4 Procedures Ttps Jobs

Commvault is the gold standard in cyber resilience, empowering customers to uncover, take action, and rapidly recover from cyberattacks to keep data safe and businesses resilient. With over 25 years of experience, more than 100,000 organizations rely on Commvault's unique AI-powered platform for data protection, data security, data intelligence, and fast recovery across any workload or cloud at the lowest TCO. We are currently looking for a Senior Security Operations Analyst in Bangalore, India. As part of this role, you will play a key role in providing situational awareness through the detection, containment, and remediation of Information Security threats. Your responsibilities will include Security Monitoring, Incident Response (IR), Threat Hunting, and Threat Intelligence capabilities. Key Responsibilities: - Follow and maintain Incident Response procedures - Lead or support technical efforts during critical incidents - Ensure effective utilization of Security Operations tools, identify process gaps, and implement new solutions - Drive the gathering of forensics and evidence - Work hands-on with the team to resolve incidents - Stay updated on industry trends and the evolving threat landscape - Develop and maintain relationships with IT and product teams to protect critical systems and processes - Communicate with stakeholders to keep them informed on Security Operations matters - Contribute to the development and management of information security monitoring tools and control activities for on-prem and cloud-based infrastructure Requirements: - Experience in creating queries and alerts in a SIEM - Graduate degree in Engineering - Experience with Windows/Linux/Mac OS forensics - Experience with Cloud Security (Azure, AWS, GCP) - Experience in working with NDR/EDR solutions on an enterprise level - Familiarity with IoCs, IoAs, ATT&CK TTPs - Strong interpersonal skills and communication abilities - Broad knowledge of the security spectrum with specialization in areas such as log analysis, malware analysis, memory analysis, or forensics - CISSP, GIAC certifications or equivalent (CEH, OSCP) - Minimum 5 to 7 years of experience in information security - Minimum 3 to 5 years of experience in security operations and incident response - SaaS or Security experience is highly preferred Commvault is committed to making the interview process inclusive and accessible to all candidates. If you require accommodation, please reach out to accommodations@commvault.com. To prioritize your security, please be aware of email and text scams falsely claiming to be from the Commvault HR team. If you suspect you have been targeted by a scam, please contact wwrecruitingteam@commvault.com.,

The position available at Novamesh Ltd (TATA Communications Ltd) in Jaipur is for an L2/L3 Threat Hunter/TIP Admin. As a Threat Hunter, your primary responsibility will be to conduct threat-hunting activities to identify security threats, including zero-day threats. You must possess strong skills in network forensic analysis, packet capture, and reconstruction, along with knowledge of Threat Intelligence Platform (TIP), Anti APT, and EDR. To excel in this role, you should be certified in any threat hunting certification or its equivalent. Your duties will include hunting for security threats, identifying threat actor groups and their techniques, and understanding the APT lifecycle, tactics, techniques, and procedures (TTPs). Familiarity with the MITRE ATT&CK framework and mapping threats to techniques is essential. You will provide expert analytic investigative support to L1 and L2 analysts for complex security incidents and analyze security incidents to enhance rules, reports, and AI/ML models. Proficiency in malware behavior analysis, sandboxing, and the analysis of various security logs and sensors is crucial for this role. Additionally, you will be responsible for incident response for identified threats and proactively identifying potential threat vectors to enhance prevention and detection methods. Hands-on experience with Trellix (formerly McAfee) APT solutions, EDR, and Threat Intelligence, along with familiarity with security monitoring tools like SIEM, SOAR, and Threat Intelligence Platforms (TIPs), is required. The ideal candidate should hold a degree in B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology and have a minimum of 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification in CSA/CEH would be an added advantage.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

As an L3 SOC Analyst at CyberProof, a UST Company, you will be a key member of our Security Operations Group, dedicated to helping enterprises react faster and smarter to security threats. With 5 to 7 years of experience under your belt, you will play a crucial role in maintaining secure digital ecosystems through automation, threat detection, and rapid incident response. Your must-have skills include expertise with SIEM vendors such as QRadar, Sentinel, and Splunk, incident response capabilities, and a strong understanding of attack patterns, Tools, Techniques, and Procedures (TTPs). You are experienced in writing procedures, runbooks, and playbooks, possess strong analytical and problem-solving skills, and have hands-on experience with system logs, network traffic analysis, and security tools. Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) is essential for this role. Additionally, good-to-have skills involve experience in setting up SIEM solutions, troubleshooting connectivity issues, familiarity with security frameworks and best practices, and the ability to collaborate effectively with IT and security teams. Your responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting in-depth investigations to assess impact and understand the extent of compromise, analyzing attack patterns, and providing recommendations for security improvements. You will be responsible for proactive threat hunting, log analysis, providing guidance on risk mitigation, improving security hygiene, identifying gaps in security processes, and suggesting enhancements. Ensuring end-to-end management of security incidents, documenting incident response processes, defining future outcomes, participating in discussions, meetings, and briefings, as well as training team members on security tools and incident resolution procedures are also part of your role.,