891 Qradar Jobs - Page 11

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities: Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs. Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems. Validate log sources and indexed data, optimizing search criteria to improve search efficiency. Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential. Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation. Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10. Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems. TCP/IP networking skills for packet and log analysis. Experience working with Windows and Unix platforms. Familiarity with databases is an advantage. Experience in GCP, AWS and Azure environments is a plus. Additional Information: - The candidate should have minimum 5 years of experience in Security Platform Engineering. - This position is based at our Pune office. - A 15 years full time education is required.

Job Title: Cybersecurity Consultant – VAPT Specialist Location: Riyadh Experience Level: Mid to Senior Employment Type: Full-time Job Summary We are seeking a highly skilled and passionate Cybersecurity Consultant with deep expertise in Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, and API platforms . The ideal candidate will have a strong background in identifying and remediating high-risk vulnerabilities, collaborating with cross-functional teams, and implementing robust security strategies tailored to diverse industries. This role requires a proactive approach to threat mitigation, excellent technical capabilities, and a commitment to continuous learning. Roles & Responsibilities Conduct in-depth Vulnerability Assessment and Penetration Testing (VAPT) for web, mobile, and API platforms, addressing OWASP Top 10, identifying business logic flaws, and uncovering complex attack vectors. Collaborate with IT and development teams to remediate vulnerabilities effectively and within defined SLAs. Design and implement yearly cybersecurity plans aligned with regulatory standards including SAMA CSF, SAMA ITGF, NCA CSCC, NCA ECC , and PCI-DSS . Perform advanced threat hunting, source code reviews , and SIEM audits to detect integration flaws and hidden threats. Carry out network and server configuration reviews in line with NIST, CIS benchmarks , or customized Minimum Baseline Security Standards (MBSS) . Utilize advanced security tools such as: Core Impact, Tenable SC, Nessus, Nmap, Metasploit, Acunetix, AppScan, Splunk, QRadar, Volatility, Hydra, Burp Suite, SonarQube, SQLMap, Fortify , etc. Conduct risk assessments, compromise assessments , and provide tailored recommendations to strengthen the organization’s security posture. Demonstrate strong communication and interpersonal skills , ensuring seamless collaboration across departments and with clients. Stay ahead of evolving threats by researching the latest technologies and attack vectors , and apply this knowledge to secure client environments. Required Qualifications Bachelor of Science Deep understanding of security frameworks, methodologies, and risk-based prioritization. Certifications (Preferred) Certified Information Security Manager (CISM) Certified Red Team Professional (CRTP) eLearn Certified Threat Hunting Professional (eCTHP) eLearn Web Penetration Tester (eWPT) Certified Ethical Hacker (Practical) (CEH) NSE1 – Network Security Associate Key Skills VAPT (Web, Mobile, API) Threat Hunting & Compromise Assessment Source Code & Network Configuration Review Regulatory Compliance (PCI-DSS, NCA, SAMA) Security Tool Proficiency (BurpSuite, Nessus, Metasploit, etc.) Risk Analysis & Communication Skills Report Writing & Executive Summarization

We are hiring a FortiSIEM Administrator to manage and maintain our SIEM infrastructure and security tools. The ideal candidate will have deep experience in SIEM architecture (FortiSIEM) , EDR , DLP , and a sound understanding of cybersecurity frameworks like MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 . The role requires someone who can ensure complete visibility and protection of IT assets while supporting incident response and compliance. Tasks Deploy, configure, and maintain the FortiSIEM platform for real-time monitoring and alerting. Integrate log sources across firewalls, servers, endpoints, and cloud environments. Develop and manage SIEM rules, parsers, dashboards, and alerts. Operate and optimize EDR , DLP , and other advanced security tools. Conduct incident triage, investigation, and provide root cause analysis. Align monitoring and response activities with MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 frameworks. Collaborate with SOC, infrastructure, and application teams for end-to-end threat visibility. Maintain updated documentation and support internal and external security audits. Ensure regular health checks, version upgrades, and platform tuning for performance Requirements Required Skills & Qualifications: 3–6 years of experience in cybersecurity with a focus on SIEM administration (preferably FortiSIEM) . Hands-on expertise in deploying and managing EDR , DLP , and other endpoint security tools. Good understanding of SIEM architecture , log ingestion, and threat correlation. Knowledge of networking fundamentals, TCP/IP, firewalls, VPNs, and IDS/IPS. Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Controls , and ISO 27001 . Scripting knowledge (PowerShell, Python, Bash) is an advantage. Fortinet certification (e.g., NSE 5/7) is a plus. Nice to Have: Experience with cloud platforms (AWS, Azure) and cloud security monitoring. Exposure to other SIEM tools (Splunk, QRadar, etc.) is beneficial. Experience in compliance-driven environments (PCI-DSS, SOC 2, etc.).

Job Area: Engineering Group, Engineering Group > Systems Engineering General Summary: In this position you will join the team responsible for the security architecture of Qualcomm Snapdragon processors. The team works at a system level spanning across hardware, software and infrastructure while striving for industry-leading solutions. This team interacts with product management, customers (e.g., OEMs), partners, HW/SW engineering, and Services engineering teams to find the optimal Security solution. Snapdragon processors are utilized in a variety of devices, including mobile phones, laptops, automotive systems, and data centers, each with distinct security needs. These processors are engineered to address most of these requirements, encompassing a wide range of security technologies found in consumer electronics, such as Root of Trust, Integrated Secure Element, Virtualization, and Confidential Compute. Minimum Qualifications 10+ years industry experience in SoC Security encompassing both architecture and design 5+ years industry experience in Compute and/or Data Centre SoC Architecture Demonstrated expertise in Security Technologies (Root of Trust, TEE, Access Control, I/O Security) Proficient in Confidential Compute Architecture (RME, TDX, SEV-SNP, TDISP) Strong understanding of Security Software Architecture for Compute and Data Centers, with a focus on Secure Boot. Skilled in HW/SW threat analysis Strong capabilities in creating and presenting architecture-level documentation. Preferred Qualifications Proficient in isolation-related extensions, including TrustZone, Virtualization, and RME. Extensive knowledge of Server Platform security architecture covering lifecycle/debug management, provisioning, attestation/measurement. Expertise in Applied Cryptography and Protocols. Knowledgeable about Security Certification Processes and Requirements (such as OCP) Excellent communication and teamwork skills. Leadership and management experience at the project level Key Responsibilities Establish system security requirements (both hardware and software) for Server SoC focusing on functionality, performance, and security levels. Specify and review the architecture and implementation of System/SoC level security mechanisms. Conduct platform security threat analysis. Perform competitive analysis of security systems and features Explore future and roadmap server security-related technologies. Serve as the technical interface to product management and standards teams. Minimum Qualifications: Bachelors degree in engineering, Computer Science, or related field and 8+ years of Security Engineering or related work experience. ORMasters degree in engineering, Computer Science, or related field and 7+ years of Security Engineering or related work experience.ORPhD in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. Note References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Systems Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Systems Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Systems Engineering or related work experience. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Overview 170+ Years Strong. Industry Leader. Global Impact. At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded together, we share a commitment to integrity, vigilance, and excellence. Pinkerton is an inclusive employer who seeks candidates with diverse backgrounds, experiences, and perspectives to join our family of industry subject matter experts. The Senior Site Security Manager, assigned to one of Pinkerton's largest global clients, will provide operational support in the application of physical security operations at the client's campus to ensure a safe working environment and support the organization's core business objectives. Responsibilities Represent Pinkerton’s core values of integrity, vigilance, and excellence. Provide operational support in the application of physical security operations to ensure a safe working environment. Assist in the evaluation, development, and implementation of regional security strategies. Implement site security plans, security assessments, site specific risk/threat analysis and training awareness programs with the assistance of law enforcement agencies. Support the regional internal communication program. Liaise with government, consular and private sector agencies to enhance security operations. Provide support to Regional Security Manager regarding contingency planning, risk/threat assessments, and the maintenance of effective networks across all business groups. Assist with the intelligence gathering process regarding the protection against high security threats, emergencies, and contingencies. Assist with the Building Emergency Reaction Readiness Program through the collaboration with key stakeholders. Support the creation and review of regional level strategic relocation planning. Preserve the business infrastructure at local and region level through the implementation of strategic business objectives. Provide multi-level communication between the business units in cooperation with individuals, teams, and vendors. Conduct periodic review sessions with vendors to achieve quality service delivery provision by suppliers and vendors. Manage and direct all security staff and daily on-site security operations and ensure correct and continuous business operations. Assist in the development of internal and external service optimization. Respond immediately to all security incidents and emergencies, as dictated by policy. Provide operational support to the Regional Security Manager during incidents and emergencies. Act as the global security representative during initial stages, as dictated by policy. Support established systems including but not limited to; access control, system trouble shooting, and access card management. Coordinate security support for both internal/external events. All other duties, as assigned. Qualifications Bachelor's degree preferred with at least seven years of corporate security operations experience. Able to carry out responsibilities with little or no supervision. Effective written, verbal, and presentation skills. Able to multi-task and organize workload for effective implementation. Client orientated and results driven. Able to interact effectively at all levels and across diverse cultures. Able to prioritize duties and responsibilities in accordance with level of importance. Able to adapt as the external environment and organization evolves. Computer skills; Microsoft Office. Working Conditions: With or without reasonable accommodation, requires the physical and mental capacity to effectively perform all essential functions; Regular computer usage. Occasional reaching and lifting of small objects and operating office equipment. Frequent sitting, standing, and/or walking. Travel, as required. Pinkerton is an equal opportunity employer to all applicants and positions without regard to race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/prenatal status, pregnancy/childbirth or related conditions, religion, creed, age, disability, genetic information, veteran status, or any protected status by local, state, federal or country-specific law.

Software Testing Manager About the Team: ZTrust revolutionizes user onboarding with seamless Omnichannel Identity & Access Management, ensuring swift, effortless, and secure app access. It simplifies security across applications, while making password policy creation a breeze. Bid farewell to complexity and embrace efficiency with ZTrust. What you can look forward to as Software Testing Manager (m/f/d): Second-line support for Service Desk and OPS, special care first-line support for field test customers (FT engineers) & Thorough incident analysis Inter-departmental escalation of problems (R&D, hosting, customizing & integration) Evaluate functional analysis documents, create and maintain training documentation & Train Service Desk on new features before every major release Update and maintain knowledge base and service trees with known issues and guidelines Define customer acceptance criteria, create and update test scripts for new software features and validate new software and hardware in field test environment Report, follow up and escalate issues with R&D, hosting, customizing & integration & Plan and execute occasional field visits at field test customers for new software or hardware Approve or disapprove the release of new features, changes and hosting setup & Communicate and coordinate the extended field test rollout Your profile as Software Testing Manager (m/f/d): Communicative and customer-oriented & Team player, strong cooperation skills Highly analytical, precise, eye for details & Planning and coordination skills Experience with incident handling / problem resolution management & Experience with software and hardware development Experience with ICT and electronics & Good English speaking and writing skills Knowledge in Regression , smoke, integration, UI testing & Knowledge in automation testing is an added advantage Why should you choose ZF Group in India? Innovative Environment: ZF is at the forefront of technological advancements, offering a dynamic and innovative work environment that encourages creativity and growth. Diverse and Inclusive Culture: ZF fosters a diverse and inclusive workplace where all employees are valued and respected, promoting a culture of collaboration and mutual support. Career Development: ZF is committed to the professional growth of its employees, offering extensive training programs, career development opportunities, and a clear path for advancement. Global Presence: As a part of a global leader in driveline and chassis technology, ZF provides opportunities to work on international projects and collaborate with teams worldwide. Sustainability Focus: ZF is dedicated to sustainability and environmental responsibility, actively working towards creating eco-friendly solutions and reducing its carbon footprint. Employee Well-being: ZF prioritizes the well-being of its employees, providing comprehensive health and wellness programs, flexible work arrangements, and a supportive work-life balance. Be part of our ZF team as Software Testing Manager and apply now! Contact Sowmya Nagarathinam

Area(s) of responsibility About Us Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Location -Mumbai ,Pune ,Bangalore, Hyderabad , Noida Exp -8 yrs to 10 yrs About The Role We are seeking a skilled Network Security Engineer to design, implement, and maintain secure network infrastructures. The ideal candidate will possess strong expertise in network protocols, firewall and IDS/IPS configuration, VPN solutions, and security compliance standards. You will be instrumental in enhancing our network security posture through threat detection, risk assessment, and zero trust architecture implementation. Key Responsibilities Design, configure, and manage network security devices including firewalls (Palo Alto, Fortinet, Cisco ASA) and intrusion detection/prevention systems (Snort, Suricata). Implement and manage Network Access Control (NAC) systems utilizing 802.1X, RADIUS, and Cisco ISE for role-based access control. Configure and maintain secure VPN solutions including IPsec, SSL VPNs, and site-to-site tunnels. Conduct SIEM and log analysis using tools such as Splunk, QRadar, and ELK Stack to detect and respond to security threats. Design and enforce network segmentation and apply Zero Trust security principles. Ensure compliance with security standards such as ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. Perform threat modeling, vulnerability assessments, and risk analysis to mitigate security risks. Collaborate with cross-functional teams to develop and enforce security policies and procedures. Core Technical Competencies Deep understanding of network protocols including TCP/IP, UDP, ICMP, DNS, HTTP/S, FTP. Hands-on experience with firewall and IDS/IPS tools such as Palo Alto, Fortinet, Cisco ASA, Snort, and Suricata. Familiarity with Network Access Control frameworks (802.1X, RADIUS), especially Cisco ISE. Expertise in VPN technologies like IPsec and SSL VPNs. Proficiency in SIEM platforms and log correlation for threat detection and incident response. Knowledge of network segmentation strategies and Zero Trust architecture. Strong understanding of compliance requirements (ISO 27001, NIST, PCI-DSS, GDPR, HIPAA). Ability to conduct threat modeling and risk assessments. Required Certifications CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CEH (Certified Ethical Hacker) CompTIA Security+ CCNP Security (Cisco Certified Network Professional Security) Palo Alto PCNSA/PCNSE Qualifications Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Proven experience in network security engineering or a similar role. Why Join Us? Work with cutting-edge security technologies. Collaborate with a passionate and dynamic security team. Opportunities for professional growth and certification support.

About Us: Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Location -Mumbai ,Pune ,Bangalore, Hyderabad , Noida Exp -8 yrs to 10 yrs About the Role: We are seeking a skilled Network Security Engineer to design, implement, and maintain secure network infrastructures. The ideal candidate will possess strong expertise in network protocols, firewall and IDS/IPS configuration, VPN solutions, and security compliance standards. You will be instrumental in enhancing our network security posture through threat detection, risk assessment, and zero trust architecture implementation. Key Responsibilities: Design, configure, and manage network security devices including firewalls (Palo Alto, Fortinet, Cisco ASA) and intrusion detection/prevention systems (Snort, Suricata). Implement and manage Network Access Control (NAC) systems utilizing 802.1X, RADIUS, and Cisco ISE for role-based access control. Configure and maintain secure VPN solutions including IPsec, SSL VPNs, and site-to-site tunnels. Conduct SIEM and log analysis using tools such as Splunk, QRadar, and ELK Stack to detect and respond to security threats. Design and enforce network segmentation and apply Zero Trust security principles. Ensure compliance with security standards such as ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. Perform threat modeling, vulnerability assessments, and risk analysis to mitigate security risks. Collaborate with cross-functional teams to develop and enforce security policies and procedures. Core Technical Competencies: Deep understanding of network protocols including TCP/IP, UDP, ICMP, DNS, HTTP/S, FTP. Hands-on experience with firewall and IDS/IPS tools such as Palo Alto, Fortinet, Cisco ASA, Snort, and Suricata. Familiarity with Network Access Control frameworks (802.1X, RADIUS), especially Cisco ISE. Expertise in VPN technologies like IPsec and SSL VPNs. Proficiency in SIEM platforms and log correlation for threat detection and incident response. Knowledge of network segmentation strategies and Zero Trust architecture. Strong understanding of compliance requirements (ISO 27001, NIST, PCI-DSS, GDPR, HIPAA). Ability to conduct threat modeling and risk assessments. Required Certifications: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CEH (Certified Ethical Hacker) CompTIA Security+ CCNP Security (Cisco Certified Network Professional Security) Palo Alto PCNSA/PCNSE Qualifications: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Proven experience in network security engineering or a similar role. Why Join Us? Work with cutting-edge security technologies. Collaborate with a passionate and dynamic security team. Opportunities for professional growth and certification support.

Job Summary: We are seeking skilled SOC Analysts (L2 and L3) to strengthen our Security Operations Center team. The candidates will be responsible for monitoring, analyzing, and responding to security incidents using advanced security tools and processes. The L2 role will focus on deeper analysis and initial remediation, while the L3 role will handle complex threats, lead incident response efforts, and support threat hunting and tuning. Key Responsibilities: SOC Analyst – L2 Monitor security events and alerts from SIEM tools (e.g., Microsoft Sentinel, Splunk, QRadar). Investigate and triage alerts to identify false positives and real incidents. Perform initial incident response actions (isolate systems, reset credentials). Escalate high-severity or complex incidents to L3 analysts. Document findings, actions, and recommendations in ticketing systems. Work with threat intelligence feeds to understand attack trends and indicators. Support vulnerability management efforts and patch validations. Assist in playbook execution and incident lifecycle management. SOC Analyst – L3 Lead end-to-end incident response, including containment, eradication, and recovery. Perform in-depth forensic investigations, malware analysis, and root cause analysis. Develop and tune SIEM detection rules and use cases. Mentor L1/L2 analysts and review their investigations. Threat hunting using behavioral analytics and threat intelligence sources. Collaborate with threat intelligence teams for proactive defenses. Work closely with other teams (IT, Cloud, Endpoint) for coordinated responses. Create and maintain runbooks, incident reports, and compliance documentation. Required Skills and Qualifications: Solid understanding of cybersecurity principles, MITRE ATT&CK, and NIST framework. Familiarity with tools: SIEM (Sentinel/Splunk/QRadar), EDR (Defender, CrowdStrike), SOAR platforms. Hands-on experience in log analysis, network traffic analysis, and endpoint investigations. Understanding of firewalls, proxies, IDS/IPS, and cloud security. L3 Specific: 5+ years in a SOC environment or cybersecurity field. Advanced knowledge of threat analysis, malware reverse engineering, and threat hunting. Experience in tuning and optimizing SIEM/SOAR rules. Industry certifications preferred (e.g., GCIA, GCIH, CEH, CISSP, Microsoft SC-200, SC-300). L2 Specific: 2–4 years of SOC or cybersecurity operations experience. Good understanding of the incident handling process. Basic scripting or automation knowledge (PowerShell, Python) is a plus.

Location - Mumbai Notice period - Immediate - 20 days Job Description - Strong L3 SOC Analysts Positions: 2–3 Experience: 7 to 10 years Core Skills: Expert in Splunk Enterprise Security and IBM QRadar – detection, correlation, administration Proven experience in advanced threat hunting aligned to MITRE ATT&CK Ability to manage detection use case lifecycle, RCA, compliance, and audit readiness Experience leading L1 and L2 teams, conducting RCA, and reporting to leadership Exposure to SOAR playbooks, automation, and red/purple team collaboration Certifications (Preferred): CEH – Certified Ethical Hacker Splunk Enterprise Security Admin / Architect IBM QRadar Deployment Professional / Admin GCIA / GCIH / GCFA / OSCP MITRE ATT&CK Defender (MAD) OEM Product Certifications ISO 27001 Lead Implementer / CISA (preferred for governance alignment) Additional Notes: All candidates should have strong investigative mindset, documentation habits, and ability to operate independently during incident escalations. Exposure to SOC compliance frameworks (ISO 27001, CERT-In, IRDAI, NCIIPC) is an added plus. Interested candidates can share updated resume on anamika@enroutecorp.in

Summary Position Summary Red Team — Senior Consultant 2 – Senior Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes Interacts with clients, managers and partners to build and nurture strong relationships Tailors firm tools and methodologies as per client requirements Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships with their direct client contacts at a minimum at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Advanced communication skills (written and verbal) with experience delivering high-level technical presentations, detailed engagement reports, and executive briefings to stakeholders and leadership teams. Proven ability to design and execute complex red team operations, providing tactical and strategic guidance for enhancing organizational security posture through actionable insights. Comprehensive project management skills, with experience in leading large-scale offensive security engagements from inception to execution, including coordinating cross-functional teams. Expert-level understanding of threat analysis, enterprise-level defense mechanisms, and advanced mitigation strategies, with a focus on bridging offensive techniques with defensive improvements. Hands-on experience in bypassing complex security defenses such as firewalls, EDR, IDS/IPS, SIEM solutions (e.g., Splunk, QRadar, ArcSight), using cutting-edge evasion techniques. Extensive knowledge of cyber kill chains, advanced multi-stage attack scenarios, and the ability to execute sophisticated adversarial campaigns using real-world TTPs. Deep expertise in reverse engineering, malware analysis, and exploiting vulnerabilities to uncover security flaws within complex infrastructures. Strong knowledge of cloud security (AWS, Azure, GCP) and demonstrated ability to conduct adversarial simulations targeting cloud-based environments. Advanced knowledge of operating systems (Windows/Linux) and networking technologies critical to red team operations, with the ability to exploit system misconfigurations and weaknesses. Mastery of adversarial simulation tools like Cobalt Strike, Sliver, Metasploit, Empire, Nessus, nmap, Qualys, and Tenable, with the capability to customize attack vectors. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Proven experience leading red teaming, purple teaming, and Breach Attack Simulations (BAS) at the enterprise level, simulating advanced persistent threats (APTs) to assess security defenses. Expertise in spear-phishing campaigns, HTML smuggling, payload delivery mechanisms, and opsec strategies to evade detection throughout engagements. Deep understanding of advanced attack frameworks like MITRE ATT&CK and SANS Top 25, using them to design tailored attack scenarios specific to client environments. In-depth knowledge of EDR/AV evasion techniques, privilege escalation, lateral movement, and persistence in both on-premise and hybrid cloud infrastructures. Ability to architect, deploy, and optimize custom Red Team/Offensive Security solutions, including managing command and control infrastructure, payload obfuscation, and real-time response actions. Ability to manage cross-functional teams across red, blue, and purple engagements, fostering collaboration and improving overall security resilience through continuous improvement cycles. High-level proficiency in strategic planning, engaging with leadership to define security objectives, risk prioritization, and translating technical findings into business-centric solutions. Strong knowledge of attack surface management and vulnerability management, with experience discovering and analyzing hidden or misconfigured assets, especially shadow IT. Advanced OpSec and tradecraft knowledge, ensuring red team engagements are conducted without exposing tools or tactics to detection, while continuously adapting methods to outpace blue team defenses. As a Senior Solutions Delivery Lead, you will lead the charge in adversarial simulation operations, pushing the boundaries of offensive security capabilities. You will: Architect and lead advanced red team engagements, simulating the tactics, tools, and techniques used by sophisticated threat actors to test client defenses. Conduct multi-phase, coordinated attack campaigns, including phishing simulations, exploitation of vulnerabilities, and covert lateral movement across complex environments. Develop and optimize adversarial simulation tactics, ensuring constant evolution of red team methodologies in response to emerging threats. Provide in-depth reports and post-engagement briefings with a focus on strategic remediation advice that aligns with organizational security goals. Oversee the red team infrastructure, ensuring all tools, C2 systems, and exploit frameworks are continually updated and configured for optimal effectiveness. Lead purple team exercises, working closely with blue teams to collaboratively improve detection, response, and mitigation strategies in real time. Remain at the forefront of offensive security innovations, guiding the team through new techniques, tools, and adversarial simulations to enhance effectiveness. Ensure OpSec best practices are strictly followed to avoid detection during engagements and protect the integrity of the red team toolkit. Collaborate with clients and stakeholders to review attack scenarios, findings, and deliver customized security enhancements tailored to their specific business risks. Preferred: B. E / B.Tech / M.S in any engineering discipline; 7-9 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306123

Job Title: SOC L2/L3 Support Location: Pune (5 days WFO) 24/7 Support Experience: 5+ Job Type: Full Time Employment Expertise You'll Bring: Bachelors degree in computer science, Information Security, or a related field (or equivalent experience). 5+ years of experience in a cybersecurity role, preferably in a SOC environment. Strong understanding of cybersecurity principles, concepts, and technologies. Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS). Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus.

Job Title: Security Operations Center (SOC) Lead Job Type: Full-time Experience: 10+ years Location: Pune, India Job Summary: We are seeking a highly skilled and proactive SOC Lead to manage and mature our 24x7 Security Operations Center. This role involves leading a team of 15 analysts (L1L3), supporting multiple customer environments, and driving operational excellence in threat detection, incident response, and SOC process improvement. The ideal candidate will have deep technical expertise in SIEM and EDR tools, strong leadership capabilities, and excellent communication skills. Required Skills & Experience: 10+ years of experience in cybersecurity, with at least 4 years in a SOC leadership role. Proven experience managing multi-tenant or MSSP environments. Hands-on expertise with: SIEMs: QRoC, Sumo Logic, Splunk, Palo Alto SIEM EDR tools: CrowdStrike, SentinelOne Strong knowledge of: SIEM rule creation and use case development Log source onboarding, integration, and troubleshooting Incident response lifecycle and threat detection methodologies Excellent communication and writing skills; ability to present to customers and executives. Experience in producing and interpreting SOC metrics and dashboards. Familiarity with frameworks such as MITRE ATT&CK, NIST, and SANS. Preferred Qualifications: Bachelor's degree in computer science, Information Security, or related field. Industry certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent. Experience with scripting (Python, PowerShell) for automation and enrichment. Exposure to cloud security monitoring (AWS, Azure, GCP). Work Environment: Require on-call availability and rotational shifts. Mandatory Skills: QRadar,/ QRoC/ Palo Alto SIEM/ Sumo Logic, Threat Intelligence and Detection, Incident Response, SIEM Desirable Skills: Threat Intelligence and Detection, QRoC, Incident Response, SIEM, Security, Operational Excellence, Process Improvement, Threat Intelligence, Vulnerability Management, Splunk, Scripting, Cloud Security, Monitoring

Position Title: SOC Level 3 Implementation Engineer/Analyst Location: Pune (5 Days a week onsite) 24/7 Support Job Type: Full-time Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 8+ years of experience in a cybersecurity role, with a focus on security solution design and implementation. Strong understanding of cybersecurity principles, concepts, and technologies, including network security, endpoint security, and threat detection. Experience with security technologies and tools, such as QRadar, Splunk, SumoLogic, Palo Alto SIEM & SOAR, CrowdStrike & SentinelOne EDR, firewalls, and endpoint protection platforms. Proficiency in scripting and automation languages (e.g., Python, PowerShell) for integration and workflow automation. Excellent analytical, problem-solving, and communication skills. Relevant certifications (e.g., CEH, CISSP, CCSP, CISM, GIAC) are preferred. Mandatory Skills Incident Response QRADAR/ Palo Alto SIEM/ Sumo Logic/ QRoc SIEM Desirable Skills Incident Response QRADAR SIEM Sumo Logic Work Flow Security Splunk Products Performance Automation and Orchestration Monitoring Scripting Powershell

2+ years of experience in Security Operations Center. Experience in monitoring and alert handling in QRadar SIEM. Security incident handling and reporting. Experienced in EDR alert analysis, preferably SentnelOne. Should be flexible to work in 24/7 rotational shifts. Should possess good communication skills. Qradar, SOC Monitoring,Sentinelone EDR Please apply who are immediate joiners

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Purpose/Summary : - Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident response. - Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response times. - Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration changes. - Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediation. - Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture. - Maintain detailed documentation of automation, scripts, and improvement. - Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms. - Manage technical documentation around the content deployed to the SIEM/SOAR. - Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders. Qualification: - Bachelor's degree in Computer Science, Information Security, EXTC or related field. - Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable. - Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administration. - Experience with deploying and managing a large SIEM/SOAR environment. - Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc. - Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc. - Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.

Role: Senior Presales - Cyber Security Location: Mumbai, Maharashtra, India Experience: 6 - 12 years Budget: 15-25 LPA Job Type: Non-Tech Working Days - Monday - Friday Note: Only Local Candidates Notice Period: 30 Days Academic Qualifications: Bachelor’s degree Must-Have Skills 6+ Years of presales experience with customer facing Should meet the customers and understand the requirements and should be able to articulate the business challenges well internally as well as back to customers to arrive at suitable solution Hands-on experience to showcase product Demo / POV at customer sites Should have experience in good documentation – POV scope of work, prerequisites, deliverables etc. Experience in any 2 of the key skills mentioned in the JD is acceptable with meeting any of 2 OEM in listed areas. Technology DomainOEMProxyZscaler, Netskope, ForcepointDLPZscaler, Netskope, ForcepointWAFCloudflare, F5IdentityOkta, BeyondTrust, CyberArkSIEMIBM Qradar, Splunk, Firtinet Good-to-Have Skills Excellent Oral Communication skills and Written skills, Excellent presentation skills Good analytical skills who can understand customer’s business challenges and arrive at right solution. Key Performance Indicators Conduct pre-engagement meetings Create end-user knowledge transfer Function as a requirements analyst Serve as a conduit between sales and Delivery team Conduct Cybersecurity solution & service research Make contributions to the Cybersecurity technical portfolio About company: It one of the leading Digital Systems & Services Integrator company in South Asia. We accelerate Customer’s Business Transformation Journey through our competence in Consulting, Integration and Security, delivering Next-Gen Digital Infrastructure Technologies, Solutions and Services. Roles and Responsibilities: Senior Presales – Cyber Security As a Senior Presales Consultant – Cyber Security, you will be responsible for engaging with clients to understand their cybersecurity challenges and propose appropriate solutions leveraging leading OEM technologies. You will act as a trusted advisor to customers and a key liaison between the sales and delivery teams. Key Responsibilities Understand customer requirements, identify pain points, and map them to appropriate cybersecurity solutions. Conduct product demos and Proof of Value (POV) presentations at client locations. Draft technical documents including scope of work, prerequisites, and deliverables. Collaborate with sales and delivery teams to build customized solution proposals. Serve as a key liaison between customers, internal teams, and OEMs. Conduct technical workshops, pre-engagement meetings, and knowledge transfer sessions. Contribute to research and development of the cybersecurity solutions portfolio. Skills: communication skills,presales,presentation,cybersecurity solutions,presales- cybersecurity,customer engagement,customer facing,requirements analysis,senior presales - cyber security,communication,product demo,product demonstration,documentation,proof of value (pov),cybersecurity,presales experience,presentation skills,analytical skills,oems

We are seeking a skilled and experienced Information Security Analyst/ SOC Administrator to join our team in Tripura. In this critical role, you will be instrumental in safeguarding our Data Centre Infrastructure, ensuring the continuous protection of our digital assets from evolving cyber threats. You will lead our cybersecurity operations, providing expert guidance and fostering a robust security posture. Key Responsibilities: Cybersecurity System Management: Manage, monitor, and analyze cybersecurity systems to proactively protect Data Centre Infrastructure from intrusions. Incident Management & Reporting: Prepare daily, weekly, and monthly analysis reports for DIT, detailing incident severity, root causes, and recommended remedial measures to prevent reoccurrence. Manage CSOC event and information intake, including intelligence gathering, monitoring ticket queues, investigating reported incidents, and liaising with security and network groups. Team Leadership & Mentorship: Monitor the performance of Level 1 and Level 2 analysts by thoroughly investigating incoming events using CSOC tools. Ensure timely resolution of Level 1 and Level 2 events through available reporting and metrics. Approve and, if necessary, further investigate Level 1 and Level 2 escalated events. Mentor and guide Level 1 and Level 2 analysts to enhance their detection capabilities within the CSOC. Expert Analysis & Research: Function as a Subject Matter Expert (SME) in incident detection and analysis techniques, offering guidance to junior analysts and strategic recommendations to organizational managers. Conduct security research and intelligence gathering on emerging threats and exploits. Investigate new vulnerabilities and share the latest industry-level responses and best practices. Risk Management & Consulting: Perform risk assessments and develop mitigation strategies. Provide network and security consulting and training to internal teams. Operational Excellence & Business Continuity: Monitor overall SOC performance. Serve as a backup analyst for potential coverage gaps to ensure seamless business continuity. Stakeholder Engagement: Liaise effectively with various internal and external stakeholders during incident response. Additional Responsibilities: Perform other auxiliary cybersecurity responsibilities as required. Required Skills and Qualifications: Education: B.E / B-Tech / MCA / MSc. IT. Experience: Minimum 2 years of experience in SOC services, specifically conducting security device administration & management. Minimum 2 years of hands-on experience with SIEM tools and other security tools. Certifications (at least one of the following): Certification in at least one industry-leading SIEM product (e.g., Splunk Certified Admin/Architect, IBM QRadar Certified Analyst/Administrator, Arc Sight Certified Analyst/Administrator, Microsoft Azure Sentinel certifications). Certification in ISO 27001:2013 or later version.

Position Title: SOC Level 2 Analyst Job Description: Overview: As a SOC Level 2 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security incidents and threats within our organizations environment. You will work closely with SOC Level 1 analysts, as well as other cybersecurity professionals, to ensure the integrity, confidentiality, and availability of our systems and data. Responsibilities : Security Monitoring and Analysis:Monitor security event alerts generated by various security systems, including QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms.Analyze security events to identify potential security incidents or anomalies that may pose a risk to the organization. Incident Triage and Investigation:Triage incoming security alerts based on their severity and potential impact on the organization.Conduct preliminary investigations to determine the nature and scope of security incidents.Gather and analyze evidence, including logs, network traffic, and system artifacts, to identify indicators of compromise (IOCs). Incident Response and Mitigation:Assist in the containment, eradication, and recovery phases of security incidents. Follow established incident response procedures and workflows to ensure timely and effective response to security threats.Collaborate with other members of the SOC team and relevant stakeholders to coordinate incident response efforts. Threat Intelligence Analysis:Stay informed about the latest cyber threats, vulnerabilities, and attack techniques by analyzing threat intelligence feeds and reports.Use threat intelligence to enhance the organizations detection capabilities and proactively identify emerging threats. Documentation and Reporting:Maintain accurate and detailed records of security incidents, including timelines of events, actions taken, and findings.Prepare incident reports and post-mortems to document the outcomes of security incidents and lessons learned.Ensure that all documentation complies with internal policies and regulatory requirements. Continuous Improvement:Participate in ongoing training and professional development activities to enhance knowledge and skills in cybersecurity. Provide feedback and suggestions for improving SOC processes, procedures, and tools.Stay abreast of industry best practices and emerging technologies in cybersecurity. Qualifications : Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in a cybersecurity role, preferably in a SOC environment. Strong understanding of cybersecurity principles, concepts, and technologies.Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS).Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus.

About The Role We’re hiring Software Development Engineers (SDEs) to join our product engineering team. You will play a pivotal role in building secure, reliable integrations with platforms such as SOAR, SIEM and TIP , amongst others. If you enjoy working at the intersection of engineering and cybersecurity, this is a chance to work on real-world problems with direct industry impact. This is a hands-on development role with a strong emphasis on ownership, problem-solving, and scalability. What You’ll DO Design and develop backend systems and integrations with external APIs (e.g., threat intelligence, dark web monitoring). Build data ingestion pipelines for cloud-based SIEM platforms such as MS Sentinel, Google Chronicle, Palo Alto, etc. Write clean, maintainable, and testable code following best practices. Collaborate with product owners, architects, and cross-functional teams to translate requirements into technical solutions. Participate in code reviews, system design discussions, and deployment planning. Take ownership of features from development to deployment and maintenance. Maintain detailed documentation of the developed components and APIs Must-Have What You’ll Need: Strong programming skills in Python, PHP (Node.js or Go is a plus). Experience developing APIs and working with third-party REST APIs. Familiarity with event-driven architecture, message brokers (e.g., Kafka, Redis), and asynchronous processing. Knowledge of relational and NoSQL databases (PostgreSQL, MongoDB, etc.). Proficiency with containers and CI/CD tools (Docker, GitHub Actions, etc.). Understanding of cybersecurity concepts, especially around threat intelligence or log analysis. Nice-to-Have Experience integrating with SIEM/SOAR platforms such as Sentinel, Splunk, XSOAR, QRadar, ServiceNow. Exposure to Threat Intelligence feeds (STIX/TAXII, MISP, AlienVault, etc.). Knowledge of cloud security tools and platforms (AWS Security Hub, Azure Defender, etc.). Familiarity with security automation and orchestration workflows. Prior contributions to cybersecurity products or platforms. Strong debugging and problem-solving skills. About Cyble Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone. At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.

Your role This position is responsible for administering the Splunk platforms for enterprise Security Information and Event Management (SIEM). The role involves working with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Maintain all components of a distributed SPLUNK infrastructure including indexer clusters, search head clusters, and deployment servers. Provide overall management of the SPLUNK platform. Standardize SPLUNK forwarder deployment, configuration, and maintenance across Unix and Windows platforms. Troubleshoot SPLUNK server and forwarder problems and issues. Assist internal users in designing and maintaining production-quality dashboards. Monitor the SPLUNK infrastructure for capacity planning. Implement change requests and engineering tasks. Lead technical discussions in customer governance calls. Participate in technical audits. Identify opportunities for automation, standardization, and stabilization. Prepare/update/review run books, SOPs, and knowledge articles. Plan, prepare, and execute change processes and implementations. Perform OS-level performance monitoring and troubleshooting. Monitor and troubleshoot application and database layers (e.g., Apache, Tomcat, MySQL). Administer and maintain a 24/7 highly available Splunk environment. Work closely with clients, technicians, and managerial staff. Experience with Databricks, Kafka, and NiFi is an added advantage. Your profile Splunk Administrator with 4 to 8 years experience Dashboards, reports creation and Monitoring Experience with Splunk Phantom as well, would be given preference Work location Bengaluru,Mumbai,Pune & Hyderabad What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Your role Monitor network security events and take action per security policy. Analyze incidents, raise tickets, and assign to resolver teams. Perform health checks of security tools and vulnerability assessments. Create and review daily/weekly/monthly dashboards and reports. Act as escalation point for L1/L2 analysts and backup for SOC Manager. Develop and fine-tune SIEM use cases. Participate in Change Control Board and infrastructure design reviews. Coordinate and implement security-related changes in line with policies. Identify and remediate rogue, unpatched, or unauthorized systems. Support incident response, maintain logs, and assist in investigations. Your profile SIEM ToolsIBM QRadar, ArcSight, RSA Envision, Nitro Security with 4 to 9 years of experience Vulnerability ManagementNessus, Qualys Guard Malware Protection & Anti-Spam Web Filtering, Content Filtering PKI, Forensic Analysis Work location Pan India and preferred location is Bengaluru What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Job requisition ID :: 85200 Date: Jul 14, 2025 Location: Hyderabad Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities & Desired qualifications We are seeking an experienced and proactive L2 SOC Analyst with expertise in SOAR Playbook development. The candidate will be responsible for managing, developing, and enhancing automation and orchestration workflows within SOAR. Key Requirements: Develop and maintain playbooks in SOAR for automated threat detection and response. Integrate various security tools (SIEM, EDR, threat intel feeds, etc.) into SOAR. Create custom automations/scripts using Python and XSOAR’s automation engine. Tune and optimize existing playbooks for performance, accuracy, and false positive reduction. Document playbook logic, automation scripts, and incident handling procedures. Provide mentorship and support to L1 analysts and contribute to SOC knowledge sharing. Strong hands-on experience with Cortex XSOAR and playbook development. Familiarity with Python scripting for automation in SOAR. Working knowledge of SIEM tools (e.g., Splunk, QRadar, Elastic). Good understanding of cybersecurity concepts: malware, phishing, MITRE ATT&CK, etc. Strong analytical and problem-solving skills. Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: Knowledge of incident response frameworks (NIST, SANS). SOAR Certified Automation Engineer. Location and way of working Base location: Hyderabad Professional is required to work from office Your role as Senior Execuive We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

We are seeking a skilled and experienced Data Loss Prevention (DLP) professional to join our growing team. In this role, you will be instrumental in designing, implementing, and managing robust DLP strategies for our diverse client base. Location: Bangalore, Mumbai, Gurgaon, Noida, Key Responsibilities: Design, configure, and fine-tune Data Loss Prevention (DLP) policies and rules. Manage DLP incidents from detection through investigation and resolution. Conduct continuous monitoring and analysis of DLP alerts and system performance. Collaborate with clients to understand their data protection needs and implement effective DLP solutions. Provide expertise in DLP technologies and best practices. Develop and maintain documentation related to DLP configurations and procedures. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Information Systems, or a relevant field. Overall Experience: 6-8 years in Information Security, with 4-7 years specifically in Data Security, Privacy, and Information Security roles. DLP Experience: Hands-on experience (2-3 years) in managing privacy and data protection programs or providing consulting services in these areas. Technical Proficiency: Proven hands-on experience with leading DLP tools and technologies such as Symantec DLP, Forcepoint DLP, Microsoft Information Protection, and Microsoft Purview. Policy Management: Expertise in DLP policy configuration, incident monitoring, investigation, and resolution. Regulatory Knowledge: Strong understanding of relevant legal and regulatory requirements, including IT Act 2000, GDPR, BS10012, India's Data Protection Act, DADP Act, and other country-specific data protection acts (especially across Middle East Countries). Communication: Excellent written and verbal communication skills, strong interpersonal and collaborative abilities, and the capacity to articulate privacy, security, and risk concepts to both technical and non-technical audiences. Analytical & Project Management Skills: Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, and thrive in a demanding, dynamic environment. Demonstrated project management skills, including scheduling and resource management. Discretion: Ability to handle sensitive information with utmost discretion and professionalism. Certifications: Required: Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP). Good to have: Certified Data Privacy Solutions Engineer (CDPSE), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH).