891 Qradar Jobs - Page 15

Experience : 4+ years. Location : Mumbai/Nagpur. Notice period : 30 days. Mandatory skills : SOC, Qradar, Endpoint Crowdstrike. Job Description Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing. Experience in Log source integration. Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate. Publish weekly reports to applicable teams. Generate monthly reports on SOC activity. Secondary skills : AV, HIPS, DCS, VA/ PT desirable. (ref:hirist.tech)

Description Key Responsibilities: Advanced incident investigation: Conduct deep-dive investigations into complex security alerts and incidents, correlating events across multiple security tools and logs (SIEM, EDR, network logs, cloud logs). Incident response leadership: Lead containment, eradication, and recovery efforts for security incidents, collaborating with IT, engineering, and other teams. Threat hunting: Proactively search for threats within our environment using threat intelligence, hypotheses, and advanced analytical techniques. Root cause analysis: Perform root cause analysis for security incidents and recommend preventative measures to enhance our defenses. Threat Hunting: Exercises and proactive detection activities. Stay updated on emerging threats, vulnerabilities, attack techniques, and security news Vulnerability Management: Conduct regular vulnerability scans and assessments using industry-standard tools and ASPM. Analyze scan results to identify and classify security vulnerabilities, understanding their potential impact and exploitability. Develop playbooks: Contribute to the creation and refinement of incident response playbooks, runbooks, and standard operating procedures, including SOAR. Security tool optimization: Recommend and assist with the configuration, tuning, and optimization of SIEM rules, EDR policies, and other security controls. Threat intelligence integration: Integrate and operationalize threat intelligence (IOCs) and TTPs to improve detection capabilities and inform proactive defense strategies. Reporting: Generate comprehensive incident reports and provide actionable insights to management. Required Qualifications Minimum of 5 years of experience in a Security Operations Center (SOC) or a similar cybersecurity role Strong understanding of security frameworks (MITRE ATT&CK, NIST, ISO 27001, etc.) Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel, etc.) Familiarity with EDR solutions (e.g., CrowdStrike, Carbon Black, Defender ATP) Solid knowledge of networking concepts, log analysis, and common attack vectors Experience in the incident response lifecycle, malware analysis, and threat hunting Ability to perform effectively in high-pressure situations and manage multiple incidents simultaneously Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience) Preferred Skills And Certifications Certifications such as GCIA, GCIH, CEH, CISSP, OSCP, or Security+ Experience with scripting (Python, PowerShell, Bash) for automation and log parsing Knowledge of cloud security monitoring (AWS, Azure, GCP) Experience with SOAR platforms and the automation of incident response workflows

Responsibilities Involved in detailing and implementing user stories. Understand the technical specifications and design the solutions. Validate and implement the integration components of the third-party applications. Build scalable and fault-tolerant software solutions adhering to the organization's secured coding standards. Strive for 100% unit tests code coverage. Do code quality checks and code reviews regularly to ensure safe and efficient code. Verify and deploy software solutions for development needs. Work closely with the team to deliver the sprint objectives. Continuously look to improve the organization's standards. Requirements A Bachelors masters degree in engineering or information technology. 4 7 years of software development experience with 2+ years of experience with Python programming language. A thorough understanding of computer architecture, operating systems, and data structures. An in-depth understanding of the Internet, Cloud Computing & Services, and REST APIs. Must have experience with any one of the python frameworks like Flask FastAPI Django REST. Must know GIT and Python virtual environment. Should have experience with python requests module. Must know how to use third-party libraries in Python. Knowledge of Python module/library creation will be added advantageous. Familiarity with SIEM tools like the Qradar app Splunk app and Splunk add-on will be an advantage. Experience working with Linux/Unix and shell scripts. Experience working with Linux/Unix and shell scripts A meticulous and organized approach to work. A logical, analytical, and creative approach to problem-solving. A thorough, detail-oriented work style.

Very good knowledge on Automotive CYS Domain with hands on expertise in ISO21434 Hand on experience on TARA Development experience with Debugging on C++ Should have 5+ years of experience Key Responsibilities: -Automotive Cyber Security: Apply deep knowledge of the Automotive CYS Domain to develop, implement, and manage robust cybersecurity measures for automotive systems. -ISO 21434 Compliance: Ensure all cybersecurity practices adhere to ISO 21434 standards. Develop and maintain processes and documentation to support compliance. -Threat Analysis and Risk Assessment (TARA): Conduct comprehensive threat analysis and risk assessments. Identify, analyze, and mitigate potential security risks and vulnerabilities. -Development and Debugging: Utilize C++ for the development and debugging of secure automotive software systems. Ensure software is resilient against cyber threats.

-Role-OCI Cloud Architect - B3 RolesOCI Cloud Architect - 8 to 10 yrs exp Mandatory Skills (Must Have)Primary skills:OCI CertificationOracle Cloud Infrastructure Architect - Associate/ProfessionalSecondary Skills at least L2 or L2+ (Good to have)Knowledge on other Cloud - AWS/Azure Knowledge on Infrastructure as Code (IAC) like Terraform Knowledge of any of the tools like Servicenow, BMC Helix, Ansible, Jenkins, Splunk Cloud automation using Python and Powershell scripts Knowledge on Devops, KubernetesBehavioral Skill (Must have):Good Communication Skill - effective written and oral Lead the team of juior architects Eagerness to learn new cloud services and technology Team Collaboration Creative thinking in implementing new solutions Mandatory Skills: Oracle Database Admin. Experience5-8 Years.

Job Summary: We are seeking a skilled and detail-oriented Palo Alto Networks Engineer with 4+ years of hands-on experience in designing, implementing, and managing enterprise-level network security infrastructure using Palo Alto firewalls and security tools . The ideal candidate will have strong knowledge of network protocols, threat prevention, and security policy configuration, with a proven track record of securing enterprise networks. Key Responsibilities: Design, deploy, and manage Palo Alto Networks firewalls (PA Series and VM-Series) across enterprise environments. Configure and maintain security policies , NAT , App-ID , URL filtering , Threat Prevention , and SSL decryption . Implement and manage GlobalProtect VPN , User-ID , WildFire , and Cortex XDR . Monitor and analyze security events, provide incident response, and fine-tune firewall rules to reduce false positives. Conduct firewall migrations and upgrades with minimal business disruption. Integrate firewalls with other SIEM/SOAR platforms (e.g., Splunk, QRadar, Cortex XSOAR). Perform routine health checks, audits, and backup/restore of configurations. Collaborate with the cybersecurity, network, and IT teams to support security architecture and compliance. Stay current with emerging threats, vulnerabilities, and best practices in network security. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent work experience). 4+ years of experience in network security, specifically working with Palo Alto Networks technologies . Strong experience with Panorama centralized management. Understanding of networking protocols (TCP/IP, BGP, OSPF, IPSec, GRE, etc.). Experience with firewall policy configuration , intrusion prevention , and advanced threat protection . Familiarity with cloud-based security (AWS, Azure, GCP) and deploying Palo Alto in cloud environments . PCNSE (Palo Alto Networks Certified Network Security Engineer) certification preferred. Experience with change management and documentation in ITIL or similar frameworks. Excellent troubleshooting, communication, and analytical skills. Shift Time- Australian Time Zone

Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk. Your Role And Responsibilities Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident Response: Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity Management: Familiarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and Scripting: Basic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Preferred Education Bachelor's Degree Required Technical And Professional Expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred Technical And Professional Experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

About Persistent We are an AI-led, platform-driven Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients anticipate what’s next. Our offerings and proven solutions create a unique competitive advantage for our clients by giving them the power to see beyond and rise above. We work with many industry-leading organizations across the world, including 12 of the 30 most innovative global companies, 60% of the largest banks in the US and India, and numerous innovators across the healthcare ecosystem. Our disruptor’s mindset, commitment to client success, and agility to thrive in the dynamic environment have enabled us to sustain our growth momentum by reporting $1,409.1M revenue in FY25, delivering 18.8% Y-o-Y growth. Our 23,900+ global team members, located in 19 countries, have been instrumental in helping the market leaders transform their industries. We are also pleased to share that Persistent won in four categories at the prestigious 2024 ISG Star of Excellence™ Awards , including the Overall Award based on the voice of the customer. We were included in the Dow Jones Sustainability World Index, setting high standards in sustainability and corporate responsibility. We were awarded for our state-of-the-art learning and development initiatives at the 16th TISS LeapVault CLO Awards. In addition, we were cited as the fastest-growing IT services brand in the 2024 Brand Finance India 100 Report. Throughout our market-leading growth, we’ve maintained a strong employee satisfaction score of 8.2/10. About Position Role: SOC L2/L3 Support Location: Pune Experience: 5-12 Years Job Type: Full Time Employment What You'll Do As a SOC Level 2 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security incidents and threats within our organization's environment. You will work closely with SOC Level 1 analysts, as well as other cybersecurity professionals, to ensure the integrity, confidentiality, and availability of our systems and data. Security Monitoring and Analysis: Monitor security event alerts generated by various security systems, including Sumo logic, QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Analyze security events to identify potential security incidents or anomalies that may pose a risk to the organization. Incident Triage and Investigation: Triage incoming security alerts based on their severity and potential impact on the organization. Conduct preliminary investigations to determine the nature and scope of security incidents. Gather and analyze evidence, including logs, network traffic, and system artifacts, to identify indicators of compromise (IOCs). Incident Response and Mitigation: Assist in the containment, eradication, and recovery phases of security incidents. Follow established incident response procedures and workflows to ensure timely and effective response to security threats. Collaborate with other members of the SOC team and relevant stakeholders to coordinate incident response efforts. Threat Intelligence Analysis: Stay informed about the latest cyber threats, vulnerabilities, and attack techniques by analyzing threat intelligence feeds and reports. Use threat intelligence to enhance the organization's detection capabilities and proactively identify emerging threats. Documentation and Reporting: Maintain accurate and detailed records of security incidents, including timelines of events, actions taken, and findings. Prepare incident reports and post-mortems to document the outcomes of security incidents and lessons learned. Ensure that all documentation complies with internal policies and regulatory requirements. Continuous Improvement: Participate in ongoing training and professional development activities to enhance knowledge and skills in cybersecurity. Provide feedback and suggestions for improving SOC processes, procedures, and tools. Stay abreast of industry best practices and emerging technologies in cybersecurity. Expertise You'll Bring Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience). 5+ years of experience in a cybersecurity role, preferably in a SOC environment. Strong understanding of cybersecurity principles, concepts, and technologies. Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS). Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus. Benefits Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a value-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry’s best Let’s unleash your full potential at Persistent “Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.”

Join our Team About this opportunity We are now looking for a Security Analyst professional. This job role is responsible for monitoring, coordination, support, management, and execution of reactive maintenance activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do Support the following systems and functions: Security event management on 24*7 shift Monitor incoming event queues for potential security incidents Security incident management, 1st level triaging, issues and RCA Perform initial investigation and triage of potential incidents; and raise or close events as applicable Monitor SOC ticket (or email) queue for potential event reporting from outside entities and individual users Support parsers and rules development for the SIEM Raise incidents to respective team for resolution (within SLA) Identity Access Management Create and track the access to customer environments Process improvements Identify improvements in processes and KPIs Adapt to improvement initiatives Shift handover Maintain SOC shift logs with relevant activity from the shift Document investigation results, ensuring relevant details are passed to Security Engineer for final event analysis Update SOC collaboration tool as necessary Vulnerability scanning and reporting Schedule the vulnerability assessment scan for desired frequency based on agreed plan for nodes in scope Track and provide details of the scan planned/ ongoing/ completed status as and when required Governance Reports Preparation of daily, weekly and monthly reports You will bring Basic knowledge of a Security Information and Event Management System (SIEM), such as McAfee, Splunk, Qradar, etc. Basic knowledge of a vulnerability scanning system such as Nessus, Tripwire, etc. Knowledge of both Linux-based and MS Windows-based systems with technical understanding and skills for analytical problem-solving Knowledge of IP networking Ability to work in shifts The ability to work constructively under pressure Ability to work both in a team as well as individually Knowledge sharing & collaboration skills Customer oriented, service minded Deliver results & meet customer expectations Excellent communication skills, English is a must Key Qualifications: Education: Graduate in Computer Science or similar Minimum years of relevant experience: 3 to 5 years with at least 1 year of experience in IT security ITIL certification, CEH, Security +, CCNA Security or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage

Job Description – SOC Engineer (IBM QRadar Specialist) Experience: 3–6 Years Location: Gurgaon Joiners: Only Immediate Joiners (0–15 days notice period) Your Work Profile We are looking for a SOC Engineer with hands-on experience in engineering and customization of Security Operations Center platforms, specifically IBM QRadar . This is a pure-play engineering role focused on building, configuring, tuning, and optimizing the SIEM platform – not monitoring or incident response. Responsibilities Design, implement, and maintain the QRadar SIEM platform Develop and tune custom rules, correlation logic, parsers, and dashboards Engineer data integrations, log sources , and threat intelligence feeds into QRadar Optimize system performance and manage upgrades, patches, and scalability Collaborate with security architects to improve threat detection and use case coverage Automate use case deployments and enhance log onboarding processes Enable advanced analytics to support red team / blue team activities Key Skills Required Strong hands-on engineering experience with IBM QRadar (deployment, rule tuning, log parsing) Experience integrating on-prem and cloud-based log sources Understanding of SIEM architecture , detection logic, and log pipelines Scripting skills: Python, Bash, PowerShell (for automation and integration) Familiarity with log formats, threat intelligence, and compliance standards Exposure to tools like SOAR, EDR from an engineering/integration standpoint Please Note: This is not a SOC analyst or incident response role L1/L2 monitoring or support experience is not relevant for this requirement Only candidates with QRadar engineering/implementation/customization experience will be shortlisted

Were Hiring | DevSecOps Engineer Location : Remote (India) Urgent Requirement Quick Closures Expected! Were on the lookout for a passionate and skilled DevSecOps Engineer / Security Analyst with 4+ years of experience for a leading publishing company. If you have expertise in cloud security, incident response, security automation, and scripting, this role is for you! Security Engineer/DevSecOps/ Experience : 4+ years Security Analyst (SOC) Security Automation for a Publishing Company Good Understanding of code security and web application security or systems like infra security Windows and Linux. Proven and Demonstrated passion for cyber security with at least 5+ Years of relevant experience. Good understanding of security operations, network security, threat intelligence, and incident response. SIEM configuration (particularly Qradar). Incident and alarm response procedures, engagement with operations teams to manage incidents. Experience/ Understanding of Cloud-based services (AWS), technologies, and providers (e.g., SaaS, IaaS, PaaS, etc.) Experience with writing queries, parsing, and correlating data. Technical understanding of PaloAlto, firewall, IDS/IPS, and Wildfire features The ability to perform analysis of log files from multiple devices and environments, and identify indicators of security threats. Strong understanding of parsing and analyzing web, system, and security logs Strong technical knowledge across a range of server and gateway platforms, including Linux/Unix/Windows/Mac Demonstrable knowledge of scripting/programming tools such as PowerShell, Python Understanding of VPN infrastructure, 2FA like Okta Deep understanding of network protocols and security: TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP, and HTTPS. Familiar with YARA, STIX, TAXII, and OpenIOC for any threat intelligence. Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audiences; production of policy/standards/project documentation Knowledge of data leakage prevention tools DLP/CASB/Web security is an add on Having a certification background in any one of GCIH, GCIA, GPEN, OSCP or other relevant certifications within Cyber Security is highly advantageous. VM scanning Qualys is good to have. Experience in handling phishing attacks using Proofpoint, CLEAR, TRAP, and TAP. Experience in EDR solutions, simulating setups like kali-Linux. Experience in Web security CDN Cloudflare/Akamai/Cloudfront or any WAF. (ref:hirist.tech)

About Company Netenrich boosts the effectiveness of organizations security and digital operations so they can avoid disruption and manage risk. Resolution Intelligence CloudTM is our native-cloud data analytics platform for enterprises and services providers that need highly scalable, multitenant security operations and/or digital operations management. Resolution Intelligence Cloud transforms security and operations data into intelligence that organizations can act on before critical issues occur. More than 3,000 customers and managed service providers rely on Netenrich to deliver secure operations at scale. Job Title : SIEM Implementation Engineer Years of Experience : 5+ Years Work Location : Summary : Role We are seeking a skilled and experienced Cybersecurity SIEM Implementation and Detection Engineer with expertise in YARA rules creation, playbook implementation, and data ingestion techniques. This role presents an exciting opportunity to contribute to the design and implementation of cutting-edge cybersecurity solutions while collaborating with a talented team of and Requirement : Oversee and manage end-to-end security operations for enterprise environments. Implement and manage security tools like SIEM (e.g., Google Chronicle, Splunk, QRadar) and Endpoint Detection & Response solutions. Integrate multiple data sources into security platforms to enhance threat detection and response. Work with customers to integrate various data sources into security solutions. Develop security use cases and implement monitoring and alerting mechanisms. Optimize SOC processes, including log management and threat hunting using tools like Google Chronicle, Splunk, QRadar and Logstash. Design and implement cybersecurity solutions, including proof of concepts (POCs) for clients. Act as the primary point of contact for clients, ensuring satisfaction and smooth deployments. Configure, manage, and optimize SIEM tools (e.g., Google Chronicle, Splunk, QRadar) to support security operations. Design parsers and dashboards to improve data visualization and threat analysis. Perform log analysis and build advanced detection use cases. Ensure high availability and performance of SIEM infrastructure. Manage production environments to ensure uptime and security. Analyze security logs and events to provide actionable recommendations. Python scripting and Shell scripting efficiency optional. If you are a passionate and driven cybersecurity professional with expertise in writing detection rules and is enthusiastic about emerging threats and protecting customers, we want to hear from you. Join us in our mission to protect our organization and our customers from cyber threats. (ref:hirist.tech)

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : Security Information and Event Management (SIEM), Identity Access Management (IAM)Minimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals with organizational objectives, ensuring that security measures are effectively integrated into all aspects of service delivery. Your role will also require you to monitor project progress, address any challenges that arise, and provide guidance to team members to foster a collaborative and productive work environment. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team capabilities and knowledge sharing.- Develop and maintain strong relationships with stakeholders to ensure alignment on project objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Good To Have Skills: Experience with Identity Access Management (IAM), Security Information and Event Management (SIEM).- Strong understanding of risk management frameworks and compliance requirements.- Experience in developing and implementing security policies and procedures.- Proficient in conducting security assessments and audits to identify vulnerabilities.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 15 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Governance Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have Influencing and Advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Lead and mentor junior team members.- Develop and implement security governance frameworks.- Ensure compliance with security policies and regulations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Good To Have Skills: Experience with Identity Access Management (IAM), Security Information and Event Management (SIEM), Managed Cloud Security Services.- Strong understanding of security governance principles.- Experience in implementing security controls and measures.- Knowledge of risk management and compliance frameworks. Additional Information:- The candidate should have a minimum of 15 years of experience in Security Delivery Governance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Responsibilities Technology Vision and Strategy: Develop and implement a comprehensive technology roadmap for OT and IT cybersecurity solutions. Align technology initiatives with business objectives, industry standards, and market opportunities. Lead the design, and management of enterprise-grade cybersecurity platforms such as Splunk, QRadar, and other similar systems. Ensure platforms are optimized for seamless integration across diverse OT and IT environments. Solution Innovation Lead the design and development of advanced cybersecurity platforms and tools, including SIEM, XDR, next-gen firewalls, and secure networking solutions. Drive innovation to ensure solutions address the unique challenges of OT/IT environments, including threat detection, incident response, and compliance. Define the technology strategy for cybersecurity solutions, focusing on scalability, efficiency, and future-readiness. Develop robust architectures that support high-performance security operations across global enterprises. Partnership And Collaboration Foster relationships with technology providers, OEMs, and other stakeholders to enhance the company’s offerings. Ensure interoperability and seamless integration of solutions across various platforms and ecosystems. Technology Governance Establish and maintain technology standards and best practices for OT/IT cybersecurity. Monitor and manage the adoption of emerging technologies to maintain competitive advantage and address evolving threats. Cybersecurity Leadership Provide technical oversight for cybersecurity frameworks, ensuring robust protection of critical infrastructure. Collaborate with delivery and operations teams to implement cutting-edge security measures. Qualifications Bachelor’s or Master’s degree in Engineering, Technology, or a related field. 15+ years of experience in technology leadership roles, with a focus on cybersecurity solutions. Expertise in platform development (e.g., Splunk, QRadar) and industrial control systems Strong leadership, innovation, and strategic thinking abilities.

Join our Team About This Opportunity We are now looking for a Security Analyst professional. This job role is responsible for monitoring, coordination, support, management, and execution of reactive maintenance activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What You Will Do Support the following systems and functions: Security event management on 24*7 shift Monitor incoming event queues for potential security incidents Security incident management, 1st level triaging, issues and RCA Perform initial investigation and triage of potential incidents; and raise or close events as applicable Monitor SOC ticket (or email) queue for potential event reporting from outside entities and individual users Support parsers and rules development for the SIEM Raise incidents to respective team for resolution (within SLA) Identity Access Management Create and track the access to customer environments Process improvements Identify improvements in processes and KPIs Adapt to improvement initiatives Shift handover Maintain SOC shift logs with relevant activity from the shift Document investigation results, ensuring relevant details are passed to Security Engineer for final event analysis Update SOC collaboration tool as necessary Vulnerability scanning and reporting Schedule the vulnerability assessment scan for desired frequency based on agreed plan for nodes in scope Track and provide details of the scan planned/ ongoing/ completed status as and when required Governance Reports Preparation of daily, weekly and monthly reports You will bring Basic knowledge of a Security Information and Event Management System (SIEM), such as McAfee, Splunk, Qradar, etc. Basic knowledge of a vulnerability scanning system such as Nessus, Tripwire, etc. Knowledge of both Linux-based and MS Windows-based systems with technical understanding and skills for analytical problem-solving Knowledge of IP networking Ability to work in shifts The ability to work constructively under pressure Ability to work both in a team as well as individually Knowledge sharing & collaboration skills Customer oriented, service minded Deliver results & meet customer expectations Excellent communication skills, English is a must Key Qualifications: Education: Graduate in Computer Science or similar Minimum years of relevant experience: 3 to 5 years with at least 1 year of experience in IT security ITIL certification, CEH, Security +, CCNA Security or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage

We are seeking a highly skilled and experienced SIEM Administrator to join our Cybersecurity team. The ideal candidate will be responsible for the deployment, configuration, optimization, and administration of Security Information and Event Management (SIEM) systems to support threat detection, compliance, and incident response activities. You will play a key role in maintaining and enhancing the organization’s cybersecurity posture across our IT infrastructure. Key Responsibilities: Deploy, configure, manage, and fine-tune SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight, LogRhythm , etc.). Onboard log sources, create custom parsers, and configure correlation rules to detect anomalies and threats. Perform health checks, maintenance, tuning, and upgrades of SIEM solutions to ensure high availability and performance. Develop and maintain documentation for SIEM architecture, use cases, and integration processes. Work closely with SOC analysts and incident response teams to refine alerts and enhance detection capabilities. Monitor data ingestion from various IT assets (firewalls, endpoints, applications, databases, cloud platforms, etc.). Investigate system-generated alerts, validate data integrity, and ensure compliance with security best practices. Assist in compliance initiatives (ISO 27001, NCA, SAMA, GDPR, etc.) by generating reports and dashboards as required. Collaborate with internal IT and external vendors for troubleshooting and integration of security logs and tools. Conduct regular audits and reviews of SIEM effectiveness and security monitoring processes. Required Skills and Qualifications: Bachelor’s degree in Computer Science, Information Security, Cybersecurity , or a related field. 4 to 7 years of hands-on experience in SIEM administration and security operations. Strong knowledge of log management, event correlation, threat intelligence integration, and alert tuning . Proficient in scripting languages such as Python, PowerShell, or Bash for automation and parsing. Familiarity with network protocols, firewalls, IDS/IPS, vulnerability scanners, and endpoint security tools . Experience working in or supporting Security Operations Centers (SOC) . Understanding of regulatory compliance frameworks such as NCA ECC, SAMA, ISO 27001, PCI-DSS , etc. Industry certifications such as SIEM-specific (Splunk Certified Admin, QRadar Certified Specialist), CEH, or CompTIA Security+ are a plus. Strong problem-solving skills and ability to work under pressure in a fast-paced environment. Excellent communication and documentation skills in English (Arabic is a plus).

The Associate Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How you’ll make an impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What we’re looking for 1-2 years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed Ability to work greater than 40 hours per week as needed This role is Work from Office role What you can expect from Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups . Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others. Job Description Location: Chennai, TN To deliver the above, we are recruiting for the post of Security Operations Centre (SOC) Analyst. The SOC analyst will, reporting to the SOC Manager, participate in the securing of Conde Nast assets across global markets by delivering a dedicated, focused and high-performing function to the organisation, which includes; Security Event Monitoring Event Triage and Escalation Insider Threat monitoring and management Security Incident Analysis and Response Vulnerability Management Threat Review and Analysis Threat Hunting Escalation point for SOC The SOC Analyst will have the opportunity to develop skills across a broad range of security tools and solutions, many of which will be cutting-edge. Required Skills: Minimum 8 years of Security Operations experience with at least 7 years of experience working with event monitoring and management, preferably in a SOC setting. 24X7 Security Operations Centre (SOC) and ensure seamless delivery of monitoring service and SLA management Coordinate with global stakeholders to understand the infrastructure, application, and business process to understand the threat hunting and SOC Monitoring coverage. Supporting SIEM platforms to ensure adequate log source integrations and fine-tuning Demonstrated experience with endpoint telemetry, Malware analysis tools, Exploit kits and SIEM platforms(Splunk/IBM QRadar/ArcSight/Logrhythm) Tactically supports the Vulnerability Management (VM), in the areas of the security patch and remediation management, must have experience in(Rapid7, Nessus, Tenable or others) Work with the security Engineer to ensure all security tools and solutions are properly configured and maintained. Incident Response - Escalation point of contact for incident response activities and acts as needed as Incident manager to ensure proper protection or corrective measures have been taken, and follows procedures to contain, analyse, and eradicate malicious activity Threat Hunting - Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Experience with TIPs will be beneficial in developing the hypothesis. SPAM/Phishing analysis - Executes analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures In-depth knowledge of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks Knowledge of Cloud infrastructure and security(AWS, GCP and Azure). In-depth knowledge of Antivirus - McAfee/Symantec/Sophos In-depth knowledge of EDR solutions(Sophos XDR/Crowdstrike/FireEye HX/SentinelOne/McAfee EDR/Symantec EDR) Hands-on experience in managing any of the SOAR solutions (Rapid7 SOAR/InsightConnect/Swimlane/IBM Security Resilient) Sound working knowledge of firewalls and VPNs: Palo-alto/FortiGate, VPN: Appgate VPN/Any other VPN Hands-on experience with Network Detection and Response tools (Rapid7, Cortex or any other NDR tools) Fundamental knowledge of the principles of Identity and access management Fundamental knowledge of Encryption & PKI. Good understanding of Proxies, WAF, Cyber deception technology, Windows, UNIX/Linux Security best practices Provides audit, analysis, and material support for cyber-related validation, certification, standards, governance, process, infrastructure, deployment and ongoing maintenance. Experience in using a scripting language to automate tasks. Good communication and presentation skills Experience of working in a fast-paced, globally dispersed environment Good analytical, problem-solving solving and interpersonal skills Educational Qualifications: B.Tech/M.Sc IT Certification CompTia Security+, CompTia CySA+, SIEM Associate Admin or any similar SIEM admin certification SSCP or similar certification What happens next? If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile. Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.

Job Summary We are looking for a Senior Digital Workplace Engineer based in Noida to play a pivotal role in delivering world-class end-user IT support and driving operational excellence across collaboration tools, endpoint management, and onboarding workflows. This remote role requires close collaboration with the Germany-based lead and participation in global service delivery. You will act as both a senior engineer and operational coordinator for the offshore team, ensuring SLA compliance, knowledge management, and user satisfaction. Key Responsibilities · Act as the offshore lead for Digital Workplace services, coordinating with the onsite Senior DWP Engineer in Germany · Provide advanced support for Microsoft 365 (Teams, Outlook, SharePoint), Azure AD, Intune, and endpoint devices (Windows, Mac, iOS) · Oversee onboarding and offboarding processes, ensuring timely device provisioning, access setup, and policy compliance · Drive resolution of complex incidents and service requests logged in Jira Service Management (JSM) · Administer Intune and MDM policies to enforce device compliance, patching, and security controls · Monitor ticket queues, escalate as required, and ensure accurate SLA tracking and reporting · Support deskside teams virtually by advising on issue resolution, especially for hardware or local network issues · Maintain and continuously improve SOPs and knowledge base content in Confluence · Analyze support trends and recommend improvements to enhance efficiency and first-contact resolution · Participate in service review meetings, governance reporting, and CSI initiatives with global stakeholders Required Skills & Experience · 5–7 years of experience in IT support or Digital Workplace engineering, with 2+ years in a senior or lead role · Strong technical expertise in: o Microsoft 365 suite (Teams, SharePoint, Outlook) o Azure Active Directory (MFA, Conditional Access, RBAC) o Microsoft Intune and Mobile Device Management (MDM) · Experience with Jira Service Management and Confluence (or similar tools) · Proven ability to coordinate support operations remotely and collaborate with global teams · Excellent problem-solving, documentation, and communication skills · Familiarity with ITIL processes including incident, request, access, and knowledge management · Fluent in English; able to work in Central European Time zone overlap Preferred Qualifications · ITIL v3/v4 Foundation certification · Exposure to AI/automation in IT support (e.g., virtual agents, ticket deflection) · Familiarity with endpoint security monitoring tools and compliance protocols (e.g., QRadar, Splunk) · Experience supporting hybrid workforces in global enterprises Job Types: Full-time, Permanent Pay: ₹1,500,000.00 - ₹2,000,000.00 per year Benefits: Health insurance Provident Fund Schedule: Evening shift Monday to Friday UK shift US shift Supplemental Pay: Performance bonus Yearly bonus Work Location: In person

Rackspace Security (Public Cloud) Security Engineer L3 (Endpoint Security) About Rackspace Cyber Defence Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments Reduce their exposure to risks that impact their identity and brand Develop operational resilience Maintain compliance with legal, regulatory and compliance obligations What We’re Looking For To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace’s strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure An individual who shows a willingness to go above and beyond in delighting the customer A good communicator who can explain security concepts to both technical and non-technical audiences Key Accountabilities Ensure the Customer’s operational and production environment remains healthy and secure at all the times Assist with customer onboarding – customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s) Advance platform administration Critical platform incident handling & closure As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc Co-ordinate with vendor for issue resolution Required to work flexible timings

Avalara is seeking a Security Automation Engineer to join our Security Automation & Platform Enhancement Team (SAPET). You will be at the intersection of cybersecurity, automation, and AI, focusing on designing and implementing scalable security solutions that enhance Avalara's security posture. You will have expertise in programming, cloud technologies, security automation, and modern software engineering practices, with experience with using Generative AI to improve security processes. What Makes This Role Unique at Avalara Cutting-Edge Security Automation: You will work on advanced cybersecurity automation projects, including fraud detection, AI-based security document analysis, and IT security process automation. AI-Powered Innovation: We integrate Generative AI to identify risks, analyze security documents, and automate compliance tasks. Impact Across Multiple Security Domains: Your work will support AML, fraud detection, IT security, and vendor risk management. What Your Responsibilities Will Be As a Security Automation Engineer, your primary focus will be to develop automation solutions that improve efficiency across several security teams. Develop and maintain security automation solutions to streamline security operations and reduce manual efforts. Work on automation projects that augment security teams, enabling them to work more efficiently. Design and implement scalable security frameworks for Security Teams. What You'll Need to be Successful 5+ years experience Programming & Scripting: Python, GoLang, Bash Infrastructure as Code & Orchestration: Terraform, Kubernetes, Docker Security & CI/CD Pipelines: Jenkins, GitHub Actions, CI/CD tools Database & Data Analysis: SQL, security data analytics tools Experience with RDBMS and SQL, including database design, normalization, query optimization Experience. Hands-on experience with security automation tools, SIEM, SOAR, or threat intelligence platforms.

Bachelor's degree in Computer Science, Information Security, EXTC or related field. Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable. Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administration. Experience with deploying and managing a large SIEM/SOAR environment. Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc. Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc. Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.

Job Title: Senior Consultant – Pre and Post Sales Engineer No. of Positions: 1 Locations: Mumbai Position Type: Full-Time Job Overview: St. Fox is looking for a proactive and seasoned technically strong and client-focused Pre and Post Sales Engineer with hands-on experience in cybersecurity products and solutions. The ideal candidate will drive technical engagements with prospects, design secure architectures, conduct PoCs, and provide post-sales deployment and support, helping clients enhance their security posture. Key Responsibilities: Pre-Sales: • Engage with CISOs, IT security teams, and stakeholders to understand cybersecurity requirements. • Design and present security solutions aligned to threats, compliance, and business risks. • Deliver technical product demos for solutions like SIEM, SOAR, EDR, NDR, DLP, IAM, MFA, Firewall, Zero Trust, etc. • Support RFP/RFI responses with detailed technical documentation and solution design. • Support the sales team in responding to RFPs/RFIs with detailed technical inputs. • Design solution architecture in alignment with client needs and company offerings. • Execute Proof-of-Concepts (PoCs) and simulations for attack detection, response workflows, and threat hunting. Post-Sales: • Lead deployment, configuration, and tuning of cybersecurity solutions (e.g., SIEM rules, EDR policies, firewall rulesets). • Support incident response playbook creation, alert tuning, and integration with existing tech stack (SOC/SIEM/SOAR). • Conduct technical training for client SOC and IT teams postdeployment. • Troubleshoot and resolve technical issues in coordination with OEMs and internal support teams. • Maintain ongoing relationships with key technical stakeholders to ensure solution effectiveness and customer satisfaction. Skills and Qualifications: • 3–8 years in cybersecurity pre-sales/post-sales or technical consulting roles. • Strong understanding of threat vectors, attack lifecycle, and defense mechanisms. • Hands-on experience with tools like: o SIEM: Splunk, IBM QRadar, LogRhythm, ArcSight, etc. o SOAR: Palo Alto Cortex XSOAR, Splunk Phantom, etc. o EDR/XDR: CrowdStrike, SentinelOne, Trellix, Microsoft Defender. o Firewalls/NGFW: Fortinet, Palo Alto, Check Point, Cisco. o IAM & PAM: Okta, CyberArk, BeyondTrust. o Cloud Security: AWS/Azure/GCP security tools, CSPM, CWPP. • Familiarity with MITRE ATT&CK, OWASP Top 10, Zero Trust Architecture, etc. • Excellent client communication, technical documentation, and presentation skills. What We Offer: ● Competitive salary and benefits package. ● Opportunities for professional growth and advancement. ● Exposure to cutting-edge technologies and projects. ● A collaborative and supportive work environment. Please Share your Resume to sanjay@nteksol.com

We are looking for a proactive and skilled Security Engineer with 5+ years of experience to join our cybersecurity team. The ideal candidate will be responsible for maintaining and improving our organization's security posture by identifying vulnerabilities, implementing security solutions, and responding to incidents. Key Responsibilities Design, implement, and monitor security measures for the protection of computer systems, networks, and information. Conduct regular security assessments, vulnerability scans, and penetration tests. Configure and manage firewalls, IDS/IPS, SIEM tools, and endpoint protection systems. Monitor systems and networks for security breaches and investigate violations. Respond to and analyze security incidents, including root cause analysis and mitigation. Develop and enforce security policies, standards, and procedures. Conduct risk assessments and recommend appropriate mitigation strategies. Collaborate with IT and DevOps teams to integrate security best practices across infrastructure and applications. Stay updated with the latest security trends, threats, and technology solutions. Provide training and awareness for internal teams regarding cybersecurity best practices. Required Skills & Qualifications Minimum 5 years of hands-on experience in information security, cybersecurity, or infrastructure security roles. Strong knowledge of network and system security protocols and tools (e.g., firewalls, VPN, IDS/IPS, antivirus, SIEM). Proficiency in scripting or programming (e.g., Python, Bash, PowerShell) for automation and tool development. Experience with security tools like Splunk, QRadar, Wireshark, Nessus, Burp Suite, etc. Familiarity with compliance standards like ISO 27001, NIST, PCI-DSS, GDPR, HIPAA. Understanding of cloud security across platforms like AWS, Azure, or GCP. Strong problem-solving and communication skills. Preferred Qualifications Bachelor's or Masters degree in Computer Science, Information Security, or a related field. Security certifications such as CISSP, CEH, OSCP, CISM, CompTIA Security+. Experience in incident response and digital forensics. Prior experience in SOC (Security Operations Center) environment is a plus (ref:hirist.tech)