888 Qradar Jobs - Page 10

JD: 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Strong analytical and communication skills. Willingness to work in rotational shifts, including nights and weekends. Monitor security alerts and events from SIEM, IDS/IPS, antivirus, and other security tools. Perform initial triage of security incidents to assess severity and potential impact. Escalate confirmed incidents to L2 analysts with relevant context and evidence. Assist in gathering logs, screenshots, and other artifacts for incident documentation. Follow predefined playbooks and standard operating procedures (SOPs) for incident handling. Maintain accurate and timely records of all incident-related activities. Support evidence collection and ensure logs are preserved for further analysis. Coordinate with internal IT teams for basic containment actions (e.g., isolating endpoints). Participate in shift-based operations to ensure 24x7 monitoring coverage. Role & responsibilities Preferred candidate profile 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Please fill below forms if you are interested for the same https://forms.cloud.microsoft/r/v0S2BXfWim

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Monitor SIEM alerts and conduct incident detection/response. Collaborate within SOC, automate remediation, refine detection blocks, and support cyber defense initiatives. Required Candidate profile 3–5 yrs in SIEM, incident response, log analysis. Bachelor's in CS/IT/Cybersecurity. Security certification preferred (Security+, SC200). Python/PowerShell automation experience a plus.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Career Family Technology Consulting Role Type Technical Engineering and Support The opportunity The cloud operations lead is responsible for overseeing the operational aspects of the Cloud Center of Excellence and should ensure the smooth operation of cloud platforms, including AWS, Azure, and Snowflake. This role requires strong technical background, exceptional leadership skills, and the ability to collaborate effectively with cross-functional teams. Your key responsibilities Production Support: Lead a team responsible for providing world class stability for cloud platforms, ensuring uptime and availability of services. Incident Management: Align to incident management processes and procedures to swiftly address and resolve and operational issues. Team Coordination: Partner with internal teams to prioritize tasks, allocate resource effectively, and create trust across the organization on the CC4E platforms. Major Incident Management (MIM): Lead highly visible MIM calls, guiding team members through troubleshooting and resolution process. Interaction with C-Level Management: Serve as a primary point of contact for senior management regarding operational performance, status updates, and strategic initiatives. Platform Oversight: Oversee AWS, Azure, and Snowflake platforms leveraging the cloud management platform consisting of CloudAware, Dynatrace, ServiceNow, Splunk, and Compliance oversight tooling to ensure minimal downtime, quick resolutions to issues, and conducting root cause analyses to prevent future incidents. Continuous Improvement: Identify opportunities for process improvement, automation, and optimization to enhance efficiency and effectiveness. Team Management: Develop operational engineers through performance management, goal setting, mentoring, and coaching to provide opportunities for career growth. Recruitment: Actively participate in the recruitment process by identifying talent needs, interviewing candidates, and selecting new members who align with the organizational culture and values. Skills and attributes for success Bachelor’s degree in computer science, Information Technology, or comparable certifications. 7+ years of experience in cloud operations, with proven track record of managing large-scale cloud environments. 5+ years of experience with Public Cloud (IaaS, PaaS, SaaS) services and solutions. Certifications in Amazon Web Services, Azure, or, Snowflake Exceptional communication and interpersonal skills, with the ability to interact effectively with stakeholders at all levels of the organization. Excellent leadership skills with the ability to inspire and motivate teams to achieve high performance. In depth knowledge of application development including systems management, monitoring, configuration management, capacity planning and performance tuning, highly availability architectures. Knowledge of ITSM practices (Incident, Problem Management, CMDB, Change Management) Understanding of Infrastructure as Code practices (Terraform Enterprise, GitLab) Self-motivated and able to work across diverse technical and non-technical teams. Understanding of Software Development Lifecycle Methodologies and delivery processes (Agile, Scrum, Kanban) Demonstrated DevOps expertise including automation and continuous delivery model. Experience with Management technologies (ServiceNow, CloudWatch, Qradar, Splunk, CloudAware) To qualify for the role, you must have Certifications: Industry certifications Cloud Experience: Experience with cloud platforms DevOps: Familiarity with DevOps practices and tools. Containerization and Orchestration: Experience with Docker and Kubernetes. CI/CD Pipelines: Knowledge of continuous integration and continuous deployment (CI/CD) pipelines. Agile MethodologiesUnderstanding Agile development environments. Soft Skills: Strong leadership, project management, and mentoring skills. What we offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture : You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: SOC Analyst with OT(Operational Technology) Key Skills: SOC, OT, ICS Job Locations: PAN INDIA Experience: 3 – 5 Years Budget: Max 7LPA Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: 2 Rounds of Technical Interview Job Description: ________________________________________ Technical Skills & Knowledge: • Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. • Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). • Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. • Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. • Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. • Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. • Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice to Have: • Exposure to Red Team/Blue Team exercises focused on OT/ICS. • Familiarity with GRC platforms and risk assessment tools tailored to OT. Interested Candidates please share your CV t o vamsi.v@people-prime.com

About The Role We are seeking a highly skilled and experienced Cybersecurity Engineer with deep expertise in SentinelOne Endpoint Detection and Response (EDR) solutions. The ideal candidate will play a key role in the deployment, administration, optimization, and advanced troubleshooting of SentinelOne environments across complex enterprise infrastructures. Deployment & Configuration This position demands a proactive security professional capable of conducting real-time threat detection, response, and investigation, while collaborating with cross-functional teams to continuously improve endpoint protection Responsibilities : Lead the end-to-end installation, configuration, and policy deployment of SentinelOne across diverse enterprise systems. Administration & Maintenance Manage and maintain the SentinelOne management console and endpoint agents, ensuring optimal performance, version compliance, and operational health. Troubleshooting & Root Cause Analysis Conduct Level 3 (L3) support for complex endpoint issues, performing deep-dive troubleshooting and forensic analysis to identify and resolve threats or system faults. Threat Hunting & Incident Response Proactively identify, investigate, and respond to suspicious activities and security incidents using SentinelOnes EDR capabilities and forensic tools. Integration With Security Ecosystem Integrate SentinelOne with SIEM/SOAR platforms (e.g., Splunk, QRadar, XSOAR) to improve alert correlation, response automation, and overall threat visibility. Collaboration & Optimization Work closely with internal security teams and clients to fine-tune configurations, optimize detection rules, and adapt SentinelOne policies to evolving threat landscapes. Documentation & Reporting Develop and maintain detailed documentation for deployment architectures, configuration standards, incident response procedures, and best practices. Required Skills & Qualifications Minimum 5 years of experience in cybersecurity, with a strong focus on endpoint security and EDR platforms. Proven expertise in administering and implementing SentinelOne in large-scale enterprise environments. Deep understanding of cyber threat landscapes, malware analysis, and modern attack vectors. Strong knowledge of L3 troubleshooting, threat containment strategies, and incident response workflows. Experience with SIEM/SOAR integration and leveraging EDR telemetry for threat intelligence and automation. Familiarity with endpoint forensics, log analysis, and EDR-generated reporting and dashboards. Relevant industry certifications preferred, such as : SentinelOne Certified Admin/Engineer GIAC (GCFA, GCIA, GCIH) CompTIA Security+ / CySA+ CEH / CISSP (optional, but advantageous) (ref:hirist.tech)

A career in our Advisory Acceleration Centre is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. ,Quality Assurance SOC Analyst - CaaS As a Quality Assurance SOC Analyst (Senior Associate) within the Cyber as a Service (CaaS) practice, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. You will play a pivotal role in ensuring the quality and effectiveness of our SOC operations. You will be responsible for reviewing and enhancing our security incident response processes and procedures, evaluating the performance of SOC analysts, and implementing best practices to maintain the highest standards of security. This role is critical in maintaining the integrity of our clients' systems and Required Qualifications data. Responsibilities include but are not limited to: 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Incident Response, or Penetration Testing/Red Team. At a minimum, a Bachelor's Degree in a relevant area of study with a preference for Computer Science, Computer Engineering, Cybersecurity, or Information Security. Knowledge and experience working with various SIEM, EDR, NDR and Ticketing tools. Knowledge of Security Operations Centre (SOC) processes and procedures. Effective communication skills, both written and verbal. Strong attention to detail and commitment to quality. Advanced knowledge and experience analyzing attacker techniques at all stages of a breach. Knowledge of MITRE ATT&CK and Cyber Kill-Chain is a must Be available to work on a 24/7 basis (Mon-Sun) on a shift based schedule to continuously assure quality within SOC. Roles & Responsibilities Conduct regular quality assessments of security incident handling processes within the SOC for both L1 and L2 functions. Review and evaluate the effectiveness of SOC analyst activities, including incident detection, analysis, investigation and response. Identify areas for improvement and provide recommendations to enhance SOC operations and incident response capabilities. Collaborate with SOC management and leads to develop and implement quality assurance strategies and initiatives. Create and maintain comprehensive quality assurance documentation, reports, and metrics. Mentor and provide guidance to junior SOC analysts to improve their performance and investigation skills. Stay up-to-date with the latest threat landscape, attack vectors, and cybersecurity technologies through ongoing research and professional development. Assist in incident response activities as needed, including during high-priority security incidents. Participate in the development and delivery of training programs for SOC staff. Collaborate with the L2 analyst team to develop robust quality assurance practices, documentation, reports and metrics. Collaborate with L1 and L2 SOC analysts to provide training and knowledge sharing on quality assurance best practices. Communicate findings and recommendations effectively to technical and non-technical stakeholders internally and externally. Maintain detailed records of quality assurance activity, including findings, actions taken, and outcomes. Participate in knowledge-sharing initiatives with the L1 and L2 team to enhance collective expertise and investigation skills. Ensure adherence to established quality assurance processes and procedures. Identify opportunities for process improvement and contribute to the enhancement of quality assurance methodologies. Maintain composure and efficiency in high-pressure situations. Willing to work in US day shift (9AM EST - 5PM EST) / India night Shift (7 PM IST to 3 AM IST) and weekend support / on call support Experience & Skills 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team. Experience in SOC L1, SOC L2 is a must. Experience in SOC Quality Assurance is a must Experience in SIEM technologies such as Azure Sentinel, Splunk, ArcSight, QRadar, Exabeam, LogRhythm Experience and knowledge of EDR and NDR technologies such as Cortex XDR, CrowdStrike, Carbon Black, Cylance, Defender, DarkTrace Experience with ticketing system such as ServiceNow, JIRA is considered a strong asset Experience and Knowledge working with Cyber Kill-Chain model and MITRE ATT&CK framework Ability to use data to 'tell a story'; ability to communicate findings and recommendations effectively to technical and non-technical stakeholders. Proficient in preparation of reports, dashboards and documentation Excellent communication and leadership skills Ability to handle high pressure situations with key stakeholders Good Analytical skills, Problem solving and Interpersonal skills A demonstrated commitment to valuing differences and working alongside diverse people and perspectives

We are looking for an experienced and highly motivated Senior Information Security Consultant I to join our cybersecurity team. The ideal candidate will bring deep expertise in Phishing Threat Mitigation, Email Security, Microsoft Defender, and Security Operations (SOC & SIEM). Responsibilities You will play a key role in protecting our organization against evolving email-based threats and ensuring robust incident response Responsibilities : Lead and manage the organization's email security infrastructure, including configuration, monitoring, and optimization of tools like Microsoft Defender and other email security platforms. Design, implement, and manage phishing threat detection and mitigation strategies. Investigate and respond to phishing incidents, coordinate with relevant stakeholders for containment and remediation. Monitor and analyze email threat intelligence feeds and proactively adjust policies and controls. Integrate email security with SIEM platforms for centralized monitoring and incident detection. Provide subject matter expertise in SOC operations, guiding junior analysts on phishing-related escalations. Ensure adherence to email authentication protocols (e.g., SPF, DKIM, DMARC). Maintain detailed documentation of configurations, response procedures, and incident handling processes. Collaborate with internal teams to improve cybersecurity awareness and training, especially around email threats. Contribute to security audits, risk assessments, and regulatory compliance efforts. Key Skills & Technologies Deep knowledge of phishing techniques, email threat vectors, and Expertise in Microsoft Defender for Office 365, and similar tools (e.g., Proofpoint, Mimecast, Barracuda). Hands-on experience with SIEM platforms such as Splunk, QRadar, or Microsoft Sentinel. Familiarity with email security protocols : SPF, DKIM, DMARC. Experience working in or with a Security Operations Center (SOC). Strong scripting and automation skills (PowerShell preferred) for security tool integration and response. Sound knowledge of security frameworks (NIST, ISO 27001, etc.) and incident management : Bachelor's degree in Cybersecurity, Computer Science, or a related field. Relevant certifications are a plus (e.g., CISSP, CEH, Microsoft SC-200, GIAC certifications) (ref:hirist.tech)

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. Leveraging industry proven tools to identify and reduce Cyber Risks Implementing next generation network security architecture, create advanced policies and controls against future threats Ensuring effectiveness and coverage of security, policies and controls of VGS Network & Infrastructure, prioritizing risk level. Ensuring Security posture of VGS Network & Infrastructure, e.g., access management, vulnerabilities remediation, etc. Developing awareness, training & compliance programs focused on Network & Infrastructure Cyber Security practices. Coordinating activities like network, penetration testing, incident response, data collection etc by partnering with the CISO teams. Assisting in Crisis Management, Ransomware Recovery and Business Continuity planning. Identifying, investigating and resolving global security breaches / incidents Developing and maintaining network and infrastructure security reporting dashboards and scorecards used to measure our Cyber Practice. Identifying opportunities and use cases for automation to remediate vulnerabilities , implement controls, orchestrate between tools and automate security practices. What we’re looking for... You are passionate about network security and automation as a career. You are self-driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners from the business groups, so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security. You'll need to have some of the skills listed below. Masters or Bachelor’s degree in Computer Science / Information Technology Engineering Four or more years of relevant work experience in network / information security, risk and compliance management. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN , web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Experience working in any one of the SIEM / SOAR solutions like Splunk SOAR, Cortex XSOAR by Palo Alto Networks, IBM Security QRadar SOAR, Swimlane etc Experience in managing public cloud infrastructure like AWS, Azure, GCP etc Experience working in a SOC environment handling processes like Incident Management and Triage, Vulnerability Management, Threat Intelligence, Threat Hunting etc Knowledge of common software vulnerabilities like OWASP Top 10 / Sans Top 25 and their relevant controls and safeguards for secure software will be an added advantage. Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC etc Cloud relevant certifications CCSP, CCSK Strong expertise in at least one operating system Window or Linux. Strong Scripting expertise in any one of Python, R, Perl, Javascript, Powershell, bash , VBScript etc Experience in managing server infrastructure Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on security and automation tools to protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts and risk management personnel to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. Leveraging industry proven tools to identify and reduce Cyber Risks Implementing next generation network security architecture, create advanced policies and controls against future threats Ensuring effectiveness and coverage of security, policies and controls of VGS Network & Infrastructure, prioritizing risk level. Ensuring Security posture of VGS Network & Infrastructure, e.g., access management, vulnerabilities remediation, etc. Developing awareness, training & compliance programs focused on Network & Infrastructure Cyber Security practices. Coordinating activities like network, penetration testing, incident response, data collection etc by partnering with the CISO teams. Assisting in Crisis Management, Ransomware Recovery and Business Continuity planning. Identifying, investigating and resolving global security breaches / incidents Developing and maintaining network and infrastructure security reporting dashboards and scorecards used to measure our Cyber Practice. Identifying opportunities and use cases for automation to remediate vulnerabilities , implement controls, orchestrate between tools and automate security practices. What we’re looking for... You are passionate about network security and automation as a career. You are self-driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners from the business groups, so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security. You'll need to have some of the skills listed below. Masters or Bachelor’s degree in Computer Science / Information Technology Engineering Four or more years of relevant work experience in network / information security, risk and compliance management. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN , web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Experience working in any one of the SIEM / SOAR solutions like Splunk SOAR, Cortex XSOAR by Palo Alto Networks, IBM Security QRadar SOAR, Swimlane etc Experience in managing public cloud infrastructure like AWS, Azure, GCP etc Experience working in a SOC environment handling processes like Incident Management and Triage, Vulnerability Management, Threat Intelligence, Threat Hunting etc Knowledge of common software vulnerabilities like OWASP Top 10 / Sans Top 25 and their relevant controls and safeguards for secure software will be an added advantage. Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC etc Cloud relevant certifications CCSP, CCSK Strong expertise in at least one operating system Window or Linux. Strong Scripting expertise in any one of Python, R, Perl, Javascript, Powershell, bash , VBScript etc Experience in managing server infrastructure Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Company Overview Incedo is a US-based consulting, data science and technology services firm with over 3000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science & healthcare industries. Working at Incedo will provide you an opportunity to work with industry leading client organizations, deep technology and domain experts, and global teams. Incedo University, our learning platform, provides ample learning opportunities starting with a structured onboarding program and carrying throughout various stages of your career. A variety of fun activities is also an integral part of our friendly work environment. Our flexible career paths allow you to grow into a program manager, a technical architect or a domain expert based on your skills and interests. Our Mission is to enable our clients to maximize business impact from technology by Harnessing the transformational impact of emerging technologies Bridging the gap between business and technology Role Description Position Description: Incedo is seeking a SOC Analyst (L3/Tier 3/Threat Hunter) to join our rapidly growing cybersecurity team! Role and responsibilities: Participate in a rotating SOC on-call; rotation is based on the number of team members. Provide first-line SOC support with timely triage, routing and analysis of SOC tasks. Researches, develops, and monitors custom visualizations. Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives. Tunes and develops SIEM correlation logic for threat detection. Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks. Produce and review aggregated performance metrics. Perform Cyber Threat Assessment and Remediation Analysis Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data. Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise. Investigate network and host detection and monitoring systems to advise engagement processes.Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions. Participate in on-call rotation for after-hours security and/or engineering issues. Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions. Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods. Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection. Technical Skills Required Experience / Skills: Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 1+ years of Incident response Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE Attack Framework Knowledge of security operations and attacker tactics Ability to identify cyber-attacks and develop monitoring logic Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Support alert and notification triage, review/analysis through resolution / close Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) Nice-to-have skills In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Experience and solid understanding of Malware analysis Understanding of security incident response processes Qualifications Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Company Value

Location: Gurgaon (Work from Office) Looking for Immediate joiners only Required Technical Skills & Experience: Experience: 7+ years in cybersecurity, with at least 3 years in a SOC leadership role . SIEM & Log Analytics: XSIAM, ArcSight, Splunk, Elastic Stack (ELK), QRadar, Microsoft Sentinel Threat Intelligence: MITRE ATT&CK, Cyber Kill Chain, MISP, STIX/TAXII. Incident Response & Forensics: Volatility, Wireshark, FTK, EnCase, Sleuth Kit, YARA. Endpoint Security & EDR/XDR: CrowdStrike Falcon, Microsoft Defender, Palo Alto XDR, SentinelOne, Carbon Black. Cloud Security: AWS GuardDuty, Azure Security Center, Google Chronicle, CSPM, CNAPP. Compliance & Risk: NIST 800-53, ISO 27001, PCI-DSS, SOC2, GDPR, CIS Benchmarks. Key Responsibilities: SOC Operations & Security Monitoring Lead and manage the 24/7 Security Operations Center (SOC) , ensuring continuous threat detection and response . Working extensively on SIEM (XSIAM. Arcsight, Splunk, QRadar, ELK, Sentinel, etc.) and other security monitoring tools. Oversee 24/7 monitoring of security events and alerts. Ensure effective use of SIEM (Security Information and Event Management) tools. Prioritize, analyze, and manage security incidents. Improve threat intelligence capabilities and integrate with threat intelligence feeds. Continuously optimize detection rules, correlation logic, and security alerts to minimize false positives and improve response times. Incident Response & Management Develop and enforce incident response plans (IRPs) . Ensure timely response to cyber threats, minimizing impact. Coordinate with stakeholders during major incidents. Conduct post-incident analysis and lessons learned exercises. EDR/XDR (Endpoint Detection & Response / Extended Detection & Response) CrowdStrike Falcon – AI-powered threat detection with real-time response. Palo Alto XDR – Extended Detection and Response. Microsoft Defender for Endpoint – Integrated with Azure security solutions. – Behavioral AI-driven endpoint protection. Carbon Black (VMware) – Next-gen EDR with cloud analytics. Sophos Intercept X – Machine-learning-based ransomware prevention. Threat Intelligence Platforms (TIP) Recorded Future – AI-driven threat intelligence analysis. MISP (Malware Information Sharing Platform) – Open-source threat sharing platform. Flashpoint Threat Intel Outseer AFCC ( Previously RSA) IBM X-Force Exchange – Intelligence-sharing with global threat data. Anomali ThreatStream – Automated threat intelligence processing. VirusTotal Enterprise – File and URL malware scanning with shared intelligence. Compliance & Reporting Ensure compliance with security frameworks (ISO 27001, NIST, GDPR, etc.). Maintain accurate security logs and reports for audits. Prepare executive-level reports on security incidents and risk posture.

Microland Limited is looking for Associate Manager - Cyber Security to join our dynamic team and embark on a rewarding career journeyTeam Supervision: Provide leadership, direction, and supervision to a team of employees, ensuring their productivity, performance, and professional development.Operational Management: Manage day-to-day operations within the assigned area, ensuring efficiency, adherence to processes, and effective resource allocation.Performance Management: Set performance goals, conduct regular performance reviews, and provide feedback and coaching to team members to help them excel in their roles.Project Coordination: Oversee projects, initiatives, or tasks within the department, ensuring that deadlines are met and objectives are achieved.Communication: Foster effective communication within the team and with other departments, conveying goals, expectations, and updates to ensure alignment.Problem-Solving: Address challenges and issues that arise within the team or department, working to find solutions and implement process improvements.Budget Management: Contribute to budget planning and management, ensuring that resources are allocated appropriately to achieve departmental goals.

Administering and maintaining Deep security systems to ensure the security of IT Infrastructure Monitoring and analysing security alerts to identify potential threats. Ensure proper integration with existing system Troubleshooting and debugging of Problems related to TrendMicro Deep security manager and agent TrendMicro Deep Security Agent management (Agent Installation, Reconciliation, Troubleshooting etc. Fine-tuning of policies in Deep security features such as FIM, Log Inspection, IPS, Firewall, A Developing and updating security policies and procedures related to Deep security (SOP, SCD, NDA etc.) Anti-malware module etc Log monitoring and incident investigation. Maintaining, generating & analysing all deep security related reports Manager version upgradation and capacity management. Should take up with OEM in case of any Deep security related issue reported Ensuring compliance with industry standards, regulations and best practice Mandatory Skills: Antivirus Microsoft EDR XDR Experience : 5-8 Years.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytms mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. Job Title: IBM SOAR Administrator / Automation Engineer Experience Required: Minimum 5+ years overall experience - 2+ years hands-on experience with IBM SOAR (Resilient) - 3+ years experience in Python scripting and API integrations Job Summary: We are seeking a skilled and proactive IBM SOAR Administrator / Automation Engineer to manage, customize, and enhance our Security Orchestration, Automation and Response (SOAR) platform. The candidate will be responsible for developing and maintaining playbooks, integrating various security and threat intelligence tools, and automating key SOC tasks to improve efficiency and response times. Key Responsibilities: ‚ Act as the Master Administrator for IBM SOAR platform ‚ Design, implement, and maintain automatic and manual playbooks based on SOC workflows and requirements ‚ Develop and manage custom scripts, functions, and workflows to support automation in IBM SOAR ‚ Setup and manage the IBM SOAR Integration Server ‚ Integrate IBM SOAR with various SOC tools (SIEMs, EDRs, firewalls, etc.) and threat intelligence platforms ‚ Automate manual processes handled by SOC analysts to streamline operations ‚ Collaborate with the SOC team to identify opportunities for orchestration and automation ‚ Maintain platform documentation and provide training to SOC team members as needed ‚ Perform regular system checks and updates to ensure platform reliability and security Required Skills and Qualifications: ‚ Strong hands-on experience with IBM SOAR (Resilient) platform ‚ Deep knowledge of IBM SOAR playbook creation, workflow design, and integration ‚ Proficiency in Python scripting and using RESTful APIs ‚ Working knowledge of HTML, JavaScript, CSS for UI-level customizations ‚ Familiarity with basic Linux commands and system operations ‚ Experience integrating security tools (SIEM, EDR, AV, firewalls) and threat intelligence feeds with SOAR ‚ Basic understanding of ticketing systems (ServiceNow, JIRA, etc.) ‚ Ability to work independently as well as collaboratively within a team ‚ Strong analytical, troubleshooting, and problem-solving skills Preferred Qualifications: ‚ IBM SOAR certification or equivalent training ‚ Exposure to other SOAR platforms like Palo Alto XSOAR, Splunk SOAR is a plus

> Role Summary: This role is responsible for building and executing automated tests using ServiceNow Automated Test Framework (ATF). The tester ensures application stability, regression testing for ServiceNow upgrades and customizations. Required Certifications: ServiceNow Certified System Administrator (CSA) ServiceNow Certified Application Developer (CAD) Optional ATF Micro-Certification (Automated Test Framework) Key Responsibilities: 1. Configure and customize GRC or TPRM module components and workflows. 2. Design and implement automated tests using ATF. 3. Develop reusable ATF templates for core modules. 4. Validate form configurations, catalog items, and workflows. 5. Integrate ATF tests in CI/CD pipelines. 6. Maintain test suites for regression and upgrade testing. 7. Document test plans, scenarios, and results. 8. Coordinate with developers for defect resolution. 9. Support testing for major upgrades and patch releases. 10. Collaborate with QA and Dev teams in Agile sprints. 11. Monitor test execution logs and performance metrics. Mandatory Skills: ServiceNow SecOps. Experience: 3-5 Years. >

Your role We are looking for an experienced and strategic Detection Engineer across India. The ideal candidate will have a strong background in cybersecurity, detection and Splunk Enterprise Security. Develop and maintain cyber threat detection and hunting capabilities for Organization. Actively research, innovate and uplift in the areas of threat detection and hunting. Develop and maintain attack & use case models against Organizations environment and systems for the purposes of detection and monitoring use cases. Build and maintain continuous validation and assurance of the detection and hunting pipeline. Maximise detection visibility, coverage, and return-on-investment to maintain a defensible architecture across the business. Develop threat/attack models to depict and model detection of known attack vectors. Work with Threat Intelligence, Incident Response and Cyber Orchestration teams to prioritise and develop detection and orchestration capability. Work with the Red Team to actively test and validate detection capabilities Your Profile 5+ years of experience in a CSOC, Cyber detection, Threat Hunting and/or SOAR development role. 5+ years developing detections within a SIEM environment. Experience working with security tools such as endpoint detection and response systems, network anomaly detection, etc. Designing and implementing threat/attack modelling to derive abuse cases, detection logic and automation course of actions. Well versed in the development of detection and hunting strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration in the Financial Services sector or similar. Knowledge of the frameworks like NIST Cybersecurity framework, MITRE ATT&CK, Lockheed Martin Cyber Kill Chain or similar methodologies is required What you"ll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work on cutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

6 -8 Years experience on creating Design documents, Implementation/ Change Management Plans or Optimization of reports (beyond day-to-day routine operations) is a must. Expertise in Implement &/or design (design is must) of one of the following - Priority is Firewall and good if candidates have hands on exp on Identity solutions, Email Security, Web Security/Proxy, Cloud Security. Cisco ISE is a plus

Responsibilities Oversee real-time incident handling, escalation management, and response coordination for cyber threats, breaches, and anomalies Act as the primary escalation point during high-severity incidents, ensuring containment and rapid resolution Design and maintain incident response runbooks, playbooks, SLA matrices, and crisis communication protocols Lead and manage triage activities Ensure tight integration between SOC operations, threat intelligence, DFIR, and red/blue teams Drive detection engineering efforts to improve alert quality, correlation logic, and MITRE ATT&CK mapping Implement continuous improvement programs in MTTR, false positive reduction, and analyst productivity Lead post-incident RCA reviews, reporting, and feedback loops to enhance readiness Manage relationships with OEMs, MSSPs, and security product vendors for technology alignment Mentor SOC managers, team leads, and analysts to build a resilient and responsive operations team Ensure compliance with security and privacy standards (e.g., NIST, IEC 62443, ISO 27001, DPDP Act) Deep expertise in SIEM (e.g., Splunk, QRadar, LogRhythm, SentinelOne), SOAR platforms, EDR/XDR tools, threat intelligence platforms Strong knowledge of network security, log analysis, endpoint telemetry, and OT-specific telemetry correlation Familiarity with MITRE ATT&CK, cyber kill chain, and threat hunting techniques Knowledge of OT security architectures including SCADA, PLCs, DCS, and OT network segmentation Scripting and automation exposure (Python, PowerShell, Bash) preferred Familiarity with OT SOC environments, ICS protocol detection (Modbus, DNP3), and industrial anomaly detection tools (e.g., Nozomi, Claroty) Leadership & Personality Traits Strategic thinker with an operations-first mindset and execution rigor Calm, decisive, and clear-headed in crisis and high-pressure scenarios Strong stakeholder engagement and communication skills across technical and executive levels Proven ability to lead multi-location teams with cultural sensitivity and high performance Continuous learner with a growth mindset and passion for cybersecurity excellence Preferred Industry Background Large industrial conglomerates (Power, Ports, Renewables, Mining, Airports) OT and IT OEMs MSSPs, SOC service providers Consulting firms with cyber defence practices (e.g., Big 4) Qualifications Bachelor’s or Master’s in Cybersecurity, Computer Science, or Engineering Preferred certifications: CISSP, CISM, GCIA, GCIH, or SOC-related credentials 12 + years of cybersecurity experience, with at least 6 years in SOC/IR leadership roles Experience managing global SOC operations or OT-specific cyber operations is a strong plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities: Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs. Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems. Validate log sources and indexed data, optimizing search criteria to improve search efficiency. Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential. Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation. Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10. Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems. TCP/IP networking skills for packet and log analysis. Experience working with Windows and Unix platforms. Familiarity with databases is an advantage. Experience in GCP, AWS and Azure environments is a plus. Additional Information: - The candidate should have minimum 5 years of experience in Security Platform Engineering. - This position is based at our Pune office. - A 15 years full time education is required.

Job Title: Cybersecurity Consultant – VAPT Specialist Location: Riyadh Experience Level: Mid to Senior Employment Type: Full-time Job Summary We are seeking a highly skilled and passionate Cybersecurity Consultant with deep expertise in Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, and API platforms . The ideal candidate will have a strong background in identifying and remediating high-risk vulnerabilities, collaborating with cross-functional teams, and implementing robust security strategies tailored to diverse industries. This role requires a proactive approach to threat mitigation, excellent technical capabilities, and a commitment to continuous learning. Roles & Responsibilities Conduct in-depth Vulnerability Assessment and Penetration Testing (VAPT) for web, mobile, and API platforms, addressing OWASP Top 10, identifying business logic flaws, and uncovering complex attack vectors. Collaborate with IT and development teams to remediate vulnerabilities effectively and within defined SLAs. Design and implement yearly cybersecurity plans aligned with regulatory standards including SAMA CSF, SAMA ITGF, NCA CSCC, NCA ECC , and PCI-DSS . Perform advanced threat hunting, source code reviews , and SIEM audits to detect integration flaws and hidden threats. Carry out network and server configuration reviews in line with NIST, CIS benchmarks , or customized Minimum Baseline Security Standards (MBSS) . Utilize advanced security tools such as: Core Impact, Tenable SC, Nessus, Nmap, Metasploit, Acunetix, AppScan, Splunk, QRadar, Volatility, Hydra, Burp Suite, SonarQube, SQLMap, Fortify , etc. Conduct risk assessments, compromise assessments , and provide tailored recommendations to strengthen the organization’s security posture. Demonstrate strong communication and interpersonal skills , ensuring seamless collaboration across departments and with clients. Stay ahead of evolving threats by researching the latest technologies and attack vectors , and apply this knowledge to secure client environments. Required Qualifications Bachelor of Science Deep understanding of security frameworks, methodologies, and risk-based prioritization. Certifications (Preferred) Certified Information Security Manager (CISM) Certified Red Team Professional (CRTP) eLearn Certified Threat Hunting Professional (eCTHP) eLearn Web Penetration Tester (eWPT) Certified Ethical Hacker (Practical) (CEH) NSE1 – Network Security Associate Key Skills VAPT (Web, Mobile, API) Threat Hunting & Compromise Assessment Source Code & Network Configuration Review Regulatory Compliance (PCI-DSS, NCA, SAMA) Security Tool Proficiency (BurpSuite, Nessus, Metasploit, etc.) Risk Analysis & Communication Skills Report Writing & Executive Summarization

We are hiring a FortiSIEM Administrator to manage and maintain our SIEM infrastructure and security tools. The ideal candidate will have deep experience in SIEM architecture (FortiSIEM) , EDR , DLP , and a sound understanding of cybersecurity frameworks like MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 . The role requires someone who can ensure complete visibility and protection of IT assets while supporting incident response and compliance. Tasks Deploy, configure, and maintain the FortiSIEM platform for real-time monitoring and alerting. Integrate log sources across firewalls, servers, endpoints, and cloud environments. Develop and manage SIEM rules, parsers, dashboards, and alerts. Operate and optimize EDR , DLP , and other advanced security tools. Conduct incident triage, investigation, and provide root cause analysis. Align monitoring and response activities with MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 frameworks. Collaborate with SOC, infrastructure, and application teams for end-to-end threat visibility. Maintain updated documentation and support internal and external security audits. Ensure regular health checks, version upgrades, and platform tuning for performance Requirements Required Skills & Qualifications: 3–6 years of experience in cybersecurity with a focus on SIEM administration (preferably FortiSIEM) . Hands-on expertise in deploying and managing EDR , DLP , and other endpoint security tools. Good understanding of SIEM architecture , log ingestion, and threat correlation. Knowledge of networking fundamentals, TCP/IP, firewalls, VPNs, and IDS/IPS. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 . Scripting knowledge (PowerShell, Python, Bash) is an advantage. Fortinet certification (e.g., NSE 5/7) is a plus. Nice to Have: Experience with cloud platforms (AWS, Azure) and cloud security monitoring. Exposure to other SIEM tools (Splunk, QRadar, etc.) is beneficial. Experience in compliance-driven environments (PCI-DSS, SOC 2, etc.).