysis Oversee the ongoing management and evolution of security runbooks and champion for ongoing automation or AI/ML based technologies to increase speed/efficiency. Strengthen Bain’s capability in-depth log analysis, data correlation, and forensic investigations to identify root causes of incidents and improve security measures. Provide strong and clear communications on cyber events and situations with sr. leadership. Ensure alignment in security policies and practices adhere to industry standards and compliance requirements and oversee the validation of the controls. Serve as a subject matter expert in security discussions and decision-making and enable and grow team members skills and experience. Work with the primary goal of building efficiencies in Cyber Threat Management responses and driving down MTTR and reducing overall risk. Threat Intelligence Enable a threat intelligence capability, including open-source intelligences (OSINT), dark web forums, and industry reports to drive awareness and improvement in our defensive posture. Utilize threat intelligence platforms and tools to aggregate and correlate threat data. Drive coordination with intelligence and incident response teams to investigate and analyze security incidents. Develop and refine threat intelligence methodologies and tools. Stay current with industry best practices and new methodologies to enhance the teams capabilities. Vulnerability Management & Threat Exposure Management Work cross-functionally across IT teams and provide leadership and guidance in mitigating threats to Bain. Serve as a subject matter expert in security discussions and decision-making. Build processes to enable regular vulnerability scans on the organization's network, applications, and systems using industry-standard tools Pro- Active Security Testing Experience implementing and operationalizing vulnerability management tools, processes, and best practices. Oversee the classification and prioritization of vulnerabilities based on risk and potential impact. Stay informed about emerging trends and technologies in cybersecurity. Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Pro- Active/Enhanced Security Testing Partner with colleagues to expand controlled penetration testing technologies and capabilities on networks, applications, and systems to identify security vulnerabilities. Investigate and keep up to date with changes in tooling and advanced attacks in network, cloud and application testing. Analyze and interpret results to identify potential risk as well as evaluate potential impact. Red Team, Blue Team, Purple team exercise leadership experience. Professional Development and Innovation Stay informed about emerging trends and technologies in cybersecurity. Drive collaboration and defensive standards/expertise across Bain, working with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Explore Professional Certifications and work with leadership to plan trainings. Knowledge, Skills, And Abilities Security Monitoring & Incident Detection and Response Strong knowledge of Splunk (or other SIEM tools),CrowdStrike or equivalent EDR/MDR platforms, Windows Defender, Palo Alto Networks, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools) Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologies Knowledge of ticketing, triage and forensics capabilities and toolsets General Skills Great communication skills, with the ability to document and explain technical information clearly. Analytical mindset, with a focus on learning and problem-solving. Ability to work independently and well in a team, showing strong interpersonal skills. Eagerness to learn and adapt to new challenges in cybersecurity. Entrepreneurial spirit, open to trying new approaches and learning from them. Team Management Drive and expand the training and professional development of Security Operations staff. Qualification And Experience Bachelor's degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experience 10-15 years of relevant experience Experience with Information Security technologies (Firewall, IPS, IDS, SIEM, EDR, CASB, AV, DLP, etc.) Experience with common information security controls frameworks (i.e. ISO, NIST, CIS, or CSA) Global company or equivalent Experience deploying systems or applications Ability to work independently and with teams on complex problems Complex problem solving Ability to work in a fast paced, dynamic environment. Show more Show less