891 Qradar Jobs - Page 21

Job description Expertise and should have excellent hands-on troubleshooting in Checkpoint, palo alto and ASA Firewalls. Expertise and should have excellent hands-on troubleshooting in Cloud Firewalls (AWS, Azure) Knowledge of DNS, DHCP and IPAM. Should have hands-on experience in Infoblox (Internal DNS), and F5 GTM (Global Traffic Manager) (external DNS) Develop and maintain architecture diagrams and documents/ Hand-on experience in Packet capture tools (e.g., Wireshark, TCPDump, etc.) Real time troubleshooting and diagnostics of issues across LAN and WAN network through NetBrain. Should have good presentation skills & Fair knowledge on ITIL Framework Manage and implement network security policies and procedures Available to work for evening &night shifts.

Hi, Job Location : Guwahati Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience and Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. If youre interested for Guwahati location please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email Id : ashwini.chakor@ril.com

Job Specifications: Qualifications: Minimum of 5-9 years of experience in Cyber Security Domain Candidate should have B.Tech in computer science, Masters is preferable Certification preferable - C|EH v7 (Certified Ethical Hacker) - C|HFI v4 (Certified Hacking Forensic Investigator) - E|CSA v8 (Cyber Security Analyst) Experience: Knowledge of SIEM (Security Information and Event Management), SOC (Security Operation Center) Familiar with SQL, MySQL etc. TCP/IP, computer networking, NAC. IDS/IPS, penetration and vulnerability testing Firewall/WAF and intrusion detection/prevention protocols Windows, UNIX, and Linux operating systems Network protocols and packet analysis tools Anti-virus and anti-malware, Deep Security If interested, Please share your resume at neelam.kumari1@pramericalife.in with below details: Total Exp: current CTC: expected CTC: Notice period:

LTIMindtree Hiring for Azure Sentinel L2/L3 SOC Analyst for Hyderabad Location- Notice period-immediate to 15 days. Exp-5 to 8 yrs. Location- Hyderabad Skill Combination: Minimum 6 yrs in security domain, and at least 3 yrs as L2/L3 if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview (YES/NO)- Job Description- Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct post incident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

About the Job: We are seeking a skilled and detail-oriented Database Activity Monitoring (DAM) Specialist to join our cybersecurity team. The ideal candidate will have hands-on experience in implementing and managing DAM solutions (like IBM Guardium, Imperva SecureSphere, Oracle Audit Vault, etc.), and ensuring continuous visibility into database activity for threat detection, compliance, and incident response. Key Responsibilities: Implement, configure, and maintain DAM solutions across critical database environments (Oracle, SQL Server, MySQL, etc.). Monitor and analyze database activities to detect unauthorized access, policy violations, and anomalous behavior. Define and fine-tune DAM policies, rules, alerts, and use cases. Perform regular audits and generate reports for compliance (e.g., PCI-DSS, GDPR, HIPAA, SOX). Work with database administrators, IT, and security teams to triage and respond to incidents. Ensure appropriate integration of DAM with SIEM tools and security workflows. Maintain documentation for processes, configurations, and incident handling. Support risk assessments and internal/external audits related to database security. Stay up to date with database threats, vulnerabilities, and security best practices. Required Skills and Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with DAM tools (e.g., IBM Guardium, Imperva, Oracle AVDF, etc.). Strong understanding of database platforms: Oracle, MS SQL, MySQL, PostgreSQL. Familiarity with SIEM tools (Splunk, QRadar, etc.) and integration with DAM solutions. Experience in writing and tuning DAM policies and alerts. Good knowledge of compliance regulations and audit requirements. Strong analytical and troubleshooting skills. Excellent written and verbal communication skills. Why Join Us? Work on mission-critical security infrastructure. Opportunity to shape enterprise-wide database security. Join a passionate team of cybersecurity professionals driving innovation.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Staff (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc Assist in remote and on-site gap assessment of the SIEM solution. Work on defined evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Assist in interview with stakeholders, review documents (SOPs, Architecture diagrams etc) Asist in evaluating SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure their log sources (in-scope) to be integrated to the SIEM Experience in SIEM content development which includes : Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Experience in creating custom commands, custom alert action, adaptive response actions etc Qualification & experience: Minimum of 3 years’ experience in Splunk and 3 to 5 years of overall experience with knowledge in Operating System and basic network technologies Experience in SOC as L1/L2 Analyst will be an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Good to have knowledge of Vulnerability Management, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting Certification in any other SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline (CEH, Security+, etc) will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Staff (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc Assist in remote and on-site gap assessment of the SIEM solution. Work on defined evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Assist in interview with stakeholders, review documents (SOPs, Architecture diagrams etc) Asist in evaluating SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure their log sources (in-scope) to be integrated to the SIEM Experience in SIEM content development which includes : Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Experience in creating custom commands, custom alert action, adaptive response actions etc Qualification & experience: Minimum of 3 years’ experience in Splunk and 3 to 5 years of overall experience with knowledge in Operating System and basic network technologies Experience in SOC as L1/L2 Analyst will be an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Good to have knowledge of Vulnerability Management, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting Certification in any other SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline (CEH, Security+, etc) will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Staff (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc Assist in remote and on-site gap assessment of the SIEM solution. Work on defined evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Assist in interview with stakeholders, review documents (SOPs, Architecture diagrams etc) Asist in evaluating SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure their log sources (in-scope) to be integrated to the SIEM Experience in SIEM content development which includes : Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Experience in creating custom commands, custom alert action, adaptive response actions etc Qualification & experience: Minimum of 3 years’ experience in Splunk and 3 to 5 years of overall experience with knowledge in Operating System and basic network technologies Experience in SOC as L1/L2 Analyst will be an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Good to have knowledge of Vulnerability Management, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting Certification in any other SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline (CEH, Security+, etc) will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Title : SOC Manager Company : AKATI Sekurity The Role AKATI Sekurity is seeking a strategic and highly technical SOC Manager to lead our 24/7 Security Operations Center. This is a senior leadership role for an individual who can combine deep technical expertise in security operations with proven team management capabilities. You will be responsible for the overall direction, performance, and maturation of our SOC, ensuring the timely detection, analysis, and response to sophisticated cyber threats while acting as a key security partner to our clients. Key Responsibilities Leadership & Team Management : Lead, mentor, and manage a 24/7/365 team of SOC analysts (Tier 1-3). Drive team performance, ensuring adherence to Service Level Agreements (SLA) and fostering a culture of continuous improvement and technical excellence. Oversee incident response activities, acting as a senior escalation point for critical security incidents involving network infrastructure, and other enterprise systems. Technical Operations & Strategy Direct the SOC's threat management program, including threat modeling, intelligence integration (e.g., MISP), and the development of advanced detection use cases. Oversee the SIEM/SOAR platform strategy, guiding the architecture, integration, and optimization of tools to enhance detection and response capabilities. Ensure the SOC's operational readiness by maturing processes based on frameworks like MITRE ATT&CK and the Cyber Kill Chain. Client Management & Reporting Act as the primary technical liaison between the SOC and client stakeholders. Develop and present clear, insightful reports, dashboards, and metrics on SOC operations, security posture, and incident trends to client leadership. Required Qualifications & Experience Experience : 5-7 years in Security Operations, with at least 2+ years in a leadership or management capacity (e.g., SOC Lead, SOC Manager). SIEM Expertise : Expert-level knowledge of SIEM technology and architecture, with hands-on experience managing at least two enterprise-grade platforms (e.g., Splunk, QRadar, Sentinel). Security Frameworks : Deep understanding of modern security frameworks and concepts, including MITRE ATT&CK, Cyber Kill Chain, SOAR, and UEBA. Technical Breadth : Strong foundational knowledge of networking, operating systems, WAF, malware detection, large enterprise platform builds, and threat intelligence platforms. Leadership : Proven ability to lead, discipline, and motivate a technical team, with experience managing performance and adhering to strict client SLAs. Communication : Exceptional written and verbal communication skills in English, with a demonstrated ability to articulate complex technical concepts to both technical teams and non-technical executive Security Certifications : One or more of the following are highly desirable : CISSP, CISM, CISA, OSCP, OSCE, CEH. (ref:hirist.tech)

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. 1-2 years of relevant experience. Additional Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Feature development for Android and Linux/Ubuntu based Snapdragon products. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience (3-6 years) with C/C++ and good programming skills. Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Good understanding of Linux kernel and internals. Good understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 8+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 7+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 6+ years of Software Engineering or related work experience. 4+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. 2+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

We are seeking a dynamic Pre-Sales Consultant with over 6 years of customer-facing experience in the cybersecurity domain. The ideal candidate will be instrumental in understanding client requirements, translating business challenges, and proposing tailored solutions. Key Responsibilities Engage with customers directly to gather requirements and articulate business challenges. Collaborate with internal teams to design and present appropriate solutions. Deliver impactful product demos and Proofs of Value (POVs) at customer locations. Prepare high-quality documentation including scope of work, prerequisites, and deliverables. Required Skills & Experience Minimum 6 years of presales experience in cybersecurity or related domains. Hands-on experience with demo/POV delivery. Strong documentation and communication skills. Proficiency in at least two of the technology domains listed below, with experience in any two OEMs in those areas. Technology Domains & Preferred OEM Experience Domain Preferred OEMs Proxy - Zscaler, Netskope, Forcepoint DLP Zscaler, Netskope, Forcepoint WAF Cloudflare, F5 Identity Okta, BeyondTrust, CyberArk SIEM IBM QRadar, Splunk, Fortinet Good-to-Have Skills Excellent Oral Communication skills and Written skills, Excellent presentation skills Good analytical skills who can understand customer’s business challenges and arrive at right Key Performance Indicators Conduct pre-engagement meetings Create end-user knowledge transfer Function as a requirements analyst Serve as a conduit between sales and Delivery team Conduct Cybersecurity solution & service research Make contributions to the Cybersecurity technical portfolio Benefits Opportunity to work with leading cybersecurity OEMs. Exposure to cutting-edge technologies and enterprise clients. Competitive salary with performance-based incentives. Flexible work culture and hybrid work opportunities. Continuous learning and certification support. Strong internal collaboration and growth-driven environment. Skills: analytical,pov delivery,technology,analytical skills,pre-sales,presales,communication,presentation,documentation,product demos,cybersecurity,oem

We are seeking a skilled and detail-oriented Database Activity Monitoring (DAM) Specialist to join our cybersecurity team. The ideal candidate will have hands-on experience in implementing and managing DAM solutions (like IBM Guardium, Imperva SecureSphere, Oracle Audit Vault, etc.), and ensuring continuous visibility into database activity for threat detection, compliance, and incident response. Key Responsibilities: Implement, configure, and maintain DAM solutions across critical database environments (Oracle, SQL Server, MySQL, etc.). Monitor and analyze database activities to detect unauthorized access, policy violations, and anomalous behavior. Define and fine-tune DAM policies, rules, alerts, and use cases. Perform regular audits and generate reports for compliance (e.g., PCI-DSS, GDPR, HIPAA, SOX). Work with database administrators, IT, and security teams to triage and respond to incidents. Ensure appropriate integration of DAM with SIEM tools and security workflows. Maintain documentation for processes, configurations, and incident handling. Support risk assessments and internal/external audits related to database security. Stay up to date with database threats, vulnerabilities, and security best practices. Required Skills and Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with DAM tools (e.g., IBM Guardium, Imperva, Oracle AVDF, etc.). Strong understanding of database platforms: Oracle, MS SQL, MySQL, PostgreSQL. Familiarity with SIEM tools (Splunk, QRadar, etc.) and integration with DAM solutions. Experience in writing and tuning DAM policies and alerts. Good knowledge of compliance regulations and audit requirements. Strong analytical and troubleshooting skills. Excellent written and verbal communication skills. Why Join Us? Work on mission-critical security infrastructure. Opportunity to shape enterprise-wide database security. Join a passionate team of cybersecurity professionals driving innovation.

Your Potential Unleashed India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your Work Profile As an Assistant Manager in our cyber team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Preferred Knowledge The role requires strong skills in incident response and digital forensics to effectively minimize the impact of cyber risks. The individual will be responsible for overseeing security monitoring, managing security tools and operations, and ensuring security incidents are handled efficiently and reported to relevant stakeholders. This role primarily involves acting as a first responder and conducting in-depth incident response activities on behalf of a diverse range of clients across various sectors. Candidates must be capable of operating in complex security environments and working collaboratively with the SOC team to design, communicate, and execute incident response, containment, and remediation plans. They will support incident response analysts and incident management teams, while also evaluating tools, processes, and procedures for handling cyber intrusions—continuously identifying new and improved methods for detecting and responding to adversarial threats. Key Responsibilities: Detect, triage, investigate, and respond to security incidents across client environments in accordance with defined SLAs. Analyze alerts and events from a wide range of data sources: Firewalls, IDS/IPS, Proxy, AD, EDR, DLP, etc. Execute end-to-end incident response including detection, containment, eradication, recovery, and lessons learned. Conduct root cause analysis and forensic investigations on affected systems. Leverage tools such as EDR, SIEM, and SOAR to automate and accelerate response efforts. Develop, improve, and document incident response processes and playbooks. Deliver comprehensive incident reports to internal and external stakeholders, including executive briefings. Monitor log sources/data sources health and coordinate with engineering to maintain optimal visibility. Facilitate tabletop exercises, real-time simulations, and post-incident reviews. Support threat hunting initiatives by analyzing network traffic, endpoint behavior, and threat intelligence. Assist in malware analysis and reverse engineering efforts as needed. Track incident response metrics and contribute to continuous improvement of detection and response capabilities. Collaborate with cross-functional teams including SOC analysts, IT operations, and business stakeholders. Required Skills & Expertise: Overall experience of at least 4+ years in SIEM monitoring and Cyber security Incident response and Management. Core Incident Response Knowledge: Deep understanding of the incident response lifecycle, cyber kill chain, and MITRE ATT&CK framework. Operating Systems: Expertise in Windows, Active Directory, DNS, and Linux platforms. SIEM Platforms: Strong experience with QRadar, Microsoft Sentinel, and other SIEM tools. SOAR Tools: Proficiency in tools like Cortex XSOAR, Splunk Phantom, and Demisto for orchestrating response. EDR Technologies: Hands-on experience with tools like CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, etc. Log Analysis: Ability to interpret raw logs and perform correlation across diverse systems (network, endpoint, applications). Digital Forensics: Experience with EnCase, FTK, or other forensics toolsets; able to perform memory, disk, and network forensics. Malware Analysis: Strong understanding of malware behavior, obfuscation techniques, and basic reverse engineering. Communication: Strong verbal and written communication skills, capable of briefing technical and non-technical stakeholders. Process Orientation: Ability to document, optimize, and maintain response processes and runbooks. ITSM Tools: Familiarity with ITSM platforms (e.g., ServiceNow) for managing incidents and workflows. Required Qualifications & Certifications: Bachelor’s degree in computer science, Cyber Security, or related field. Industry Certifications (preferred): GIAC (GCIA, GCFA, GCIH) CHFI, CEH, Security+, CySA+, or equivalent Experience delivering IR services to large enterprise or MSSP environments. Familiarity with cloud environments (Azure, AWS, GCP) and cloud security practices. Additional Attributes: Strong problem-solving and critical-thinking skills. Ability to work under pressure in time-sensitive environments. Proactive, self-motivated, and results oriented. Strong collaboration skills, with experience working in diverse and distributed teams. Willingness to work in a 24/7 rotating shift environment. How You’ll Grow Connect for Impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to Lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for All At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive Your Career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. We love working here, and we think you will too. "Inspired by innovation, powered by people." Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

Key Skills: Qradar, SIEM Roles and Responsibilities: QRadar Platform Configuration & Administration: Implement and configure IBM QRadar SIEM, including the integration of log sources (firewalls, servers, IDS/IPS, etc.). Administer and maintain QRadar appliances, including updating, patching, and tuning for performance. Ensure the proper setup of security event collection, parsing, normalization, and storage. Security Monitoring & Incident Response: Monitor QRadar dashboards and alerts for security incidents and potential threats. Investigate and triage security incidents, escalating as necessary, and providing detailed reports for remediation. Create and fine-tune custom rules, offenses, and alerts to improve threat detection accuracy. Log Source Management: Configure and manage log source integrations, including forwarders, collectors, and data processing. Work with teams across the organization to identify and collect relevant logs for security monitoring. Correlation Rules and Customization: Develop, maintain, and optimize correlation rules to detect suspicious activities. Work with security analysts to develop custom use cases and refine QRadar correlation capabilities. Threat Intelligence and Data Integration: Integrate threat intelligence feeds into QRadar for enhanced detection of external threats. Leverage external data sources and QRadar's built-in capabilities to identify emerging threat patterns. Reporting and Documentation: Generate reports for management, compliance audits, and regulatory requirements. Document configurations, rules, processes, and troubleshooting steps for knowledge sharing and incident response procedures. Collaboration & Support: Work closely with IT and cybersecurity teams to integrate new systems and optimize SIEM operations. Assist in the development of incident response playbooks and provide expertise during security incidents. Skills Required: Strong hands-on experience with IBM QRadar SIEM platform Proficient in configuring and administering QRadar appliances Expertise in integrating and managing various log sources (firewalls, servers, IDS/IPS, etc.) Ability to monitor, investigate, and respond to security incidents and threats Skilled in creating and fine-tuning correlation rules, offenses, and alerts Experience in integrating threat intelligence feeds into QRadar Familiarity with developing custom use cases for advanced threat detection Competence in generating reports for audits, compliance, and management Strong documentation skills for processes, rules, and troubleshooting Effective collaboration with cross-functional IT and cybersecurity teams Knowledge of incident response planning and playbook development Education: Bachelor's Degree in related field

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Job Title: Lead Engineer – Security Operations Department: Engineering and Operations Location: Mumbai Reporting: Manager Security Operations Job Type: Full Time Shift: Rotational Shift PRE-REQUISITES Strong technical and subject matter expertise in at least four or more of the following security specialties: Firewall: Cisco, Palo Alto, Checkpoint, Fortinet, Zscaler, Barracuda VPN - IPSEC, SSL VPN: Ivanti, F5, Cisco, GlobalProtect NAC: Cisco ISE, Aruba ClearPass Unified Thread Management (UTM) SIEM products Qradar, Microsoft Sentinel etc. Load Balancers: F5 BigIP LTM/GTM, Citrix ADC Network Security (multi-vendor) experience. Cloud Infrastructure Mgmt.: Cloud stack, OpenStack, AWS, Azure, Netskope, PaloAlto Prisma Knowledge on scripting language like Python and automation Working knowledge and hands-on experience on Linux/Unix OS is desirable. Customer service experience preferably in a Global Operations Center environment Ticketing system knowledge Ability to workdays, evenings and weekends as required; 24x7 support in rotating shifts Flexibility with the ability to manage stressful situations and adapt to rapidly changing environments and requirements Analytical thinker willing to “think outside the box” to resolve customer impacting situations on first contact; understand customer pain Ability to work with Operations and Engineering on the priority of issues to resolve the urgent customer impacting issues first Aptitude and desire to learn advanced Network Security services. Creative, flexible thinker who is willing to take initiatives and share alternative solutions with peers and management Hands-on experience on Vulnerability Scanning, Penetration Testing Tools (Qualys, Nessus, Rapid7) Exceptional documentation and communication skills Ability to thrive in a fast paced, multi-cultural, customer-oriented environment MS Office proficiency RESPONSIBILITIES Incident Resolution Ticket resolution - work on trouble tickets, support the operation of advanced Network Security Services and take escalations Queue Management - keep a watch on queue and assign tickets Service Request - working on request for changes as per client requirements Perform the minor/major changes as per defined SoC process and work instructions Be a Subject Matter Expert (SME) on a few products Create Standard Operation Procedure Attend client calls and other technical meetings Assist in creation of Root Cause analysis (RCA) Security Performance Tuning Identify areas of Service Improvement Program (SIP) for key clients and reduce incidents Review code upgrade and test implement before rolling on to production Review documentation Recognize successful intrusions and compromises through review and analysis of relevant event detail information Review and update ROE on yearly basis Other Functions Work with hardware/software vendors to resolve problems Coordinate shifts and exchange handoff between various shifts Cross-train and mentor juniors Participate in various network and security related projects Perform other duties as assigned Any additional task given to the incumbent from time-to-time based on business needs TRAINING AND CERTIFICATION REQUIRED CCNA, CCSA, Fortinet NSE-4, PCNSE, CCIE, CEH EXPERIENCE Minimum 10 years of progressive, relevant experience and proven capability to work in a complex network environment EDUCATION Bachelor in Engineering - Computers/Electronics/Communication or related field Graduate/Post Graduate in Science/Math/IT or related streams with relevant technology experience TECHNICAL AND OTHER SKILLS Knowledge of ITIL, ISO27K, SOC 2 will be beneficial

About IRIS IRIS Business Services Limited (IRIS) is a leading regtech SaaS provider listed on both the BSE and NSE. Established in 2000, IRIS empowers over 30 regulators and 6,000 enterprises across 54+ countries, positively impacting more than 2 billion lives. Our innovative solutions transform regulatory compliance into a competitive business advantage. Headquartered in Mumbai, IRIS operates subsidiaries in the USA, Singapore, Malaysia, and Italy, with an affiliate in the UAE. IRIS is also a proud member of XBRL jurisdictions worldwide, including XBRL International, India, Europe, South Africa, and the USA. In India, IRIS is an authorized GST Suvidha Provider and a private Invoice Registration Portal. Our commitment to digital innovation has earned us numerous accolades, such as: To read more about IRIS visit our website: http://irisbusiness.com Job Title: IT security Expert Location: Navi Mumbai Key Skills & Experience: Cyber Security Fundamentals: In-depth understanding of security principles, frameworks (NIST, ISO 27001), and best practices. Network Security: Proficient in firewall management (e.g., Fortinet, Palo Alto), IDS/IPS, VPN, and network segmentation. Security Information & Event Management (SIEM): Experience with SIEM platforms (e.g., Splunk, QRadar, ELK Stack) for log analysis, threat detection, and incident response. Vulnerability Assessment & Penetration Testing (VAPT): Hands-on experience with tools and methodologies for identifying and mitigating vulnerabilities (e.g., Nessus, Burp Suite, fortify Metasploit). Endpoint Security: Deployment and management of EDR/EPP solutions (e.g., CrowdStrike, SentinelOne). Cloud Security (Optional, if applicable): Familiarity with securing cloud environments (AWS, Azure, GCP). Incident Response: Ability to effectively respond to security incidents, analyze breaches, and implement corrective actions. Security Auditing & Compliance: Experience in conducting security audits and ensuring compliance with regulatory requirements. Lead the Audits. Location and version control of all security policies, standards, and guidelines. Compliance frameworks and regulations the organization adheres to (e.g., ISO 27001, NIST, GDPR, DPDPA, SOC 1 and 2) and the organization's current compliance status Strong Communication & Problem-Solving Skills: Excellent ability to articulate technical concepts and troubleshoot complex security issues. Security Awareness & Training: Develop and deliver security awareness training programs for employees to foster a security-conscious culture. Educate users on phishing, social engineering, and other common cyber threats Awards won by IRIS Won recognition as Indias best Fintech at the Financial Express Best Banks Awards. an award that was presented to our CEO by Smt Nirmala Sitharaman, Finance Minister, Govt of India. IRIS has been selected as the Best Tax Technology Service Provider 2022 in category National Taxation Awards at the prestigious TIOL Awards. IRIS CARBON has won The Most Agile/Responsive SaaS Solution of the Year award at the 2022 SaaS Awards by Awarding and Consultancy International. At IRIS CARBON, we are committed to creating a diverse and inclusive environment. We are an equal opportunity employer and welcome applicants from all backgrounds.

Job requisition ID :: 83960 Date: Jun 23, 2025 Location: Mumbai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Deloitte India is seeking a SOC Manager Lead team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Key Responsibilities: Skills & Knowledge : Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Navi Mumbai Professional is required to work from office Your role as Consultant/Sr Consultant. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae

Cybersecurity Incident Manager is responsible for managing and mitigating enterprise-level cybersecurity incidents leading the coordination and communication of incident response efforts. The main priorities are ensuring timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Key Responsibilities Monitor, detect, and respond to security incidents using various security tools and technologies. Execute containment, eradication, and recovery procedures during incidents to minimize impact and restore normal operations. Develop and maintain incident response playbooks and escalation procedures to ensure a consistent and efficient response to incidents. Collaborate with other IT and security teams to remediate vulnerabilities and improve the overall security posture. Prepare detailed and accurate incident reports and documentation for internal use and for external stakeholders, if necessary. Stay current with the latest threats, vulnerabilities, and security technologies to ensure effective detection and response capabilities. Serve as the primary coordinator during cybersecurity incidents, aligning efforts across technical and business teams. Conduct real-time analysis and correlation of security events from multiple sources including SIEM, IDS/IPS, firewalls, and endpoint security solutions. Perform in-depth investigation and analysis of security incidents, including malware analysis, forensic investigations, and reverse engineering. Participate in threat hunting activities to proactively identify and mitigate potential security risks. Stay informed about new threats and trends in cybersecurity to enhance response skills. Ensure compliance with the organization's incident response framework and regulatory requirements. Coordinate with Enterprise Risk Management, SOC, Legal, IT, Data Privacy, and other functions for a unified response. Collaborate with third-party vendors and MSSPs as needed. Act as the primary contact for incident updates to executive leadership and stakeholders. Generate comprehensive reports during and after incidents, including root cause analysis and mitigation strategies. Supervise the creation of post-incident reports and ensure that lessons learned are integrated into future planning strategies. Propose security improvements to prevent the reoccurrence of incidents. Perform regular tabletop exercises and simulations to train and prepare teams. Qualifications Bachelors degree in Computer Science, Information Security, or a related field, or equivalent work experience. At least 12+8 years of experience in a SOC or similar security-focused environment. Experience in managing large-scale cybersecurity incidents. Understanding of regulatory requirements and industry standards (e.g. GDPR, HIPAA, PCI-DSS). Proficient written and verbal communication skills. Strong hands-on experience with SIEM platforms (e.g. Palo Alto XSIAM, Splunk, QRadar), IDS/IPS systems, firewalls, endpoint security tools and service management tools (e.g. ServiceNow) Proficiency in conducting forensic investigations and malware analysis. Experience with scripting and automation tools (e.g., Python, PowerShell) to streamline incident response tasks. Deep understanding of network protocols, operating systems, and common attack vectors. Relevant certifications such as CISSP, CISA, CISM, CEH, or GIAC are highly desirable. Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.

Reporting Structure Reports to Chief Manager - Security Operations Cyber Security Designation Program Lead Threat hunting Education: University degree in the field of computer science Or IT is preferable. However, any graduate with relevant experience and technical certifications in the domain can be considered for the Vacancy. Desired Experience/Exposure Minimum 10 years of experience in a technical role in the areas of Security Operations, Cyber Incident Response with extensive experience performing Threat hunting on IT Systems, Network and Endpoints. With at least 7 years in threat hunting, incident response, or SOC roles. Proficiency in SIEM platforms (Splunk, Sentinel, QRadar, etc.) XDR and EDR tools (CrowdStrike, Carbon Black, etc.). Experience with scripting (Python, PowerShell, etc.) and automating threat detection or hunting tasks. Strong understanding of Windows, Linux, and network protocols. Familiarity with threat intelligence sources and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Ability to proactively find cybersecurity threats and mitigate them. Knowledge about Advanced persistent threats and treat actors, their TTPs. Ability to recognize attack patterns and corelate them with specific threat actors. Ability to obtain as much information on threat behaviour, goals and methods as possible. Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry. Industry Financial Domain (Banking / NBFC experience is desirable) Responsibilities Use Various available Security controls and the telemetry data within to conduct proactive threat hunts using a hypothesis-based approach. Coordinate with various stakeholders to obtain the data as required. Conduct proactive threat hunting across systems, networks, and endpoints using a variety of tools and data sources. Analyse large datasets (logs, packet captures, alerts) to identify anomalies, malicious activity, and Indicators of Compromise (IOCs). Develop and test hunting hypotheses based on threat intelligence, adversary emulation, and red team activities. Collaborate with SOC analysts, incident responders, and threat intelligence teams to improve detection rules and response strategies. Create custom detection logic and fine-tune SIEM/EDR alerts. Provide detailed reports and briefings to stakeholders about findings and mitigation strategies. Continuously improve hunting methodologies, automation, and use of threat hunting frameworks (e.g., MITRE ATT&CK). Stay current on emerging threats, vulnerabilities, and cyber-attack techniques. Identify Risks and Threats based on threat hunts undertaken. Communicate with Senior Management and other stakeholders about the findings and to take necessary actions. Work with Security Operations to take the identified anomalies to a conclusion. Prepare monthly reports on threat hunts and able to showcase ROI of the overall threat hunting program. Certifications Security certifications such as GCFA, GCTI, GCIA, OSCP, CEH, or similar. Experience using threat hunting platforms or custom-built hunting environments.