355 Security Monitoring Jobs - Page 8

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SAP GRC - Governance-Risk-Compliance.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

This will be an Individual Contributor role to start and can evolve over time based on how this function matures. You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards. Key Responsibilities Draft, coordinate monitor IT processes policies to ensure compliance as per IT Act, regulatory bodies (e.g. RBI, SEBI, GDPR, UIDAI etc.), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal external stakeholders Prepare update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits ensure identified gaps are proactively filled Introduce new processes policies by conducting market studies surveys relevant to our business Plan, formulate, coordinate, implement monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

Summary Reporting to the Director of Info Sec and Cyber Operations, the Security Operations Centre (SOC) Analyst will be an integral part of the teams success. As a security operations center (SOC) engineer, you will help build and manage services that detect and automate the mitigation of cybersecurity threats across Waystone infrastructure. You will work with software engineers, DevOps engineers, IT Engineering, internal audit and compliance teams, and other security engineers across multiple teams to protect Waystone. ESSENTIAL DUTIES AND RESPONSIBILITIES Monitor and analyse security alerts from various sources, including AWS, Azure, O365, Okta, Zscaler and SIEM tools, to identify potential security threats. Perform incident detection, analysis, and response for cloud-native environments, utilizing Security Hub (AWS) and Defender for Cloud (Azure). Collaborate with internal teams to address security incidents and ensure timely resolution, including coordination with IT, Security Engineering, and other stakeholders. Develop and refine security monitoring policies, rules, and alerting configurations for enhanced detection capabilities. Conduct investigations into security incidents, identifying root causes and recommending remediation steps. Maintain and optimise DLP solutions for the organisation to prevent unauthorised data exposure. Generate regular reports on security incidents, key metrics, and recommendations for security improvements. Proactively identify security risks and work with various teams to mitigate potential threats. Participate in threat hunting activities to identify advanced threats and vulnerabilities within the cloud and on-premises environments. Provide input into the SOCs continuous improvement processes, including playbook development and toolset enhancement. REQUIREMENTS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Experience3+ years of experience in a Security Operations Centrr (SOC) or similar environment. Hands-on experience with AWS, Azure, Zscaler and O365 security tools and technologies. Strong familiarity with cloud native tools, cloud security posture management, and application security (Security Hub, Defender for Cloud). Experience with SIEM platforms (CrowdStrike NG-SIEM or similar) including alert tuning, query development, and integration with cloud environments. Proficient in data loss prevention (DLP) strategies and tools, with the ability to customise and maintain DLP policies. Strong understanding of incident response processes and best practices. Demonstrated ability to conduct thorough investigations and report on complex security incidents. Familiarity with cloud security principles, tools, and techniques, including identity and access management (IAM) and network security. Strong problem-solving skills, attention to detail, and ability to work under pressure in a fast-paced environment. EducationBachelors degree in information security, Computer Science, or related field (or equivalent work experience). CCSP AWS certification Azure Certification

Security and Safety Officer needed in an international school in Mohali. Role - To ensure a safe and secure environment for students, staff, and visitors by implementing effective security protocols, monitoring campus activity, and coordinating emergency preparedness within the school premises. Responsibilities - Campus Security Student and Staff Safety Emergency Management Regulatory Compliance Education: Graduate in any discipline; certification in safety/security management is a plus. Experience: Minimum 3-5 years in a security/safety role, preferably in an educational institution. Skills: Strong observation and crisis management skills. Basic computer proficiency (especially for CCTV and reporting tools). Good communication in English and local language. Ability to handle students and staff with calm and authority. Salary :35k to 40k Only local candidates are needed. Only shortlisted candidates will be contacted. Background verification will be conducted for selected candidate.

Job Title: Security Operation Manager Location: Noida Job Tyoe : Full-Time Experience: 7+ Years Department: Operation/ Security Reports To: Operation Director Job Summary: The Security Operational Manager is responsible for overseeing the day-to-day operations of the organization's security infrastructure. This role involves managing the security operations center (SOC), leading incident response efforts, and ensuring the effectiveness of security policies, procedures, and protocols. The Security Operational Manager will collaborate with various departments to safeguard the company's information assets and maintain a robust security posture. Key Responsibilities: Manage Security Operations: Oversee the daily activities and operations of the security operations center (SOC), ensuring continuous monitoring, detection, and response to security incidents. Incident Response: Lead the incident response team in identifying, managing, and resolving security breaches and vulnerabilities. Conduct post-incident analysis and reporting to prevent future occurrences. Security Monitoring: Implement and maintain security monitoring tools and technologies to detect and respond to threats in real-time. Penetration Testing and Vulnerability Scanning: Conduct regular penetration testing and vulnerability scanning to identify and mitigate security weaknesses within the organization's systems and applications. Policy and Compliance: Develop, enforce, and update security policies, procedures, and protocols in alignment with industry standards and regulatory requirements. Ensure compliance with relevant laws and regulations. Team Leadership: Tain, and mentor the security operations team, fostering a culture of continuous improvement and professional development. Risk Management: Conduct regular security risk assessments and implement mitigation strategies to reduce identified risks. Collaboration: Work closely with IT, legal, and other departments to ensure comprehensive security measures are integrated into all business processes. Reporting: Prepare and present regular reports on security operations, incidents, and compliance status to the Customers. Emergency Response: Develop and maintain emergency response plans for security incidents, ensuring the organization is prepared for potential crises. Qualifications: Education: Bachelors degree in Computer Science, Information Security, or a related field.. Experience: Minimum of 7 years of experience in information security, with at least 3 years in a managerial role overseeing security operations. Certifications: Relevant certifications such as CISSP, CISM, CEH, or similar are highly desirable. Technical Skills: Proficient in security technologies such as SIEM, IDS/IPS, firewalls, antivirus software, and endpoint protection. Expertise in conducting penetration testing and vulnerability scanning. AWS Expertise: In-depth knowledge and experience with Amazon Web Services (AWS) security practices and tools. Knowledge: In-depth understanding of security frameworks (e.g., NIST, ISO 27001), compliance requirements (e.g., GDPR, HIPAA), and incident response best practices. Leadership: Strong leadership and team management skills with the ability to motivate and guide a diverse team. Communication: Strong verbal and written communication skills, with the ability to convey complex security issues to non-technical stakeholders. Working Conditions: The role may require occasional on-call work to address security incidents. Must be able to work in a high-pressure environment and handle multiple tasks simultaneously.

Job Information Job Opening ID ZR_1902_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 5-8 years Job Title SIEM - Splunk Content Developer City Chennai Province Tamil Nadu Country India Postal Code 600089 Number of Positions 5 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Incident handling, forensic analysis, and VAPT SIEM tools cybersecurity frameworks Log analysis, monitoring, detecting and investigating security incidents and breaches. CEH,CSA,CompTIA Security+,GCIH,security incidents

Required Skills Technology | Sentinel SIEM Tool Expert | Level 3 Support Technology | Securonix SIEM Tools Expert | Level 3 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Cybersecurity General Administrator | Level 2 Support Technology | Network Traffic Analysis Administrator | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | CompTIA Security+/Certified SOC Analyst (CSA)/GIAC Security Essentials (GSEC)/Certified Ethical Hacker (CEH)/Cisco Certified CyberOps Associate/GIAC Certified Incident Handler (GCIH)/GIAC Security Operations Certified (GSOC) Technical Expertise: Expert knowledge of threat detection techniques and tools Lead incident response efforts, including advanced containment, eradication, and recovery techniques Conduct in-depth digital forensics investigations Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems Analytical Skills: Deep understanding of log analysis techniques and tools Identify patterns and anomalies in large datasets Integrate threat intelligence into monitoring and response processes Stay updated on the latest threat intelligence and apply it to enhance security Collaboration and Coordination: Work closely with IT and security teams to ensure comprehensive security coverage Lead coordination of response efforts during major incidents Ensure effective communication and collaboration among all stakeholders Coordinate with external partners and vendors for specialized support Continuous Improvement: Continuously evaluate and improve security processes and procedures Implement lessons learned from incidents to enhance overall security posture Contribute to the development and updating of security policies and procedures

Expert knowledge of threat detection techniques and tools. Lead incident response efforts, including advanced containment, eradication, and recovery techniques. Conduct in-depth digital forensics investigations. Configure and optimize SIEM systems such as Sentinel, Securonix, and ArcSight. Analyze logs to identify patterns and anomalies in large datasets. Integrate threat intelligence into monitoring and response workflows. Stay updated on the latest threat intelligence and apply it to enhance security. Collaborate with IT and security teams to ensure comprehensive security coverage. Lead coordination of response efforts during major security incidents. Facilitate effective communication and collaboration among internal and external stakeholders. Coordinate with external partners and vendors for specialized support. Continuously evaluate and improve security processes and procedures. Implement lessons learned from incidents to strengthen overall security posture. Contribute to the development and updating of security policies and procedures.

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

Oversee day-to-day operations of the vault facility On-board and manage ongoing operations for customer accounts Monitor and maintain physical and digital security systems and protocols Implement and monitor security measures to safeguard vault contents Conduct regular security checks and audits to prevent unauthorized access Ensure compliance with industry regulations and organizational policies Cooperate with internal and external auditors during audits and inspections Develop and update operational procedures and security protocols Ensure procedures meet industry standards and organizational needs Address and resolve operational issues or discrepancies promptly Prepare reports on vault activities, inventory status, and security incidents Maintain accurate and up-to-date records of stored items and access logs Control and monitor access to the vault, permitting entry only to authorized personnel Maintain a log of all individuals entering and exiting the vault Excellent organizational and detail-oriented skills Ability to work under pressure and manage sensitive information discreetly Strong problem-solving skills and the ability to think critically Effective communication and interpersonal skills

Hiring Tech Supervisor Network & Security Location : Chennai ( Onsite only) Experience : 6+ years Key Skills : Eight or more years in the network security or information security field Experience with Cisco ASA, FortiGate and Palo Alto Firewalls Experience with Cisco & Aruba switches Experience with Cisco routers & Meraki APs. Exposure working with switches, routers, firewalls, intrusion prevention systems is must. High level of experience with a variety of Windows operating systems in a functional capacity, and the security principles and applications that apply to those systems. Experience with well-known protocols and services like FTP,HTTP,SSH,SMB,LDAP Experience with Packet Analysis Tools like Wireshark or NetworkMiner. Fundamental understanding of the defense-in-depth strategies Some experience in the technologies listed below.( Syslog products, IPSec expertise, Switching & Routing expertise, PKI expertise) Experience in Firewall monitoring tools like SolarWinds /ME Network flow & firewall Experience with vulnerability assessment review and addressing the same. Experience managing the NOC team. Experience of managing the new Network infra setup project. Experience of managing the change requests management system. Experience of handling internal and external audits request. Preferred knowledge of IT Service Management change, incident, and request platform Role & responsibilities : Monitoring security related events and activities via several systems Providing first level incident response for incidents reported by the monitored systems. Maintenance of the configuration of security monitoring systems, i.e. ensuring that asset lists are correct, developing correlation rules, etc. Administration of the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management. Analysis of the security threat landscape Assists NOC Engineers & technicians providing troubleshooting support of complex issues. Build a high-performance team responsible for monitoring network stability 24 hours a day, 7 days a week, 365 days a year Routine communication with internal support teams & Work to build strong cross-functional relationships with other IT Teams. Develops budgets, timelines, and ensures progress to plan, tracking critical project achievements Develop reports and trend analysis documentation on bandwidth and network security incidents Manages a team of Engineers and is responsible for ensure adequate schedule coverage Oversee Data Center management and tasks Oversees monitoring of the network for stability and performance in order to maintain 24x7 operations and resolve service impacts as they occur Ensures trouble tickets are worked effectively and efficiently and that the work with engineering, field technicians, and telecommunications carriers is effective in resolving service issues in accordance with established processes and procedures. Excellent interpersonal skills for interaction with subordinate technicians, vendors, contractors, customers, and/or functional peers. Delegates work assignments, sets priorities and time management for staff and train the NOC on repeatable administration processes Candidates serving notice / Early / Immediate joiners - Please share your updated CV on anand.rawal@agshealth.com

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

Hiring for SOC Analyst in one of our Top Banking company @ Chennai & Hyderabad location Job Title: SOC Analyst Experience : 6 - 9 Years Department: Cybersecurity / Information Security Location: Chennai & Hyderabad Employment Type: Hybrid Mode - 3 days WFO and 2 days WFH . Job Summary: We are seeking a skilled and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. The SOC Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and techniques. This role is critical to maintaining and improving our organization's security posture by ensuring real-time threat detection and incident response. Key Responsibilities: Monitor security alerts and events from SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel). Analyze and triage events to determine impact and severity. Investigate security incidents and provide incident reports with detailed analysis. Escalate validated threats and vulnerabilities to the appropriate teams and assist in mitigation efforts. Coordinate with IT teams to ensure containment, eradication, and recovery actions are taken for confirmed incidents. Perform threat intelligence analysis to support proactive detection and defense. Document incident handling procedures and maintain an incident knowledge base. Participate in continuous improvement of SOC operations, including playbooks and automation. Stay current on the latest cybersecurity trends, threats, and tools. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent work experience. 13 years of experience in a SOC or information security role. Experience with SIEM platforms, IDS/IPS, firewalls, and endpoint protection tools. Understanding of TCP/IP, DNS, HTTP, VPN, and network protocols. Knowledge of common threat vectors, MITRE ATT&CK framework, and kill chain. Strong analytical and problem-solving skills. Excellent communication skills and ability to work under pressure. Preferred Qualifications: Certifications such as CompTIA Security+, CEH, GCIA, GCIH, or Splunk Certified Analyst. Experience with scripting (e.g., Python, PowerShell) for automation. Familiarity with cloud security monitoring (e.g., AWS GuardDuty, Azure Defender). Exposure to incident response frameworks and forensic tools. Work Schedule: [24x7 shift-based / Regular business hours / On-call rotation as applicable]

Role & responsibilities Day-to-day security entire roles monitoring Preferred candidate profile Those worked in manufacturing units and having experience on handling inward, outward and general security monitoring.

* Design, implement & maintain automated security solutions. * Ensure compliance with industry standards & best practices. * Monitor SIEM data & SOC alerts.

Job Description- System Engineer An experienced and motivated System Engineer to oversee and manage a range of functions related to Vessel IT Infrastructure. This role will involve direct responsibility for System Monitoring & Alerts on Sophos, SOP Documentation, Monitoring Patch Management, Backup Exercises, Co-ordinate Penetration testing. The successful candidate will play a key role in ensuring the reliability, security, and efficiency of our Vessel security Operations, reporting to group information Security manager in Singapore. To ensure a seamless transition and effective integration of the candidate into the work operations required knowledge transfer will be conducted at the location. Roles & Responsibilities: Formulate, develop, implement, comply, and enforce IT related policies, processes, guidelines, protect IT computer networks (computer workstations, computer servers, printers, wireless systems etc.) and application systems (online, database etc.) against computer intrusions, unauthorized access, and other malicious misuses. Familiarity with tools such as ConnectWise, Sophos, Rapid 7, Freshdesk (Ticketing System), OneNet, and similar platforms is advantageous. Deal with Tier 2/3 problem-solving in a timely efficient manner Lead the creation, review, and maintenance of Standard Operating Procedures (SOPs) related to IT operations. Ensure documentation is up-to-date, accessible, and aligns with industry best practices. Execute a vulnerability management strategy across all environments as directed by the group, coordinate with vendor for implementations and validate successful implementation. Plan, execute, and assess regular backup and disaster recovery exercises to maintain data integrity and system resilience. Continuously refine backup strategies and disaster recovery plans based on exercise outcomes. Mentor, and fostering a culture of collaboration and continuous improvement. Provide guidance, set objectives, conduct performance evaluations, and promote professional growth.

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Saviynt. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Privilege Password Management CyberArk. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Hashicorp Vault. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SailPoint Identity Mgmt and Governance. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Security Compliance and Framework.