Security Specialist Location: Hyderabad Position: 1 Experience: 4 to 8 years pre sales discussions and design security architecture based on customer requirement. Implement firewalls, anti-virus software, log management, authentication systems, content filtering, Professional IT certifications will be added advantage

Subject Matter Expert Location: Noida Position: 1 Experience: 2-4 years Act as a solution expert. Maintain Relationship with OEMs / distributors. Taking the valid lead from 20% to 60% (i.e., Deal Registration, Solutioning, PoC, BoM). Coordinating with the sales and technical teams to progress on opportunities created. Will carry bottom line targets. Post successful BoM finalization transfer the case to the respective sales team. Products : Veritas, Forescout, Forcepoint, Tenable, Ixia, Gemalto / Thales, etc..

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations Since 2011, our mission hasnt changed "” were here to stop breaches, and weve redefined modern security with the worlds most advanced AI-native platform Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward Were also a mission-driven company We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers Were always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other Ready to join a mission that mattersThe future of cybersecurity starts with you. About The Role As a Corporate Account Executive, you will be responsible for driving new business opportunities You must be extremely results driven, customer focused, technologically savvy, and innovative at building internal relationships and external partnerships to attack the market with passion! The right candidate will possess excellent energy and drive and a real desire to build business across a portfolio of accounts They will have the ability to build effective relationships quickly and to find valuable business within each account immediately that can then be enhanced by leveraging internal resources. This role will be based in Mumbai What You'll Do Actively engage our prospective customers to identify Small Business & Capable of Managing the Run rate Business opportunities for CrowdStrike across the assigned region Run a sophisticated Sales process from Prospecting to Closure. Collaborate with our Sales Engineers (SEs) to devise and execute account strategies and plans. Predominantly working with the Channels Team, Distribution team & Inbound sales representative. Working with the account covering small & medium range with capping of number of End points. Forecast and report updates to management team. Provide exceptional and high touch customer service, including escalation and coordination of support issues as needed for the set accounts. Become an insider within the Cyber Security Industry and become an expert at expert of CrowdStrike products. Stay well educated and informed as to the CrowdStrike competitive landscape and how to sell the value of our solutions and services when compared to the relevant competitors in the Next Generation Endpoint market space. Be a go-getter that sets his/her sights above and beyond to blow out their established targets and quotas. May require modified work hours to accommodate accounts in other time zones, and minimal, but occasional travel for accounts that require a higher touch to achieve closure. What Youll Need Min 6 years of Sales experience generating net new business within the assigned region Proven experience selling a complex multi-product architecture to organizations, selling into C-level Executives to Evaluator-level Engineers. Track record of exceeding expectations in an individually focused, quota carrying role. Cold Calling experience (not tech, SaaS, or Security specific). Technical aptitude and ability to learn new business and technical concepts quickly. Competitive nature, but also a collaborative team player. Strong presentation skills, both in person and via virtual channels. Security and/or SaaS Sales experience a plus. Persistent- Doesnt stop at "no" Believes they can overcome. Coachable Seeks help; knows how to get help, when to ask for it and what situations call for it. Motivated to learn, to succeed, to win, to grow. Aptitude Able to learn and implement new concepts quickly. Self-Disciplined Proven to be good at time management, organization, and demonstrate discipline in their process and everyday business. Self-aware- Has a solid understanding of their strengths and weaknesses and what they need to work on. Benefits Of Working At CrowdStrike Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role s, geographic neighbourhood groups and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified„¢ across the globe CrowdStrike is proud to be an equal opportunity employer We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Show more Show less

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Monitor and analyze attempted efforts to compromise security protocols. Identify and investigate activities and conduct and provide analyses regarding results Collaborate with other Cyber Defense teams Review SIEM alerts and logs to identify and report possible security issues Serve as an escalation resource and mentor for other SOC analysts Perform investigations and escalation for complex or high severity security threats or incidents Work across the organization to define, develop, and refine correlation rules Participate in writing security status reports to provide system status, report potential and actual security violations and provide procedural recommendations Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program Participate in developing and supporting strategic plans and projects to meet Global Security and SOC goals and objectives Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Maintain a solid working knowledge of Information Security principles and practices Research the current information security and event monitoring trends, and keep up to date with SOC issues, technology, and industry best practices Coordinate evidence/data gathering and documentation and review Security Incident reports Assist in strategic initiatives Provide recommendations for improvements to security operational monitoring and incident response procedures based on operational insights Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience Security certifications (e.g. Security+, Network+, Cloud+, AZ-900 (Microsoft Azure Fundamental), SC-200 (Microsoft Security Operations Analyst, etc.) Experience in incident detection and response Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms Willing to work in a team-oriented 24/7 environment; schedule flexibility as needed to work with a global team Preferred Qualifications Experience building use cases and performing log analysis using technology like KQL, Splunk, AlienVault, Q-radar etc. SOAR or Scripting experience using Python, PowerShell etc. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. As a Senior Information Security Engineering Consultant, your responsibilities include administration, maintenance, architecture, and engineering related to on-premise and cloud security solutions. This includes, direct support, technical ownership, and leading others with regards to the platforms. Additional responsibilities as needed, but may include security posture review and analysis, security vulnerability scanning, monitoring and alerting development and tooling, and security incident response. Primary Responsibilities Work on-call and non-standard hours when necessary Support team leads and Subject Matter Expert (SME) for approaches, procedures, and implementation of Cybersecurity systems, specifically perimeter firewalls Be able to troubleshoot in highly complex, technical situations within an enterprise organization Be able to identify and mitigate risks Capable of formulating and implementing procedures and systems Be able to document and communicate on an expert level Have or be in process of obtaining advanced certifications pertinent to area of expertise Collaborate in the development of training content for issues related to IT Cybersecurity Develops and oversees the development of innovative approaches and solutions to complex problems and issues Supports the monitoring and responses to security incidents, offering expertise to ensure prompt and effective resolution Collaborates with director, managers, project managers, architects and other technical personnel to ensure mitigation of risks to the company Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Graduate degree or equivalent experience 6+ years of experience in IT Security for large enterprise environments 5+ years of experience with next gen/firewall (ex. Palo Alto) 5+ years of experience with WAN/LAN routing, switching, proxy and firewall environments Work experience as a system security engineer or information security engineer Proven solid planning and problem-solving skills Proven ability to troubleshoot in highly complex, technical situations within a matrixed organization Preferred Qualification CompTIA Security +, or related certification, PCNSE, CCNA, Network +

Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets Job Description : Job Title: Analyst SOC About News Corp News Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises global businesses across a range of media, including news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-TV distribution in Australia. The Role : We are looking for SOC analysts who will be responsible for monitoring and working on active alerts on various security tools (SIEM/XSOAR). The individual in this role is expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. This position demands someone willing to use a network of sensors, security tools, and monitoring equipment to proactively identify, evaluate, and remediate potential cybersecurity threats. Based on an understanding of “normal” network activity, SOC analysts use tools and processes to detect anomalous activity, providing 24/7/365 detection and response capabilities. The person can multitask, work independently, and work collaboratively with teams, some of which may be geographically distributed. Key Responsibilities Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x5 basis. Monitor various infrastructure log sources and Escalate potential security incidents to client personnel. Notify the Client of the incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security, etc. Must know about SIEM Solutions (Splunk (Preferred), Qradar, ArcSight) Good understanding of Phishing email analysis and its terminologies. Knowing EDR solutions (Preferred CrowdStrike). Ability to run and understand Sandbox Static Analysis. Proactively research and monitor security information to identify potential threats that may impact the organization. Provide 24x7 monitoring operations for security alerts Required Skills and Qualifications : Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree. Minimum of 2-4 years of experience in the IT security industry, preferably working in a SOC/NOC environment. Certifications CCNA, CEH, Security+, CySA+ A degree in Computer Science, IT, Systems Engineering, or a related qualification 2-4 years of experience in Information Security. Cybersecurity best practices, techniques, and tools Understanding of tools like Crowdstrike, Qualys, Service Now, Splunk, and similar to these. Ability to work under pressure in a fast-paced environment Networking concepts, including TCP/IP, routing and switching Windows, Linux, and UNIX operating systems Communication skills, both verbal and written Location: Bangalore, IN Work Arrangement: Hybrid (3 days per week in office) Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets This job is posted with NTS Technology Services Pvt. Ltd. Job Category: Show more Show less

We Have opening on both L2/L3 SOC Analyst Experienced SOC L3 Analyst is needed to expand our group. You will oversee managing and resolving complicated cybersecurity events that have been escalated from L1 and L2 Analysts as an L3 Analyst. To find the underlying cause of security events and offer suggestions for correction, you will be expected to conduct extensive investigations and forensic analyses. Key Responsibilities for this job: Represent the highest level of escalation for cybersecurity issues. To identify the underlying causes of occurrences, carry out comprehensive investigations and forensic analysis. Provide remediation advice and collaborate with L1 and L2 analysts to implement it into practice. Create and maintain playbooks and incident response plans. Conduct penetration tests and vulnerability assessments. Analyze and evaluate the organization's cybersecurity threats. Take part in security audits and assessments. Create and uphold security standards, rules, and procedures. Instruct and guide young analysts in incident response best practices. Knowledge and experience required: Bachelor's degree in computer science, Cybersecurity, or a related field. 5+ years of experience in a SOC environment, with a focus on incident response and forensic analysis. Strong knowledge of cybersecurity frameworks, such as NIST and ISO. Experience working with security tools such as SIEM, IDS/IPS, endpoint detection and response, and firewalls. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Relevant certifications, such as CISSP, GCIA, GCIH, and/or CISA are highly preferred. Preferred Tool: Rapid7, LogRhythm, Sentinel, Fortinet SOAR, etc Shift flexibility, including weekends and holidays (24*7) Jumping on the call with Vendors and other teams to discuss issues with partners/ to get their requirements and deliver the same in the form of projects Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility. Providing weekly/monthly reports to the Upper Management.

Delhi , India Designation: Partner Position: SIEM Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SIEM Mentor will provide expert training and mentorship to Eduroids' students on a part-time basis, focusing on equipping them with skills in Security Information and Event Management (SIEM). This role involves delivering practical training sessions, developing industry-relevant course materials, and guiding students through real-world security monitoring and incident response scenarios to prepare them for cybersecurity roles. Key Responsibilities Training Delivery: Conduct weekend training sessions focused on SIEM tools, processes, and best practices in security operations. Curriculum Development: Create and maintain up-to-date course content aligned with the latest trends in SIEM and cybersecurity. Hands-On Learning: Facilitate practical exercises, simulations, and case studies on threat detection, log analysis, and incident response using popular SIEM platforms. Mentorship: Offer personalized guidance to participants, addressing their questions and helping them grasp complex security concepts. Industry Alignment: Ensure training material reflects current cybersecurity challenges and industry standards in SIEM. Assessment and Feedback: Evaluate student progress through assessments, providing constructive feedback to foster their improvement. Knowledge Transfer: Share insights and experiences from real-world cybersecurity scenarios to bridge theory and practical application. Key Measures Student Progress: Track participant performance in mastering SIEM concepts, tools, and workflows. Industry Relevance: Maintain curriculum alignment with evolving cybersecurity threats, compliance standards, and technologies. Feedback Scores: Achieve high participant satisfaction ratings for training quality and mentorship. Project Completion: Ensure students complete SIEM-related projects, including log analysis, threat hunting, and creating custom alerts. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field. Experience: Minimum of 10 years of professional experience in cybersecurity, with a focus on SIEM tools and security operations. Experience working with Fortune 500 companies or high-security environments preferred. Demonstrated expertise in implementing and managing SIEM platforms in enterprise environments. Technical Skills: Proficiency with SIEM platforms such as Splunk , IBM QRadar , ArcSight , or LogRhythm . Knowledge of threat intelligence, log management, and compliance requirements like GDPR, PCI DSS, and HIPAA. Familiarity with scripting languages like Python or PowerShell for automation in SIEM tools. Strong understanding of cybersecurity frameworks like MITRE ATT&CK , NIST , or CIS Controls . Soft Skills: Excellent communication and presentation abilities. Ability to translate complex cybersecurity concepts into actionable knowledge for learners. Passion for teaching and mentoring aspiring cybersecurity professionals. Personal Attributes Dedicated to fostering the next generation of cybersecurity experts. Resilient and adaptable, with a focus on continuous improvement. Collaborative mentor who creates an engaging and supportive learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to shape the future of cybersecurity professionals and contribute to their career success. Engaging and forward-thinking work culture.

Delhi , India Designation: Partner Position: SOC Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SOC Instructor Mentor will deliver advanced training and mentorship to Eduroids' students on a part-time basis, focusing on Security Operations Center (SOC) concepts, tools, and best practices. The role involves conducting engaging training sessions, developing industry-relevant course materials, and providing personalized guidance to students, equipping them with the skills required to excel in SOC roles such as security analysts and incident responders. Key Responsibilities Training Delivery: Lead interactive weekend sessions on SOC operations, incident response, threat detection, and security monitoring. Demonstrate workflows and methodologies for handling cybersecurity incidents within a SOC environment. Curriculum Development: Design and update course content, labs, and case studies aligned with SOC tools and frameworks, such as SIEM, SOAR, and endpoint detection platforms. Create comprehensive training materials covering SOC processes, including triage, analysis, containment, and remediation. Hands-On Learning: Facilitate hands-on labs using SOC tools like Splunk, IBM QRadar, ArcSight, and SentinelOne. Guide students through simulated incident response scenarios and log analysis exercises. Mentorship: Provide one-on-one guidance to students, addressing their questions and helping them understand real-world SOC workflows. Offer career advice, including certifications and skill-building strategies for aspiring SOC professionals. Industry Alignment: Ensure training materials reflect the latest cybersecurity trends, SOC methodologies, and compliance standards. Assessment and Feedback: Evaluate students through practical exercises, incident response scenarios, and periodic assessments. Provide constructive feedback to enhance participants’ skills and confidence. Knowledge Transfer: Share insights from a minimum of 15 years of professional experience in cybersecurity and SOC operations, emphasizing enterprise-grade practices. Key Measures Student Competency: High rates of student skill acquisition, demonstrated through successful completion of projects and assessments. Curriculum Relevance: Training content is continuously updated to align with current SOC tools, standards, and practices. Hands-On Proficiency: Students demonstrate practical expertise in using SOC tools and handling cybersecurity incidents. Feedback Scores: Achieve excellent ratings from students for training quality and mentorship effectiveness. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field. Experience: Minimum of 15 years of professional experience in SOC operations, cybersecurity, or incident response. Hands-on experience with SOC tools, threat intelligence, and forensic analysis in enterprise environments. Real-time experience with Fortune 500 companies is highly preferred. Technical Skills: Proficiency in SOC workflows, including threat detection, incident response, and log management. Experience with SIEM solutions (Splunk, IBM QRadar, ArcSight) and SOAR platforms. Familiarity with scripting languages like Python, PowerShell, or Bash for automating SOC tasks. Strong understanding of MITRE ATT&CK framework and cybersecurity standards like NIST and ISO 27001. Soft Skills: Excellent communication and presentation abilities. Proven mentorship skills with a passion for teaching and guiding aspiring cybersecurity professionals. Strong analytical and critical thinking skills. Personal Attributes Passionate about cybersecurity and SOC operations. Resilient, adaptable, and committed to continuous learning. Collaborative team player who fosters an inclusive and engaging learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to mentor and shape the next generation of SOC professionals. Collaborative and innovative work culture.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Title: Security Operations Center (SOC) Analyst (Positios-02) Experience: 5 to 8 Years Location: Hyderabad Department: Cybersecurity / Security Operations Industry: IT Services / MSSP / Software / FinTech / Healthcare IT Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (58 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 5–8 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: On-site / Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

Diverse Lynx is looking for SOC Analyst to join our dynamic team and embark on a rewarding career journey. Monitor and analyze security events and incidents, identifying and investigating potential threats Maintain the security of our network and systems by implementing security controls and best practices Work closely with the rest of the security team to ensure that our systems and networks are secure and compliant with industry standards Maintain accurate documentation and reports on security events and incidents Communicate effectively with team members and other stakeholders to ensure that security issues are addressed in a timely and effective manner Stay up to date with the latest security technologies and threats

Diverse Lynx is looking for SOC Lead to join our dynamic team and embark on a rewarding career journey. Lead the SOC team and manage the organization's security operations Ensure that the SOC is staffed with skilled analysts and that the SOC team is executing their tasks efficiently and effectively Monitor and respond to security events and alerts to detect potential security incidents Manage security incidents and provide guidance on remediation Develop and maintain incident response plans and playbooks Collaborate with cross-functional teams to ensure security technologies, policies, and procedures align with business needs Develop and maintain security policies, standards, and procedures Conduct security awareness training for employees and contractors Experience with security information and event management (SIEM) tools such as Splunk or QRadar Excellent problem-solving and analytical skills Strong communication and interpersonal skills

About the Role We are seeking a skilled Senior Security Analyst to join our SOC team. The ideal candidate will have a strong background in SOC operation and ensure that the SOC team is performing its functions as required and to trouble shoot incidents and events. As a Senior Security Analyst shall also act as the technical SME, and handle critical SOC task, Incident, guiding Level 1 and Level 2, customer communications. Key Roles & Responsibilities: Incident Response and Management Lead the investigation of high-severity security incidents and breaches. Provide expert analysis for complex incidents that L1 and L2 analysts cannot resolve. Develop and execute incident response procedures, including containment, eradication, and recovery. Ensure proper escalation processes are followed for incidents requiring higher expertise. Communicate with stakeholders, such as management and IT teams, to ensure appropriate handling of incidents. Threat Hunting and Analysis Perform proactive threat hunting activities to identify potential vulnerabilities, threats, and attacks before they happen using Splunk / QRadar SIEM. Use threat intelligence feeds to enrich SOC operations and identify emerging threats. Analyze large volumes of security data to detect patterns and anomalies. Security Tool Management Oversee and optimize the usage of security monitoring tools such as Splunk/ QRadar SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and endpoint protection systems. Configure, update, and fine-tune security tools to improve detection capabilities and reduce false positives. Recommend new security tools and technologies to improve SOC operations. Log and Event Analysis Review logs from various sources (network, endpoints, servers, etc.) to identify security incidents. Ensure accurate log data collection and retention practices are followed. Provide in-depth analysis of security alerts and generate reports. Vulnerability Management Conduct vulnerability assessments and prioritize remediation activities for critical vulnerabilities. Collaborate with the IT and development teams to address security flaws and implement patches. Collaboration and Escalation Serve as the point of escalation for L1 and L2 SOC analysts when complex issues arise. Collaborate with other security teams, such as network security, application security, and IT operations, to ensure a comprehensive defense strategy. Work with external partners, including Managed Security Service Providers (MSSPs), to coordinate incident management and threat intelligence sharing. Security Policies and Best Practices Review and recommend improvements to security policies, procedures, and best practices. Ensure that the organization's security policies are being followed and advise on improvements. Conduct regular security awareness training for SOC staff and the broader organization. Reporting and Documentation Generate detailed reports on incidents, security posture, and threats for senior management and relevant stakeholders. Maintain incident logs and documentation to comply with regulatory and internal policies. Ensure all incidents are well-documented with root cause analysis, remediation efforts, and lessons learned. Continuous Improvement Analyze the effectiveness of the SOC's operations and suggest improvements to processes, workflows, and technologies. Stay updated on the latest cyber threats, tools, and techniques. Assist with the development and execution of simulations, exercises, and training to improve SOC capabilities. Compliance and Regulatory Requirements Ensure compliance with SLAs for all projects. Ensure SOC operations meet industry compliance requirements (e.g., GDPR, HIPAA, PCI DSS). Help in audits and compliance assessments related to security operations. Mentoring and Training Provide mentorship and training to junior SOC analysts (L1 and L2). Share knowledge on advanced attack techniques, response strategies, and threat detection methods. Report deviations and concerns to the SOC Manager Basic Qualifications: B.E/B.Tech in Computer Science, Information Technology, Cybersecurity, or a related field. 5+ year of experience and strong foundational knowledge in security operations, SIEM, or IT security. Basic understanding of cybersecurity concepts, networking fundamentals, and security monitoring. Knowledge of IT infrastructure, networking, and cybersecurity principles. Communicate effectively with customers, teammates, and management Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills. Preferred Qualifications: Certifications in ECIH/GCIH/CISM/CISSP etc. Splunk Certified candidate Exposure to SIEM solutions, specifically Splunk, Qradar ,DNIF or similar platforms. Familiarity with security tools such as EDR, XDR, WAF, DLP, email security gateways, and proxy solutions. Enthusiasm for learning and a strong interest in cybersecurity as a career. Ability to work in a team and adjust to rotational shifts in a high-stakes environment. Knowledge of cloud security and platforms (e.g., AWS, Azure, GCP)

Job Summary We are seeking a dynamic and experienced Cybersecurity SOC Group Head to lead and oversee the operations, strategy, and continuous improvement of our 24/7 Security Operations Center. This role is critical to managing cyber threats, detecting and responding to incidents, and ensuring the overall security posture of the organization. The ideal candidate will bring a strategic vision, deep technical expertise, and strong leadership to transform and evolve SOC capabilities. Qualifications Bachelor's or Master’s degree in Computer Science, Information Security, or related field. Minimum 12+ years of cybersecurity experience, with at least 5+ years in SOC leadership roles. Proven experience managing large SOC teams in enterprise environments or MSSP settings. Strong knowledge of SIEM (e.g., Splunk, Qradar, MS Sentinel ), SOAR, EDR (e.g., CrowdStrike,Microsoft Defender for Endponts), and cloud security. Deep understanding of attack vectors, threat landscapes, and incident response lifecycle. Relevant certifications such as CISSP, CISM, GIAC, or SANS GCIH/GSOC preferred. Soft Skills Excellent leadership, people management, and conflict resolution skills. Strong communication and reporting abilities for executive-level stakeholders. Ability to work under pressure during high-stress cyber incidents. Preferred Experience Experience in multi-tenant SOC environments or MSSPs. Familiarity with OT/ICS security (for industrial environments) is a plus. Global experience across multiple geographies and regulatory landscapes. Show more Show less

You will contribute as a Managed Security Services (MSS) expert responsible for one of the key functions like Security Governance, Risk & Compliance Management, OMS security infrastructure management, or Security Monitoring & Response Management. You will be part of a team that works independently within a global environment & solve complex problems, and contribute to process improvements. You have: 4-6 years of relevant experience and/or a graduate / postgraduate equivalent degree. Management Experience / Achieved well-advanced skills in a specific professional discipline combining deep knowledge of theory and organizational practice or expertise. Recognized expert in their field (depth & breadth). It would be nice if you also had: Familiarity in security system design, implementation, and performance management. Knowledge to make strategic decisions and mentor senior engineers. Familiarity with complex improvement projects with moderate risk and resources. You will address and resolve highly complex Managed Security Services (MSS) operations performance issues or challenges including through technical leadership of highly skilled teams. You will interpret internal and external Managed Security Services (MSS) and technology challenges and recommend solutions. You will lead the development of innovative practices to improve MSS operations. You will contribute to the design, building, testing, and implementation of security systems within an organizations IT and telecom network. You will be the owner of Performance & Quality Management of Security Operations & Administration and also approve new and/or changes to guidelines and procedures for the function. You will contribute to strategic decisions for not only Managed Services operations, but also MSS business & act as a professional leader for Managed Services operations, mentoring senior Service Operations Engineers. You will contribute to developing the concepts to determine the professional direction of Managed Services delivery operations personnel.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Position Summary: This position will support Mphasis Cyber Defense Center/SOC. It requires to continuously monitor cyber security events, perform triages and provide response/remediation activities. Responsibilities:  Continuously monitor security alerts generated by SIEM and other security tools.  Perform initial triage to distinguish genuine security incidents from false positives and promptly escalate complex or confirmed threats to senior analysts or incident response teams.  Conduct in-depth analysis of potential security incidents by gathering and correlating data from various sources.  Identify indicators of compromise to determine the scope, impact, and root cause of incidents.  Develop and execute effective containment and remediation strategies in close coordination with incident response teams.  Engage in proactive threat hunting to uncover stealthy or sophisticated attacks that bypass standard monitoring mechanisms.  Maintain accurate and detailed incident logs and reports that capture the analysis, response actions, and lessons learned.  Communicate technical findings clearly to both technical and non-technical stakeholders.  Collaborate with fellow SOC analysts, incident responders, and IT teams to optimize detection rules and continuously improve the organization’s security posture.  Evaluate and implement new security technologies while contributing to the development of SOC playbooks, standard operating procedures, and best practices.  Continuously learn and keep abreast on latest trends in attack patterns and tools Desired Skills/Experience:  3-6 years of overall experience in area of Systems/Network/Information Security and minimum 2 years in SOC/MSS services  Experience SIEM Monitoring solutions [Qradar, ArcSight, Splunk, etc.,] and a variety of other security devices found in a SOC environment  Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,  Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet, network topologies)  Experience in major operating systems (Windows, Linux)  Understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps  Strong analytical and problem-solving skills  Excellent communication and interpersonal skills  Professional/Technical Certifications (Security+, CCSE, CCSP, TICSA, MCSE, CISSP, etc.) desirable Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a skilled Senior Security Analyst to join our SOC team. The ideal candidate will have a strong background in SOC operation and ensure that the SOC team is performing its functions as required and to trouble shoot incidents and events. As a Senior Security Analyst shall also act as the technical SME, and handle critical SOC task, Incident, guiding Level 1 and Level 2, customer communications. Key Roles & Responsibilities Incident Response and Management Lead the investigation of high-severity security incidents and breaches. Provide expert analysis for complex incidents that L1 and L2 analysts cannot resolve. Develop and execute incident response procedures, including containment, eradication, and recovery. Ensure proper escalation processes are followed for incidents requiring higher expertise. Communicate with stakeholders, such as management and IT teams, to ensure appropriate handling of incidents. Threat Hunting and Analysis Perform proactive threat hunting activities to identify potential vulnerabilities, threats, and attacks before they happen using Splunk / QRadar SIEM. Use threat intelligence feeds to enrich SOC operations and identify emerging threats. Analyze large volumes of security data to detect patterns and anomalies. Security Tool Management Oversee and optimize the usage of security monitoring tools such as Splunk/ QRadar SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and endpoint protection systems. Configure, update, and fine-tune security tools to improve detection capabilities and reduce false positives. Recommend new security tools and technologies to improve SOC operations. Log and Event Analysis Review logs from various sources (network, endpoints, servers, etc.) to identify security incidents. Ensure accurate log data collection and retention practices are followed. Provide in-depth analysis of security alerts and generate reports. Vulnerability Management Conduct vulnerability assessments and prioritize remediation activities for critical vulnerabilities. Collaborate with the IT and development teams to address security flaws and implement patches. Collaboration and Escalation Serve as the point of escalation for L1 and L2 SOC analysts when complex issues arise. Collaborate with other security teams, such as network security, application security, and IT operations, to ensure a comprehensive defense strategy. Work with external partners, including Managed Security Service Providers (MSSPs), to coordinate incident management and threat intelligence sharing. Security Policies and Best Practices Review and recommend improvements to security policies, procedures, and best practices. Ensure that the organization's security policies are being followed and advise on improvements. Conduct regular security awareness training for SOC staff and the broader organization. Reporting and Documentation Generate detailed reports on incidents, security posture, and threats for senior management and relevant stakeholders. Maintain incident logs and documentation to comply with regulatory and internal policies. Ensure all incidents are well-documented with root cause analysis, remediation efforts, and lessons learned. Continuous Improvement Analyze the effectiveness of the SOC's operations and suggest improvements to processes, workflows, and technologies. Stay updated on the latest cyber threats, tools, and techniques. Assist with the development and execution of simulations, exercises, and training to improve SOC capabilities. Compliance and Regulatory Requirements Ensure compliance with SLAs for all projects. Ensure SOC operations meet industry compliance requirements (e.g., GDPR, HIPAA, PCI DSS). Help in audits and compliance assessments related to security operations. Mentoring and Training Provide mentorship and training to junior SOC analysts (L1 and L2). Share knowledge on advanced attack techniques, response strategies, and threat detection methods. Report deviations and concerns to the SOC Manager Basic Qualifications B.E/B.Tech in Computer Science, Information Technology, Cybersecurity, or a related field. 5+ year of experience and strong foundational knowledge in security operations, SIEM, or IT security. Basic understanding of cybersecurity concepts, networking fundamentals, and security monitoring. Knowledge of IT infrastructure, networking, and cybersecurity principles. Communicate effectively with customers, teammates, and management Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills. Preferred Qualifications Certifications in ECIH/GCIH/CISM/CISSP etc. Splunk Certified candidate Exposure to SIEM solutions, specifically Splunk, Qradar ,DNIF or similar platforms. Familiarity with security tools such as EDR, XDR, WAF, DLP, email security gateways, and proxy solutions. Enthusiasm for learning and a strong interest in cybersecurity as a career. Ability to work in a team and adjust to rotational shifts in a high-stakes environment. Knowledge of cloud security and platforms (e.g., AWS, Azure, GCP) Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1–3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: 1–3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances. Show more Show less

Archer and GRC SOC L3 DM L1 Soc/Soar(knowhow) Consultant SOC+VAPT, min 5 yrs exp overall AM/DM SOC, Qradar/Ueba monitoring SOC+CDR,Antivirus ,Trendmicro, Consultant/AM L1 Soc/Soar(knowhow) Consultant/AM SOC+DAM, 3+ yrs overall Consultant/AM IR, L2 DLP AM DLP IBM+IAM verify Consultant DLP DLP IBM+IAM verify L1/L2 SOC SOC+CDR,Antivirus ,Trendmicro, Qradar SOC, Qradar/Ueba monitoring Show more Show less

The primary responsibility of this role is to provide advanced incident analysis and management within our SOC environment, while also leading the development and training of the L1 SOC team in incident analysis, parsers creation, rule views, and report management. The ideal candidate will have a strong background in cybersecurity, incident response, and leadership skills. Responsibilities Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 3 years of experience in a SOC environment, with a focus on incident analysis and response. Strong understanding of cybersecurity principles, including threat detection, malware analysis, and vulnerability management. Experience with SIEM platforms (e.g., Securonix, QRadar) and familiarity with creating and managing parsers and rule views. Leadership experience, with the ability to mentor and motivate team members effectively. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders. Show more Show less