690 Phishing Jobs - Page 5

Company Description Quick Heal Technologies Limited is a leading provider of IT Security and Data Protection Solutions with a strong presence in India and a growing global footprint. Founded in 1995, we cater to B2B, B2G, and B2C segments, offering solutions across endpoints, network, data, and mobility. Our state-of-the-art R&D center and deep threat intelligence enable us to deliver top-tier protection against advanced cyber threats. Known for our renowned brands 'Quick Heal' and 'Seqrite', we are committed to our employees' development, and societal progress through cybersecurity education and awareness initiatives. Quick Heal is the only IT Security product company listed on both BSE and NSE. Role Description We are seeking a Data Science Manager to lead a high-performing team of data scientists and ML engineers focused on building scalable, intelligent cybersecurity products. You will work at the intersection of data science, threat detection, and real-time analytics to identify cyber threats, automate detection, and enhance risk modelling. Responsibilities Lead and mentor a team of data scientists, analysts, and machine learning engineers. Define and execute data science strategies aligned with cybersecurity use cases (e.g., anomaly detection, threat classification, behavioral analytics). Collaborate with product, threat research, and engineering teams to build end-to-end ML pipelines. Oversee development of models for intrusion detection, malware classification, phishing detection, and insider threat analysis. Manage project roadmaps, deliverables, and performance metrics (precision, recall, F1 score, etc.). Establish MLOps best practices and ensure robust model deployment, versioning, and monitoring. Drive exploratory data analysis on large-scale security datasets (e.g., endpoint logs, network flows, SIEM events). Stay current on adversarial ML, model robustness, and explainable AI in security contexts. Required Qualifications Bachelor's or Master’s degree in Computer Science, Data Science, Statistics, or a related field. Ph.D. is a plus. 7+ years of experience in data science or ML roles, with at least 2+ years in a leadership role. Strong hands-on experience with Python, SQL, and ML libraries (e.g., scikit-learn, TensorFlow, PyTorch). Experience working with security datasets: EDR logs, threat intel feeds, SIEM events, etc. Familiarity with cybersecurity frameworks (MITRE ATT&CK, NIST, etc.). Deep understanding of statistical modelling, classification, clustering, and time-series forecasting. Proven experience managing cross-functional data projects from conception to production. Preferred Skills Experience with anomaly detection, graph-based modelling, or NLP applied to security logs. Understanding of data privacy, encryption, and secure data handling. Exposure to cloud security (AWS, Azure, GCP) and tools like Splunk, Elastic, etc. Experience with MLOps tools like MLflow, Kubeflow, or SageMaker.

Job Role- Lead IT Support Specialist – (Service Operations & O365/Azure) Work mode: WFH Week offs: Sat/Sun Budget: 13LPA Key Responsibilities: Major Incident & SLA Management Exchange Online (mailbox, distribution, public folders) Patch Management & Emergency Fixes Office 365 & Email Security (anti-phishing/anti-malware) VPN, Desktop, Printer, and Mobile Device Support Knowledge Base & Escalation Documentation Compliance: Password Policies & Data Privacy Service Desk Workflow Optimization & Automation Windows OS / macOS troubleshooting ISP, Hardware support LAN/WAN troubleshooting Microsoft 365, Outlook, Teams support Active Directory and Group Policy basics Networking fundamentals (IP, DNS, DHCP) Candidates should be from Delhi/NCR only

Job Title: Penetration Tester Experience Required: 4 to 5 Years Location: [Insert Location or Remote] Job Type: Full-Time Job Summary: We are looking for a skilled and experienced Penetration Tester to join our cybersecurity team. The ideal candidate will have 4 to 5 years of hands-on experience in conducting security assessments, identifying vulnerabilities, and simulating real-world attacks to evaluate the strength of our infrastructure, applications, and systems. Key Responsibilities: Perform network, web application, mobile, and API penetration tests . Simulate real-world cyberattacks to assess organizational security posture. Identify, document, and report vulnerabilities and exploits with remediation recommendations. Collaborate with internal teams to assist in risk mitigation and remediation strategies . Use tools like Burp Suite, Metasploit, Nmap, Nessus, Wireshark , etc. Conduct social engineering assessments , such as phishing simulations (optional based on role). Keep up to date with the latest threats, tools, and techniques in the cybersecurity landscape. Prepare and deliver clear, concise, and technical penetration testing reports . Participate in Red Team/Blue Team exercises , if applicable. Required Skills & Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology , or related field. 4–5 years of hands-on experience in penetration testing or ethical hacking . Proficiency in Kali Linux and other offensive security tools. Strong knowledge of OWASP Top 10 , MITRE ATT&CK framework , and common attack vectors . Experience with scripting languages (Python, Bash, or PowerShell). Familiarity with cloud security testing (AWS, Azure, GCP) is a plus. Excellent analytical, problem-solving, and reporting skills . Certifications (Preferred): OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) GPEN (GIAC Penetration Tester) Other relevant security certifications

Job Summary: We are looking for an experienced Cyber Security Analyst to join our team and help protect our organization’s systems, networks, and data from cyber threats. The ideal candidate will have 4–5 years of hands-on experience in threat detection, incident response, vulnerability assessment, and security monitoring. Key Responsibilities: Monitor and analyze security events using SIEM tools (e.g., Splunk, QRadar, or ArcSight). Perform threat hunting and investigate security incidents across endpoints, networks, and cloud environments. Conduct vulnerability assessments and coordinate remediation efforts. Develop and implement security policies, procedures, and best practices. Analyze malware, phishing attempts, and other suspicious activities. Respond to and contain cyber incidents and conduct root cause analysis. Generate reports on security trends, incidents, and risk assessments. Collaborate with IT and DevOps teams to ensure secure system configurations. Support security awareness training and ensure compliance with regulatory standards (e.g., ISO 27001, GDPR, HIPAA). Required Skills & Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 4 to 5 years of proven experience in a cyber security analyst or similar role. Proficiency in SIEM, IDS/IPS, endpoint protection, and vulnerability scanning tools. Knowledge of cybersecurity frameworks (NIST, MITRE ATT&CK, OWASP). Strong understanding of TCP/IP, DNS, HTTP/S, VPNs, and firewalls. Experience with cloud platforms (AWS, Azure, GCP) and their security controls. Familiarity with scripting (Python, PowerShell) is a plus. Relevant certifications preferred: CEH, CompTIA Security+, CISSP, CISM , or equivalent. Preferred Qualities: Analytical mindset with attention to detail. Ability to work independently and in a team. Strong communication and documentation skills. Quick learner with a passion for cybersecurity and ongoing professional development.

We’re AtkinsRéalis, a world class Engineering Services and Nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. Created by the integration of long-standing organizations dating back to 1911, we are a world-leading professional services company dedicated to engineering a better future for our planet and its people. We deploy global capabilities locally to our clients and deliver unique end-to-end services across the whole life cycle of an asset including consulting, advisory & environmental services, intelligent networks & cybersecurity, design & engineering, procurement, project & construction management, operations & maintenance, decommissioning and capital. The breadth and depth of our capabilities are delivered to clients in key strategic sectors. News and information are available at www.atkinsrealis.com or follow us on LinkedIn. Our teams take great pride in delivering some of the world’s most prestigious projects. This success is driven by our talented people, whose diverse perspectives, expertise, and knowledge set us apart. Join us and you'll be part of our genuinely collaborative environment, where everyone is supported to make the most of their talents and expertise. When it comes to work-life balance, AtkinsRéalis is a great place to be. So, let's discuss how our flexible and remote working policies can support your priorities. We're passionate about are work while valuing each other equally. So, ask us about some of our recent pledges for Women's Equality and being a 'Disability Confident' and 'Inclusive Employer’. Background Job Description: This position sits within the Security Support Services Team, part of the IT Security function. The Security Support Services Team is a multi-disciplinary team to support the different products and services provided by the Security function. Job Details The Security Support Services Engineer position is a hands-on role providing a broad range of support services across the Security product set. Working within the team, you will provide support through proactive monitoring of our services, responding to alerts received via our monitoring systems, resolving incidents assigned to our queues, implementing customer requests, delivering on projects tasks, threat hunting and investigations, cloud management and system configuration. This role would suit an individual who is looking to gain experience within a 3rd line support environment and a career in Security. We are looking for someone who has experience troubleshooting issues within a large organisation. The successful candidate will be dynamic, inquisitive, analytical and be able to come up with smart solutions. We are looking for a real problem solver. Key Deliverables/Responsibilities Management and completion of catalogue requests and project tasks assigned to the team. Responding to incidents, including root cause analysis for a “Fix Once” approach. Monitoring and triage of security related alerts and events from different monitoring systems. Security and account investigations, routing out the true root causes. Collaboration with the broader Security team, other IT functions and OEM / vendors, for problem resolution and knowledge sharing. Perform Ad hoc tasks from the Security Practices; Security Architecture, Security Architecture, Connectivity and Endpoint, Identity and Access Management. Identify and make recommendations on improvements to security processes. Adhere to ITIL best practice procedure in relation to all aspects of change and configuration management. Essential Experience Required: Proactive work attitude, ability to work independently while still acting as part of a team. Problem solving, a desire to maintain a “Fix Once” approach. Experience with designing and writing troubleshooting guides, playbooks, knowledge base articles for support teams. Proven analytical and creative problem-solving abilities. Great communicator, ability to convey technical information in a non-technical way. Capable of providing support and training to upskill team members and support teams. Desirable Understanding of enterprise IT. Advanced Excel skillset and familiarity of manipulating data sets. Scripting with PowerShell. Automating administration-based tasks. Knowledge of monitoring & reporting based systems, ideally SCOM / SOC Tools. Experience of triaging security events in a SIEM and identifying / analysing phishing emails Networking fundamentals and troubleshooting. Familiarity with: Phishing, Cofense, Cloud Platforms (Azure), Zscaler, Varonis, Vulnerability Management, the concept of Zero Trust, Privilege Access Management, Multi-Factor Authentication, Elastic Security, and Active Directory. Behavioural Competencies Desire to broaden knowledge in Security technologies and practices. Focus on customer satisfaction. Strong analytical and investigative skills. Proven experience of delivering process efficiencies and improvements. Clear and fluent English (both verbal and written). Ability to build and maintain efficient working relationships with remote teams. Demonstrate ability to take ownership of and accountability for relevant products and services. Ability to plan, prioritise and complete your own work, whilst remaining a team player. Willingness to engage with and work in other technologies. What We Can Offer You Varied, interesting and meaningful work. A hybrid working environment with flexibility and great opportunities. Opportunities for training and, as the team grows, career progression or sideways moves. An opportunity to work within a large global multi-disciplinary consultancy on a mission to change the ways we approach business as usual. Why work for AtkinsRéalis? We at AtkinsRéalis are committed to developing its people both personally and professionally. Our colleagues have the advantage of access to a high ranging training portfolio and development activities designed to help make the best of individual’s abilities and talents. We also actively support staff in achieving corporate membership of relevant institutions. Meeting Your Needs To help you get the most out of life in and outside of work, we offer employees ‘Total Reward’. Making sure you're supported is important to us. So, if you identify as having a disability, tell us ahead of your interview, and we’ll discuss any adjustments you might need. Additional Information We are an equal opportunity, drug-free employer committed to promoting a diverse and inclusive community - a place where we can all be ourselves, thrive and develop. To help embed inclusion for all, from day one, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee networks to support staff from different backgrounds. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability. We care about your privacy and are committed to protecting your privacy. Please consult our Privacy Notice on our Careers site to know more about how we collect, use and transfer your Personal Data. Link: Equality, diversity & inclusion | Atkins India (atkinsrealis.com)

Job Title: L1 SOC Analyst – LogRhythm SIEM Location: Mumbai, India Employment Type: Full-Time | Onsite About the Role: We are seeking a proactive and dedicated L1 SOC Analyst to join our Security Operations Center in Mumbai. The analyst will be the first line of defense, responsible for monitoring, triaging, and escalating security alerts using LogRhythm SIEM. This is an excellent opportunity for candidates looking to build a strong career in cybersecurity operations. Key Responsibilities: • Monitor security events and alerts through LogRhythm SIEM console • Perform initial analysis, classification, and triage of security incidents • Escalate genuine security incidents to L2 SOC team following defined procedures • Maintain incident logs, documentation, and shift handover reports • Support incident investigations by collecting relevant logs and evidence • Monitor health of SIEM log sources and report issues proactively • Follow SOC playbooks and response procedures with high attention to detail • Participate in shift-based operations (24x7 rotational shifts) Key Skills & Competencies: • 0.6 to 2 years of experience in SOC or cybersecurity monitoring role • Hands-on exposure to LogRhythm SIEM • Knowledge of security event types, log analysis, and basic networking concepts • Understanding of common security threats, malware, phishing, brute force, etc. • Good communication skills — both written and verbal • Ability to work effectively under pressure and as part of a team Preferred Qualifications: • Bachelor’s Degree in Information Security, Computer Science, or related field • LogRhythm Certifications– optional but desirable • Security certifications like CompTIA Security+, CEH – an added advantage

Tower Research Capital is a leading quantitative trading firm founded in 1998. Tower has built its business on a high-performance platform and independent trading teams. We have a 25+ year track record of innovation and a reputation for discovering unique market opportunities. Tower is home to some of the world’s best systematic trading and engineering talent. We empower portfolio managers to build their teams and strategies independently while providing the economies of scale that come from a large, global organization. Engineers thrive at Tower while developing electronic trading infrastructure at a world class level. Our engineers solve challenging problems in the realms of low-latency programming, FPGA technology, hardware acceleration and machine learning. Our ongoing investment in top engineering talent and technology ensures our platform remains unmatched in terms of functionality, scalability and performance. At Tower, every employee plays a role in our success. Our Business Support teams are essential to building and maintaining the platform that powers everything we do — combining market access, data, compute, and research infrastructure with risk management, compliance, and a full suite of business services. Our Business Support teams enable our trading and engineering teams to perform at their best. At Tower, employees will find a stimulating, results-oriented environment where highly intelligent and motivated colleagues inspire each other to reach their greatest potential. As part of the Global Cybersecurity team, individual(s) will work to continually improve the security posture and service by monitoring, identifying and correcting security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST – 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities Monitoring alerts for potential security incidents and requests for information. This includes, but not limited to monitoring of real-time channels, tools, dashboards, periodic reports, chat sessions, and tickets. Following incident-specific procedures to perform basic triage of said potential security incidents to determine their nature and priority and eliminate obvious false positives and process requests for information. Investigate and validate alerts to determine scope, impact, and root cause using available telemetry and threat intelligence. Escalate confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. Coordinating with stakeholders with supporting third party security service providers to triage alerts, events or incidents. Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. Write detection content, correlation rules, and queries in SIEM platforms to improve threat detection capabilities. Contribute to incident response playbooks, runbooks, and process improvements. Participate in threat hunting activities, adversary emulation exercises, and purple teaming efforts. Maintain accurate and detailed documentation of investigations, incidents, and actions in ticketing systems. Stay informed of current threat landscape, attacker tactics (MITRE ATT&CK), and vulnerabilities relevant to Tower’s environment. Interfacing with a variety of customers/users in a polite, positive, and professional manner. Requirements Bachelor’s Degree in Computer Science / Information Security / Information Technology 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. Proven track record and experience of the following in a highly complex and global organization: Performing triage of potential security incidents Experience with the technologies including, but not limited to SIEM, EDR/NDR/XDR, Web proxies, Vulnerability assessment tool,IDS/IPS, Network/Host based firewalls, data leakage prevention (DLP). Solid understanding of: Linux OS, Windows OS and MAC OS TCP/IP, DNS, HTTP/HTTPS, and other common network protocols Malware behavior and attacker techniques (MITRE ATT&CK) Common attack vectors including phishing, malware, lateral movement, data exfiltration Early shift to provide round the clock support along with alternating weekend shift Soft Skills & Work Traits Strong analytical, investigative, and troubleshooting skills. Effective written and verbal communication skills; able to translate complex security issues into actionable guidance. Organized, detail-oriented, and capable of managing multiple priorities under pressure. Passionate about security, continuous learning, and operational excellence. Comfortable working in a rotating shift model including weekend support as needed. A strong desire to understand the what / why / how of security incidents. Benefits: Tower’s headquarters are in the historic Equitable Building, right in the heart of NYC’s Financial District and our impact is global, with over a dozen offices around the world. At Tower, we believe work should be both challenging and enjoyable. That is why we foster a culture where smart, driven people thrive – without the egos. Our open concept workplace, casual dress code, and well-stocked kitchens reflect the value we place on a friendly, collaborative environment where everyone is respected, and great ideas win. Our benefits include: Generous paid time off policies Savings plans and other financial wellness tools available in each region Hybrid working opportunities Free breakfast, lunch and snacks daily In-office wellness experiences and reimbursement for select wellness expenses (e.g., gym, personal training and more) Volunteer opportunities and charitable giving Social events, happy hours, treats and celebrations throughout the year Workshops and continuous learning opportunities At Tower, you’ll find a collaborative and welcoming culture, a diverse team and a workplace that values both performance and enjoyment. No unnecessary hierarchy. No ego. Just great people doing great work – together. Tower Research Capital is an equal opportunity employer.

Job Summary: We are seeking an experienced and highly skilled IT Security Lead to spearhead our cybersecurity initiatives, with a primary focus on managing and optimizing our Sophos perimeter security and Trend Micro endpoint and email security platforms, while also ensuring the continuous adherence to and improvement of our ISO 27001 Information Security Management System (ISMS). The ideal candidate will be a hands-on technical expert, a proactive problem-solver, a strong leader, and a meticulous practitioner of security best practices and compliance. Key Responsibilities: Information Security Management System (ISMS) & ISO 27001 Compliance: Lead the ongoing maintenance, operation, and continuous improvement of the organization's ISO 27001 certified Information Security Management System (ISMS). Develop, review, and update information security policies, procedures, and guidelines in alignment with ISO 27001 requirements. Conduct internal audits and facilitate external audits related to ISO 27001, ensuring all non-conformities are addressed and resolved efficiently. Manage the information security risk assessment and treatment process, identifying, analyzing, and mitigating risks in accordance with the ISMS. Oversee the implementation and effectiveness of ISO 27001 Annex A controls across the IT environment. Promote a security-aware culture through regular training and awareness programs for all employees, aligned with ISO 27001 principles. Maintain accurate and complete documentation for all ISMS processes, controls, and records. Sophos Perimeter Security Management: Administer, configure, and optimize Sophos Firewall/UTM devices (e.g., Sophos XG Firewall, Sophos Central Firewall Management), including rule sets, policies, SDWAN,VPNs (IPsec, SSL VPN), and network segmentation. Implement and manage advanced threat protection features such as Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), Sandboxing, Web Filtering, and Application Control within the Sophos ecosystem. Monitor and analyze network security events, logs, and alerts from Sophos platforms to identify and respond to threats effectively. Perform regular health checks, performance tuning, and firmware upgrades for Sophos perimeter devices. Trend Micro Endpoint & Email Security Management: Administer, deploy, and manage Trend Micro endpoint protection platforms (e.g., Apex One, Vision One Endpoint Security) across all organizational endpoints (desktops, laptops, servers). Configure and fine-tune endpoint security policies, including antivirus, anti-malware, ransomware protection, device control, data loss prevention (DLP), and vulnerability protection/virtual patching. Manage and monitor Trend Micro Email Security solutions (e.g., Cloud App Security, Hosted Email Security) to protect against advanced threats like phishing, spam, business email compromise (BEC), and malware. Oversee the centralized management, reporting, and incident response for Trend Micro products. Ensure timely security updates and signature deployments for all Trend Micro agents. Incident Response & Threat Management: Lead security incident response efforts, from initial detection and analysis to containment, eradication, recovery, and post-incident review, leveraging insights from Sophos and Trend Micro. Conduct proactive threat hunting and forensic analysis using security tools and threat intelligence. Analyze security alerts, logs, and vulnerability reports to identify potential breaches, anomalous activities, and emerging threats. Develop and refine security incident response plans and escalation procedures, integrating them with the ISMS. Security Operations & Best Practices: Identify security gaps, perform comprehensive threat and risk assessments, and propose effective mitigating measures. Oversee vulnerability management activities, including regular scanning, assessment, and remediation of identified vulnerabilities. Collaborate with IT infrastructure and application teams to ensure security is integrated into all stages of the system development lifecycle (SDLC) and IT operations. Stay abreast of the latest cybersecurity threats, vulnerabilities, technologies, and regulatory changes. Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of progressive experience in IT Security, with at least 2+ years in a lead or senior role. Demonstrable expert-level knowledge and hands-on experience with: Sophos Perimeter Security solutions: Sophos Firewall/UTM (XG Firewall, SG UTM), including extensive experience with IPS/IDS, ATP, Web Filtering, SDWN, VPNs, and Sophos Central management. Trend Micro Endpoint Security: Trend Micro Apex One, Deep Security, or similar endpoint protection platforms, covering advanced threat protection, device control, DLP, and centralized management. Trend Micro Email Security: In-depth experience with Trend Micro Email Security solutions for inbound/outbound email protection, including anti-spam, anti-phishing, and advanced malware detection. Proven experience in implementing, maintaining, and auditing an Information Security Management System (ISMS) in accordance with ISO 27001 standards. Strong understanding of network protocols (TCP/IP, HTTP/S, DNS), routing, switching, and common network security concepts. Proficiency in security risk management frameworks and methodologies. Experience with Security Information and Event Management (SIEM) platforms. Excellent analytical, problem-solving, and organizational skills. Strong written and verbal communication skills, with the ability to articulate complex security concepts and ISO 27001 requirements to technical and non-technical audiences. Proactive, independent, resourceful, and capable of working effectively in a team environment and leading security initiatives. Preferred Certifications (one or more highly desirable): ISO 27001 Lead Implementer (highly preferred) ISO 27001 Lead Auditor CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) Sophos Certified Engineer/Architect Trend Micro Certified Professional CompTIA Security+ CEH (Certified Ethical Hacker) About the company: SAEL Group has emerged with a bold vision of establishing world-class renewable assets spanning the solar and biomass sectors, with a steadfast commitment to ensuring stable profitability. We are utilizing agricultural waste as fuel to produce renewable power round the clock. We have the largest capacity of waste-to-energy generation. Already making strides in the renewable energy space, we aim to escalate our renewable capacity to 5 GW within the next 4-5 years by adding 100MW of new biomass and 600MW of new solar capacity annually. This ambitious endeavor aligns with the Government of India's vision to achieve 500 GW capacity from renewable energy sources by 2030. The SAEL Group is set to embark on a journey that combines organic and inorganic strategies, leveraging marquee investors and partners to realize our vision. At the forefront of this effort is SAEL Industries, the pivotal entity responsible for raising growth capital across various business segments. In addition to its overarching role, SAEL Industries is actively involved in Engineering, Procurement, and Construction (EPC) for the Group's upcoming renewable projects. Furthermore, it takes charge of the Operation and Maintenance (O&M) activities for both existing commissioned projects and those on the horizon. Through a comprehensive approach, SAEL Group is poised to make significant contributions to the Government's renewable energy targets, exemplifying our commitment to sustainable and impactful growth.

Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements). Perform detailed analysis of threats and security events, using sound analytical skills, knowledge, and experience, with a clear narrative to support conclusions. Maintain records of security events investigated, detailed notes of security incident resolution, and incident response activities, utilizing ticketing systems. Make situational incident response recommendations based on best practice security policies that address the clients business need. Research and stay up to date with current security vulnerabilities, attacks, threat actors, security advisories and the MITRE Attack Framework. Manage, maintain, and monitor security alerting systems from remote communications sites to ensure company compliance. Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues. Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network. Open, track and close trouble tickets. Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes. Interface with client through email, phone calls, and meetings or Aspire field personnel to mitigate security incidents. Assist with the preparation of SOC reports, research papers, and blog posts. Investigate and provide technical analysis of various security incidents and possible compromise of systems. Works as Tier I/L1 support and will work directly with Tier II/L2 and TIER III/L3 and NOC Engineers for issue resolution. Provide direct communication to affected users and companies on security incidents and maintenance activities. Maintain customer technical information within defined documentation standards. Obtain/maintain technical/professional certifications applicable to position or as directed. Communicate with customers, peers, team, and managers regarding incident and change management. Provide emergency on-call support on a rotating schedule. Perform other duties as assigned. Technical Skills Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Nice-to-have skills Qualifications Bachelors degree in computer science, Information Technology, or a related field. Experience of 2 to 3 years relevant experience. 1+ year of professional work experience in cyber security field 1+ year of experience with Security Event / Alert Management, Incident Response, and Change Management Processes 1+ year of experience handling security events related to Malware Detection and Analysis, Indicators of Compromise (IOC), Email Phishing, Endpoint Detection and Response (EDR) Knowledge of Runbooks, Playbooks and following Standard Operating Procedures Possession of an Industry Certification (Security+, CySA+, Cisco Cyber-Ops Associate, NSE4, or similar) 1+ years of experience in Security Management. SIEM and Log Management (MS Sentinel , IBM QRadar ,Splunk, OSSIM, FortiSIEM, LogRhythm, etc.) Experience with Firewalls (Palo Alto Networks, Cisco Firepower Manager) Experience with Endpoint Security (Cisco Secure Endpoint, CrowdStrike Falcon, Carbon Black, Microsoft Advanced Threat Protection) Experience with Network Traffic Analytics (Cisco Stealthwatch Cloud, Darktrace) Experience with DNS Security (Cisco Umbrella, Forcepoint) 2+ years of experience with Ticket Management Tools (e.g., ConnectWise, ServiceNow)

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Team Lead – SOC Infrastructure Engineer in the bank’s security operations center (SOC), the individual will be responsible to oversee the implementation of all the underlying IT infrastructure necessary to send logs from all the log sources to the bank’s new SIEM platform. You will be responsible to ensure the upkeep of bank’s inventory to reflect the correct status of which systems are reporting logs to the SIEM. You will be collaborating with the designated bank’s department to ensure alignment with RBI guidelines in the respective areas. Key Responsibilities Business Understanding : Responsible to ensure connectivity from all the bank’s IT systems and applications (whether on cloud or on-prem) to the bank’s SIEM platform. Collaborate : Work with the respective peers in the bank’s technology group to ingest logs from newly introduced systems and log sources. Vendor Management : Working with the vendors to ensure resolution of issues limiting the sharing of the logs. Qualifications & Skills Educational Qualification : Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with experience in hosting interactions with the bank’s technology team to resolve any underlying connectivity issues limiting the logs from being sent to the SIEM platform. Certifications : CCNP, CCNA Security, Any Cloud security certifications (AWS, GCP, Azure, OCI) and/or any Microsoft or VMware or RHEL certifications. Compliance : Stay up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture and creation of procedural documents necessary for the department. Technical Knowledge : Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, and cloud technology will be required including the capability to design new solutions. Synergize with the Team : Ability to work collaboratively with different teams for closure of activities. About the Business Group ICICI Bank’s Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a SOC Analyst - Detection Engineering in the bank’s security operations center (SOC), the individual will be responsible to strengthen the creation and optimization of Analytical rules and alerts configured in the bank’s SIEM platform. You will be responsible to build analytical correlational rules in the bank’s SIEM platform covering network, systems and endpoints, cloud (SAAS, IAAS and PAAS) and applications (both COTS and internally developed). You will be responsible to provide expert guidance and support to the security operations team in the use of for threat hunting and incident investigation and analysing the detected incidents to identify lessons learned to improve response processes and make recommendations for enhancing security posture. You will be also responsible for developing and maintaining documentation for Analytical rules processes and procedures. Key Responsibilities Business Understanding : Accountable to ensure all security anomalous activities are detected by the bank’s SIEM platform and false positives are kept to a minimum. Collaborate : Verify the ingested logs and ensure log parsing to normalize the events. Implement a testing methodology to test the alerts configured and obtain sign off before releasing into production. Reporting : Stay Up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture. Qualifications & Skills Educational Qualification : Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with experience in cloud security with any of the following - Microsoft Azure, Google cloud, Ability to develop and implement security policies, procedures and best practices. Experience : At least 5 years of experience working as a SOC analysts responsible to create SIEM rules/alerts. Hands-on experience in creation of security alerts in any of the commonly used SIEM solutions is a must. Certifications : SIEM Certification from any of the leading SIEM OEMs – Splunk, Palo Alto, Securonix, LogRhythm, etc,. CEH or CISSP CCNA Security and/or any of the Cloud security certifications (AWS, GCP, Azure, OCI). Compliance : Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, cloud infrastructure along with Machine learning models used for detection of security alerts. Knowledge of various log types, event parsing and ingestion mechanisms across Systems, networks, cloud and commonly used applications in banks. Communication Skills : Excellent communication and interpersonal skills. Synergize with the Team : Working with the designated bank personnel to ensure alignment with RBI guidelines on detection of security alerts applicable to banks. Should have strong understanding of cybersecurity principles, threat detection and incident response. About the Business Group ICICI Bank’s Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Network Engineer in the bank’s security operations center (SOC), the individual will be responsible to oversee the implementation and maintenance of all the underlying IT Network infrastructure necessary to send logs from all the log sources to the bank’s new SIEM platform. You will be responsible to ensure that the bank’s new SIEM platform will be able to ingest logs from all the network devices such as routers, switchers, load balancers, WIFI access points, Proxy, etc. as well as security solutions such as NAC, IPS, WAF, etc. You will be responsible to ensure the upkeep of bank’s inventory to reflect the correct status of which systems are reporting logs to the SIEM. Key Responsibilities Business Understanding : Responsible to ensure connectivity from all the bank’s IT systems and applications (whether on cloud or on-prem) to the bank’s SIEM platform. General upkeep of the SIEM platform’s health and availability. Collaborate : Work with the vendor and local technology departments to troubleshoot any connectivity issues restricting the sharing of logs from any of the log sources into the bank’s SIEM solution. Qualifications & Skills Educational Qualification : Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications : a)CCNA, CCNP Security, ITIL b)Any Cloud security certifications (AWS, GCP, Azure, OCI) c)Certificate of administration of any of the commonly used firewalls (Checkpoint, Juniper, Cisco, etc.) Compliance : Knowledge of cloud security best practices and compliance requirements. Understanding of ITIL processes such as change management, Incident management is necessary. Strong understanding of cybersecurity principles will be required. Synergize with the Team : Background of working in an IT or cyber security department of a bank or working extensively with the Cyber security team in working on cyber security platforms/tools will be an added advantage. Experience : Overall 8 + Years of experience in IT Security with a comprehensive knowledge of network architecture, Network security and security solutions used by an enterprise Security Operations Center. Hands-on experience with monitoring, network diagnostic and network analytics tools Technical Skills : Deep understanding of networking technologies of routing, switching, wireless, as well as cloud models (SAAS, PAAS, IAAS). Understanding of ITIL processes such as change management, Problem management, Incident management is necessary. About the Business Group ICICI Bank’s Technology Risk Management Group believes in providing services to its customers in the safest and secure manner keeping in mind that data protection and secure Technology for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is at the heart of building a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. The Bank also undertakes campaigns to create awareness among customers on security aspects while banking through digital channels.

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Responsibilities Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat intelligence, Phishing email analysis for MFs, Raising incidents in Pastebin inte Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers. Ability to Triage and assignment Incident Handling. Ability to Follow Playbooks instructions- Incident Response Playbooks Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance) Understand and imbibe current SOC process Perform quality assessment on SOC operations being performed as per existing process Record and deviations identified into tracking tool(s)/spreadsheets Perform follow-ups with respective error owners to mitigate process deviations Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed. Perform RCA into observed errors / trends and generate recommendations for process improvement Generate personnel specific recommendations for performance enhancement Contribute in overseeing quality assessment process for multiple SOC verticals In-line alignment with SOC operations for quick-detection / prevention of process deviations Support as QA touchpoint in critical cyber incidents to enhance quality of service Assessment of investigation report with assertions, evidences and recommended actions Communicate effectively and collaborate with teams in different geographie Qualifications BE/B.Tech/Post-Grad/ Graduate or Postgraduate in any other discipline 0-2 years of relevant experience. Candidates should be okay to work in rotational shifts. Good to have - Certifications - CSA (Certified SoC Analyst), CISM and CCSP, Certifications from Microsoft Azure Suite Candidates having SOC experience would be preferred Well versed in Microsoft productivity tools such as Word, PowerPoint and Excel An understanding of concepts of analytics and should be able to generate trends, drill downs, and various graphical representations Windows / Azure / AWS infrastructure knowledge will have added advantage Experience in Windows security tools like Defender for office, Defender for identity, Sentinel and other Microsoft security tools will have added advantage Excellent written and oral communication skills Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Introduction In this role, you will work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. A career in IBM Consulting embraces long-term relationships and close collaboration with clients across the globe. You will collaborate with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio, including IBM Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you will be supported by mentors and coaches who will encourage you to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground-breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and learning opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Preferred Education Master's Degree Required Technical And Professional Expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred Technical And Professional Experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. The candidate would be expected to work in diverse risk consulting engagements and are willing to travel to Middle East countries for project execution atleast 60% of their time. The candidate are expected to have experience / knowledge with respect to the following: Experience with infrastructure penetration testing and vulnerability assessments Good knowledge of OWASP and Secure SDLC standards Should have performed web/mobile/API penetration testing. Good knowledge of encryption technologies & MiTM attacks Experience in performing security code reviews and log analysis. Knowledge of Linux administration, TCP/IP, DNS, Network protocols and OSI model Good understanding of MITRE ATT&CK framework and how to leverage it. Good understanding of AD administration, different authentication mechanisms, trust boundaries etc. Experience in performing security configuration reviews for OS, Databases, Network & Security devices, applications etc. Should have good understanding of the cloud services (AWS, Azure and GCP), its architecture, potential attack vectors and mitigation plans Should have good understanding of the Container services, Kubernetes auditing and LLM security Experience in performing architecture design review for network and applications Experience in performing CS audits/maturity assessments against relevant standards like SAMA CSF, NCA, NIST, NESA, Qatar Cybersecurity Framework etc. Support in conducting technical reviews as part of IT/CS audits Should hold atleast 1 of the certifications or its equivalent : OSCP, GPEN, OSWE, OSWP, CRTP, LPT, ECSA, ISO27001, CEH Hands on experience will security testing tools/frameworks like Burp Suite, Nessus, Qualys etc. Hands on experience with programming using Python/Perl/PowerShell/C# Hands on experience with setting-up phishing and performing social engineering assessments Experience with AV/NAC evasion, obfuscation, bypass windows ASR/device guard, network security controls, emails gateway filtering etc. Experience with Active directory assessments Experience with different stages of cyber kill chain Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events Analysis of the patches released by the vendors Good in report writing and convey the observations to the top management in layman’s language emphasizing on the business risks. Experience with mentoring junior resources or managing stakeholders/client Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise Skills Network Vulnerability Scanning and Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Web service/API Security Assessment, Secure Code review, AD Security Assessments, Social Engineering Assessments, Configuration Audit (Automated and Manual), Wireless Penetration Testing, Threat Modelling Qualification required-MCA/BTech /BSc ( Comp Science/Electronics and communication, or equivalent) Qualification preferred- Minimum 4+ years of IT/cyber risk consulting & penetration testing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Information Date Opened 07/18/2025 Job Type Full time City Saidapet State/Province Tamil Nadu Country India Zip/Postal Code 600096 Industry Technology Job Description Job Title: Cybersecurity Consultant Job Summary: The Cybersecurity Consultant is responsible for evaluating and strengthening the organization's cybersecurity posture across systems, networks, and user environments. This role involves conducting detailed audits, delivering threat intelligence and analysis, and developing incident response improvement plans. The consultant ensures that all cybersecurity practices align with national regulations and industry standards, helping the organization mitigate risks and maintain robust digital resilience. Key Responsibilities: Cybersecurity Audits & Assessments: Perform in-depth audits of IT systems, network infrastructure, and user access controls. Identify vulnerabilities, misconfigurations, and compliance gaps. Provide actionable recommendations to enhance security posture. Threat Analysis & Intelligence: Monitor and analyze emerging cyber threats and attack vectors. Conduct forensic investigations and root cause analysis of security incidents. Develop threat models and risk assessments to inform security strategies. Incident Response & Recovery Planning: Design and implement incident response frameworks and playbooks. Collaborate with internal teams to improve detection, containment, and recovery capabilities. Conduct post-incident reviews and update response protocols accordingly. Compliance & Regulatory Alignment: Ensure cybersecurity practices comply with national regulations and standards (e.g., NIST, ISO 27001, GDPR). Prepare documentation and reports for audits and regulatory reviews. Support certification and accreditation processes. Security Architecture & Best Practices: Advise on secure system and network architecture design. Promote adoption of best practices in identity management, encryption, and endpoint protection. Support implementation of Zero Trust and other modern security models. Training & Awareness: Conduct cybersecurity awareness sessions for employees and stakeholders. Develop training materials and simulate phishing or breach scenarios. Foster a culture of security across the organization. Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or related field. Professional certifications such as CISSP, CISM, CEH, or equivalent. Proven experience in cybersecurity consulting, threat analysis, and incident response. Strong understanding of security frameworks, regulatory requirements, and risk management Excellent analytical, communication, and problem-solving skills. 8-12 years of relevant experience in IT Requirements We request the provision of the following resources on a priority basis for an upcoming engagement. These consultants are expected to operate independently as Subject Matter Experts (SMEs) within their respective domains, demonstrating proficiency across multiple technologies. The assignment will be on-site and is expected to extend for more than 12 months. The client will provide all the necessary logistical support required for the on-site deployment. We are looking forward to your confirmation and your support in mobilising these resources. City within KSA - Job will be based in Jeddah, but the resources need to go Makkah and Madina as and when needed

Job Description Job Title: Cyber Security Expert Location: Noida Department: IT Operations Job Summary: Security Expert will manage the planning, implementation, and continuous enhancement of Avaada's cybersecurity program, including the establishment of a Security Operations Centre (SOC), modernization of tools and controls, policy upgrades, and alignment with global standards like ISO 27001:2022 and NIST. The role encompasses end-to-end responsibility across cybersecurity operations, strategictooling, governance, cloud, OT/ICS, and compliance. Key Responsibilities: Security Operations Centre (SOC) Setup & Management Design, plan, and manage the Security Operation Centre (SOC) aligned with business needs. Define log sources, event flows, SIEM integration points, and threat intelligence feeds. Develop operational playbooks, escalation workflows, shift schedules, and knowledge base documents. Implement SOC KPIs (MTTD, MTTR, False Positive Rates, etc.) and periodic SOC effectiveness reviews. Coordinate with IT, network, and cloud teams for 24/7 monitoring enablement. Perform ongoing tuning of correlation rules, alerts, and response procedures. Support audits by ensuring SOC processes are documented and control evidence is maintained. Cybersecurity Operations Management Manage threat detection, incident response, vulnerability remediation, and endpoint protection. Oversee daily security alerts, logs, and forensic investigations using existing platforms. Track zero-day threats, malware trends, and APT behavior impacting the renewable energy sector. Coordinate triage of cyber incidents and manage incident response teams during escalations. Manage KPIs for threat detection, incident closure, and endpoint compliance across locations. Security Strategy, Roadmap & Modernization Prepare and maintain Avaada’s Cybersecurity Roadmap with quarterly, half yearly and annual goals. Identify security gaps, outdated tools, or manual processes for modernization or automation. Benchmark current posture against global security trends, risks, and industry best practices. Coordinate with leadership for board-level reporting and long-term security investment planning. Ensure alignment of the roadmap with IT initiatives, OT expansion, and cloud-first transformation. Infrastructure, Cloud & Identity Security Ensure infrastructure and cloud services follow secure-by-design principles. Implement and monitor identity and access controls across cloud infrastructure and internal tools. Review firewall policies, VPN configurations, and segmentation zones for security gaps. Collaborate with cloud architects to align workloads with CIS Benchmarks and cloudnative controls. Enforce identity lifecycle management and privileged access workflows. OT/ICS & Plant Cybersecurity Manage cyber risk assessments for OT environments, SCADA systems, and substations. Oversee segmentation between IT and OT networks (e.g., firewalls, DMZ, whitelisting). Coordinate security hardening and asset inventory for field-level equipment. Implement monitoring tools for critical energy infrastructure events and access. Ensure physical security controls integrate with cybersecurity systems where feasible. Plan cybersecurity drills and simulations for plant-level scenarios. Awareness & Cyber Hygiene Conduct ongoing cybersecurity training, phishing simulations, and e-learning modules. Regularly update content based on real-world threats and incidents. Track and report user participation, risk scores, and improvement areas. Promote a security-first culture across employees, vendors, and partner ecosystems. Run executive awareness sessions to foster top-down risk ownership. Qualifications & Skills: Bachelor's/Master’s degree in IT, Computer Science, or a related field. 10+ years of experience in Cyber Security with At least 5 years in a cybersecurity leadership or specialist role, managing teams, SOC operations, or enterprise-wide security programs. Certifications : Either 2 or more of the following o CISSP o CISM o CEH o CCSP Strong understanding of o Enterprise security architecture and secure network design o Security tools (SIEM, XDR, SOAR, UEBA, PAM) o Cloud Security Experience with Cloud security OT/ICS/SCADA cybersecurity (preferred in energy/renewable sector) is a plus Proven experience in o Managing cybersecurity frameworks (ISO/IEC 27001, NIST CSF, CIS) o Threat detection and response (SOC, SIEM, SOAR) o Endpoint, cloud, and application security controls Excellent problem-solving, communication, and leadership skills. Job Snapshot Updated Date 19-07-2025 Job ID AvaadaJob1015 Department Information Technology Location Noida 62, Noida, Uttar Pradesh, India Experience 7 - 15 Years Employee Type Permanent

Surat, Gujarat Work Type: Full Time About Company: Casepoint provides full eDiscovery capabilities through a powerful, secure, cloud-based platform. We are repeatedly chosen by leading law firms and multinational corporations for their largest matters. On an upward trajectory for almost a decade, Casepoint is looking to expand its team globally. Team cooperation, “work hard, play hard” attitude, open communication, and kindness mark Casepoint’s culture. Number of positions currently vacant: 01 Position Summary: We are seeking an experienced Security Lead with demonstrated expertise across both Blue Team (defensive operations, detection, and response) and Red Team (offensive security, penetration testing, and adversary simulation) domains. This leadership role will design, implement, and manage comprehensive security strategies to enhance our organization's cyber resilience, proactively identify vulnerabilities, and ensure regulatory compliance. Key job responsibilities: Leadership & Strategic Planning Develop and execute security strategies aligning with business goals. Lead a multidisciplinary team of security analysts and engineers across Blue Team and Red Team functions. Establish metrics-driven frameworks to assess, mature, and report security posture to executive leadership and stakeholders. Blue Team – Defensive Operations Oversee Security Operations Center (SOC) activities, including SIEM/SOAR tuning, advanced threat detection, and incident response playbook development. Perform continuous monitoring, threat hunting, and vulnerability management to proactively mitigate risks. Lead forensic investigations, root cause analysis, and recovery processes post-incident to strengthen organizational defenses. Red Team – Offensive Operations Plan and execute adversary emulation exercises, penetration tests, and social engineering campaigns to evaluate real-world security gaps. Develop and maintain custom tools and scripts to simulate evolving threat actor TTPs (MITRE ATT&CK framework). Provide actionable remediation recommendations and collaborate with Blue Team to enhance detection and response capabilities based on Red Team findings. Innovation & Continuous Improvement Drive adoption of advanced security solutions including AI/ML-based threat detection, EDR/XDR optimization, and blockchain for data integrity where applicable. Evaluate and implement emerging security technologies to maintain a proactive security posture against APTs and evolving attack vectors. Required skills & experience Education: Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or related field. Certifications (preferred but not mandatory) Offensive Security: OSCP, OSCE, OSEP, CRTO, or equivalent Defensive Security: GCIA, GCED, GCIH, or equivalent Leadership & Strategy: CISSP, CISM, CCSP Experience Minimum 4 years of progressive experience in cybersecurity with at least 1 year in a leadership or technical lead role. Proven track record in managing Blue Team operations (SOC, SIEM, IR) and conducting Red Team assessments (external/internal pentests, phishing campaigns, adversary emulation). Deep understanding of threat intelligence, MITRE ATT&CK, cyber kill chain, and Purple Team methodologies. Desired Skills Expert in EDR, SIEM (Splunk, Elastic, Graylog), SOAR, and vulnerability management tools. Strong scripting skills (Python, PowerShell, Bash) for automation and tool development. Familiarity with container and cloud security (Kubernetes, Docker, AWS/Azure security services). Excellent communication and stakeholder management abilities, including executive reporting. Compensation & culture: Excellent culture produces an excellent product. We value our team members, so we provide a nurturing environment of camaraderie. We recognize talent with competitive compensation and career empowerment. Location: Surat, India

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Lead Information Security Resiliency and Vulnerability Assessment & Penetration Testing Manager, you will be responsible for defining the scope for annual Vulnerability Assessment & Penetration Testing (VAPT) activity and handling end-to-end third party VAPT assessment activity. The selected applicant, would be accountable for managing organizations cyber resiliency and for implementing cyber resilience goals. Key Responsibilities Business Understanding: Understanding/Knowledge of information security domains, risks, mitigation and overall management. Experience and knowledge of servers, networks, security devices etc. Collaborate: Interaction with various stakeholders/teams on daily basis. Ability to communicate effectively with Heads of various teams. Proactively coordinating with different teams for tracking and closure of open observations and escalating when necessary. Vendor Management: Facilitating the vendor with requirements for carrying out the VAPT assessment. Vendor selection, evaluation and finalization for the annual Vulnerability Assessment & Penetration Testing (VAPT) activity. Candidate should review the draft reports shared by vendors and suggest if any changes required, Validation of final reports. Timely communication of final reports to relevant stakeholders. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications: ISO27001, CISSP, CISM Compliance: Candidate should validate the security controls deployed across DC, DR, NDR and COLO environment and prepare the quarterly resiliency report to share with senior management. Synergize with Team: Ability to work collaboratively with different teams for closure of activities. Strong analytical and problem-solving skills. Experience in the banking domain will add an advantage. Strong understanding and hands-on experience of VAPT activity and Information Security resiliency. Communication skills: Excellent communication and interpersonal skills. About the Business Group ICICI Bank’s Technology Risk Management Group believes in providing services to its customers in the safest and secure manner keeping in mind that data protection and secure Technology for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is at the heart of building a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. The Bank also undertakes campaigns to create awareness among customers on security aspects while banking through digital channels.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the Role At ICICI Bank, Information Security Group believes in providing services to its customers in the safest and most secure manner keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. Our support application team performs application vulnerability assessments and document vulnerabilities which were found and provides recommendations for remediation according to BFSI guidelines and industry best practices. As an Application Security Manager, you will provide guidance to the application team on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. You will work along with cross functional business teams to get closure of identified gaps and utilize escalation matrix effectively wherever necessary. You will conduct application security assessment results review and mitigation approval. You will keep abreast of new technologies to ensure that the organization remains at the forefront of security. Key Responsibilities: Support and Testing: Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets with security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc. Analysis: Perform in-depth analysis of VAPT results, Review assessment reports to provide risk mitigation & recommendations on that basis. Collaboration: Collaborate with the application team and provide them guidance on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with relevant experience. Certifications: OSCP Compliance: Knowledge of cyber security trends & hacking techniques, MITRE ATT&CK framework with hacker mindset. Network Security: Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Key Technologies: Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance, Knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends. About the Business Group ICICI Bank’s Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

Job Description Job Title: Cyber Security Expert Location: Noida Department: IT Operations Job Summary: Security Expert will manage the planning, implementation, and continuous enhancement of Avaada's cybersecurity program, including the establishment of a Security Operations Centre (SOC), modernization of tools and controls, policy upgrades, and alignment with global standards like ISO 27001:2022 and NIST. The role encompasses end-to-end responsibility across cybersecurity operations, strategictooling, governance, cloud, OT/ICS, and compliance. Key Responsibilities: Security Operations Centre (SOC) Setup & Management Design, plan, and manage the Security Operation Centre (SOC) aligned with business needs. Define log sources, event flows, SIEM integration points, and threat intelligence feeds. Develop operational playbooks, escalation workflows, shift schedules, and knowledge base documents. Implement SOC KPIs (MTTD, MTTR, False Positive Rates, etc.) and periodic SOC effectiveness reviews. Coordinate with IT, network, and cloud teams for 24/7 monitoring enablement. Perform ongoing tuning of correlation rules, alerts, and response procedures. Support audits by ensuring SOC processes are documented and control evidence is maintained. Cybersecurity Operations Management Manage threat detection, incident response, vulnerability remediation, and endpoint protection. Oversee daily security alerts, logs, and forensic investigations using existing platforms. Track zero-day threats, malware trends, and APT behavior impacting the renewable energy sector. Coordinate triage of cyber incidents and manage incident response teams during escalations. Manage KPIs for threat detection, incident closure, and endpoint compliance across locations. Security Strategy, Roadmap & Modernization Prepare and maintain Avaada’s Cybersecurity Roadmap with quarterly, half yearly and annual goals. Identify security gaps, outdated tools, or manual processes for modernization or automation. Benchmark current posture against global security trends, risks, and industry best practices. Coordinate with leadership for board-level reporting and long-term security investment planning. Ensure alignment of the roadmap with IT initiatives, OT expansion, and cloud-first transformation. Infrastructure, Cloud & Identity Security Ensure infrastructure and cloud services follow secure-by-design principles. Implement and monitor identity and access controls across cloud infrastructure and internal tools. Review firewall policies, VPN configurations, and segmentation zones for security gaps. Collaborate with cloud architects to align workloads with CIS Benchmarks and cloudnative controls. Enforce identity lifecycle management and privileged access workflows. OT/ICS & Plant Cybersecurity Manage cyber risk assessments for OT environments, SCADA systems, and substations. Oversee segmentation between IT and OT networks (e.g., firewalls, DMZ, whitelisting). Coordinate security hardening and asset inventory for field-level equipment. Implement monitoring tools for critical energy infrastructure events and access. Ensure physical security controls integrate with cybersecurity systems where feasible. Plan cybersecurity drills and simulations for plant-level scenarios. Awareness & Cyber Hygiene Conduct ongoing cybersecurity training, phishing simulations, and e-learning modules. Regularly update content based on real-world threats and incidents. Track and report user participation, risk scores, and improvement areas. Promote a security-first culture across employees, vendors, and partner ecosystems. Run executive awareness sessions to foster top-down risk ownership. Qualifications & Skills: Bachelor's/Master’s degree in IT, Computer Science, or a related field. 10+ years of experience in Cyber Security with At least 5 years in a cybersecurity leadership or specialist role, managing teams, SOC operations, or enterprise-wide security programs. Certifications : Either 2 or more of the following o CISSP o CISM o CEH o CCSP Strong understanding of o Enterprise security architecture and secure network design o Security tools (SIEM, XDR, SOAR, UEBA, PAM) o Cloud Security Experience with Cloud security OT/ICS/SCADA cybersecurity (preferred in energy/renewable sector) is a plus Proven experience in o Managing cybersecurity frameworks (ISO/IEC 27001, NIST CSF, CIS) o Threat detection and response (SOC, SIEM, SOAR) o Endpoint, cloud, and application security controls Excellent problem-solving, communication, and leadership skills. Job Snapshot Updated Date 19-07-2025 Job ID AvaadaJob1015 Department Information Technology Location Noida 62, Noida, Uttar Pradesh, India Experience 7 - 15 Years Employee Type Permanent

You are invited to join our Information Security team as a 1st Line Security Engineer in the role of Network Associate. This entry-level position offers an excellent opportunity for individuals who are enthusiastic about commencing their career in cybersecurity. As a Network Associate, your primary responsibility will be to serve as the initial point of contact for security alerts and incidents. You will be tasked with monitoring our systems, identifying potential threats, and promptly escalating issues to senior engineers when necessary. To support your professional development in a dynamic and rapidly evolving security environment, we are committed to providing comprehensive training and mentorship. Your main duties will involve monitoring security tools and dashboards, such as SIEM, endpoint protection, and firewalls, to detect any suspicious activities. You will be responsible for conducting initial triage and analysis of security alerts, documenting incidents accurately, and maintaining organized records in the ticketing system. Additionally, you will assist in vulnerability scanning, follow-ups on patch management, participate in user awareness campaigns and phishing simulations, and contribute to compliance audits and documentation efforts. It is crucial to stay informed about the latest cyber threats and attack vectors to effectively fulfill your role. To qualify for this position, you should hold a Bachelor's degree in information security, Computer Science, or a related field, or possess equivalent experience. A basic understanding of networking principles (TCP/IP, firewalls, DNS) and operating systems (Windows/Linux) is essential. Familiarity with common cybersecurity tools and concepts, such as antivirus, phishing, malware, ransomware, and SIEM, is advantageous. Strong communication skills, problem-solving abilities, and a willingness to work in shifts or participate in on-call rotations, if necessary, are key attributes we are looking for in potential candidates. While not mandatory, having certifications like CompTIA Security+, CEH, or equivalents would be beneficial. Hands-on experience with tools like Splunk, CrowdStrike, Microsoft Defender, Wireshark, or previous involvement in cybersecurity-related internships or academic projects focused on incident response are considered as preferred qualifications for this role. Join us in this exciting opportunity to kickstart your cybersecurity career and make a meaningful impact in the field of Information Security.,

We are looking for an experienced and highly motivated Senior Information Security Consultant I to join our cybersecurity team. The ideal candidate will bring deep expertise in Phishing Threat Mitigation, Email Security, Microsoft Defender, and Security Operations (SOC & SIEM). Responsibilities You will play a key role in protecting our organization against evolving email-based threats and ensuring robust incident response Responsibilities : Lead and manage the organization's email security infrastructure, including configuration, monitoring, and optimization of tools like Microsoft Defender and other email security platforms. Design, implement, and manage phishing threat detection and mitigation strategies. Investigate and respond to phishing incidents, coordinate with relevant stakeholders for containment and remediation. Monitor and analyze email threat intelligence feeds and proactively adjust policies and controls. Integrate email security with SIEM platforms for centralized monitoring and incident detection. Provide subject matter expertise in SOC operations, guiding junior analysts on phishing-related escalations. Ensure adherence to email authentication protocols (e.g., SPF, DKIM, DMARC). Maintain detailed documentation of configurations, response procedures, and incident handling processes. Collaborate with internal teams to improve cybersecurity awareness and training, especially around email threats. Contribute to security audits, risk assessments, and regulatory compliance efforts. Key Skills & Technologies Deep knowledge of phishing techniques, email threat vectors, and Expertise in Microsoft Defender for Office 365, and similar tools (e.g., Proofpoint, Mimecast, Barracuda). Hands-on experience with SIEM platforms such as Splunk, QRadar, or Microsoft Sentinel. Familiarity with email security protocols : SPF, DKIM, DMARC. Experience working in or with a Security Operations Center (SOC). Strong scripting and automation skills (PowerShell preferred) for security tool integration and response. Sound knowledge of security frameworks (NIST, ISO 27001, etc.) and incident management : Bachelor's degree in Cybersecurity, Computer Science, or a related field. Relevant certifications are a plus (e.g., CISSP, CEH, Microsoft SC-200, GIAC certifications) (ref:hirist.tech)

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. The candidate would be expected to work in diverse risk consulting engagements and are willing to travel to Middle East countries for project execution atleast 60% of their time. The candidate are expected to have experience / knowledge with respect to the following: Experience with infrastructure penetration testing and vulnerability assessments Good knowledge of OWASP and Secure SDLC standards Should have performed web/mobile/API penetration testing. Good knowledge of encryption technologies & MiTM attacks Experience in performing security code reviews and log analysis. Knowledge of Linux administration, TCP/IP, DNS, Network protocols and OSI model Good understanding of MITRE ATT&CK framework and how to leverage it. Good understanding of AD administration, different authentication mechanisms, trust boundaries etc. Experience in performing security configuration reviews for OS, Databases, Network & Security devices, applications etc. Should have good understanding of the cloud services (AWS, Azure and GCP), its architecture, potential attack vectors and mitigation plans Should have good understanding of the Container services, Kubernetes auditing and LLM security Experience in performing architecture design review for network and applications Experience in performing CS audits/maturity assessments against relevant standards like SAMA CSF, NCA, NIST, NESA, Qatar Cybersecurity Framework etc. Support in conducting technical reviews as part of IT/CS audits Should hold atleast 1 of the certifications or its equivalent : OSCP, GPEN, OSWE, OSWP, CRTP, LPT, ECSA, ISO27001, CEH Hands on experience will security testing tools/frameworks like Burp Suite, Nessus, Qualys etc. Hands on experience with programming using Python/Perl/PowerShell/C# Hands on experience with setting-up phishing and performing social engineering assessments Experience with AV/NAC evasion, obfuscation, bypass windows ASR/device guard, network security controls, emails gateway filtering etc. Experience with Active directory assessments Experience with different stages of cyber kill chain Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events Analysis of the patches released by the vendors Good in report writing and convey the observations to the top management in layman’s language emphasizing on the business risks. Experience with mentoring junior resources or managing stakeholders/client Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise Skills Network Vulnerability Scanning and Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Web service/API Security Assessment, Secure Code review, AD Security Assessments, Social Engineering Assessments, Configuration Audit (Automated and Manual), Wireless Penetration Testing, Threat Modelling Qualification required-MCA/BTech /BSc ( Comp Science/Electronics and communication, or equivalent) Qualification preferred- Minimum 4+ years of IT/cyber risk consulting & penetration testing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. The candidate would be expected to work in diverse risk consulting engagements and are willing to travel to Middle East countries for project execution atleast 60% of their time. The candidate are expected to have experience / knowledge with respect to the following: Experience with infrastructure penetration testing and vulnerability assessments Good knowledge of OWASP and Secure SDLC standards Should have performed web/mobile/API penetration testing. Good knowledge of encryption technologies & MiTM attacks Experience in performing security code reviews and log analysis. Knowledge of Linux administration, TCP/IP, DNS, Network protocols and OSI model Good understanding of MITRE ATT&CK framework and how to leverage it. Good understanding of AD administration, different authentication mechanisms, trust boundaries etc. Experience in performing security configuration reviews for OS, Databases, Network & Security devices, applications etc. Should have good understanding of the cloud services (AWS, Azure and GCP), its architecture, potential attack vectors and mitigation plans Should have good understanding of the Container services, Kubernetes auditing and LLM security Experience in performing architecture design review for network and applications Experience in performing CS audits/maturity assessments against relevant standards like SAMA CSF, NCA, NIST, NESA, Qatar Cybersecurity Framework etc. Support in conducting technical reviews as part of IT/CS audits Should hold atleast 1 of the certifications or its equivalent : OSCP, GPEN, OSWE, OSWP, CRTP, LPT, ECSA, ISO27001, CEH Hands on experience will security testing tools/frameworks like Burp Suite, Nessus, Qualys etc. Hands on experience with programming using Python/Perl/PowerShell/C# Hands on experience with setting-up phishing and performing social engineering assessments Experience with AV/NAC evasion, obfuscation, bypass windows ASR/device guard, network security controls, emails gateway filtering etc. Experience with Active directory assessments Experience with different stages of cyber kill chain Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events Analysis of the patches released by the vendors Good in report writing and convey the observations to the top management in layman’s language emphasizing on the business risks. Experience with mentoring junior resources or managing stakeholders/client Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise Skills Network Vulnerability Scanning and Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Web service/API Security Assessment, Secure Code review, AD Security Assessments, Social Engineering Assessments, Configuration Audit (Automated and Manual), Wireless Penetration Testing, Threat Modelling Qualification required-MCA/BTech /BSc ( Comp Science/Electronics and communication, or equivalent) Qualification preferred- Minimum 4+ years of IT/cyber risk consulting & penetration testing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.