48 Security Analyst Jobs

The selected candidates will be responsible for performing VAPT on the web, mobile, infrastructure, and API, doing a secure code review, and analyzing any security incidents that strike within our SecureNexus division.

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Proactively monitors the work queues. Performs operational tasks to resolve all incidents/requests in a timely manner and within the agreed SLA. Updates tickets with resolution tasks performed. Identifies, investigates, analyses issues and errors prior to or when they occur, and logs all such incidents in a timely manner. Captures all required and relevant information for immediate resolution. Provides second level support to all incidents, requests and identifies the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Follows the shift handover process highlighting any key tickets to be focused on along with a handover of upcoming critical tasks to be carried out in the next shift. Escalates all tickets to seek the right focus from CoE and other teams, if needed continue the escalations to management. Works with automation teams for effort optimization and automating routine tasks. Ability to work across various other resolver group (internal and external) like Service Provider, TAC, etc. Identifies problems and errors before they impact a clients service. Provides Assistance to L1 Security Engineers for better initial triage or troubleshooting. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Audits and analyses incident and request tickets for quality and recommends improvements with updates to knowledge articles. Produces trend analysis reports for identifying tasks for automation, leading to a reduction in tickets and optimization of effort. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelors degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Certifications relevant to services supported. Certifications carry additional weightage on the candidates qualification for the role. CCNA certification in must, CCNP in Security or PCNSE certification is good to have. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type On-site Working

Role: SOC Analyst Location: Kharadi, Pune Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living! The Security Analyst works on the detection and response for potential security incidents on the Smith & Nephew network, systems, and applications. This includes technical analysis and incident management, communications, and reporting. The role works with the Global SOC Manager. The work includes partnering closely with other functions within Information Security, with outsourced tier 1 SOC functions, with the wider IT team including Service Desk, as well as with HR, Legal, Procurement, and other functions. The role interacts with end users and technical resolver teams within Smith & Nephew as well as outsourced suppliers. The working hours are Monday to Friday (11AM - 8PM IST). What will you be doing? Complete alert and incident response activities following standard runbooks and processes, with work to include the initial triage and analysis, recording of the incident with all relevant details to high standards, and documenting all containment and response actions. Uses Smith+Nephew technology platforms and security tools to conduct investigations such as threat hunting or other proactive investigations outside the incident process. Write comprehensive reports including assessment-based findings, outcomes, and propositions for enhancements such as new detection plays, new runbooks or playbooks, process improvements, or tuning detection rules. Mentoring and coaching other team members, sharing skills and experience to enable higher levels of performance. Provide technical domain expertise to projects and initiatives aimed at improving the capability and maturity of Smith & Nephew information security practices. What will you need to be successful? Bachelor s degree in Computer Science or a related subject preferred or equivalent experience. Licenses/Certifications: Relevant entry- or mid-level security certifications are advantageous but not required. Job-specific training will be provided. Experience: At least 4 years of experience in a relevant Information Security role. Experience working hands-on with SIEM and EDR/XDR technologies for the identification and response to existing and emerging threats. Familiar with MITRE ATT&CK for the identification and mapping of attacker tactics, techniques, and procedures (TTPs). Familiarity with network models (OSI and TCP/IP), common network terminology and concepts, and network equipment. Must be able to correctly interpret logs for firewalls (including WAF and IDS/IPS), Windows and Linux operating system logs, AWS and Azure cloud logs. Familiarity with web-related technologies (Web applications, Web Services, Service Oriented Architectures) and network/web-related protocols. Competences: Understanding of industry frameworks such as MITRE ATT&CK, MITRE D3FEND, NIST CSFv2, and NIST SP800-61r2. Using SIEM (including scripted query languages) and EDR/XDR technologies, threat intelligence tools, and ITSM tools. Familiarity with AWS and Azure cloud technologies and cloud security standards (CSA or equivalent). Understanding of API security and familiarity with AI security concepts (such as NIST AI RMF). Familiarity with ITIL methodology and terminology. Excellent written and oral communication skills, service attitude, and analytical approach to problem solving. Ability to work independently without daily direction, balancing conflicting priorities, and effectively tracking and managing task completion to committed deadlines. You. Unlimited. We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve. Inclusion, Diversity and Equity- Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about Employee Inclusion Groups on our website ( https://www.smith-nephew.com/ ). Other reasons why you will love it here! Your Future: Major medical coverage + policy exclusions and insurance non-medical limit. Educational Assistance. Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave. Your Wellbeing: Parents/Parents in Law s Insurance (Employer Contribution of 7,000/- annually), Employee Assistance Program, Parental Leave. Flexibility : Hybrid Work Model (For most professional roles) Training: Hands-On, Team-Customized, Mentorship Extra Perks: Free Cab Transport Facility for all employees; One-Time Meal provided to all employees as per shift. Night shift allowances

Alorica India Private Limited is looking for IT.Information Security.Data Security.Analyst II to join our dynamic team and embark on a rewarding career journey Monitor and analyze data security threats Implement policies for secure data access Conduct audits and risk assessments Support compliance and incident response

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

An experienced security analyst who can independently monitor, analyze, and respond to security incidents They possess a deeper understanding of security tools, technologies, and threat landscapes compared to L1 analysts L2 analysts are capable of conducting more complex investigations, threat hunting, and contributing to the improvement of security processes They often act as mentors to L1 analysts and assist in incident escalation and resolution Additional Skills: SOC, DFIR,IR,Vulnerablity management , pentesting

Must haves: Security Testing experienceRoles Responsibilities: Designing the security test cases along with different attack vectors as per the best practices Conduct infrastructure security test, application security testing (SAST, DAST, Pen Test), Data Hub Platform security test, and Blue Yonder SaaS configuration review as per the defined checklist Execution of the security tests and identifying the vulnerabilities Raising of risks and issues to the Security Specialist Interaction with the client stakeholders for access and execution Prepare detailed infrastructure security test, application security testing (SAST, DAST, Pen Test), Data Hub Platform security test, and Blue Yonder SaaS configuration review report for review

Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Job description 2-3 years of Experience in SIEM analyst and incident handling. B.E/B.Tech Roles and Responsibilities: 3+ years experience as a SOC analyst and any SIEM tool. Min 2+ years experience on LogRhythm SIEM. Responsible for alerts monitoring and incident handling. Perform the initial analysis and identify if any potential threat. Analyse security alerts and determine their validity and potential impact on the organization. Review and analyse security logs from various sources (e.g., firewalls, intrusion detection/prevention systems, and endpoint protection) Correlating logs from various security controls to gather more insight of the suspected event. Regularly preparing log monitoring reports and daily security report and proactively work on it. Document security incidents, including the steps taken to resolve them and any lessons learned. Ensure compliance with security policies, procedures, and regulatory requirement Work closely with other IT and security team members to enhance overall security posture. Coordinate with the L2 and L3 for any escalations. Knowledge on cyber kill chain and MITRE Attack frameworks and mythologies. Knowdledge on various cyber attacks in Cyber security world. Certifications: LogRhythm Security Analyst (LRSA) from LogRhythm University CEH

ROLE AND RESPONSIBILITIES The Level 1 IT/OT Engineer executes assigned work orders, including support tickets and project tasks to meet Managed Security Services Provider (MSSP) and other contractually defined obligations for new and existing customer facilities. This role will perform routine and scheduled maintenance and support tasks, work break/fix and other trouble and support tickets, act as a subject matter expert for programs and products offered, and respond to other emergent conditions across the fleet. Candidates must possess a strong understanding of and direct experience with concepts and best practices related to IT/OT systems.This is an opportunity to be part of a world-class team operating at the nexus of two of the most exciting and fastest-growing sectors in renewable energy today: SCADA IT/OT and mission-critical software. Work Location : Chennai Notice period : Immediate Experience : 4 to 6 years Shift : UK Shift PREFERRED EXPERIENCE • Experience in NERC CIP-regulated environments is preferred. • Experience in compliance programs or standard-driven environments (e.g., PCI-DSS, NIST, ISO-27001) • SOC, NOC, or other operation center experience • Work experience in at least one of the following areas: • Network and infrastructure design, deployment, or maintenance. • Power generation, especially renewable energy. REQUIRED QUALIFICATION & EDUCATION • A university technical degree or minimum 1-2 years of relevant IT/OT professional experience. • Direct or indirect service experience and/or experience providing remote support. • Ability to read electrical, network, infrastructure, and cabling drawings. • All applicants must have prior professional IT/OT systems management experience and knowledge in at least two of the following fields: • Server hardware and OS management. • Networking and infrastructure design, implementation, and management. • Cybersecurity, including Next-Generation Firewall configuration and management. Interested candidates can apply to kinnera259@gmail.com. Regards, HR Manager

Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Job description 2-3 years of Experience in SIEM analyst and incident handling. B.E/B.Tech Roles and Responsibilities: 3+ years experience as a SOC analyst and any SIEM tool. Min 2+ years experience on LogRhythm SIEM. Responsible for alerts monitoring and incident handling. Perform the initial analysis and identify if any potential threat. Analyse security alerts and determine their validity and potential impact on the organization. Review and analyse security logs from various sources (e.g., firewalls, intrusion detection/prevention systems, and endpoint protection) Correlating logs from various security controls to gather more insight of the suspected event. Regularly preparing log monitoring reports and daily security report and proactively work on it. Document security incidents, including the steps taken to resolve them and any lessons learned. Ensure compliance with security policies, procedures, and regulatory requirement Work closely with other IT and security team members to enhance overall security posture. Coordinate with the L2 and L3 for any escalations. Knowledge on cyber kill chain and MITRE Attack frameworks and mythologies. Knowdledge on various cyber attacks in Cyber security world. Certifications: LogRhythm Security Analyst (LRSA) from LogRhythm University CEH

Everbridge is seeking an energetic, multi-tasking, and process focused Sales Security Analyst to support our nationwide sales team. The Sales Security Analyst provides a wide range of security, privacy, and operational support to the Everbridge sales team. The Sales Security Analyst will also become a strong user of Salesforce.com and confidential messaging technologies (email and 3rd party based). What youll do Responding to client security inquiries and questionnaires Validating confidentiality and deploying security attestation documentation Reviewing security and compliance requirements in contract negotiations Participating in security control discussions with our Legal Team and clients/prospects Interacting with Everbridge Security & Compliance teams to obtain up to date content/responses Managing and updating security response content and associated security artifacts Creating and configuring environments in Everbridge s SaaS system to be used by sales, technical, and client teams Reviewing and assigning incoming proposals and engaging with our proposal management team as first point of contact for technical and operational support. What youll bring: Minimum experience required for the role is 3 yrs. High level understanding of internet hosted applications, highly available architectures, computer security, telephony, and networking Experience interfacing with business and technical teams Ability to learn, understand, and discuss technical concepts, security/compliance requirements and regulations Ability to maintain a high level of productivity in a fast-paced, team environment while managing multiple competing priorities Strong time management skills with proficiency with the Microsoft Office Suite Knowledge of Salesforce.com application a plus

Security Analyst - J48925 REQUIRED EDUCATION/QUALIFICATIONS/EXPERIENCE Bachelors degree in information technology, information security, computer science, or related field One plus (1+) years of experience working with security solutions and technologies One plus (1+) years of experience working with information/endpoint/network security DESIRED EDUCATION/QUALIFICATIONS/EXPERIENCE Security Operations Center experience Experience with Endpoint Protection Platforms, Network Intrusion Protection Systems, and Web Application Firewalls REQUIRED SKILLS/ABILITIES Basic knowledge of security incident response processes Working knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM, etc.) Understanding of networking protocols (TCP/IP), security methodologies (ACL/NAC), and topologies Working knowledge of Windows and Linux OS Strong critical thinking and problem-solving skills Ability to communicate effectively with other team members Excellent attention to detail and follow-through to completion Ability to handle multiple tasks in a fast-paced and deadline-driven environment DESIRED SKILLS/ABILITIES Solid understanding of Information Security Methodology Working knowledge of analyzing, responding, and remediating network intrusions, web app, and server attacks Working knowledge of scripting (PowerShell, Bash, Python) Knowledge of containerization concepts and tools (Kubernetes, Docker, etc.) Knowledge of root cause determination Understanding of impacts to environment and clients WORKING ENVIRONMENT/PHYSICAL DEMANDS Work at assigned locations Perform tasks for long periods of time on a computer Regular attendance and a regular work schedule are essential functions of this job Work includes on call rotations as part of a 24/7/365 team Required Candidate profile Candidate Experience Should Be : 1 To 3 Candidate Degree Should Be : BE-Comp/IT,BE-Other

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India. About the Job: The Managed Services Senior Security Analyst is responsible for providing security solutions to clients. The Senior Security Analyst will demonstrate the capacity to consistently meet and exceed client expectations, by representing and reinforcing the Cyderes brand through positive interaction with other teams within the company. Perform deep dive investigations into security threats, understand and implement MITRE mapping to identify customers current security posture. Responsibilities: Provide overall guidance, instructions, and mentorship to other Security Analysts Perform triage and security investigation based on advanced analysis tasks across the endpoint, server, and network and provide recommendations. Perform remediation actions wherever applicable. Coordinate Incident investigations and perform deep dive analysis on detected threats. Understand and identify indicators of attack and compromise in alerts, by hunting through data, and from review of investigation notes. Have full understanding of the MITRE ATT&CK framework. Mapping custom use cases to tactics and techniques. Update documentation and runbooks to avoid repeatable alerts. Document, communicate recommendations and guidelines based on results of analysis. Analyze, review, and provide raw log data for more insight into escalations through SIEM. Communicate effectively orally and in writing. Maintain current knowledge and understanding of threat landscape. Requirements: 5 or more years of progressing/in-depth IT security experience. Practical experience in a senior role within the last three years and demonstrated ability to carry out the functions of the job. Previous Experience with any of the two leading SIEM like Splunk, Sentinel, Chronical etc. Previous experience on any of the EDR tools like - Defender, SentinalOne, CrowdStrike etc. Advanced knowledge SIEM platform and query language (KQL or SPL.) Possess at least one industry certification Sec+, CEH SC200, CC (Cloud Fundamental Security knowledge). Prior knowledge of SOAR platform such as Siemplify, Forti soar etc. Understanding of Phishing and email header analysis. Contributing on whitelisting, Tuning management. Experience in SOC and Incident Response activities. Expert-level Analysis of security events. SIEM content management knowledge is an advantage. Basic scripting or development experience will be an added advantage. Cyderes i s an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status. Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.

Join Natus Sensory to start a new adventure in the medical device industry today and make a difference in someone s life. Our Product Security Analyst (Remote) works closely with global cross-functional teams to protect the confidentiality, integrity, and availability of Natus medical devices and services from information security threats and vulnerabilities. The role supports customer product security and privacy inquiries, security and privacy product assessments, and the Natus secure development lifecycle, including new strategies, policies, procedures, and best practices. Here s what you can expect: Location: Remote Main Responsibilities Serve as the Subject Matter Expert (SME) on industry threat intelligence and best practices. This will require conducting research and staying up-to-date on emerging security trends, threats, and technologies while working closely with cross-functional teams to identify and deploy solutions within Natus products. Conduct Product Security Risk Assessments working with cross-functional teams as needed to identify threat sources and determine the likelihood and impact of successful exploitation of vulnerabilities on product assets and functions. Work with cross-functional teams to create Product Security Requirements based on risk assessment results, industry best practices and guidelines, customer feedback, emerging trends, threats intelligence, and emerging technologies. Work with Engineering teams to assess the cybersecurity posture products supporting security testing activities (e.g. SAST, SCA, Vulnerabilities Analysis, Pen Testing, etc.). Work with Marketing, Sales, and Service to respond to customer inquiries, questionnaires, and risk assessments Travel: Up to 10% domestic or international travel on an as needed basis to visit a Natus or customer site for complex investigations Qualifications Product Security Analyst Qualifications Bachelors degree (B.A.) from a four-year college or university and five years related experience and/or training; an equivalent combination of education and experience can be considered At least three years related experience in Cybersecurity in a heavily regulated environment Demonstrated experience with system security, security compliance and securing developmental lifecycles Knowledge of Information security risk assessment methodologies and standards Ability to communicate with and influence technical and non-technical customers, colleagues, and vendors Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines in a fast paced environment Strength in statistical analysis, identification of trends, matching information to issues and relevant reporting Developing knowledge of information security best practices, standards, guidelines, and frameworks, including NIST 800-53, NIST RMF, and NIST CSF. Strongly preferred: FDA Pre-market and Post-market Guidance for Cybersecurity in Medical Devices, the HIPPA Security Rule, HSCC Joint Security Plan, AAMI TIR57, ISO/IEC 27000 family. We offer The role is a work-from-home remote position. Minimal travelling: less than 5% Collaborative and international environment with different cultures. English company language. EEO Statement Natus Sensory is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Security Analyst - J48925 REQUIRED EDUCATION/QUALIFICATIONS/EXPERIENCE Bachelors degree in information technology, information security, computer science, or related field One plus (1+) years of experience working with security solutions and technologies One plus (1+) years of experience working with information/endpoint/network security DESIRED EDUCATION/QUALIFICATIONS/EXPERIENCE Security Operations Center experience Experience with Endpoint Protection Platforms, Network Intrusion Protection Systems, and Web Application Firewalls REQUIRED SKILLS/ABILITIES Basic knowledge of security incident response processes Working knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM, etc.) Understanding of networking protocols (TCP/IP), security methodologies (ACL/NAC), and topologies Working knowledge of Windows and Linux OS Strong critical thinking and problem-solving skills Ability to communicate effectively with other team members Excellent attention to detail and follow-through to completion Ability to handle multiple tasks in a fast-paced and deadline-driven environment DESIRED SKILLS/ABILITIES Solid understanding of Information Security Methodology Working knowledge of analyzing, responding, and remediating network intrusions, web app, and server attacks Working knowledge of scripting (PowerShell, Bash, Python) Knowledge of containerization concepts and tools (Kubernetes, Docker, etc.) Knowledge of root cause determination Understanding of impacts to environment and clients WORKING ENVIRONMENT/PHYSICAL DEMANDS Work at assigned locations Perform tasks for long periods of time on a computer Regular attendance and a regular work schedule are essential functions of this job Work includes on call rotations as part of a 24/7/365 team Required Candidate profile Candidate Experience Should Be : 1 To 3 Candidate Degree Should Be : BE-Comp/IT,BE-Other

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

Monitor and investigate security alerts to identify unwanted activity and security incidents. Respond to suspicious activity reports or other security concerns raised by anyone in the company. Conduct forensic investigations of security incidents and prepare incident reports. Participate in 24x7 security monitoring process. Implement lessons learned from security incidents. Develop and improve security monitoring tools including SIEM and EDR. Preform ad hoc coding for threat hunting, evidence analysis, asset inventory collection and other purposes. Identify events that are relevant to security monitoring and prepare detailed technical solutions to collect, store and analyze those. Contribute to Security Operations processes improvement. Review Incident Response policies and procedures. Support ISO27001 and other technical compliance requirements within your areas of responsibility. Influence your colleagues to build and operate secure infrastructure correctly Requirements: Expert understanding of Threat Assessment, Proactive Threat Hunting with various Security tools. Expert in understanding of the full cyber threat/attack lifecycle, including attack vectors, methods, and TTPs. Confidence with working in Linux environments and knowledge of AWS, Azure AD and Microsoft 365[E3&E5]. Must have the ability to develop and write clear and concise emails, memos, and incident reports for company stakeholders and senior leadership. Strong organizational skills Must have the ability to work independently with minimal supervision and make sound decisions in high pressure environments. Aptitude for learning and applying new skills. Experience of 4 to 7 Years WHAT WE OFFER Professional and personal development Opportunities to progress within a dynamic team. Close and collaborative colleagues

Monitor and investigate security alerts to identify unwanted activity and security incidents. Respond to suspicious activity reports or other security concerns raised by anyone in the company. Conduct forensic investigations of security incidents and prepare incident reports. Participate in 24x7 security monitoring process. Implement lessons learned from security incidents. Develop and improve security monitoring tools including SIEM and EDR. Preform ad hoc coding for threat hunting, evidence analysis, asset inventory collection and other purposes. Identify events that are relevant to security monitoring and prepare detailed technical solutions to collect, store and analyze those. Contribute to Security Operations processes improvement. Review Incident Response policies and procedures. Support ISO27001 and other technical compliance requirements within your areas of responsibility. Influence your colleagues to build and operate secure infrastructure correctly Requirements: Expert understanding of Threat Assessment, Proactive Threat Hunting with various Security tools. Expert in understanding of the full cyber threat/attack lifecycle, including attack vectors, methods, and TTPs. Confidence with working in Linux environments and knowledge of AWS, Azure AD and Microsoft 365[E3&E5]. Must have the ability to develop and write clear and concise emails, memos, and incident reports for company stakeholders and senior leadership. Strong organizational skills Must have the ability to work independently with minimal supervision and make sound decisions in high pressure environments. Aptitude for learning and applying new skills. Experience of 4 to 7 Years

Job Category: IT Job Type: Full Time Job Location: Bangalore Chennai Hyderabad Mumbai Pune Detailed JD Exp: 6+ Location: Mumbai / Pune / Chennai / Bangalore / Hyderabad JD Possess proficient skills in managing various router and firewalls for best practices, with expertise particularly in Fortinet, Cisco, and Palo Alto. Experience with firewall rules auditing. Experience with SIEM tools. Experience with automation tools (SOAR). Particularly in Palo Alto XSOAR. Experience with cloud service providers (AWS, Azure, GCP) Experience with remote access tools (Palo Alto Prisma SASE, Citrix etc.) Basic Knowledge of OT and IoT security. Define standards, review the design and work on continuous improvement of Flex cyber security posture Fortinet SDWAN Kind Note: Please apply or share your resume only if it matches the above criteria.

Job Category: IT Job Type: Full Time Job Location: Bangalore Chennai Hyderabad Mumbai Pune Detailed JD Exp: 6+ Location: Mumbai / Pune / Chennai / Bangalore / Hyderabad JD Proficient with managing endpoint protection tools- (Prisma Palo alto global protect VPN, EDR) Identify, diagnose, and solve malware related issues as they arise, troubleshoot, and address them by implementing required adjustments to security solutions. Windows OS administration knowledge. Basic knowledge in configuring and troubleshooting various routers, switches, firewalls, and wireless controller models.Experienced on problem solving with ability to connect the dots from different teams and different sources. Kind Note: Please apply or share your resume only if it matches the above criteria.

Security monitoring experience with one or more SIEM technologies - Splunk, DNIF, HP ArcSight. QRadar Monitor alerts automatically generated by security systems. Basic Investigation and reporting Monitor threats and new attack techniques being disclosed in the Investigate events to determine if they are true events or false positives. Create new ways to search for potentially suspicious events on systems Provide different types of data to measure security and compliance Qualifications. The security analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier 2 information security specialist, and/or customer as appropriate to perform further investigation and resolution. Adher and follow ITIL process (incident, problem, and change configuration management).

Security monitoring experience with one or more SIEM technologies - Splunk, DNIF, HP ArcSight. QRadar Monitor alerts automatically generated by security systems. Basic Investigation and reporting Monitor threats and new attack techniques being disclosed in the Investigate events to determine if they are true events or false positives. Create new ways to search for potentially suspicious events on systems & Provide different types of data to measure security and compliance Qualifications. The security analyst monitors security events from the various SOC entry channels (SIEM, Tickets, and Phone), based on the security event severity, escalate to managed service support teams, tier 2 information security specialist, and/or customer as appropriate to perform further investigation and resolution. Adher and follow ITIL process (incident, problem, and change & configuration management).

Job Title: L1 SOC Analyst Experience : 2 to 3 years Location: Trivandrum, Kochi, Chennai, Bangalore, Hyderabad Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 1 year of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with SIEM or similar security tools (Splunk or Qradar or Sentinel). Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.

Job Title: L1 SOC Analyst Experience : 2 to 3 years Location: Trivandrum, Kochi, Chennai, Bangalore, Hyderabad Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 1 year of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with SIEM or similar security tools (Splunk or Qradar or Sentinel). Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.