12 Ransomware Jobs

As a Staff Professional Services Consultant with Data Protection specialization at Zscaler, you will play a crucial role in building long-term, trusted partnerships with customers. Your primary responsibility will be to deliver tailored, future-proof data protection solutions and advocate for customer needs. You will excel at presenting solutions, rationale, and project progress effectively at all organizational levels while managing milestones and potential challenges. Collaboration across teams is key in this role as you will work towards refining products, creating detailed documentation, and establishing best practices for scalable solutions. Your expertise in data protection technologies such as DLP, CASB, and APIs will be leveraged to craft innovative, custom solutions including demos and coding/scripting needs. The ability to multitask across multiple customers and projects, showcasing ownership, innovation, and adaptability in solving complex data protection challenges is essential. To be successful in this role, you should possess a Bachelor's degree with a minimum of 6 years of experience in Professional Services, Service Integration, or DevOps. Expertise in cloud/network security architecture, data loss prevention (DLP), CASB, SaaS security, and endpoint security solutions is required. Proficiency in Unix/Linux and Windows systems, scripting/coding for complex tasks, and working with REST APIs is essential. A strong background in L2-L4 networking, virtualization, cloud computing, and handling security products, malware, and ransomware is also necessary. Additionally, having proven leadership and persuasive skills to sell ideas, inspire, and lead without formal authority will make you stand out. An "Whatever it takes" attitude with the drive to deliver effective solutions, strong communication, presentation skills, and experience in enterprise networking security are preferred qualifications. At Zscaler, we are committed to creating an inclusive environment that values all backgrounds and perspectives. Our Benefits program offers comprehensive and inclusive benefits to support our employees and their families. We provide various health plans, time off plans for vacation and sick time, parental leave options, retirement options, education reimbursement, in-office perks, and more. Join us in our mission to make doing business seamless and secure at Zscaler. Your application for this role signifies your adherence to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is dedicated to providing reasonable support in the recruiting processes for candidates who require accommodations or adjustments due to different abilities, long-term conditions, mental health conditions, sincerely held religious beliefs, neurodivergence, or pregnancy-related support.,

Qualcomm India Private Limited is seeking a dedicated individual to join the Information Technology Group as part of the Cyber Security Engineering team. As a member of this team, you will play a crucial role in supporting 24x7 operations, which may involve working night and weekend shifts on a rotational basis to meet the organization's business requirements. Your primary responsibilities will include monitoring and triaging security events received by the SOC/CDC from various sources such as social engineering attacks, malware, DDoS, data exfiltration, ransomware, among others. You will be expected to follow standard operating procedures to triage events for the first 20 minutes, engaging Tier2 for further assistance as needed. Utilizing Orchestration tool workflows and knowledge base, you will analyze security event and incident data, update the Ticketing system promptly, and communicate with stakeholders to provide recommendations on mitigation and prevention techniques. In this role, you will work closely with Tier3 teams, escalate security events in a timely manner, stay updated on new Use Cases and process changes, and actively participate in brown bag sessions. The ideal candidate should possess a good understanding of current and emerging security threats and technologies, along with strong proficiency in security event investigations and excellent written and verbal communication skills in English. Prior experience in 24x7 SOC or CDC operations is preferred, along with a Bachelor's or Master's degree in Computer Sciences or Cyber Security. Qualifications for this position include 3-5 years of experience working with a SIEM tool, a solid background in security incident response and system operations, and certifications such as CEH, Security+, OSCP, or other industry-relevant cyber-security certifications. Knowledge of ITIL V3.0 is considered a plus. Minimum qualifications consist of a Bachelor's degree in Engineering, Information Systems, Computer Science, or a related field along with 2+ years of cybersecurity-relevant work experience. Alternatively, a High school diploma or equivalent with 4+ years of relevant work experience is also acceptable. If you are an individual with a disability requiring accommodations during the application/hiring process, please contact Qualcomm at disability-accommodations@qualcomm.com. Qualcomm is dedicated to providing a supportive and accessible process for all individuals. As an equal opportunity employer, Qualcomm expects all employees to adhere to applicable policies and procedures, including those related to the protection of confidential information. Staffing and recruiting agencies are advised not to submit profiles, applications, or resumes through Qualcomm's Careers Site, as unsolicited submissions will not be considered. For more information about this exciting opportunity, please reach out to Qualcomm Careers.,

Role Overview The Anti-Phishing Specialist leads the organization's efforts to detect, prevent, and respond to phishing attacks and other email-based threats. This role is pivotal in developing robust anti-phishing strategies, managing email security technologies, responding to incidents, and educating users to enhance organizational resilience against cyber threats. Key Responsibilities - Identify and facilitate takedown of phishing websites and rogue applications. - Proactively address a broad spectrum of cyber threats including DDoS, ransomware, business email compromise (BEC), spear phishing, whaling, vishing, and other social engineering attacks. - Monitor and analyze inbound emails to detect malicious content and recommend rule adjustments to reduce email-borne threats. - Design, implement, and maintain anti-phishing strategies, policies, and procedures. - Manage and optimize anti-phishing tools and platforms, including DMARC, DKIM, SPF, and secure email gateways. - Develop advanced detection rules and filters to counter evolving phishing tactics. - Lead phishing-related incident response efforts--containment, eradication, recovery, and post-incident review. - Deliver regular employee training and awareness programs on phishing prevention. - Collaborate with security teams to provide guidance on email security best practices. - Evaluate emerging anti-phishing technologies and recommend improvements. - Stay abreast of current phishing trends, attack methods, and mitigation techniques. - Produce detailed reports on phishing incidents, metrics, and defensive performance. Qualifications - Bachelor's degree in Computer Science, Information Security, or a related field. - 5+ years of hands-on experience in anti-phishing, email security, or a similar domain. - Strong expertise in email protocols (SMTP, etc.) and security standards (DMARC, DKIM, SPF). - Proven experience with enterprise email security solutions (e.g., Proofpoint, Mimecast, Ironscales). - Deep understanding of phishing tactics, social engineering, and email-based threat vectors. - Strong analytical, problem-solving, and communication skills. - Demonstrated leadership in mentoring or guiding security teams. - Preferred certifications: CISSP, Certified Email Security Manager (CESM), or equivalent. Required Skills SOC L2, Cyber Security, Phishing

You will be responsible for performing deep-dive investigations on security incidents using Securonix SIEM. Your role will involve correlating alerts and utilizing UEBA to detect anomalies and insider threats. Additionally, you will be expected to fine-tune detection rules to reduce false positives in Securonix and conduct threat hunting to identify unknown threats using behavioral analytics. Moreover, you will investigate security events such as ransomware, APTs, data exfiltration, and privilege escalations. Collaborating with L3 analysts, you will help develop playbooks and automation through SOAR integration. You will also provide guidance to L1 analysts and support security awareness training initiatives. Furthermore, your responsibilities will include generating reports on security trends and SOC performance to ensure effective monitoring and response to potential threats.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities:Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs.Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.Validate log sources and indexed data, optimizing search criteria to improve search efficiency.Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential.Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation.Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10.Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.TCP/IP networking skills for packet and log analysis.Experience working with Windows and Unix platforms.Familiarity with databases is an advantage.Experience in GCP, AWS and Azure environments is a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Platform Engineering.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

You are invited to join our Information Security team as a 1st Line Security Engineer in the role of Network Associate. This entry-level position offers an excellent opportunity for individuals who are enthusiastic about commencing their career in cybersecurity. As a Network Associate, your primary responsibility will be to serve as the initial point of contact for security alerts and incidents. You will be tasked with monitoring our systems, identifying potential threats, and promptly escalating issues to senior engineers when necessary. To support your professional development in a dynamic and rapidly evolving security environment, we are committed to providing comprehensive training and mentorship. Your main duties will involve monitoring security tools and dashboards, such as SIEM, endpoint protection, and firewalls, to detect any suspicious activities. You will be responsible for conducting initial triage and analysis of security alerts, documenting incidents accurately, and maintaining organized records in the ticketing system. Additionally, you will assist in vulnerability scanning, follow-ups on patch management, participate in user awareness campaigns and phishing simulations, and contribute to compliance audits and documentation efforts. It is crucial to stay informed about the latest cyber threats and attack vectors to effectively fulfill your role. To qualify for this position, you should hold a Bachelor's degree in information security, Computer Science, or a related field, or possess equivalent experience. A basic understanding of networking principles (TCP/IP, firewalls, DNS) and operating systems (Windows/Linux) is essential. Familiarity with common cybersecurity tools and concepts, such as antivirus, phishing, malware, ransomware, and SIEM, is advantageous. Strong communication skills, problem-solving abilities, and a willingness to work in shifts or participate in on-call rotations, if necessary, are key attributes we are looking for in potential candidates. While not mandatory, having certifications like CompTIA Security+, CEH, or equivalents would be beneficial. Hands-on experience with tools like Splunk, CrowdStrike, Microsoft Defender, Wireshark, or previous involvement in cybersecurity-related internships or academic projects focused on incident response are considered as preferred qualifications for this role. Join us in this exciting opportunity to kickstart your cybersecurity career and make a meaningful impact in the field of Information Security.,

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

Job description Offensive Security Engineer (Ransomware Penetration Testing) Job Description: Offensive Security Engineer (Ransomware Penetration Testing) Responsibilities Execute complex Red Team engagement as a penetration tester, simulating real-world ransomware / malware attacker scenarios to uncover critical vulnerabilities Identify, research, and exploit various vulnerabilities (including zero-days) to gain unauthorized access to systems and data. Develop custom tools, scripts, and exploit code. Document findings in a clear, concise, and actionable manner, including detailed reports with working proofs of concept and recommendations for remediation and product improvements Collaborate with the Blue Team (engineering and QA) to prioritize vulnerabilities, develop mitigation strategies, and improve overall security posture through tangible requirements Participate in knowledge sharing by mentoring junior team members and presenting findings, including opportunities to document reports for external consumption Qualifications Minimum 5+ years of experience in offensive security engagements. Proven experience in participating in Red Team engagements. Expertise in various operating systems (Mac, Linux, etc.) and scripting languages (Python, Ruby, etc.). Coding skills to automate tasks, customize attacks, and create payloads Solid understanding of networking concepts, such as TCP/IP, DNS, HTTP, FTP, SMTP, and VPN. Hands-on knowledge on how to use network analysis tools, such as Nmap, Wireshark, and Metasploit, to scan, sniff, and exploit network services and protocols. Ability to discover and map network devices, identify open ports and services, and bypass firewalls and other security measures. System knowledge . Good understanding of OS concepts Experience with exploit development and post-exploitation techniques. Strong understanding of the threat landscape and attacker motivations. Well-versed in security principles, such as encryption, authentication, authorization, and access control. Good knowledge of malwares , ransomwares , APTs , Trojans and how they work. Ability to think outside the box, and come up with innovative and unconventional ways to break into a system or network. Excellent communication, collaboration, and problem-solving skills. Ability to work independently. The ideal candidate should have minimum 5-8 years of experience in Ransomware Penetration Testing. Should be strong in Python.

Responsibilities: Monitor systems, respond to incidents. Collaborate with teams on threat management strategies. Manage access control & encryption. Maintain compliance standards. Conduct regular security assessments. Office cab/shuttle Food allowance Health insurance Provident fund

Title: Offensive Security Engineer (Penetration Testing at system level) Location: Pune, 411045 (Hybrid) Job Details: Penetration testing experience at system level (This involves stuff like exploiting vulnerabilities, compromising accounts , gaining initial access , execution like hijacking inter process communication , persistence by locking out users by compromising the booting process of Linux operating systems , horizontal and vertical privilege escalation , etc).

Description BS/MS degree in Computer Science or equivalent 1015 years of experience building products on distributed systems, preferably in the Data Security domain Working knowledge of the security domain - Ransomware protection, Anomaly detection, data classification and compliance of unstructured data. Strong knowledge of Cloud platform, APIs, containers, Kubernetes, and Snowflake Knowledge of building micro-service-based applications. Hands-on development in either Golang or Python Strong development experience in Linux/Unix OS platform