890 Qradar Jobs - Page 12

As a seasoned Technology Leader specializing in Cybersecurity, you will be responsible for developing and executing a comprehensive technology roadmap for both Operational Technology (OT) and Information Technology (IT) cybersecurity solutions. Your role will involve aligning technology initiatives with business goals, industry standards, and market opportunities. You will lead the design and management of enterprise-grade cybersecurity platforms such as Splunk, QRadar, and similar systems, ensuring seamless integration across diverse OT and IT environments. Innovation is at the core of this role, where you will drive the design and development of advanced cybersecurity platforms and tools including Security Information and Event Management (SIEM), Extended Detection and Response (XDR), next-gen firewalls, and secure networking solutions. Your focus will be on addressing the unique challenges of OT/IT environments, encompassing threat detection, incident response, and compliance. You will define technology strategies for cybersecurity solutions, emphasizing scalability, efficiency, and future-readiness to support high-performance security operations globally. Building partnerships and collaborations will be key, as you foster relationships with technology providers, Original Equipment Manufacturers (OEMs), and other stakeholders to enhance the company's offerings. You will ensure seamless interoperability and integration of solutions across various platforms and ecosystems. Your role will also involve establishing and maintaining technology standards and best practices for OT/IT cybersecurity, along with monitoring and managing the adoption of emerging technologies to maintain a competitive edge and address evolving threats. Providing technical oversight for cybersecurity frameworks to ensure the protection of critical infrastructure will be crucial. Collaboration with delivery and operations teams will be essential to implement cutting-edge security measures effectively. To excel in this role, you should hold a Bachelor's or Master's degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles, particularly focusing on cybersecurity solutions. Expertise in platform development, such as Splunk, QRadar, and industrial control systems, is required. Strong leadership skills, innovative thinking, and a strategic mindset are essential to drive success in this dynamic and challenging environment.,

Noida,Uttar Pradesh,India Job ID 763123 Join our Team Our Exciting Opportunity We are now looking for a Security Engineer professional. This job role is responsible for tracking, coordination, support, management, and execution of security related activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. What you will do, Incident Management Respond after hours (on-call support) Coordinate and conduct event collection, log management, event management, and compliance automation Respond to day-to-day security change requests related to security operations Conduct security research and intelligence gathering on emerging threats and exploits Create new rules based on identified scenarios Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity Security analysis (networking devices and operating systems, endpoint analysis, network attacks) Work with the various Technical Authority teams to respond to and resolve security incidents effectively and quickly Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets Tools Integration Integration of nodes to security tools (SIEM, VA, IAM, etc.) Deploy content (policies, signatures, parsers or rules) for the security infrastructure Vendor Communications Work with SIEM, IPS/IDS, IAM vendors for application related issues Process Improvement Mentor level 1 analysts to improve detection capability within the SOC Prepare Use Cases & MOPs on identified scenarios Create, maintain and improve technical operational work instructions Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities Governance and Reporting Business intelligence reporting based on SOC and customer needs Identify and report risks related to security Perform periodic reporting and when applicable, present to management and/or the customer’s security team To be successful in this role, you must have: Strong knowledge of information security Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, along with available security controls (technical & process controls) for respective layers Key Qualifications: Graduate in Computer Science or similar 5 to 11 years' experience with at least 2 years of experience in IT and 2 years in security ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage

Key Responsibilities Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired Qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications T&T - Cyber | Deputy Manager IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working : Base location: Mumbai/Navi Mumbai Professional is required to work from office Your role as Consultant/Sr Consultant. (ref:hirist.tech)

Dear Candidate, TCS has always been a proud pioneer in nurturing tech talent like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role: Presales Security Consultant Desired Skill Set Any: Cybersecurity Presales, Technical Pre-sales support, Security Engineering, Presales Solution Development Experience Range: 12+ years Joining Location: PAN India Job Description: 1. Experience in responding to RFP/RFI/RFQ (Proposal writing, Solution creation, effort estimation, content writing) and customer defense presentations etc is preferred. 2. Candidates having proven track record in Cyber security Pre-Sales support / solution development/Solution Architect role in any two of the below areas: a. SOC/MDR/EDR/XDR solutions using (i.e. Sentinel, QRadar, Splunk, Rapid-7 , Google Chronical, LogRhythm SIEM/SOAR Threat Intel etc) b. Vulnerability Management for Infrastructure and Application Security (VAPT, SAST, DAST, SCA, Penetration Testing, Red Teaming, Threat Hunting) c. Network Security – ZTNA, Firewalls/IDS/IPS, Automation, WAF Management, Micro segmentation, DDoS etc d. Data protection (DLP) endpoints/ network / Cloud e.g. MS purview, force point, Proofpoint, Trellix, Symantec e. Identity and Access Management - IGA, WAM, PAM, SSO, MFA etc using Azure AD, CyberArk, SailPoint, Ping Identity, Okta etc f. Experience in solution development in Cloud Security / Governance, Risk and Compliance (GRC) 3.Lead end-to-end Security conversations, shares best practices and key competitor knowledge across solution areas, and evaluates opportunities to make recommendations on pursuit or withdrawal. 4. Understand customer’s cybersecurity initiatives, compete landscape as well as gaps between current and desired cybersecurity posture. Capture the opportunity of customers journey to balance the need for cybersecurity and employee productivity with the right process and visibility. Demo and whiteboard the cybersecurity solutions and the relevant security architecture. Lead and orchestrate to drive an end-to-end value selling from discovery to demonstrating and proving business value. 5. Engage cybersecurity partners to help scale and accelerate the sales cycle 6. Construct and present tailored presentations/proposals to clients based on their requirements Qualifications: 1.Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field 2.12+ years of experience in cyber security, with a focus on security engineering or technical pre-sales support 3.Relevant certifications (e.g., CISSP, CISM, CEH, or similar) are a plus Thanks & Regards, Priscilla Nancy D HR TAG – Cyber Security Tata Consultancy Services

About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. Role Description: The SOC Tier 2 Analyst serves as the primary escalation point for the Tier 1 SOC team, responsible for advanced threat detection, investigation, and incident response coordination. This role acts as a technical lead, ensuring that security incidents are properly triaged, investigated, and remediated while continuously improving security operations processes. The SOC Tier 2 Analyst plays a critical role in cybersecurity defense, supporting real-time monitoring, forensic analysis, and threat hunting. They will assist incident responders across all lifecycle phases, from detection to post-incident reviews, and contribute to SOC process optimizations. Roles & Responsibilities: Act as the primary escalation point for SOC Tier 1 analysts, providing technical expertise and guidance in incident handling. Perform deep-dive analysis of security events, leveraging SIEM, EDR, IDS/IPS, and other security tools. Identify common attack techniques (MITRE ATT&CK framework) and investigate anomalies to detect advanced persistent threats (APTs). Assist in security incident response, leading containment, eradication, and recovery efforts. Conduct artifact analysis to determine the root cause and scope of security incidents. Collaborate with Threat Intelligence and Threat Hunting teams to improve detection rules and incident response playbooks. Develop and refine SOC standard operating procedures (SOPs) to enhance security event triage and response. Work with engineering teams to fine-tune security controls and improve overall SOC efficiency. Mentor and train Tier 1 analysts to improve SOC maturity and ensure effective knowledge transfer. Support security audits, compliance initiatives, and reporting efforts as required. Basic Qualifications and Experience: Master’s degree in Information Technology or Cybersecurity OR Bachelor’s degree with 1 year of experience in Security Operations or related field OR Diploma with 2 years of experience in Security Operations or a related field Functional Skills: Must-Have Skills: Strong understanding of SOC operations, including event triage, escalation, and investigation. Experience analyzing cybersecurity threats and understanding attacker TTPs (Tactics, Techniques, and Procedures). Proficiency in security tools such as SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, Defender ATP), IDS/IPS, and firewall logs. Experience in incident response across all phases (detection, containment, eradication, recovery). Knowledge of Windows and Linux security, including log analysis, PowerShell, and Bash scripting. Good-to-Have Skills: Experience in 24/7 SOC operations and shift leadership. Knowledge of forensic tools (Volatility, Autopsy, FTK) and malware analysis techniques. Understanding of cloud security monitoring (AWS, Azure, GCP). Familiarity with MITRE ATT&CK, NIST Cybersecurity Framework, and CIS controls. Threat hunting experience to proactively detect unknown threats. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) GCFA (preferred) MTA Security Fundamentals (preferred) CISSP (preferred) Soft Skills: Strong communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing. EQUAL OPPORTUNITY STATEMENT Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Functional Competencies 1. Security Monitoring (Threat Monitoring, Detection and Response). 2. Security and Vulnerability Assessments. 3. Security Incident Management. 4. Identity and Access Management. Job Duties & Responsibilities 1. Applying subject expertise in evaluating business operations and processes. 2. Identifying areas where technical solutions would improve business performance. 3. Consulting across business operations, providing mentorship, and contributing specialized knowledge. 4. Recommending technical solutions and determining software development requirements. 5. Providing subject expertise and guidance to Security Analysts, Leads. 6. Overseeing the development, testing, and implementation of technical solutions. 7. Determining whether technical solutions meet defined requirements. 8. Verifying technical reference information, including user guides, training manuals, and system requirements. 9. Ensuring accurate representation of expertise prior to the distribution of technical solutions to end-users. 10. Documenting processes and disseminating information to all relevant stakeholders. 11. Conducting thorough research to stay updated on changes in their field of expertise. 12. Contributing to the development of policies and procedures relevant to their area of expertise. Special and Other duties 1. Prepare various reports for management decision making. 2. Perform other functions as assigned by the Chief Information Security Officer or Management. 3. Manage Subordinates performance and conduct formal appraisal. Competency Requirement Education or Academic Qualification 1. Bachelors degree in computer science or related streams. 2. NFQ Level 7+ Work Exposure or Professional Experience 1. Minimum 7 years of relevant experience in Information Security with at least 5 years in Security Operations. 2. Professional certification like CISSP, CISM, ISO27001, CEH. 3. Advanced ability to recommend and implement technical solutions for cross-functional projects. 4. Knowledge of systems and software engineering to optimally integrate subject expertise in software solution designs. 5. Excellent recordkeeping, as well as written and verbal communication skills. 6. Thorough understanding of the latest security principles, techniques, and protocols. 7. Problem solving skills and ability to work under pressure. Skills required (Soft & Technical) 1. Security Operations, Security Architecture. 2. Knowledge of Security Portfolio and Operations.

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Job description We are seeking a motivated and detail-oriented Cybersecurity Intern to join our security team. You will assist in monitoring, analyzing, and improving the security posture of our systems and networks. This internship is an excellent opportunity to gain real-world experience in threat detection, security tools, and incident response in a professional environment. Qualification Any Degree/Diploma/+2 Key Responsibilities Assist in monitoring network activity for suspicious behavior or unauthorized access.

Key Skills: Cybersecurity, Incident Response, SIEM, SOAR, MDR, Threat Hunting, Python, Bash, SQL, AWS, Azure, GCP, MITRE ATT&CK, Splunk, QRadar, CrowdStrike, Microsoft Defender, Palo Alto, Datadog. Roles & Responsibilities: Investigate security incidents related to network traffic, IAM violations, and unauthorized access. Analyze security detection rules, alerts, and correlation logic to identify malicious activities. Conduct threat hunting activities to proactively identify potential threats within the environment. Participate in incident response efforts, including containment, eradication, and recovery. Collaborate with the software development & SRE teams. Onboard customers and guide them through integration with MDR platforms. Ensure customer satisfaction and provide strategic security recommendations. This is a fully onsite role that requires high availability and proactive engagement. On-call/rotational work required. Experience Requirement: 3-8 years of experience in cybersecurity operations and advanced threat detection. Experience with SIEM platforms, Security orchestration platforms (SOAR), or specialized MDR providers such as Splunk, QRadar, CrowdStrike Falcon, Datadog, SentinelOne, Microsoft Defender, Palo Alto Cortex XDR, Panther, etc. Experience with threat hunting methodologies. Experience with databases and SQL. Scripting experience with Python and Bash. Ability to work in a team and in a 24/7 environment. Good written and verbal communication skills. MITRE ATT&CK framework knowledge is a plus. Cybersecurity certifications are a plus. Education: Any Graduation.

The Impact you will have in this role: Qualifications: Minimum of 6 years of related experience Bachelor's degree preferred or equivalent experience Talents Needed for Success:

DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (Onsite Tuesdays, Wednesdays and a third day of your choosing) The impact you will have in this role: We are seeking a dedicated and skilled Lead IT Security Engineer to join our team. The ideal candidate will have a strong background in network security, cloud technologies, and hands-on experience with Zscaler products. As a Lead Zscaler Security Engineer, you will be responsible for providing technical support and ensuring the smooth operation of Zscaler solutions. Your Primary Responsibilities: Provide technical support for Zscaler products (ZIA, ZPA, ZDX), including troubleshooting and resolving issues. Monitor and maintain the health and performance of Zscaler solutions. Collaborate with support teams to understand their technical needs and provide effective solutions. Assist in the deployment and configuration of Zscaler products. Conduct root cause analysis for recurring issues and implement preventive measures. Document technical issues and solutions for knowledge sharing and future reference. Stay up to date with the latest Zscaler features, updates, and industry trends. Work closely with the engineering and product teams to escalate and resolve complex issues. **NOTE: The Responsibilities of this role are not limited to the details above. ** Qualifications: Bachelor's degree and/or equivalent experience Minimum 5 years of Cybersecurity related experience Talents Needed for Success: Hands-on experience with Zscaler products (ZIA, ZPA, ZDX). Strong understanding of networking protocols and security best practices. Strong communication and interpersonal skills, including the ability to build relationships with key stakeholders. Strong critical thinking and problem-solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity. Ability to work independently and manage multiple tasks simultaneously. Experience in managing Data Protection Technologies: Endpoint & Web DLP, CASB Network Security: Secure Web Gateways, Secure Access Secure Edge (SASE), Firewalls, IDS/IPS technologies

India - Hyderabad JOB ID: R-208858 ADDITIONAL LOCATIONS: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jul. 14, 2025 CATEGORY: Information Systems ABOUT AMGEN Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. Role Description: The SOC Tier 2 Analyst serves as the primary escalation point for the Tier 1 SOC team, responsible for advanced threat detection, investigation, and incident response coordination. This role acts as a technical lead, ensuring that security incidents are properly triaged, investigated, and remediated while continuously improving security operations processes. The SOC Tier 2 Analyst plays a critical role in cybersecurity defense, supporting real-time monitoring, forensic analysis, and threat hunting. They will assist incident responders across all lifecycle phases, from detection to post-incident reviews, and contribute to SOC process optimizations. Roles & Responsibilities: Act as the primary escalation point for SOC Tier 1 analysts, providing technical expertise and guidance in incident handling. Perform deep-dive analysis of security events, leveraging SIEM, EDR, IDS/IPS, and other security tools. Identify common attack techniques (MITRE ATT&CK framework) and investigate anomalies to detect advanced persistent threats (APTs). Assist in security incident response, leading containment, eradication, and recovery efforts. Conduct artifact analysis to determine the root cause and scope of security incidents. Collaborate with Threat Intelligence and Threat Hunting teams to improve detection rules and incident response playbooks. Develop and refine SOC standard operating procedures (SOPs) to enhance security event triage and response. Work with engineering teams to fine-tune security controls and improve overall SOC efficiency. Mentor and train Tier 1 analysts to improve SOC maturity and ensure effective knowledge transfer. Support security audits, compliance initiatives, and reporting efforts as required. Basic Qualifications and Experience: Master’s degree in Information Technology or Cybersecurity OR Bachelor’s degree with 1 year of experience in Security Operations or related field OR Diploma with 2 years of experience in Security Operations or a related field Functional Skills: Must-Have Skills: Strong understanding of SOC operations, including event triage, escalation, and investigation. Experience analyzing cybersecurity threats and understanding attacker TTPs (Tactics, Techniques, and Procedures). Proficiency in security tools such as SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, Defender ATP), IDS/IPS, and firewall logs. Experience in incident response across all phases (detection, containment, eradication, recovery). Knowledge of Windows and Linux security, including log analysis, PowerShell, and Bash scripting. Good-to-Have Skills: Experience in 24/7 SOC operations and shift leadership. Knowledge of forensic tools (Volatility, Autopsy, FTK) and malware analysis techniques. Understanding of cloud security monitoring (AWS, Azure, GCP). Familiarity with MITRE ATT&CK, NIST Cybersecurity Framework, and CIS controls. Threat hunting experience to proactively detect unknown threats. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) GCFA (preferred) MTA Security Fundamentals (preferred) CISSP (preferred) Soft Skills: Strong communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing. EQUAL OPPORTUNITY STATEMENT Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Company Description Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid. Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa. Job Description The Associate Cybersecurity Analyst - Engineering & Operations is primarily responsible to monitor, analyze, and resolve onprem and cloud network security devices, security tools, and systems issues. This position will manage technical support requests directly from users as well as prioritize escalations from other team members and field engineers. Our engineers are responsible for maintaining application uptime and improving their computing experiences through effective maintenance, problem identification and resolution activities. The position requires an in-depth understanding of how logical and physical connectivity issues can affect network and systems security posture and transaction quality. Essential Functions: Monitor, analyze, and resolve network/cloud security devices, systems, and tools incidents Troubleshoot issues stemming from configurations on platforms such as firewalls including web application firewalls, proxies, distributed denial of service systems, data labeling and loss systems, and host-based security controls Follow both work instruction playbooks and runbook automations activities. Provide feedback to modify and suggest changes to work instructions for similar impacting events Understand and work within established Service Level Agreements (SLA) to ensure timely response Support and promote Visa’s Cybersecurity operation standards and excellence Continuous improvement of core functions expected from Cybersecurity Operations Center Track, update, and resolve all assigned incidents, changes, and problem reports in the incident management system, ensuring that documentation is thorough, accurate, and meets a standard of high quality Follow documented support procedures, managing each issue through resolution or turnover to maintain established service levels Solicit feedback of documented procedures to accurately record resolution and ensure client satisfaction Measure and review work instructions for accuracy of execution and to drive toward objective response and restoration time frames. Review and solicit improvements through second level support groups and peers Maintain and achieve new technical skills through in-house or external trainings by engineering or higher-level support teams Modify and create work instructions or Recipes to prepare for similar impacting events and allow for a quicker response. Constantly review work instructions for accuracy and ask for improvements through second level support groups Lead, support, or contribute based on various incident bridges stewardship in support of timely resolution of internal issues Proactively monitor, recognize, analyze, isolate and/or resolve documented hardware and software problems utilizing a variety of hardware and software testing techniques Articulate problem statements with clarity. Consult with L2 support groups or development teams to drive toward long-term restoration and resolution of incidents Responsible for the internal and external communication of issues to management, other internal support groups, customer pages, email broadcasts, or verified phone calls This position involves shift work with 9 hour shifts between 7 AM and 7 PM based on the published schedule, to cover work 365 days a year. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager. Qualifications Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience Work experience or training as a Network/Security Operations Engineer, network/security support analyst or experience across multiple technologies such as firewalls including web application firewall, proxies, distributed denial of service systems, data labeling and loss systems Understanding of network monitoring concepts and management tools. Knowledge of systems, application, and fault monitoring toolsets namely Indeni, Splunk, Moloch, QRadar, Solarwinds, NetCool, or other similar platforms Functional understanding of packet and protocol from firewall/and other systems through tools such as Wireshark to support troubleshooting activities Demonstrate knowledge of native cloud-based security monitoring tools. General knowledge of networking and routing topology, cybersecurity frameworks, constructs and auditable standards Communicate effectively throughout the incident management process to ensure that all communications are timely and accurate, as per documented process Understanding, proficiency, or certification of Information Technology Infrastructure Library (ITIL) concepts, preferably with Knowledge of ServiceNow or other incident and change management tools Familiarity of payment transaction message flows and the diverse types of exceptions that could be encountered resulting in client impacts such as message delivery outages, theft, or fraud. Possess the background, experience, or skills to maintain both central and distributed firewall platforms such as Provider-1, Panorama management and logging infrastructures. MS Office suite functional use Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Key Responsibilities Design and manage WAF rules to prevent application attacks (SQLi, XSS). Configure and optimize load balancers for security and performance. Migrate and revamp firewalls with minimal downtime and improved policy structure. Perform security assessments vulnerability scanning and penetration testing. Collaborate with SOC teams to investigate and respond to threats. Coordinate with ISPs/vendors for upgrades and threat mitigation. Maintain documentation policies, configurations, incident reports, and MIS reports. Guide and mentor team members on technical requirements. Handle risk analysis, OEM escalations, and critical issue resolution. Interact effectively with customers and vendors. Key Skills Expertise Web Application Firewall (WAF): Hands-on experience with F5 ASM, Imperva, FortiWeb deployment, configuration, and management. Load Balancer: Proficiency in F5 LTM/GTM, Radware ADC optimization and troubleshooting. Firewall Management: Experience with Palo Alto, FortiGate, Cisco Firepower revamp, migration, rule optimization. Network Security Concepts: Strong knowledge of Zero Trust, DDoS protection, SSL/TLS, IDS/IPS. Secure Network Design: LAN/WAN segmentation, DMZ, VPN, NAC implementations. Cloud Security: Familiar with AWS, Azure, GCP Security Groups, NACLs, WAF, Cloud Firewalls. Container Security: Kubernetes, Docker microservices and container-level protection. SIEM Tools: Splunk, QRadar, ELK, RSA for threat detection and response. Automation: Ansible, Terraform for policy management and infrastructure as code. Incident Management: WAF/firewall/DDoS incident handling and RCA. Compliance: Awareness of PCI-DSS, OWASP Top 10, NIST standards. What We Need B.E/B.Tech (CSE/IT/EEE/ECE/EIE), MCA, M.Sc./MS in Computer Science. 7+ years in network security; 2+ years in firewalls/WAF/load balancers and 2+ years in application security. Led at least 23 full implementation projects as an individual contributor. Completed major migration/revamp of WAF/LB/Firewall. Strong communication, coordination, and problem-solving skills. Familiarity with ITIL/ITSM processes (incident/change management). Team player with leadership and mentoring capability. CCSP, F5-ASM, PCNSE, CCNP Security, CEH certification is a plus This job is provided by Shine.com

Seasoned Cybersecurity Presales Consultant Seasoned Cybersecurity Presales Consultant with 12+ years of experience in designing, presenting, and delivering enterprise-grade security solutions across diverse industry verticals, including BFSI, Government, Telecom etc. Experience in supporting the Govt Vertical is mandatory. Skilled at bridging customer requirements with best-fit cybersecurity architectures that align with Zero Trust, SASE, and regulatory compliance frameworks. Demonstrated ability to manage end-to-end presales lifecycle from requirement gathering, solution design, OEM coordination, POC delivery, pricing strategy, to RFP/RFI compliance and executive-level presentations. Expertise in working with top-tier OEMs such as Fortinet, Cisco, Palo Alto, Check Point, CrowdStrike, Microsoft, Sophos, Trend Micro, and Competencies Cybersecurity Presales & Solution Architecture RFP/RFI Response Management & Bid Compliance Zero Trust / SASE / NIST Framework Mapping Enterprise & Cloud Security Architecture OEM and Partner Engagement Strategy Cost Optimization & Licensing Advisory Technical Workshops, Demos & POCs CXO Presentations & Deal Area Expertise Network Security NGFW, IPS/IDS, VPN, SD-WAN, Segmentation, NAC Endpoint Security EDR, DLP, Patch Management, Application Control Identity & Access AD, LDAP, MFA, IAM, PAM, SAML, OAuth SOC & Threat Analytics SIEM (Securonix, Splunk, IBM QRadar), SOAR, UEBA, Threat Intel, MITRE ATT&CK Cloud Security CASB, CWPP, CSPM, Cloud Firewall, Cloud WAF, CNAPP Compliance Support - ISO 27001, NIST CSF, CERT-In, RBI, IRDA, HIPAA, GDPR Key Responsibilities Presales Lifecycle Management: Lead end-to-end presales activities requirement gathering, solution design, OEM engagement, POC implementation, pricing, RFP/RFI response, and CXO-level presentations. Solution Architecture: Design customer-centric cybersecurity architectures encompassing network, endpoint, cloud, identity, SOC, and compliance solutions. Government Engagement: Proven track record of working with Government entities, including compliance with regulatory mandates such as CERT-In, RBI, and IRDA. Zero Trust & SASE: Map client requirements to Zero Trust and SASE architectures. Align proposals to NIST, ISO?27001, GDPR, HIPAA, and other regulatory standards. OEM & Partner Strategy: Manage relationships with top-tier OEMsFortinet, Cisco, Palo Alto, Check Point, CrowdStrike, Microsoft, Sophos, Trend Micro, and Securonixto design best-fit solutions and optimize licensing. POCs & Workshops: Conduct technical workshops, product demos, and proof-of-concepts to validate and demonstrate solution effectiveness. (ref:hirist.tech)

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are looking for an experienced Cloud Security Lead with deep technical expertise in Zscaler (ZIA/ZPA) and Fortinet security solutions. The ideal candidate will play a key role in architecting, implementing, and managing secure cloud on-prem and internet access strategies, supporting enterprise-wide digital transformation and security posture enhancement. Responsibilities: Zscaler Security Operations • Design, implement, and manage Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. • Configure SIPA (Secure Internet & Private Access) policies for optimized secure remote and internet access. • Perform regular reviews, audits, and optimization of Zscaler configurations to align with industry best practices. • Provide technical support and guidance to L1 and L2 teams for Zscaler-related issues. • Stay up to date on Zscaler enhancements, threat intelligence, and security features to ensure proactive defense. Fortinet and Network Security • Implement and manage Fortinet firewall and security solutions for perimeter and cloud-based infrastructure. • Configure Fortinet firewalls to support SD-WAN, secure edge, and hybrid cloud environments. • Work closely with networking teams to design secure network topologies integrating Fortinet technologies. Cloud Security and Compliance • Design and assess cloud-native security architectures for AWS, Azure, or GCP environments. • Conduct cloud security assessments, vulnerability scans, and risk remediation. • Align security strategies with industry standards like ISO 27001:2022, SOC 2, HIPAA, GDPR, and CIS v3.0.0. • Assist in external security audits and privacy assessments related to cloud workloads. Collaboration and Strategy • Collaborate with cross-functional teams (Security, IT, DevOps, Engineering) to embed security into cloud and network initiatives. • Act as a Subject Matter Expert (SME) for Zscaler and Fortinet technologies in solution design and customer engagements. • Maintain documentation on security controls, configurations, SOPs, and incident response playbooks. Required Skills and Qualifications: Experience in network and cloud security domains. • Proven hands-on experience with Zscaler ZIA/ZPA design, implementation, and operations. • Strong working knowledge of Fortinet firewalls and FortiManager, FortiAnalyzer. • Experience with SD-WAN, SDN, VPNs, and secure web gateway technologies. • Strong understanding of network security principles, SIEM, threat intelligence, and incident response. Knowledge of cloud compliance standards and risk frameworks (NIST, CIS, ISO). • Excellent communication skills and ability to work in cross-functional environments. • Strong documentation, presentation, and stakeholder management skills. • Experience in SOC environment will be a plus Mandatory skill sets: Zscaler ZIA / ZPA / SIPA • Fortinet FortiGate / FortiManager / FortiAnalyzer • SIEM platforms (Splunk, QRadar, etc.) • Firewall platforms: Fortinet, Palo Alto, Check Point, Juniper • Security Frameworks: ISO 27001, NIST, CIS Controls, HIPAA, GDPR Preferred skill sets: Zscaler Certified Professional – ZIA/ZPA • Fortinet Certified Professional (FCP) • CISSP / CCSP / CISM • Cloud Security certifications (AWS/Azure/GCP Security Specialty) Years of experience required: 5-8 Years of experience Education qualification: Graduate Engineer or Management Graduate Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master Degree, Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Splunk Administration Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Analytical Thinking, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Creativity, Documentation Development, Embracing Change, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Learning Agility, Optimism, Performance Assessment, Performance Management Software {+ 16 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: BeyondTrust Developer/ BeyondTrust Support Key Skills: Vaulting, Session Management, Credential Rotation, AAPM, PRA, EPM, IAM Job Locations: Hyderabad Experience: 6 – 10 Years Budget: Based on your Experience Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: 2 Rounds of Technical Interview + Including Client round Job Description: JD for BeyondTrust Developer Skill: Deep hands-on expertise with BeyondTrust products: BeyondTrust Password Safe (Vaulting, Session Management, Credential Rotation, AAPM). BeyondTrust Privileged Remote Access (PRA) and Jumpoint architecture. BeyondTrust Endpoint Privilege Management (EPM) policy creation and troubleshooting. Strong understanding of Identity and Access Management (IAM) concepts: Authentication, Authorization, Single Sign-On (SSO), Multi-Factor Authentication (MFA). Roles and Responsibilities: · Ensure BeyondTrust deployments align with security best practices, compliance requirements (e.g., SOC 2, NIST, Zero Trust), and organizational policies. · Deeply understand and manage integrations between BeyondTrust products and other critical enterprise systems. · Troubleshoot complex integration issues with Identity Providers (IdPs) like Active Directory, Azure AD (Entra ID), Okta, Ping Identity, and other LDAP sources. · Work with SIEM/SOAR platforms (e.g., Splunk, Microsoft Sentinel, IBM QRadar) to ensure proper logging, alerting, and automated responses for BeyondTrust events. · Collaborate on integrations with ITSM tools (e.g., ServiceNow) for streamlined incident, problem, and change management workflows. · Develop and implement advanced monitoring strategies for BeyondTrust components to proactively identify performance bottlenecks, security anomalies, and potential failures. JD for BeyondTrust Support: Skills Deep hands-on expertise with BeyondTrust products BeyondTrust Password Safe (Vaulting, Session Management, Credential Rotation, AAPM). BeyondTrust Privileged Remote Access (PRA). BeyondTrust Endpoint Privilege Management (EPM) policy creation and troubleshooting. Experience in administration and maintenance of BeyondTrust components Thorough understanding of BeyondTrust integration with various platforms, such as different LDAP providers, Windows servers, UNIX servers, Databases and networking devices Knowledge of CyberArk PAM solutions Scripting skills: PowerShell is essential; Python or Bash is a plus for automation tasks. Basic understanding of SQL Server administration and querying. Strong understanding of modern cybersecurity principles, Zero Trust, and least privilege. Excellent problem-solving and communication skills to work cross-functionally with security, compliance, and IT teams. Prior experience with Agile practices such as Kanban or Scrum Roles and Responsibilities Support BeyondTrust solutions and services to securely manage privileged accounts and credentials across CUSTOMER platforms, systems and applications. Perform health check monitoring on all BeyondTrust severs to ensure consistent availability of system to end user. Troubleshoot and resolve technical issues related to BeyondTrust components and integrations. Monitor logs and events for Windows, UNIX and User identity management platforms to provide views of misuse or malicious activities. Participate in incident and response activities, including investigation and mitigation of security incidents involving privileged accounts. Interested Candidates please share your CV t o vamsi.v@people-prime.com

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: Splunk SIEM Engineer Key Skills: SIEM (Security Information and Event Management), Splunk Enterprise Security (ES), Linux,SIEM platforms, QRadar, ArcSight, SOAR, Splunk ITSI, Search Processing Language (SPL) Job Locations: Hyderabad, Bangalore, Chennai, Pune Experience: 6 – 8 Years Budget: 12 - 15 LPA Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: Online test followed by technical Evaluation 2 Rounds of Technical Interview + Including Client round Job Description: Interested Candidates please share your CV to pnomula@people-prime.com

Experience : 3+years. Location : Nagpur. Notice period : 30days. Mandatory skills : SOC, Qradar , Endpoint corwdstrike. Job Description Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing. Experience in Log source integration. Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate. Publish weekly reports to applicable teams. Generate monthly reports on SOC activity. Secondary skills : AV, HIPS, DCS, VA/ PT desirable. (ref:hirist.tech)

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are looking for an experienced Cloud Security Lead with deep technical expertise in Zscaler (ZIA/ZPA) and Fortinet security solutions. The ideal candidate will play a key role in architecting, implementing, and managing secure cloud on-prem and internet access strategies, supporting enterprise-wide digital transformation and security posture enhancement. Responsibilities: Zscaler Security Operations • Design, implement, and manage Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. • Configure SIPA (Secure Internet & Private Access) policies for optimized secure remote and internet access. • Perform regular reviews, audits, and optimization of Zscaler configurations to align with industry best practices. • Provide technical support and guidance to L1 and L2 teams for Zscaler-related issues. • Stay up to date on Zscaler enhancements, threat intelligence, and security features to ensure proactive defense. Fortinet and Network Security • Implement and manage Fortinet firewall and security solutions for perimeter and cloud-based infrastructure. • Configure Fortinet firewalls to support SD-WAN, secure edge, and hybrid cloud environments. • Work closely with networking teams to design secure network topologies integrating Fortinet technologies. Cloud Security and Compliance • Design and assess cloud-native security architectures for AWS, Azure, or GCP environments. • Conduct cloud security assessments, vulnerability scans, and risk remediation. • Align security strategies with industry standards like ISO 27001:2022, SOC 2, HIPAA, GDPR, and CIS v3.0.0. • Assist in external security audits and privacy assessments related to cloud workloads. Collaboration and Strategy • Collaborate with cross-functional teams (Security, IT, DevOps, Engineering) to embed security into cloud and network initiatives. • Act as a Subject Matter Expert (SME) for Zscaler and Fortinet technologies in solution design and customer engagements. • Maintain documentation on security controls, configurations, SOPs, and incident response playbooks. Required Skills and Qualifications: Experience in network and cloud security domains. • Proven hands-on experience with Zscaler ZIA/ZPA design, implementation, and operations. • Strong working knowledge of Fortinet firewalls and FortiManager, FortiAnalyzer. • Experience with SD-WAN, SDN, VPNs, and secure web gateway technologies. • Strong understanding of network security principles, SIEM, threat intelligence, and incident response. Knowledge of cloud compliance standards and risk frameworks (NIST, CIS, ISO). • Excellent communication skills and ability to work in cross-functional environments. • Strong documentation, presentation, and stakeholder management skills. • Experience in SOC environment will be a plus Mandatory skill sets: Zscaler ZIA / ZPA / SIPA • Fortinet FortiGate / FortiManager / FortiAnalyzer • SIEM platforms (Splunk, QRadar, etc.) • Firewall platforms: Fortinet, Palo Alto, Check Point, Juniper • Security Frameworks: ISO 27001, NIST, CIS Controls, HIPAA, GDPR Preferred skill sets: Zscaler Certified Professional – ZIA/ZPA • Fortinet Certified Professional (FCP) • CISSP / CCSP / CISM • Cloud Security certifications (AWS/Azure/GCP Security Specialty) Years of experience required: 5-8 Years of experience Education qualification: Graduate Engineer or Management Graduate Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master Degree, Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Splunk Administration Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Analytical Thinking, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Creativity, Documentation Development, Embracing Change, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Learning Agility, Optimism, Performance Assessment, Performance Management Software {+ 16 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are looking for an experienced Cloud Security Lead with deep technical expertise in Zscaler (ZIA/ZPA) and Fortinet security solutions. The ideal candidate will play a key role in architecting, implementing, and managing secure cloud on-prem and internet access strategies, supporting enterprise-wide digital transformation and security posture enhancement. Responsibilities: Zscaler Security Operations • Design, implement, and manage Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. • Configure SIPA (Secure Internet & Private Access) policies for optimized secure remote and internet access. • Perform regular reviews, audits, and optimization of Zscaler configurations to align with industry best practices. • Provide technical support and guidance to L1 and L2 teams for Zscaler-related issues. • Stay up to date on Zscaler enhancements, threat intelligence, and security features to ensure proactive defense. Fortinet and Network Security • Implement and manage Fortinet firewall and security solutions for perimeter and cloud-based infrastructure. • Configure Fortinet firewalls to support SD-WAN, secure edge, and hybrid cloud environments. • Work closely with networking teams to design secure network topologies integrating Fortinet technologies. Cloud Security and Compliance • Design and assess cloud-native security architectures for AWS, Azure, or GCP environments. • Conduct cloud security assessments, vulnerability scans, and risk remediation. • Align security strategies with industry standards like ISO 27001:2022, SOC 2, HIPAA, GDPR, and CIS v3.0.0. • Assist in external security audits and privacy assessments related to cloud workloads. Collaboration and Strategy • Collaborate with cross-functional teams (Security, IT, DevOps, Engineering) to embed security into cloud and network initiatives. • Act as a Subject Matter Expert (SME) for Zscaler and Fortinet technologies in solution design and customer engagements. • Maintain documentation on security controls, configurations, SOPs, and incident response playbooks. Required Skills and Qualifications: Experience in network and cloud security domains. • Proven hands-on experience with Zscaler ZIA/ZPA design, implementation, and operations. • Strong working knowledge of Fortinet firewalls and FortiManager, FortiAnalyzer. • Experience with SD-WAN, SDN, VPNs, and secure web gateway technologies. • Strong understanding of network security principles, SIEM, threat intelligence, and incident response. Knowledge of cloud compliance standards and risk frameworks (NIST, CIS, ISO). • Excellent communication skills and ability to work in cross-functional environments. • Strong documentation, presentation, and stakeholder management skills. • Experience in SOC environment will be a plus Mandatory skill sets: Zscaler ZIA / ZPA / SIPA • Fortinet FortiGate / FortiManager / FortiAnalyzer • SIEM platforms (Splunk, QRadar, etc.) • Firewall platforms: Fortinet, Palo Alto, Check Point, Juniper • Security Frameworks: ISO 27001, NIST, CIS Controls, HIPAA, GDPR Preferred skill sets: Zscaler Certified Professional – ZIA/ZPA • Fortinet Certified Professional (FCP) • CISSP / CCSP / CISM • Cloud Security certifications (AWS/Azure/GCP Security Specialty) Years of experience required: 5-8 Years of experience Education qualification: Graduate Engineer or Management Graduate Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master Degree, Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Splunk Administration Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Analytical Thinking, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Creativity, Documentation Development, Embracing Change, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Learning Agility, Optimism, Performance Assessment, Performance Management Software {+ 16 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date