1107 Security Monitoring Jobs - Page 10

Job Requisition ID # 25WD91177 Position Overview The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents. Responsibilities Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents Help create and maintain process tools and documentation Perform all stage of incident response from detection to postmortem Collaborate with stakeholders in building and improving our Security Orchestration Platform Clearly document notes for incidents in our case management solution Perform basic forensics and malware analysis based on our playbooks and procedures Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement Maintain a high level of confidentiality and Integrity Minimum Qualifications BS in Computer Science, Information Security, or equivalent professional experience 2+ years of cyber security experience in incident response Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics Strong understanding of Security Operations and Incident Response process and practices Experience performing security monitoring, response capabilities, log analysis and forensic tools Strong understanding of operating systems including Windows, Linux and OSX Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team Excellent verbal and written communication skills Ability to design playbooks for responding to security incidents Ability to support off-hours, weekends, and holidays if needed in support of incident response Preferred Qualifications Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired #LI-PJ1 Learn More About Autodesk Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world. When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future Join us! Salary transparency Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package. Diversity & Belonging We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: Are you an existing contractor or consultant with Autodesk Please search for open jobs and apply internally (not on this external site).

As an OCI Security Engineer at our world-leading global engineering company, your primary responsibility will be to build and manage Security Operations in OCI environments globally. You will be expected to possess the following key knowledge and skills: - Proficiency in Oracle Cloud Infrastructure (OCI) services, including IAM, VCN, WAF, and encryption mechanisms. - Ensuring the secure operation of Oracle ERP applications in OCI, covering databases, middleware, and integrations. - Monitoring event queues and utilizing security management tools effectively. - Knowledge of OCI Security Services and their implementation. - Handling Reporting & MI, Management Information, KPIs, KRIs, Compliance reporting, Audits, ITGC Controls, and Data Protection Compliance. - Identifying, categorizing, prioritizing, and investigating correlated events. - Collaborating and coordinating with multiple teams on security and operational incidents within a globally distributed team. In the domain of Access Control, you will be responsible for: - Managing and monitoring identity and access management (IAM) policies in OCI. - Ensuring least privilege access and proper role-based access controls (RBAC). - Implementing and enforcing multi-factor authentication (MFA) and secure access methods for OCI resources. - Experience in Oracle Access and Segregation of Duties, along with Oracle Identity and Access Management, IDCS, Roles and Permissions, and Privileged Access. For Security Monitoring and Incident Response, you will: - Implement and manage security monitoring tools like Oracle Cloud Guard, Oracle Security Zones, and CASB. - Monitor logs and alerts for OCI services to detect and respond to potential security threats. - Develop and maintain incident response capabilities in OCI and Oracle ERP environments. - Lead the response to security incidents, including investigation, mitigation, and post-incident analysis. - Perform investigation and triage of events and incidents, escalating as per standard operating procedures. - Develop reports, dashboards, real-time rules, and filters on large-scale systems. In terms of Compliance and Governance, your responsibilities will include: - Ensuring compliance with industry standards like ITGC controls, SOX, and internal security policies. - Monitoring and enforcing security policies, procedures, and standards for OCI operations and Oracle ERP systems. - Providing guidance and training to internal teams on OCI security best practices. - Familiarity with Information Security and regulatory frameworks and standards. Lastly, in Automation and Optimization, you will be expected to: - Automate security processes and incident response workflows using OCI native tools and third-party security solutions. - Optimize the security configuration and posture of the OCI environment through continuous monitoring and improvement. - Possess knowledge of Oracle Database security and database security tools. If you are passionate about ensuring the security and compliance of OCI environments on a global scale while driving automation and optimization initiatives, we welcome you to join our team as an OCI Security Engineer.,

As an Automotive Threat Detection & Automation Engineer, you will be responsible for developing automated solutions and enhancing security monitoring processes within the automotive sector. Based in Whitefield, Bangalore, you will leverage your strong background in programming and automation to contribute effectively to our team. Your primary skills should include proficiency in at least 2 Scripting/Programming Languages such as Python, JavaScript, C++, Ruby, PHP, or Rust. Additionally, you should have knowledge in Machine Learning, Big data analysis techniques and tools, as well as experience with tools like SIEM, CSP, and WAF. Understanding of Vehicle architecture and platform is essential for this role. It would be advantageous if you have previous experience in the Automotive industry and possess knowledge in security monitoring, Vulnerability Assessment, and malware assessment. Familiarity with Cyber incident analysis techniques, Advanced forensics, and threat intelligence would be a plus. Moreover, having expertise in in-vehicle architecture, vehicle telematics, and connected car technologies is beneficial. Your key responsibilities will involve reading and analyzing Security incidents and Assessment, performing automation using various Programming/Scripting Languages, working independently on assigned activities, collaborating with team leads and customers to understand requirements, and communicating effectively with relevant stakeholders for releases. If you are a proactive individual with a passion for security automation and a desire to make a significant impact in the automotive industry, we encourage you to apply for this position and join our dynamic team in Whitefield, Bangalore.,

As a Director of Application Operations at S&P Global Ratings, you will be leading a team that is an integral part of the global Site Reliability Engineering group. Your primary responsibility will be to ensure the stability, reliability, and engineering of critical applications used by analysts to conduct business operations. By focusing on uptime, quality, performance, and continuous improvement, you will play a key role in enhancing user experience, operational efficiency, and overall business outcomes. Your impact will extend beyond the immediate team as you shape the reliability and performance standards of critical applications. By driving automation and leveraging cloud technologies, you will contribute significantly to the organization's strategic goals and reduce operational toil, while also enhancing user experience. Your role will involve nurturing team members through upskilling and cross-skilling initiatives to ensure excellence within the team. Your responsibilities will include team management, balancing daily operational tasks with strategic projects, driving adoption of new technologies, mentoring and guiding team members, and collaborating with cross-functional teams to ensure seamless integration and support for new initiatives. You will also be responsible for overseeing daily operations, setting roadmaps, establishing goals for team members, and providing the necessary support for their success. You will lead efforts to improve system stability by implementing monitoring and AIOps practices to prevent critical incidents and minimize business impact. Addressing system vulnerabilities proactively, refactoring applications to containerized services, and collaborating with business users to understand needs and develop solutions will be key aspects of your role. Monitoring system performance, reducing incidents, improving incident resolution times, implementing disaster recovery plans, and leading DevOps transformation to enhance value delivery, cost reduction, and release velocity will also fall under your purview. Your role will involve participation in architecture and development design reviews, automation of tasks, simplification of processes, and promoting self-service to reduce manual effort. Additionally, you will collaborate with value streams to align objectives, improve SRE maturity levels, and drive knowledge sharing and dependency reduction. In this role, you will have the opportunity to work with a talented team on cutting-edge technology solutions, focusing on automation, cloud technologies, and performance optimization. You will collaborate with value stream leads to enhance SRE practices and maturity levels within the organization. Basic qualifications for this role include a bachelor's degree in computer science or equivalent work experience, 15+ years of IT experience, expertise in IT operations and/or Site Reliability Engineering, proficiency in multi-cloud environments, proactive monitoring, automation, and team management skills. Strong communication skills, the ability to build effective teams, manage stakeholders, and drive cost management efforts are also essential. Preferred qualifications include experience in application and data architecture, high availability systems design, technical deep-dives, Agile software development, security frameworks, and ITSM process transformation. Join us in this exciting role to make a significant impact on critical applications, improve operational efficiency, and drive innovation within S&P Global Ratings.,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities:Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs.Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.Validate log sources and indexed data, optimizing search criteria to improve search efficiency.Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential.Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation.Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10.Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.TCP/IP networking skills for packet and log analysis.Experience working with Windows and Unix platforms.Familiarity with databases is an advantage.Experience in GCP, AWS and Azure environments is a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Platform Engineering.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Palo Alto Networks - Firewalls. Experience5-8 Years.

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: Cisco IronPort Email Security Appliances. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Title: Level 2 Cyber Security Analyst Experience Required: 3-6 Years Location: Work from office (Gurugram) Shift Timing : 24x7 Job Responsibilities: Incident Investigation: Conduct thorough investigations of security incidents using IBM QRadar, ensuring timely and accurate identification, analysis, and resolution of security threats. Support Level 1 Analysts: Provide guidance and support to Level 1 analysts, assisting with complex issues and ensuring effective incident response and escalation procedures. Use Case Understanding: Develop and maintain a deep understanding of security use cases, ensuring the effective implementation and monitoring of security controls. Rotational Shifts: Be prepared to work in rotational shifts to provide 24/7 security monitoring and incident response. Collaboration: Work closely with other IT and security teams to ensure comprehensive security coverage and effective incident management. Documentation: Maintain detailed and accurate documentation of incidents, investigations, and resolutions to support continuous improvement and compliance requirements. Training and Development: Stay updated with the latest security trends, tools, and best practices, and participate in ongoing training and development opportunities.

About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentrals global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidates work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications Requirements: 2+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Say hello to possibilities. Its not everyday that you consider starting a new career. Were RingCentral, and were happy that someone as talented as you is considering this role. First, a little about us, were the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interactiongiving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. Were a $2 billion company thats growing at 30+% annually. We are currently looking for a Security Operations Center Analyst , and the key responsibilities are the following: Security Operations Center Analyst About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentrals global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidates work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications Requirements: 2+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Your Career We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Analyst, we will rely on you to detect and respond to cyber incidents facing customers internal business. The ideal candidate is a quick learner and good communicator who will be able to follow established processes for analyzing threat alerts that fire from our Cortex XDR. The candidate should be a creative thinker who takes pride in solving tough problems. Your Impact Join a new emerging team who is going to be part of Palo Altos Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands Qualifications Your Experience 3+ years of experience in a multi tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis or equivalent military experience - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage Additional Information The Team The team youll lead helps protect customers by identifying the most sophisticated & stealthy attacks in their environment. The team does so by leveraging the Cortex product suite as well as unique tools, methodologies and techniques. Cortex provides enterprise-scale detection and response that runs on integrated endpoint, network and cloud data reduce the noise and focus on real threats. This team works closely with the different product teams and helps improve each and every product by providing first-hand insights into how the product is used and how it can perform even better.

You are a highly skilled NOC Security & Backup/Disaster Recovery Engineer responsible for ensuring the availability, reliability, and security of the IT infrastructure for both OneMind and its customers. Your role involves providing 24x7x365 support, resolving incidents, and ensuring business continuity by combining expertise in network operations, security monitoring, and backup/disaster recovery. Your responsibilities include providing first-level 24x7x365 escalation support, monitoring, troubleshooting, and maintaining network, server, and storage infrastructure using various tools, answering customer calls to deliver technical support, diagnosing and resolving issues across different environments, configuring, operating, and upgrading routers, switches, and firewalls, administering and monitoring enterprise backup solutions, executing, testing, and documenting backup and disaster recovery plans, monitoring storage performance and capacity, responding to security incidents, using remote administration tools to diagnose and remediate issues, and creating detailed documentation of calls, incidents, backup logs, and system changes. You should have a strong technical knowledge of networking, operating systems, and storage infrastructure, proficiency in IP networking fundamentals, experience with enterprise backup and disaster recovery solutions, familiarity with network security principles and incident response practices, ability to monitor performance metrics and recommend improvements, strong troubleshooting skills, and excellent communication skills. Preferred qualifications include Cisco Certified Network Associate (CCNA) or higher certification, certification in Backup & Disaster Recovery or Business Continuity Planning (BCP), experience with storage replication technologies and high-availability solutions, 1-3 years of experience in a Network Operations Center (NOC) environment, and willingness to participate in on-call rotations and respond to emergencies promptly. The benefits of this position include attractive bonus/incentive plans, comprehensive healthcare coverage, flexible remote work options, a supportive work environment, stable career opportunities with room for growth and paid certifications, and generous rewards and recognition programs, along with 18 paid holidays.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY-cyber security team, you will work as a SOC analyst who will assist clients in detecting and responding to security incidents with the support of their SIEM, EDR, and NSM solutions. We are looking for a Security Analyst with experience in SIEM, EDR, and NSM solutions. Your key responsibilities include: - Providing operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Handling the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, and NSM solutions. - Providing near real-time analysis, investigation, and reporting security incidents for customers. Skills and attributes for success: - Customer Service oriented - meets commitments to customers and seeks feedback from customers to identify improvement opportunities. - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst's point of view. - Exposure to IOT/OT monitoring (Claroty, Nozomi Networks, etc.) is a plus. - Good knowledge and experience in Security Monitoring. - Good knowledge and experience in Cyber Incident Response. - Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop. - Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. To qualify for the role, you must have: - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Demonstrate both technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification - CEH, ECSA, ECIH, Splunk Power User. Working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

Cyble is at the forefront of cybersecurity intelligence, aiming to provide visibility, intelligence, and protection through cutting-edge technology. With a global presence spanning 20 countries and a commitment to proactive cyber threat detection, Cyble is dedicated to making the digital world a safer place for all. At Cyble, innovation and artificial intelligence drive our operations, ensuring continuous improvement and excellence in products and practices. We prioritize inclusivity, offering autonomy and flexibility to our team members for a balanced professional and personal life. Our culture values every voice, recognizes contributions, and encourages everyone to be part of our extraordinary mission. To learn more about Cyble, visit www.cyble.com. As a Cyber Threat Intelligence Analyst at Cyble, you will be a vital part of our cybersecurity team, responsible for identifying, analyzing, and responding to security threats to enhance our cybersecurity posture continuously. In this role, your responsibilities will include: - Staying updated on the latest cybersecurity threats, vulnerabilities, and attack techniques by monitoring threat intelligence feeds and industry sources. - Leading and participating in incident response activities, from identification to recovery, and conducting post-incident analysis for continuous improvement. - Utilizing advanced security tools to monitor networks, systems, and applications, investigating and resolving security alerts promptly and effectively. - Conducting regular vulnerability assessments, collaborating with customer teams to address identified vulnerabilities, and performing forensic analysis on security incidents and breaches. - Contributing to security research, developing security policies, procedures, and best practices, evaluating potential security risks, and collaborating with teams to implement risk mitigation strategies. - Working closely with cross-functional teams, providing clear communication of threat intelligence to technical and non-technical audiences, and staying updated on industry trends through continuous learning. To qualify for this role, you will need: - A Bachelor's degree in Cybersecurity, Information Security, or a related field. - 4+ years of experience in threat analysis, incident response, and cybersecurity. - Relevant certifications such as CISSP, CISM, GIAC, or equivalent. - Proficiency in security tools and technologies for threat detection and analysis. - Strong analytical and problem-solving skills, along with excellent written and verbal communication abilities. Join Cyble's dynamic team and be part of our mission to revolutionize cybersecurity intelligence and create a safer digital environment for all.,

You will be responsible for improving the organization's information security posture to reduce the risk of cyber attacks on wind farms and its infrastructure, thereby minimizing financial and operational losses. Your role will involve building trust with customers and ensuring organizational compliance with regulators to avoid penalties. Cyber attacks have the potential to harm the organization's reputation and misuse its data. Therefore, a key objective will be to make the organization cyber resilient to mitigate these risks effectively. Your key responsibilities will include: - Developing, implementing, and maintaining OT security policies, standards, and procedures to safeguard critical infrastructure and operations. - Conducting regular risk assessments of OT systems and networks, identifying vulnerabilities, and implementing appropriate security controls and countermeasures to mitigate risks. - Monitoring OT systems for security threats and incidents, responding to security breaches, and implementing corrective actions to prevent recurrence. - Ensuring compliance with industry regulations and standards such as NIST, IEC 62443, and conducting regular security audits to maintain a secure environment. - Managing incidents effectively and efficiently to minimize the impact on operations. - Conducting security awareness training for employees to foster a strong security culture within the organization. - Managing relationships with OT security vendors to ensure that their products and services meet the organization's security requirements. To be successful in this role, you should have: - 7+ years of experience in OT security management with a solid understanding of security principles and best practices. - Minimum 3-5 years of experience in assessing against standards and frameworks such as IEC-62243/ISA-99, NIST CSF, NERC CIP, etc. - Relevant certifications such as CISSP, GICSP, GRID, GCIP, etc. to demonstrate your expertise in the field.,

Job Description Role: SOC Analyst Exp: 2 to 4 Years Job Location: Mumbai (Powai - Hiranandani) It is 5 Days Working Work From Office Role Core duties and responsibilities: Security Monitoring: Continuously monitor security alerts, logs, and other data sources using tools like SIEM (Security Information and Event Management) systems, IDS/IPS, firewalls, and endpoint security solutions to detect suspicious activities. Incident Detection and Response: Identify and categorize security incidents (e. g. , malware infections, data breaches), investigate their root cause, contain the threat (e. g. , isolating affected systems), and mitigate the impact. Alert Triage: Assess alerts generated by security tools, prioritizing them based on severity and urgency to focus on the most critical threats. Threat Hunting: Proactively search for potential security threats that may evade automated tools, analyzing logs, traffic patterns, and other data for anomalies. Reporting and Documentation: Create detailed reports on security incidents, investigations, and response actions for management and other stakeholders, ensuring compliance with relevant regulations. Security Tool Management: Manage and operate security technologies, ensuring they are updated and functioning correctly. Threat Intelligence: Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques through threat intelligence sources and research. Collaboration: Work closely with other security professionals (e. g. , incident responders, threat hunters) and IT teams to investigate and resolve security issues.

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Network Security Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.A 15 year full time education is required. Qualification 15 years full time education

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Security Log Monitoring. Experience5-8 Years.

Basic Knowledge Required: Comprehensive knowledge of firewalls, load balancers, and Secure Network Access Control (NAC) operations. Solid understanding of both static and dynamic routing protocols. Fundamental skills in packet capture and analysis. Work Experience: At least 3 years of experience exclusively with Fortigate Firewalls. Experience with at least one other firewall platform, such as Cisco or Palo Alto. At least 3 years of experience exclusively with F5 Load Balancers. Proficient in F5 LTM/GTM implementation, design, and L2/L3 troubleshooting, with experience in the APM module of F5. Roles and Responsibilities : Regularly engage with customers via voice calls, emails, and remote screen sharing to resolve issues within the SLA. Document solutions provided to customers in the ticketing tool. Troubleshoot P1/P2 incidents by collaborating with different teams to ensure timely resolution within the SLA. Prepare RCA documentation using the appropriate RCA template. Implement best practices or preventive measures based on RCA action items. Be willing to work in a 24/7 environment

Your Career We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Analyst, we will rely on you to detect and respond to cyber incidents facing customers internal business. The ideal candidate is a quick learner and good communicator who will be able to follow established processes for analyzing threat alerts that fire from our Cortex XDR. The candidate should be a creative thinker who takes pride in solving tough problems. Your Impact Join a new emerging team who is going to be part of Palo Altos Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands Qualifications Your Experience 3+ years of experience in a multi tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis or equivalent military experience - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage Additional Information The Team The team youll lead helps protect customers by identifying the most sophisticated & stealthy attacks in their environment. The team does so by leveraging the Cortex product suite as well as unique tools, methodologies and techniques.

Job Title: Security Operations Center (SOC) Analyst Experience: 8+ Years Location: Hyderabad (Hybrid Mode of work) Department: Cybersecurity / Security Operations Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (5 - 8 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 58 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelors degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Your Role Administer and develop solutions usingSplunkandSplunk Security Essentialsto support enterprise security monitoring and analytics. Design, implement, and maintain Splunk dashboards, alerts, and reports to provide actionable insights into security events. UtilizeUNIX shell scripting or Pythonto automate data ingestion, parsing, and enrichment processes. Lead and manage security-related projects from planning through execution, ensuring timely delivery and alignment with business goals. Collaborate with cross-functional teams to define requirements, manage risks, and ensure stakeholder satisfaction. Your Profile 5 to 10 yearsof experience in IT security with a strong focus onSplunk administration and development. Proficiency inSplunk Security Essentials, data onboarding, and custom dashboard creation. Strong scripting skills inUNIX shellorPythonfor automation and integration. Solid understanding ofAgile/Scrum methodologiesand project lifecycle management. Proven experience in leading cross-functional teams and managing complex security projects. What You Will Love Working at Capgemini Work on cutting-edge security analytics platforms likeSplunkin enterprise-scale environments. Lead impactful projects that enhance cybersecurity posture for global clients. Clear career progression paths from engineering to leadership and consulting roles. Collaborate with diverse teams in a supportive, inclusive, and innovation-driven culture. Gain exposure to modern security frameworks, automation tools, and real-time threat intelligence.