885 Qradar Jobs

Job requisition ID :: 86003 Date: Jul 31, 2025 Location: Hyderabad Designation: Deputy Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile We are looking for an experienced Security Operations L3 Engineer to provide advanced-level support in monitoring, detecting, and responding to cybersecurity incidents. The L3 engineer will act as a senior escalation point, performing detailed threat analysis, handling complex incidents, and providing guidance to junior SOC team members. The ideal candidate will have deep expertise in incident response, threat hunting, and security monitoring tools, along with the ability to lead investigations and contribute to process improvements. Key Responsibilities: Incident Response (IR): Lead investigations and respond to advanced security incidents, providing root cause analysis, containment, eradication, and recovery recommendations. Threat Hunting: Proactively hunt for and analyze potential threats within the organization’s environment using SIEM tools, EDR, and threat intelligence feeds. Triage & Escalation: Act as the final escalation point for unresolved security incidents, assisting L1 and L2 teams with incident analysis and decision-making. Security Monitoring: Continuously monitor security tools (SIEM, EDR, IDS/IPS, etc.) to identify malicious activities, patterns, and anomalies. Forensic Analysis: Perform digital forensics and malware analysis on compromised systems to identify the nature of attacks and minimize future risks. SIEM Management: Tune and enhance SIEM rules, alerts, and dashboards to optimize detection capabilities and reduce false positives. Threat Intelligence Integration: Integrate and apply threat intelligence data to enrich detection capabilities and provide context to ongoing threats and incidents. Vulnerability Management: Collaborate with IT and security teams to assess and address vulnerabilities, ensuring timely patching and remediation. Process Improvement: Contribute to the development of incident response playbooks, procedures, and best practices to streamline SOC operations and improve response times. Mentorship & Training: Provide guidance and mentorship to L1 and L2 SOC analysts, conducting regular training sessions to enhance team capabilities. Reporting & Documentation: Produce detailed reports and metrics on incidents, threat activity, and overall SOC performance for both technical and executive audiences. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in security operations, with at least 2 years in an L3 or senior-level role. Strong hands-on experience in security monitoring, incident response, and threat hunting. Proficiency with SIEM tools (QRadar, Splunk, ArcSight, etc.), EDR solutions, and other security monitoring tools. Expertise in network security, malware analysis, intrusion detection, and digital forensics. Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response. Preferred Certifications: CISSP, CISM, GCIH, GCFA, or other relevant cybersecurity certifications. Certification in specific SIEM platforms (e.g., IBM QRadar, Splunk). How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 86001 Date: Jul 31, 2025 Location: Hyderabad Designation: Deputy Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Deputy Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Roles & Responsibilities : Actively assess network and endpoint events to detect anomalous activity and develop mitigation strategies to prevent cyber threats. Proactively detect, isolate, and neutralize advanced threats that evade existing security solutions by utilizing existing resources and security solutions/tools Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure Conduct threat hunting scenarios basis behavior analysis, cyber threat intelligence, and hypothesis driven approach Perform regular hunts post analyzing TTPs adopted by popular threat actor groups Remain updated about latest threats, attack vectors and use the knowledge to develop detection rule and hunt scenarios proactively under stringent timeline Should be able to maintain/develop sandbox-based solution to perform basic malware analysis Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams. Required Skillset: Strong understanding of cyber kill chain, MITRE ATT&CKframework Deep understanding of network protocols, operating systems, AD Security, DNS Security, and adversary tactics Must possess deep knowledge and understanding of Microsoft Event IDs required for designing various hunting queries especially process related events. Basic understanding of Query Logic used in various SIEMs (Splunk, Sentinel, QRadar) used for running hunt queries. Should be able to analyze network packets and log data from various devices Understanding of malware analysis Must be proficient in writing detailed threat reports How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Title: SOC L2 Analyst Location: Kochi, Kerala Department: Information Security / Cybersecurity Operations Employment Type: Full-time Job Summary We are seeking a skilled and proactive SOC Level 2 Analyst to join our Cybersecurity Operations team in Kochi. The ideal candidate will have a strong background in Threat Intelligence and Log Analysis , with the ability to detect, investigate, and respond to advanced security threats. You will work closely with L1 SOC Analysts, Incident Response, and Threat Hunting teams to ensure rapid detection and mitigation of security incidents. Key Responsibilities Monitor and analyze security events from SIEM platforms, IDS/IPS, firewalls, and other security tools. Perform detailed log analysis to identify indicators of compromise (IoCs) and suspicious activity. Utilize threat intelligence feeds to correlate, enrich, and prioritize alerts. Investigate escalated incidents from L1 SOC analysts, determine root cause, and recommend remediation. Conduct proactive threat hunting based on emerging threats and attacker tactics. Support incident response activities, including containment, eradication, and recovery. Maintain accurate documentation of incidents, investigations, and findings. Contribute to the continuous improvement of SOC processes and detection use cases. Collaborate with cross-functional security teams to strengthen the organization’s cyber defense posture. Key Skills & Requirements Technical Skills: Proficiency in Threat Intelligence analysis and application in SOC workflows. Expertise in Log Analysis and interpretation from multiple security devices and platforms. Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel). Familiarity with MITRE ATT&CK framework and common attacker techniques. Understanding of TCP/IP, network protocols, and cybersecurity fundamentals. Experience & Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 2–4 years of experience in a SOC environment, preferably as an L2 Analyst. Industry certifications such as CEH, GCIA, GCIH, Security+, CySA+ or equivalent are a plus. Soft Skills: Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced, 24/7 SOC environment. Excellent communication and documentation skills. Job Types: Full-time, Permanent Pay: Up to ₹700,000.00 per year Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): What is your current CTC in INR? What is your current notice period? What is your current company name and location? How many years of experience as Soc Analyst L2? Experience: minimum: 4 years (Required) Work Location: In person

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done. There’s another option. Freshworks. With a fresh vision for how the world works. At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world. Fresh vision. Real impact. Come build it with us. Job Description We are seeking an experienced and proactive Lead SOC Analyst to join our Security Operations Center team. The ideal candidate will bring deep expertise in SIEM and EDR technologies, strong incident analysis capabilities, and hands-on experience in automating incident response using SOAR platforms, particularly Palo Alto Cortex XSOAR. This role involves leading investigations, refining detection and response processes, and mentoring junior analysts. Key Responsibilities: Lead and manage security incident investigations, ensuring timely containment, eradication, and recovery. Administer and fine-tune SIEM (e.g., Splunk, QRadar, Sentinel) and EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black). Analyze and triage alerts from multiple sources, correlating events to detect threats and breaches. Design, develop, and maintain automated playbooks using Cortex XSOAR (Demisto) to streamline response workflows. Create and update runbooks, documentation, and reporting metrics for incident response activities. Provide technical guidance and mentorship to SOC analysts. Conduct regular threat hunting to proactively identify potential compromises. ​Recommend improvements in security posture based on incident patterns and root cause analysis.Qualif ications5-7 ye ars of hands-on experience in a Security Operations Center environment.1-2 ye ars of experience in Cortex XSOAR (or equivalent) playbook development and SOAR automation.Strong knowledge of SIEM and EDR platforms, their configuration, log ingestion, tuning, and administration.Profic iency in analyzing Windows/Linux/Mac/Cloud logs, network traffic, and endpoint telemetry.Solid understanding of attack vectors, malware behavior, threat actors, and MITRE ATT&CK framework.Experi ence with scripting languages (e.g., Python, Bash) for automation and enrichment tasks. Pref er red Qualifications:Certif ications such as GCIA, GCIH, CEH, CISSP, CySA+, or equivalent.Experi ence with threat hunting tools and methodologies.Knowle dge of cloud-native security monitoring (AWS, Azure, GCP). Soft S kills:Excell ent communication and documentation skills.Strong analytical thinking and problem-solving abilities.Abilit y to prioritize tasks under pressure and handle escalations effectively.Leader ship and mentoring capability in a fast-paced SOC environment. Addi ti onal InformationAt Fre shworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.

Job Title: SOC L2 Analyst Location: Kochi, Kerala Department: Information Security / Cybersecurity Operations Employment Type: Full-time Job Summary We are seeking a skilled and proactive SOC Level 2 Analyst to join our Cybersecurity Operations team in Kochi. The ideal candidate will have a strong background in Threat Intelligence and Log Analysis , with the ability to detect, investigate, and respond to advanced security threats. You will work closely with L1 SOC Analysts, Incident Response, and Threat Hunting teams to ensure rapid detection and mitigation of security incidents. Key Responsibilities Monitor and analyze security events from SIEM platforms, IDS/IPS, firewalls, and other security tools. Perform detailed log analysis to identify indicators of compromise (IoCs) and suspicious activity. Utilize threat intelligence feeds to correlate, enrich, and prioritize alerts. Investigate escalated incidents from L1 SOC analysts, determine root cause, and recommend remediation. Conduct proactive threat hunting based on emerging threats and attacker tactics. Support incident response activities, including containment, eradication, and recovery. Maintain accurate documentation of incidents, investigations, and findings. Contribute to the continuous improvement of SOC processes and detection use cases. Collaborate with cross-functional security teams to strengthen the organization’s cyber defense posture. Key Skills & Requirements Technical Skills: Proficiency in Threat Intelligence analysis and application in SOC workflows. Expertise in Log Analysis and interpretation from multiple security devices and platforms. Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel). Familiarity with MITRE ATT&CK framework and common attacker techniques. Understanding of TCP/IP, network protocols, and cybersecurity fundamentals. Experience & Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 2–4 years of experience in a SOC environment, preferably as an L2 Analyst. Industry certifications such as CEH, GCIA, GCIH, Security+, CySA+ or equivalent are a plus. Soft Skills: Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced, 24/7 SOC environment. Excellent communication and documentation skills. Job Types: Full-time, Permanent Pay: Up to ₹700,000.00 per year Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): What is your current CTC in INR? What is your current notice period? What is your current company name and location? How many years of experience as Soc Analyst L2? Experience: minimum: 4 years (Required) Work Location: In person

Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunk…etc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Micro…etc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organization’s way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the company’s Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years’ Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Senior SOC Analyst / Administrator Location: [Insert Location] – Willingness to work in a 24x7 rotational shift environment Industry: Information Technology | BFSI | Fintech Experience Required: 4 to 8 years in Security Operations Center (SOC) with strong SOC analysis and administration skills Job Summary: We are looking for an experienced and dedicated SOC Analyst/Admin to join our 24x7 Cyber Security Operations team. The ideal candidate will have deep expertise in SIEM platforms (preferably ArcSight and IBM QRadar), strong analytical capabilities in threat detection and incident response, and a solid background in cyber defense operations. Key Responsibilities: Administer, maintain, and troubleshoot SIEM solutions (ArcSight, IBM QRadar). Perform real-time security monitoring and incident response across enterprise-wide environments. Analyze and investigate security alerts from tools including IDPS, SIEM, antivirus, EDR, UBA, and proxy systems. Build and enhance detection use cases, perform false-positive tuning, and implement threat-hunting initiatives. Actively support and manage Data Loss Prevention (DLP), Threat Intelligence, and Vulnerability Management activities. Participate in and enhance the full incident response lifecycle: detection, triage, containment, eradication, and recovery. Draft high-quality incident reports for high-severity events and contribute to root cause analysis. Develop and maintain SOPs, IR runbooks, and SOAR playbooks. Collaborate with internal teams and third-party vendors to resolve complex issues. Ensure high availability and performance of SOC infrastructure. Respond to Service Requests (SRs), Change Requests (CRs), and daily operations queries. Lead or support projects related to security tooling, automation, and process improvements. Key Skills & Qualifications: 4–8 years of experience in a SOC environment with a blend of analysis and SIEM administration. Strong experience with SIEM tools such as ArcSight and IBM QRadar (configuration, tuning, maintenance). Deep understanding of cybersecurity concepts including threat detection, malware analysis, network security, and endpoint security. Familiarity with threat intelligence platforms, DLP systems, and vulnerability scanning tools. Strong understanding of TCP/IP, common protocols, and the MITRE ATT&CK framework. Excellent troubleshooting and analytical thinking abilities. Strong documentation and communication skills. Preferred Certifications (Added Advantage): CEH (Certified Ethical Hacker) CTIA (Certified Threat Intelligence Analyst) CISM (Certified Information Security Manager) CCNA (Cisco Certified Network Associate) CND (Certified Network Defender) Work Environment: 24x7 shift-based work; must be open to working in night and weekend shifts as part of a rotating schedule. Fast-paced, highly collaborative security operations environment. Why Join Us? Work with cutting-edge cybersecurity technologies Engage in real-time threat defense and mitigation Opportunity to grow within a dynamic SOC team with continuous learning Let me know if you’d like a version customized for a particular company brand or formatted for a PDF/LinkedIn job post.

Job requisition ID :: 86660 Date: Jul 31, 2025 Location: Delhi Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As a Consultant in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Monitor and analyze security alerts from SIEM tools (e.g., Splunk, QRadar, Sentinel). Perform initial triage , prioritization , and escalation of security incidents. Identify false positives and escalate legitimate threats to L2. Maintain incident tracking and documentation using ticketing systems. Ensure compliance with SOC runbooks and standard operating procedures . Perform in-depth investigation of escalated security incidents and alerts. Conduct root cause analysis , correlate logs across sources, and identify the threat actor's behavior . Lead incident response activities and provide recommendations for containment and remediation. Develop and tune use cases , detection rules , and correlation logic in SIEM platforms. Work closely with other teams for threat containment and post-incident reporting . Mentor L1 analysts and support their technical development. Skills & Qualifications: Bachelor’s degree in Computer Science, IT, Cybersecurity, or equivalent. 5+ years of experience in SOC operations (L1 or L2 level). Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Familiarity with EDR tools (e.g., CrowdStrike, MS Defender, Carbon Black). Knowledge of MITRE ATT&CK , Cyber Kill Chain , and incident response lifecycle . Strong understanding of network protocols , Windows/Linux OS logs , and threat vectors . Good analytical, communication, and documentation skills. Relevant certifications like CEH, CompTIA Security+, Splunk Core Certified , etc., are preferred. Your role as Leader We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s). Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

You will be responsible for leading advanced threat detection and response activities within the organization. Your main tasks will include developing and optimizing SIEM use cases, correlation rules, and dashboards. Additionally, you will investigate and respond to escalated incidents from L2 analysts and perform root cause analysis for complex incidents to provide actionable insights. You will also lead threat hunting exercises to identify advanced persistent threats (APTs) and configure and maintain SIEM platforms to ensure optimal performance and scalability. In this role, you will be expected to integrate new log sources and ensure proper parsing and normalization. Collaboration with SOC management to define and enhance incident management workflows will be essential. You will also conduct training sessions and mentor L1/L2 analysts while staying updated with emerging threats, vulnerabilities, and industry best practices. The ideal candidate will possess expertise in SIEM tools such as Splunk, Sentinel, and QRadar, along with experience in SIEM administration, deployment, and configuration. Familiarity with Arcsight Admin is considered a plus. Strong knowledge of threat detection, correlation rules, and dashboards is required, as well as the ability to lead incident response and threat hunting activities. An understanding of security frameworks and best practices is crucial, and preferred certifications include GCIH and CISSP. To qualify for this position, you should hold a Bachelor's Degree in a related field. Relevant certifications such as GIAC Certified Incident Handler (GCIH) or Certified Information Systems Security Professional (CISSP) are preferred.,

Job Title: Senior Digital Workplace (DWP) Engineer Location: Noida, NCR Reporting To: Lead Digital Workplace Engineer (Germany) Employment Type: Full-time Job Summary We are looking for a Senior Digital Workplace Engineer based in Noida to play a pivotal role in delivering world-class end-user IT support and driving operational excellence across collaboration tools, endpoint management, and onboarding workflows. This remote role requires close collaboration with the Germany-based lead and participation in global service delivery. You will act as both a senior engineer and operational coordinator for the offshore team, ensuring SLA compliance, knowledge management, and user satisfaction. Key Responsibilities Act as the offshore lead for Digital Workplace services, coordinating with the onsite Senior DWP Engineer in Germany Provide advanced support for Microsoft 365 (Teams, Outlook, SharePoint), Azure AD, Intune, and endpoint devices (Windows, Mac, iOS) Oversee onboarding and offboarding processes, ensuring timely device provisioning, access setup, and policy compliance Drive resolution of complex incidents and service requests logged in Jira Service Management (JSM) Administer Intune and MDM policies to enforce device compliance, patching, and security controls Monitor ticket queues, escalate as required, and ensure accurate SLA tracking and reporting Support deskside teams virtually by advising on issue resolution, especially for hardware or local network issues Maintain and continuously improve SOPs and knowledge base content in Confluence Analyze support trends and recommend improvements to enhance efficiency and first-contact resolution Participate in service review meetings, governance reporting, and CSI initiatives with global stakeholders Strong Technical Expertise in: Microsoft 365 suite (Teams, SharePoint, Outlook) Azure Active Directory (MFA, Conditional Access, RBAC) Microsoft Intune and Mobile Device Management (MDM) Required Skills & Experience: 57 years of experience in IT support or Digital Workplace engineering, with 2 years in a senior or lead role Experience with Jira Service Management and Confluence (or similar tools) Proven ability to coordinate support operations remotely and collaborate with global teams Excellent problem-solving, documentation, and communication skills Familiarity with ITIL processes including incident, request, access, and knowledge management Fluent in English; able to work in Central European Time zone overlap Preferred Qualifications ITIL v3/v4 Foundation certification Exposure to AI/automation in IT support (e.g., virtual agents, ticket deflection) Familiarity with endpoint security monitoring tools and compliance protocols (e.g., QRadar, Splunk) Experience supporting hybrid workforces in global enterprises

Job Title: Presales Consultant Job Location: Mumbai (Thane / Andheri) Job Purpose: We are looking for a motivated Presales Consultant to support the sales and solutioning efforts across our cybersecurity service lines — including Assessment, GRC, MDR, CES, and MSSP offerings. This individual will assist in crafting tailored solutions, preparing responses to client requirements (RFPs/RFIs), conducting demos, and supporting technical engagements. The role requires a solid foundation in cybersecurity frameworks and technologies, a consultative mindset, and the ability to work collaboratively with cross-functional teams. Roles & Responsibilities 1. Solution Support & Technical Enablement Assist in understanding client requirements and support the design of relevant cybersecurity solutions. Participate in product demonstrations, technical presentations, and proof-of-concept (PoC) activities. Collaborate with technical teams to gather solution inputs, align service capabilities, and ensure delivery feasibility. 2. Proposal & Documentation Support Contribute to the preparation of RFP/RFI responses, technical proposals, and solution documents. Support the development of case studies, technical decks, and value propositions aligned to client needs. Maintain documentation repositories and templates for proposals and solution descriptions. 3. Sales Coordination & Client Engagement Work closely with the sales team to support opportunity scoping and technical positioning. Join client meetings to explain solution components and clarify technical queries. Support objection handling and help define the technical scope of engagements. 4. Research & Intelligence Conduct research on emerging technologies, industry trends, and competitor offerings. Contribute to internal knowledge bases and solution playbooks. Assist in identifying potential upsell and cross-sell opportunities during presales discussions. 5. Collaboration & CRM Updates Coordinate with internal teams (delivery, compliance, product, and marketing) for aligned solutioning. Ensure CRM tools (e.g., Zoho, Salesforce, HubSpot) are updated with relevant opportunity and proposal data. Track and report on proposal status, win/loss insights, and customer feedback. Skills / Knowledge Required: Understanding of cybersecurity frameworks like ISO 27001, NIST, SOC 2, etc. Familiarity with cybersecurity technologies — SIEM (Splunk, QRadar), EDR, IAM/PAM, firewalls, and cloud security (AWS, Azure, GCP). Proficiency in Microsoft Office (Word, PowerPoint, Excel); basic proposal formatting and content creation skills. Excellent written and verbal communication. Exposure to RFP/RFI processes and presales documentation preferred. Experience: 3+ years of experience in a Presales, solution engineering, or technical consulting role in IT or cybersecurity services.

A Security Lead is responsible for overseeing the development and implementation of security measures to protect an organization’s digital assets, infrastructure, data, and systems from cyber threats. They lead security strategy, manage risk, respond to incidents, and ensure regulatory compliance across IT operations. Certifications such as CISSP, CISM , CEH , CompTIA Security+ , or AWS/Azure Security are highly desirable Required Experience: 1. Minimum 5 years of relevant experience in cybersecurity , with at least 2–3 years in a leadership role 2. Proven experience in managing enterprise security for networks, applications, and cloud infrastructure Required Skills: 1. Strong knowledge of network security, application security, cloud security, and identity management 2. Hands-on experience with security tools like SIEM (e.g., Splunk, QRadar), firewalls, endpoint protection, vulnerability scanners, etc. 3. Understanding of encryption, threat modeling, penetration testing, and incident response 4. Familiarity with cloud security frameworks and DevSecOps practice Main responsibilities inter-alia include 1. Security Strategy & Governance: Define, implement, and maintain the organization’s cybersecurity policies, standards, and procedures; Develop and manage the organization’s overall security roadmap aligned with business goals; Lead risk assessments and security audits across systems and infrastructure 2. Threat Detection & Response : Monitor for threats, vulnerabilities, and incidents using SIEM and security tools ; Lead investigation and response to security incidents and breaches ; Coordinate incident response plans and disaster recovery exercises 3. Compliance & Risk Management: Ensure adherence to relevant security standards and regulations (e.g., ISO 27001, NIST, DPDP Act, GDPR); Identify security risks and define mitigation strategies; Work with auditors and regulatory bodies during security assessments 4. Technical Oversight: Manage firewall rules, IDS/IPS systems, endpoint protection, VPNs , and IAM solutions; Oversee secure configuration of cloud platforms (AWS, Azure, GCP); Review and approve architecture changes from a security standpoint 5. Collaboration & Leadership: Work closely with IT, DevOps, legal, and compliance teams; Lead and mentor a team of security analysts or engineers; Conduct training and awareness programs for employees on cybersecurity best practices Educational Qualification: 1. Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or related field

Security Operations Engineer II Hyderabad, Telangana, India Date posted Jul 29, 2025 Job number 1853495 Work site Microsoft on-site only Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Operations Engineering Employment type Full-Time Overview Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

JOB DESCRIPTION About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. QUALIFICATIONS Strong hands-on experience with one or more EDR platforms (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Sophos Intercept X, Trend Micro Apex One). Knowledge of MITRE ATT&CK framework and threat detection techniques. Familiarity with malware analysis, endpoint forensics, and log analysis. Experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) for correlation and alerting. Scripting knowledge (PowerShell, Python, Bash) for automation and custom detection. Understanding of endpoint operating systems (Windows, macOS, Linux) and their security internals. Familiarity with enterprise IT infrastructure, Active Directory, and networking basics. Experience with ticketing and incident management tools (e.g., ServiceNow, JIRA). Understanding of compliance standards Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Key Responsibilities Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired Qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications T&T - Cyber | Deputy Manager IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working : Base location: Mumbai/Navi Mumbai Professional is required to work from office Your role as Consultant/Sr Consultant. (ref:hirist.tech)

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Responsibilities Deploy, configure, monitor, and maintain EDR solutions (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Carbon Black, etc.). Monitor endpoint security alerts and respond to threats in real-time. Analyze EDR telemetry to detect suspicious behavior, malware, and advanced persistent threats (APTs). Investigate endpoint security incidents and support root cause analysis. Develop and maintain detection rules, playbooks, and automation scripts. Collaborate with SOC and incident response teams for coordinated threat mitigation. Conduct regular health checks, patching, and performance tuning of EDR agents. Generate and present technical reports, dashboards, and incident summaries. Provide guidance on endpoint security best practices to IT and end users. Support audits and compliance efforts by ensuring endpoint security controls are in place. Participate in cyber drills and contribute to continuous improvement of the incident response process. Qualifications Strong hands-on experience with one or more EDR platforms (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Sophos Intercept X, Trend Micro Apex One). Knowledge of MITRE ATT&CK framework and threat detection techniques. Familiarity with malware analysis, endpoint forensics, and log analysis. Experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) for correlation and alerting. Scripting knowledge (PowerShell, Python, Bash) for automation and custom detection. Understanding of endpoint operating systems (Windows, macOS, Linux) and their security internals. Familiarity with enterprise IT infrastructure, Active Directory, and networking basics. Experience with ticketing and incident management tools (e.g., ServiceNow, JIRA). Understanding of compliance standards Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

You will be joining a leading Indian telecom company operating in 18 countries and serving over 300 million customers and 1 million+ businesses. The company values a customer-first mindset and a user-centric approach. Your role will require you to be experienced in SIEM platforms such as QRadar, Splunk, and ArcSight, with knowledge of UEBA, NBAD, and SOAR. You should be skilled in incident management, network troubleshooting, and comfortable working in 24x7 SOC environments. Your responsibilities will include having a technical understanding and working knowledge of SIEM platforms, along with exposure to UEBA, NBA, NBAD, and SOAR. It is essential to have experience with industry-standard SIEM platforms like QRadar, Splunk, RSA, Seceon, Arcsight, etc. You will need to adhere to processes and procedures, possess general network knowledge, and be proficient in TCP/IP troubleshooting. Additionally, you should be able to trace down an endpoint on the network based on ticket information. Good customer communication skills are essential, along with working knowledge of SIEM incident management and providing customer updates. Experience in Managed SOC Services is a must, and you should be prepared to work across 24x7 shifts. Hands-on experience in SIEM platforms and the mentioned technologies is required for this role. It would be beneficial to have industry certifications on SIEM Platform, CCNA, CEH, MCSE, and others as preferred skills.,

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. What youll do: Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration What youll bring: Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH

Summary The Director DDIT ISC CSOC Automation Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about actively defending against the most sophisticated cyber threats and attacks. The Director DDIT ISC CSOC Automation Engineering is a seasoned leader who will lead a team of skilled SOAR engineers and manage tools to support the proactive detection, investigation, and mitigation of emerging and persistent threats that impact Novartis’ networks, systems, users, and applications. This role will involve coordination and communication with technical and non-technical teams, including security leadership and business stakeholders. As an experienced and skilled manager, this role will also involve coaching and mentoring talented Security Engineers with diverse backgrounds. About the Role MAJOR ACCOUNTABILITIES In addition to accountabilities listed above in Job Purpose: SOAR Manager Lead and manage a geographically distributed team of skilled SOAR Engineers, providing guidance and support while leveraging their diverse skill sets and personalities. Evaluate and review performance metrics and KPIs to ensure the SOAR team is meeting targets and delivering efficient and effective results. Take accountability for the team's performance in various areas, including, but not limited to: Manage SOAR platforms Support audit requests and reports Engage with product teams to address technical challenges Manage stakeholders' commitments Act as the primary point of contact for first-level escalations, addressing any issues or concerns that arise and ensuring timely resolution. Develop and maintain comprehensive documentation to facilitate knowledge sharing and ensure consistently achieving quality outcomes. Drive a culture of continuous improvement and innovation within the team, identifying opportunities to optimize processes and enhance efficiency. Serve as a subject matter expert in SOAR processes and play an active role in guiding the team and providing expertise whenever needed. Workflow Orchestration and Process Automation Define, design, evaluate, and improve business processes and playbooks integrating automation and orchestration. Integrate a variety of technology devices, applications, and datasets to support workflow orchestration and process automations. Gather requirements, plan, design, implement, and test automations with SOAR platform and surrounding technologies. Develop custom integrations to support CSOC workflow automation and orchestration. Develop and maintain effective documentation; including automation playbooks, processes, and other supporting operational material. Case Management and Analytics Interface with engineering teams to design, test, and implement case management with workflow orchestration and automation. Define, design, evaluate, and enhance case management features including front end interface, backend data model, and technology integrations to support measurable, effective, and streamlined CSOC activities. Scripting and Development Design, develop, and test scripts and other solutions to support CSOC mission and activities. Research and test new technologies and platforms; develop recommendations and improvement plans. Cooperating with stakeholders Management – Periodically report to management the current status of sources and use cases in the system. Operational stakeholders (CSOC analysts, Cyber Center) – Maintain a good understanding of stakeholders’ needs in regard to activities and requirements. Essential Requirements: University working and thinking level, degree in business/technical/scientific area or comparable education/experience. Desirable Requirements: Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred. Preferably one or more XSOAR, Phantom trainings/certifications. EXPERIENCE 6+ Years work experience. 4+ Years Python scripting or other similar coding experience. Experience with Python and Splunk. Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc). Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.). Experienced IT administration with broad and in-depth technical, analytical and conceptual skills. Experience in reporting to and communicating with senior level management (with and without IT background, with and without in depth risk management background) on incident response topics. Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences. Excellent understanding and knowledge of general IT infrastructure technology and systems. Proven experience to initiate and manage projects that will affect CSOC services and technologies. SKILLS/JOB RELATED KNOWLEDGE Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions. Understanding of configuration files and relationship between GUI configuration and backend configuration file impact. Experience with software development lifecycle and user acceptance testing. An understanding of error messages and logs displayed by various software. Ability to troubleshoot, diagnose and solve issues independently. Self-learner, ability to document learning as experience is gained. Understanding of network protocols and topologies. Strong technical troubleshooting and analytical skills. Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket). A knowledge of the MITRE ATT&CK framework is a beneficial. Ability to prioritise workload. Excellent written and spoken English. Calm and logical approach. NETWORKS High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Ability to handle competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions. CORE COMPETENCIES Leadership Establishes clear direction and sets stretch objectives. Aligns and energizes Associates behind common objectives. Champions the Novartis Values and Behaviors. Rewards/encourages the right behaviors and corrects others. Establishes clear directives and objectives. Communicates positive expectations for others on the team. Integrates and applies learning to achieve business goals. Customer/Quality Focus Assigns highest priority to customer satisfaction. Listens to customer and creates solutions for unmet customer needs. Established effective relationships with customers and gains their trust and respect. Defines quality standards to ensure customer satisfaction. Creates and supports world-class quality standards to ensure customer satisfaction. Fast, Action-Oriented Is action-oriented and full of energy to face challenging situations. Is decisive, seizes opportunities and ensures fast implementation. Strives for simplicity and clarity. Avoids 'bureaucracy'. Alerts others to potential risks and opportunities. Keeps organizational processes simple and efficient. Takes acceptable/calculated risks by adopting new or unknown directions. Results Driven Can be relied upon to succeed targets successfully. Does better than the competition. Pushes self and others for results. Anticipates potential barriers to achievement of shared goals. Pushes self and others to see new ways of achieving results (e.g., better business model). Uses feasibility and ROI analyses to ensure results. Keeps pace with new developments in the industry. Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards Division Operations Business Unit Universal Hierarchy Node Location India Site Hyderabad (Office) Company / Legal Entity IN10 (FCRS = IN010) Novartis Healthcare Private Limited Functional Area Technology Transformation Job Type Full time Employment Type Regular Shift Work No

Role & responsibilities Develop and manage client relationships with DRDO, ISRO, BEL, BDL, ECIL, HAL, and private defence firms. Identify and pursue new business opportunities, preparing proposals, tenders, RFI/RFP/EOI submissions. Conduct market research, track industry trends, and recommend strategic actions. Work with R&D teams to develop cutting-edge solutions aligned with industry demands. Optimize cash flow through milestone-based collections and proactive receivable management. Represent the company at exhibitions, conferences, and industry events. Ensure project execution aligns with business profitability goals Preferred candidate profile Bachelors/Master’s degree in Engineering (Electronics/Communication) or Business Management is a must. • 5 - 10 years of experience in Defence/Aerospace Sales, Business Development, or Key Account Management. • Strong business acumen, negotiation, and communication skills • Willingness to travel based on business needs, up to 50% of the time.

🔐 We're Hiring: Cyber Security Expert (4–5 Years Experience) 📍 Location : CS Soft Solutions Pvt. Ltd., I-18, Sector 101, IT City Rd, JLPL Industrial Area, Sahibzada Ajit Singh Nagar, Punjab – 160062 📧 Email: shivani-kanwar@cssoftsolutions.com At CS Soft Solutions, we're not just about building digital products—we’re about building trust in every digital interaction. We're expanding our cybersecurity division and are on the lookout for a Cyber Security Expert who’s ready to take ownership, drive strategic initiatives, and protect our clients across industries. 🚀 Key Responsibilities : Act as a trusted advisor to clients, assessing posture & identifying risks Conduct vulnerability assessments, penetration tests & risk analyses Design and implement tailored cybersecurity policies & frameworks Respond to incidents & coordinate response with internal and client teams Ensure compliance (GDPR, HIPAA, ISO 27001, NIST, SOC 2) Lead client workshops, trainings, and briefings Collaborate with DevOps, IT, and Engineering for secure solution design Engage directly with CXOs to understand needs & propose solutions Drive proposal creation, pre-sales, and client success Mentor and lead junior cybersecurity professionals ✅ Required Qualifications : Bachelor’s/Master’s in Cybersecurity, InfoSec, or related field 5+ years hands-on cybersecurity experience Expertise in threat detection, incident response, and network security Hands-on with SIEMs (Splunk, QRadar), Nessus, Qualys, Metasploit, etc. Cloud security exposure (AWS, Azure, GCP) Knowledge of compliance & frameworks (ISO 27001, NIST, SOC 2) Industry exposure: IT, BFSI, Healthcare, Manufacturing Certifications Preferred: CEH, CISSP, OSCP, CISM, ISO 27001 LA/LI 💡 Nice to Have : MSSP or cybersecurity consulting experience DevSecOps and secure SDLC familiarity Forensics or threat hunting background 🧠 Key Traits : Strategic mindset with strong business acumen Excellent communication & client-handling skills Ownership-driven, independent, and team-oriented 📩 If you're passionate about securing digital transformation journeys and thrive in a dynamic, high-growth environment—CS Soft wants you on board! #CyberSecurityJobs #HiringNow #CSSoftSolutions #InformationSecurity #CybersecurityExpert #MSSP #ISO27001 #SIEM #DevSecOps #CloudSecurity #CISSP #OSCP #JoinOurTeam

Job Title: Senior Digital Workplace (DWP) Engineer Location: Noida, NCR Reporting To: Lead Digital Workplace Engineer (Germany) Employment Type: Full-time Job Summary We are looking for a Senior Digital Workplace Engineer based in Noida to play a pivotal role in delivering world-class end-user IT support and driving operational excellence across collaboration tools, endpoint management, and onboarding workflows. This remote role requires close collaboration with the Germany-based lead and participation in global service delivery. You will act as both a senior engineer and operational coordinator for the offshore team, ensuring SLA compliance, knowledge management, and user satisfaction. Key Responsibilities: Act as the offshore lead for Digital Workplace services, coordinating with the onsite Senior DWP Engineer in Germany Provide advanced support for Microsoft 365 (Teams, Outlook, SharePoint), Azure AD, Intune, and endpoint devices (Windows, Mac, iOS) Oversee onboarding and offboarding processes, ensuring timely device provisioning, access setup, and policy compliance Drive resolution of complex incidents and service requests logged in Jira Service Management (JSM) Administer Intune and MDM policies to enforce device compliance, patching, and security controls Monitor ticket queues, escalate as required, and ensure accurate SLA tracking and reporting Support deskside teams virtually by advising on issue resolution, especially for hardware or local network issues Maintain and continuously improve SOPs and knowledge base content in Confluence Analyze support trends and recommend improvements to enhance efficiency and first-contact resolution Participate in service review meetings, governance reporting, and CSI initiatives with global stakeholders Strong technical expertise in: Microsoft 365 suite (Teams, SharePoint, Outlook) Azure Active Directory (MFA, Conditional Access, RBAC) Microsoft Intune and Mobile Device Management (MDM) Required Skills & Experience: 5–7 years of experience in IT support or Digital Workplace engineering, with 2+ years in a senior or lead role Experience with Jira Service Management and Confluence (or similar tools) Proven ability to coordinate support operations remotely and collaborate with global teams Excellent problem-solving, documentation, and communication skills Familiarity with ITIL processes including incident, request, access, and knowledge management Fluent in English; able to work in Central European Time zone overlap Preferred Qualifications ITIL v3/v4 Foundation certification Exposure to AI/automation in IT support (e.g., virtual agents, ticket deflection) Familiarity with endpoint security monitoring tools and compliance protocols (e.g., QRadar, Splunk) Experience supporting hybrid workforces in global enterprises Send us your resume at: careers@algoworks.com

What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organizations security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications: Experience:6-8 years in cybersecurity, with a focus on SOC operations and incident response. Environment:Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills: Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM:Splunk, CrowdStrike, QRadar EDR:CrowdStrike, Carbon Black, SentinelOne SOAR:Palo Alto XSOAR, Splunk SOAR Forensics:FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes: Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM 3:00 PM 2:00 PM - 11:00 PM IST

As a Cyber Security Analyst at our organization, you will play a crucial role in safeguarding our enterprise systems and networks. With a minimum of 1 year of experience in cybersecurity tools and operations, you will focus on endpoint protection, proxy management, and threat analysis. Your responsibilities will include monitoring, investigating, and responding to security incidents, administering McAfee endpoint security tools, managing web proxy solutions, identifying potential threats using SIEM tools, and collaborating with internal IT teams and external vendors to resolve security issues effectively. You will be required to perform vulnerability assessments, maintain detailed documentation of configurations and incident reports, support audits, and implement remediation plans based on security findings. To excel in this role, you should hold a Bachelor's degree in Computer Science, Information Technology, or a related field, along with hands-on experience with McAfee Endpoint Security suite, Zscaler, and Netskope Cloud Security Platform. Additionally, you should possess a good understanding of firewall rules, threat detection, malware analysis, and data loss prevention, as well as familiarity with security incident management processes and tools like SIEM. Your strong analytical and problem-solving skills, coupled with excellent communication and documentation abilities, will be essential for success in this position. This is a full-time, permanent role based in Navi Mumbai, Maharashtra, and proficiency in English is required. If you have the necessary experience and skills in domains like Proxy-Netskope, we encourage you to apply for this exciting opportunity to contribute to our cybersecurity efforts.,