1107 Security Monitoring Jobs - Page 16

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Responsibilities: * Conduct threat analysis using SOC tools like QRadar & LogRhythm. * Collaborate with incident response team on security incidents. * Monitor network activity for suspicious behavior.

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. **Duties and Responsibilities:** - Support Client Data Loss Prevention (DLP) initiatives through monitoring and investigation of email, network, and endpoint DLP alerts. - Performs remediation actions to resolve incidents relating to violations of Client Information Security policies. - Establishes and maintains effective service relationships with business users - keeping them informed of the status of their security requests and tickets; understanding their business needs and escalating as necessary; providing non-technical answers to security questions that come in via email or hotline; and explaining the rationale behind security policies, procedures, and monitoring. - Keeps management within the department informed by communicating progress, issues, concerns, and opportunities. Assesses and immediately notifies the manager of any potential information security breach and security issues that may have a negative impact on business operations. - Identifies opportunities to improve the quality, efficiency, and effectiveness of the team. - Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. - Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. - Participates in the development of team and departmental objectives. - Participates in special projects and performs other duties as assigned. - Supporting the clients" team by acting as an interim team member (e.g. security officer, security manager, security analyst.) - Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. **Qualifications:** - Undergraduate degree in information/cybersecurity, an information technology-related field, or equivalent combination of training, certifications, and experience. - 4-6 years related experience. - CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. - Knowledge of security concepts, theories, and best practices. - Ability to analyze and demonstrate problem resolution skills. - Demonstrated ability to work collaboratively as well as independently, with attention to detail. - Demonstrated ability to be flexible and exercise good judgment. - Demonstrated strong organization and time management skills. - Strong verbal, written, and interpersonal communication skills. - Ability to deal effectively with various levels of business unit crew and management. - Experience on Elastic SIEM, Tines SOAR, and CrowdStrike EDR is good to have. **Special Factors:** - Willing to work in a hybrid model (3 days in the office) in a rotational shift. - Weekend availability/flexibility to work weekends is a MUST. - Willing to support the US shift (Night shift),

Key Responsibilities : Threat Detection & Response Security Monitoring Incident Response Threat Intelligence: Vulnerability Management Security Automation Compliance & Risk Management Security Assessments Collaboration:

SL Lumax Limited is seeking a proactive and responsible Security Officer to join our team at Irungattukottai. The ideal candidate will have strong organizational skills and experience in transport coordination and security operations. Role & responsibilities 1. Monitor and ensure inward and outward movement of materials, visitors, and vehicles. 2. Handle daily transport follow-up and coordination for staff movement. 3. Cab arrangement and scheduling based on shift timings and requirements. 4. Maintain daily logs of security activities and incidents. 5. Ensure compliance with company safety and security protocols. 6. Coordinate with internal departments and external agencies for smooth security operations. 7. Strong knowledge of security management.

":" Job Title: L2 SOC Analyst LogRhythm SIEM Location: Mumbai, India Employment Type: Full-Time | Onsite About the Role: We are looking for an experienced L2 SOC Analyst to strengthen our Security Operations Center in Mumbai. The ideal candidate will have 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly on LogRhythm SIEM. You will be responsible for in-depth analysis, incident investigation, escalation, and coordination with response teams. Key Responsibilities: - Monitor, analyze, and triage security alerts from LogRhythm SIEM and other security platforms - Investigate and validate security incidents with detailed analysis and impact assessment - Conduct threat hunting and advanced log correlation as per SOC playbooks - Respond to incidents as per defined escalation matrix and coordinate with internal/external teams - Perform root cause analysis, recommend containment and mitigation actions - Provide guidance and mentorship to L1 SOC Analysts for escalated incidents - Prepare incident reports, analysis summaries, and dashboards for management - Monitor and report SIEM health, log source integration issues, and tuning requirements - Participate in continuous improvement of detection rules and SOC processes - Work in 24x7 rotational shifts with readiness for critical incident handling Required Skills & Competencies: - 2 to 5 years of SOC operations experience, with a focus on SIEM monitoring and incident handling - Strong hands-on experience with LogRhythm SIEM (Mandatory) - Good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities - Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms - Familiarity with MITRE ATT&CK framework and threat intelligence usage - Strong analytical thinking, incident response capabilities, and problem-solving skills - Good communication skills for incident reporting and escalation Preferred Certifications: - LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA) - Optional - CompTIA Security+, CEH, CySA+, or equivalent security certifications - Any threat hunting or incident response certification is a plus Work Mode: Onsite Mumbai SOC Facility Shift: 24x7 Rotational Shifts (Including Nights and Weekends) ","

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities:Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs.Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.Validate log sources and indexed data, optimizing search criteria to improve search efficiency.Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential.Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation.Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10.Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.TCP/IP networking skills for packet and log analysis.Experience working with Windows and Unix platforms.Familiarity with databases is an advantage.Experience in GCP, AWS and Azure environments is a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Platform Engineering.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Position Title: Identity Engineer Reports To: Director, Infrastructure Security The Senior Identity Engineer is accountable for securing identities and provisioning the right level of access for our user identities, machine identities, and admin identities. Key Responsibilities : 1. Leadership & Strategy: Exemplify security principles and culture Contribute to and implement a robust identity security strategy Effectively partner across security, technology, and business teams Develop effective Identity security metrics and use them to drive improvements 2. Identity Security Standards: C ontinuously improve Identity and Access Governance and Privileged Access Management security standards and guidelines in alignment with risk and compliance requirements Measure and report on CDK s compliance with the above defined security standards Drive adoption of the security standards through close partnership with technology teams, design and implementation of new technologies , and building new or improving existing processes 3. Identity Security Engineering: B uild, implement, and operate IAM, PAM, IGA, and Secrets Management solutions C onsult on secure machine identity and secrets management architectural patterns to be used in modern applications and cloud environments Develop and implement effective privileged access strategies to reduce security risk Collaborate with product and technology teams on developing and implementing effective secrets management solutions 4. Identity Security Operations: Develop and operate processes for user account lifecycle management, secrets management, and email/collaboration security. Collaborate with Security Operations team to assure effective security monitoring and response capabilities for CDK identity and end user technologies Provide 24x7 tier 2/3 support for identity and end user security technologies Required Qualifications: Education: Bachelor s degree in Computer Science , Information Security, or a related field; or an equivalent experience Experience: Minimum of 2 years in identity and access management Strong background in privileged access management in hybrid on-premises/cloud environments, preferably in a technology/SaaS organization. E xperience in user lifecycle automation and access provisioning/validation automation - using modern IGA tools Experience collaborating with product and platform teams on secrets management to support application development and deployment.

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 3+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Skills Siem,Splunk,Troubleshooting Required Skills Siem,Splunk,Troubleshooting

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 3+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Skills Siem,Splunk,Troubleshooting Required Skills Siem,Splunk,Troubleshooting

Your Role Administer and develop solutions usingSplunkandSplunk Security Essentialsto support enterprise security monitoring and analytics. Design, implement, and maintain Splunk dashboards, alerts, and reports to provide actionable insights into security events. UtilizeUNIX shell scripting or Pythonto automate data ingestion, parsing, and enrichment processes. Lead and manage security-related projects from planning through execution, ensuring timely delivery and alignment with business goals. Collaborate with cross-functional teams to define requirements, manage risks, and ensure stakeholder satisfaction. Your Profile 5 to 10 yearsof experience in IT security with a strong focus onSplunk administration and development. Proficiency inSplunk Security Essentials, data onboarding, and custom dashboard creation. Strong scripting skills inUNIX shellorPythonfor automation and integration. Solid understanding ofAgile/Scrum methodologiesand project lifecycle management. Proven experience in leading cross-functional teams and managing complex security projects. What You Will Love Working at Capgemini Work on cutting-edge security analytics platforms likeSplunkin enterprise-scale environments. Lead impactful projects that enhance cybersecurity posture for global clients. Clear career progression paths from engineering to leadership and consulting roles. Collaborate with diverse teams in a supportive, inclusive, and innovation-driven culture. Gain exposure to modern security frameworks, automation tools, and real-time threat intelligence.

Creation of supporting SOPs in line with policy requirements. Integration of all new devices (on-premise and AWS cloud) with SIEM. Experience in threat hunting, red teaming, and cyber drills. Monitoring the status of device integration and supporting teams to ensure smooth operation in case of any breakage. Support teams for defining SOPs and performing triage. Ensuring the functioning of the SIEM tool and related processes as per the mentioned requirements. Reporting computer security events in accordance with established processes and procedures. Coordinate with system owners and other departments (IDC/NOC/TOPS/Enterprise IT) as needed to analyze events and drive necessary requirements for closure. Support ongoing analysis and response of computer security incidents by SOC (Monitoring) Team. Creation of new use cases/reports as per business requirements. Creation of new use-cases specific to the banking environment. Creation of new dashboards in the SIEM console as per requirements. SIEM tickets closure. Drive key security operations responsibilities (e.g., secure code review, configuration review). Experience / Job Competencies / Success Factors: 10+ years of technical experience working in a SOC or incident response, preferably with BFSI sector experience, especially in banking. Experience with one or more Security Information and Event Management (SIEM) solutions, especially with Dnif. In-depth understanding of security threats, threat attack methods, and the current threat environment. Experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Excellent troubleshooting and analytical skills with the ability to articulate and propose security solutions in business terms. Ability to multitask in a fast-paced environment. Provide support for audit and compliance requirements within defined timelines. Must be comfortable working in a fast-paced environment with tight deadlines and changing priorities. Understanding of network protocols, network capture/analysis tools such as Wireshark. Understanding of Linux and Windows operating systems and OS event logging. Experience working with AWS environments. Comfortable working with different security solutions in a diverse IT infrastructure environment, including: FireEye network APT, Palo Alto Firewalls, WAF - F5, HIPS - TrendMicro, PIM - CyberArk, Qualys Vulnerability Scanner, TrendMicro Endpoint security suite and APT, Honey Pot-Smokescreen. Experience in developing production SIEM use cases. Ability to work non-core hours (swing or night shift) if necessary. Certifications: Security+, CEH, CISSP, SANS Course of Incident Response, Digital Forensics.

Due Diligence Risk Assessment: Perform thorough due diligence on third party vendors, evaluating operational, security, compliance, and financial risks. Vendor Monitoring Reporting: Continuously assess and monitor third party risks, security postures, and contract compliance. Report risk status to senior management. Risk Mitigation Incident Management: Implement risk mitigation strategies and lead incident management for third party breaches or failures. Cross Department Collaboration: Work with procurement, legal, IT, and other business units to ensure third party contracts and security align with risk management strategies. Technical Skills Tools: Risk Management Tools: Experience with RSA Archer, MetricStream, or LogicManager for risk assessments, vendor scoring, and compliance tracking. Security Monitoring: Proficiency in SIEM tools like Splunk, IBM QRadar, and ArcSight for detecting, analyzing, and managing third party security events. Vulnerability Management: Hands on experience with Tenable.io, Qualys, or Rapid7 Nexpose for vulnerability scanning and management. Third Party Management Platforms: Familiarity with OneTrust, ProcessUnity, or Prevalent for ongoing third party risk assessments and monitoring. Incident Response: Experience using tools like ServiceNow or PagerDuty for handling third party security incidents and coordinating remediation actions. IAM Tools: Working knowledge of Okta, CyberArk for ensuring secure vendor access to bank systems. Qualifications: Education: Bachelors degree ISO/IEC 27001 Lead Implementer PCI DSS Certified Information Systems Auditor (CISA) Strong analytical skills with the ability to assess and mitigate complex third party risks. Excellent communication and stakeholder management skills. Ability to navigate regulatory environments and ensure compliance with third party risk policies. Ability to drive strategic risk management initiatives while handling day to day operational challenges.

Job Description Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Proactively monitors the work queues. Performs operational tasks to resolve all incidents/requests in a timely manner and within the agreed SLA. Updates tickets with resolution tasks performed. Identifies, investigates, analyses issues and errors prior to or when they occur, and logs all such incidents in a timely manner. Captures all required and relevant information for immediate resolution. Provides second level support to all incidents, requests and identifies the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Follows the shift handover process highlighting any key tickets to be focused on along with a handover of upcoming critical tasks to be carried out in the next shift. Escalates all tickets to seek the right focus from CoE and other teams, if needed continue the escalations to management. Works with automation teams for effort optimization and automating routine tasks. Ability to work across various other resolver group (internal and external) like Service Provider, TAC, etc. Identifies problems and errors before they impact a client's service. Provides Assistance to L1 Security Engineers for better initial triage or troubleshooting. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Audits and analyses incident and request tickets for quality and recommends improvements with updates to knowledge articles. Produces trend analysis reports for identifying tasks for automation, leading to a reduction in tickets and optimization of effort. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Certifications relevant to services supported. Certifications carry additional weightage on the candidate's qualification for the role. CCNA certification in must, CCNP in Security or PCNSE certification is good to have. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type: On-site Working

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

This is an Individual Contributor role that will evolve based on how this function matures. You will play a critical role in the company's tech infrastructure, ensuring processes are fully aligned with regulatory, security, and business continuity standards. Your responsibilities will include drafting, coordinating, and monitoring IT processes and policies to ensure compliance with the IT Act, regulatory bodies (e.g., RBI, SEBI, GDPR, UIDAI, etc.), and info security guidelines. You will work with internal and external stakeholders to prepare and update business-wise IT infra details required for regulatory filings and 3rd party audits. Additionally, you will conduct vendor risk assessment audits, introduce new processes and policies based on market studies, and implement and monitor the cyber crisis management plan. You will be involved in incident management and resolution, interface with external auditors to ensure smooth Infosec audits, formulate and monitor Business Continuity Planning (BCP), assist in conducting the Technology Committee, conduct independent assessments of business functions, and provide data for the Risk Management Committee. To be successful in this role, you should have 4-6 years of experience, including being a Single Point of Contact (SPOC) for Infosec audits. In-depth knowledge of technology, security, risk, and compliance best practices is required, along with strong capability in interfacing with both technology and business teams. You should have a detailed understanding of security monitoring, threat intelligence, and vulnerability management, coupled with a self-driven attitude and a strong sense of ownership. Experience with RBI and/or SEBI audits is preferred. Join us at Zerodha Fund House and make a significant impact as you contribute to the company's IT infrastructure and compliance processes.,

Job Responsibilities - Investigate, document, and report on information security issues and emerging trends - Notify clients of incidents and required mitigation works - Understand logs from various sources like firewalls, IDS, Windows DC, Cisco appliances, AV and antimalware software, and email security - Fine-tune SIEM rules to reduce false positives and remove false negatives - Perform threat intel research and vulnerability analysis Required Skills and Experience - Experience: 5-7 years in roles related to information security or similar fields - Skills: Expertise in Cloudstrike, Proofpoint, LogRhythm, and Rapid 7 - Knowledge of ITIL disciplines like Incident, Problem, and Change Management

Role Description : As a Technical Lead - Network Security at Incedo, you will be responsible for managing and maintaining client network security. Your duties will include implementing security protocols, monitoring security logs, conducting vulnerability assessments, collaborating with other teams to manage risk, and providing security recommendations. Roles & Responsibilities: Designing and implementing network security strategies. Identifying and mitigating network security threats and vulnerabilities. Configuring and managing security devices such as firewalls and intrusion detection systems. Conducting security audits and assessments. Collaborating with other IT teams to ensure security policies and procedures are implemented. Providing technical support for security-related issues. Maintaining documentation of security configurations and changes. Technical Skills Skills Requirements: Knowledge of network security practices such as access control, intrusion detection, and incident response. Experience in configuring and managing network security devices such as firewalls, VPNs, and IDS/IPS. Familiarity with network security monitoring tools such as Wireshark, Snort, or Bro. Understanding of security frameworks and regulations such as NIST or PCI-DSS. Must have excellent communication skills and be able to communicate complex technical information to non-technical stakeholders in a clear and concise manner. Must understand the company's long-term vision and align with it. Should be open to new ideas and be willing to learn and develop new skills. Should also be able to work well under pressure and manage multiple tasks and priorities. Qualifications 7-9 years of work experience in relevant field B.Tech/B.E/M.Tech or MCA degree from a reputed university. Computer science background is preferred .

As a Software Engineer - Cloud Security at Incedo, you will be responsible for designing and implementing security solutions for cloud-based environments. You will work with clients to understand their security needs and design security solutions that meet those needs. You will be skilled in cloud security technologies such as Amazon Web Services (AWS) Security, Microsoft Azure Security, or Google Cloud Platform (GCP) Security and have experience with security architecture design patterns such as multi-factor authentication and encryption. Roles & Responsibilities: Developing and implementing cloud security strategies and policies Conducting security audits and assessments Collaborating with other teams to ensure compliance with security regulations and standards Troubleshooting and resolving security issues Staying up-to-date with industry trends and best practices in cloud. Technical Skills Skills Requirements: Understanding of cloud security concepts such as data protection, identity and access management, or encryption. Familiarity with compliance frameworks such as SOC 2, HIPAA, or PCI DSS. Experience with cloud security tools such as AWS Identity and Access Management (IAM), Azure Active Directory, or Google Cloud IAM. Knowledge of network security and security monitoring technologies. Must have excellent communication skills and be able to communicate complex technical information to non-technical stakeholders in a clear and concise manner. Must understand the company's long-term vision and align with it. Nice-to-have skills Qualifications Qualifications 3-5 years of work experience in relevant field B.Tech/B.E/M.Tech or MCA degree from a reputed university. Computer science background is preferred

Role Proficiency: Under Manager's supervision effectively lead a small unit / shift / sub-team / customer engagement within a large Shared Services team in the delivery of cyber security monitoring and triage activities for our global customers. This role is in the management stream and envisages growth in management rather than the technology space. Outcomes: Under the supervision of the Manager effectively Lead a small SOC team (unit / shift / sub-team / small customer engagement) Under supervision of the manager responsible for delivery of SOC services by the team per SLA. Responsible for performance of activities by the team that have been defined by the manager from a contractual and regulatory perspective. Responsible for the quality of deliverables of the team Under supervision of manager ensure a well administered team / engagement. Under supervision of the manager responsible for customer communication and stakeholder management. Ensure team adherence to Information Security policies as defined by the company and customer. Measures of Outcomes: Team adherence to SLA as agreed with the customer. Innovation Case Studies and value delivered to customer / Cyberproof. Productivity (Number of s and incidents addressed) Quality - percent of tickets that meet quality norms Adherence to process - Nil NC during audits Evidence of skill development including training and certification etc. Outputs Expected: Team Administration and Management: Under supervision of the manager ensure that a balanced team is available; providing defined services Responsible for administrative aspects like shift roster and attendance on-call related allowances etc. Delivery Management: Supervision of the shift period / team such that cyber security s from the SIEM and multiple sources are dealt with by the shift / team within SLAs For the responsible team unit ensure delivery required quality standards. Under supervision of the manager define and implement new processes or changes to existing processes. Communicate and escalate per defined process. Reporting: Generation of required reports management information and analytics. Team Competence Management: Mentor junior team members whenever possible Identify training needs of the team. Under supervision of manager define and implement Training plans. Continuous Improvement: Ensure activities like quality checks reviews etc are performed to ensure the team is performing with required standards. Under supervision of the manager set benchmarks for a high-performance organisation Make sure that audits go smoothly; responsible for closure of audit findings and performance improvement plans Ensure continuous improvement in the team in areas of delivery quality operational efficiency innovation and optimization etc. Ensure Continuous learning Skill Examples: Proficiency in people and stake-holder management. Ability to manage and lead a smaller / less complex teams. Ability to inspire. Ability to interface with the customers and specialist teams on these topics. Proficient in operations / project management. Understanding of relevant frameworks in cyber security SOC IT Infrastructure etc. Exposure to ISMS Quality and BCP processes and frameworks. Excellent oral and written communication skills. Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check. Knowledge Examples: 5+ Years overall experience in SOC / IT Infrastructure. A minimum of 2 years' experience delivering SOC services to external customers (preferably in global organizations). University Degree in Cyber Security (no back papers) / Bachelor's in Engineering or Science with training in cyber security Sound understanding of relevant tools related to SOC like SIEM EDR Ticket Management etc. Highly Proficient in Cybersecurity Incident Management process. Sound understanding of cyber security s and incidents. Intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines. Relevant frameworks (e.g. ISO27001) Desirable - Training / Certification in relevant processes / frameworks related to operations / project / cyber security etc. Additional Comments: Zscaler Solution Design, Planning, and Implementation Configuration Optimizations Network design consulting for the Compass Markets Fortinet firewall support for the SCCM, AD, POC and upgrades Europe and NA team Zscaler ops support during the NA and EU working hours. Zscaler deployment on the Mobile and POS devices. Required Skills Zscaler,Network,sccm

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

As a Senior Technical Lead - Cloud Security at Incedo, you will be responsible for designing and implementing security solutions for cloud-based environments. You will work with clients to understand their security needs and design security solutions that meet those needs. You will be skilled in cloud security technologies such as Amazon Web Services (AWS) Security, Microsoft Azure Security, or Google Cloud Platform (GCP) Security and have experience with security architecture design patterns such as multi-factor authentication and encryption. Roles & Responsibilities: Developing and implementing cloud security strategies and policies Conducting security audits and assessments Collaborating with other teams to ensure compliance with security regulations and standards Troubleshooting and resolving security issues Providing guidance and mentorship to junior cloud security specialists Staying up-to-date with industry trends and best practices in cloud. Foster a collaborative and supportive work environment, promoting open communication and teamwork. Demonstrate strong leadership skills, with the ability to inspire and motivate team members to perform at their best. Technical Skills Skills Requirements: Understanding of cloud security concepts such as data protection, identity and access management, or encryption. Familiarity with compliance frameworks such as SOC 2, HIPAA, or PCI DSS. Experience with cloud security tools such as AWS Identity and Access Management (IAM), Azure Active Directory, or Google Cloud IAM. Knowledge of network security and security monitoring technologies. Lead and manage a team of professionals to achieve organizational goals. Provide guidance, support, and mentorship to help employees grow and develop professionally and focus on Career Management. Nice-to-have skills Qualifications Qualifications 8-10 years of work experience in relevant field B.Tech/B.E/M.Tech or MCA degree from a reputed university. Computer science background is preferred

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Archer. Experience: 5-8 Years.