1541 Security Operations Jobs - Page 18

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure Cloud Workload Security. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Microsoft Entra ID. Experience: 5-8 Years.

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

Responsibilities: Proficiency in using MS Office Team Building Skills Creative thinker with a high degree of integrity and discipline Strong knowledge of consumer/cultural trends Interpersonal and negotiating skills Well-developed relationship building skills; Excellent conflict resolution and problem-solving skills Self-motivation and drive towards winning and a “can do” attitude Fluency in English Responsible for the smooth functioning of the day to day operations at the site level

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Audits. Experience: 3-5 Years.

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 1 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: OKTA - Identity and Access Management.: Experience: 1-3 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Compliance and Framework.: Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Checkpoint Firewalls and VPN.: Experience: 1-3 Years.

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: IDAM Security Consulting.: Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: McAfee DLP. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SAP Security. Experience: 3-5 Years.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Palo Alto Networks - Firewalls. Experience: 5-8 Years.

Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software . Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security . Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Investigates and resolves security incidents and recommends enhancements to improve security. Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents. Roles and Responsibilities: Proactively monitors complex systems and response to known and emerging threats against the Global Payments network via intrusion detection software Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events. Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities. Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective Responsible for the design and configuration of security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls. Provides input in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model. Assesses risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and Card personalization. Creates cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software. Performs day-to-day Information Security functions pertaining to computer access control on numerous security software products and processes. Enhance understanding of business objectives and helps providing direction based on risk, Corporate Policy, and association and regulatory guidelines. Participates in developing long term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation. What Are We Looking For in This Role Minimum Qualifications Bachelor's Degree Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or related work experience. Typically Minimum 2 Years Relevant Exp Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc.) Preferred Qualifications Professional certifications CISSP(Certified Information System Security Professional),CISM(Certified Information Security Manager) ,CISA(Certified-Information-Systems-Auditor),GSEC(GIAC Security Essentials) ,Network +,Security + Typically Minimum 6 Years Relevant Exp Knowledge of industry standard security compliance programs (PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)) What Are Our Desired Skills and Capabilities Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position. Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise. Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments. Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software . Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security . Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Investigates and resolves security incidents and recommends enhancements to improve security. Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents. Roles and Responsibilities: Proactively monitors complex systems and response to known and emerging threats against the Global Payments network via intrusion detection software Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events. Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities. Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective Responsible for the design and configuration of security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls. Provides input in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model. Assesses risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and Card personalization. Creates cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software. Performs day-to-day Information Security functions pertaining to computer access control on numerous security software products and processes. Enhance understanding of business objectives and helps providing direction based on risk, Corporate Policy, and association and regulatory guidelines. Participates in developing long term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation. What Are We Looking For in This Role Minimum Qualifications Bachelor's Degree Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or related work experience. Typically Minimum 4 Years Relevant Exp Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc.) Preferred Qualifications Professional certifications CISSP(Certified Information System Security Professional),CISM(Certified Information Security Manager) ,CISA(Certified-Information-Systems-Auditor),GSEC(GIAC Security Essentials) ,Network +,Security + Typically Minimum 6 Years Relevant Exp Knowledge of industry standard security compliance programs (PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)) What Are Our Desired Skills and Capabilities Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position. Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise. Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments. Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

As a key member of the team reporting to the RingCentral CISO, you will collaborate closely with local leadership to lead and orchestrate day-to-day tasks and business initiatives. Your primary responsibility will be to oversee and lead the local Security Operations, Compliance, Application Security, and Trust teams in India. Your role will involve developing and implementing security policies and procedures to safeguard the organization's data and systems effectively. You will lead security teams and coordinate efforts across various departments in multiple regions, ensuring compliance with relevant global and in-country regulations and standards. Additionally, you will drive vendor risk management, customer trust programs, and oversee security operations-related programs like incident response, vulnerability management, and threat intelligence. Furthermore, you will be responsible for maintaining solutions for firewalls, WAFs, IDS/IPS, and endpoint security infrastructure. Your role will also involve leading security engineering efforts to design and implement secure systems and applications. Regular security assessments and audits will be conducted under your guidance to identify and mitigate risks effectively. You will also formulate data discovery techniques for structured and unstructured data in collaboration with engineering teams. To be successful in this role, you should hold a Bachelor's degree or an Advanced Degree in Computer Science, Information Technology, Cybersecurity, or possess relevant technical security certifications such as SANS. You must have a minimum of 15 years of extensive experience in IT and cybersecurity roles, demonstrating a proven track record in managing security teams and projects. Possession of security certifications like CISSP, CISM, CISA, CCSP, OSCP, CEH, etc., will be advantageous. You should have an in-depth understanding of cybersecurity principles and best practices, along with experience in compliance frameworks such as ISO 27001, NIST, and GDPR. Strong technical skills in areas like network security, application security, data protection, and security architecture are essential. Proficiency in risk management, supply chain security, and incident response is required. Your leadership and management skills will be crucial in effectively leading security teams and projects. Excellent communication skills are necessary for interacting with stakeholders, customers, and auditors at all levels. Analytical and problem-solving abilities will help you identify and address security challenges efficiently.,

Management Level G Lead in developing and maintaining a Security Technology Framework and Roadmap , jointly with the Group IT Technical Architecture team, for agreement and endorsement by the CISO and the Group Chief Technology Officer (CTO). Identify efficient and cost-effective solutions for the security mechanisms highlighted by the Technology Framework and Roadmap and by demands arising from business-driven application development. Within the Technology Framework and Roadmap: Identify, evaluate and recommend standard security products as potential security solutions. Specify, document and publish standard secure configurations for general IT platforms that will provide generic security solutions within the Company s infrastructure. Develop and document designs for bespoke standard security components that deliver re-usable security functionality. Liaise closely with Group IT infrastructure operations and development teams to support the implementation of the standard security solutions. Prepare standard security products and standard bespoke security solutions in a form that is easier for systems development teams to re-use across projects and systems, thus ensuring the right security mechanisms is implemented in a cost-effective manner; this would not include the coding or building of a standard solutions, but rather the facilitation of the use of existing solutions. Provide advice to development project teams on the incorporation of standard security solutions into project code or infrastructure, to meet specific security requirements, as derived from Policy, through Threat Modelling or the Risk Process. Identify gaps now and in future in line with the Security Technology Framework and Roadmap, and assist the Head of Security Architecture & Engineering in producing business cases to fund the implementation of technologies and processes to fill the gaps through investment. Act as the Technical Design Authority for the implementation of standard security solutions, providing ad hoc consultancy advice to systems and infrastructure development projects. Effectively and efficiently guide the implementation of new or changed, enterprise-wide security processes and technologies, funded through investment, as the Technology Framework and Roadmap requires. From time to time, lead additional project-specific activity, funded by investment to implement transformation change in security processes and technologies in pursuit of the Security Technology Framework and Roadmap. Additional contingent resources will likely be obtained to support this work. Organise and steer the performance of pre-production application level testing of security mechanisms; this would normally involve the use of external testing resources, providing a degree of independent assurance that the identified security requirements have been fulfilled and that the engineered mechanisms function correctly to specification. Liaise with the Security Operations team to ensure that suitable operational security guidelines are developed for new applications in a timely manner. Provide education and advice to the systems development community on secure development practices, using existing and new information-sharing initiatives; coordinate these awareness-raising efforts with the broader Security Awareness campaign(s). We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks.

Associate Manager - Security Operations Center Job Details | Tata Consumer Products Limited Search by Keyword Search by Location Select how often (in days) to receive an alert: Select how often (in days) to receive an alert: Associate Manager - Security Operations Center Tata Consumer Products Limited Associate Manager - Security Operations Center Job Description Job align to our Strategy: This job opportunity closely aligns with the key strategic pillars, which is Strengthening & Accelerating our Core Business Associate Manager in Security Operations Center (SOC), will play a key role in ensuring the security and integrity of our organizations information assets. Should assist in managing a team of security analysts, oversee the 24/7 monitoring of security events, and lead incident response efforts. This position involves technical expertise, leadership, and collaboration with cross-functional teams. Key Deliverables in this role This role contributes to the organizations overall financial well-being by minimizing the impact of security incidents, reducing the risk of financial losses, and ensuring compliance with regulations to avoid penalties. Timely detection and resolution of security incidents to maintain customer trust. Implementing measures for ongoing enhancement of security services, ensuring customer satisfaction and confidence in the SOCs capabilities. Transparent communication with customers during security events to provide reassurance and guidance. Vendor and Partner Collaboration: Work with security vendors and partners to evaluate and implement security solutions and services. Swift identification and resolution of security incidents to safeguard internal processes. Continuous improvement of internal security processes for increased efficiency, resource utilization, and overall operational effectiveness. Security Monitoring: Oversee 24/7 monitoring of security alerts and events using SIEM (Security Information and Event Management) tools. Security Policies: Ensure adherence to security policies, procedures, and best practices within the SOC. Exception Management: Manage security-related exceptions, documenting, monitoring, and controlling access as required. Documentation: Maintain comprehensive documentation of incident reports, investigations, and incident response procedures. Project Execution: Execute cybersecurity projects according to the defined project plans. Implement cybersecurity controls, tools, and technologies as required. Vulnerability Assessment: Lead projects to identify and mitigate security vulnerabilities organization-wide Security Tools Management: Manage and optimize security tools and technologies used in the SOC, including SIEM, IDS/IPS, and endpoint detection and response (EDR) systems. Security Awareness: Promote security awareness and best practices among SOC staff and other employees. Team Leadership: Assist in managing a team of security analysts, providing guidance, setting objectives, and supporting their professional development. Threat Detection: Collaborate with the SOC team to detect, analyze, and respond to security threats and vulnerabilities. Training and Development: Facilitate training and skill development programs for SOC staff Critical success factors for the Role 8-10 years experience in Soc operations Bachelor s degree in information security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, GIAC) are a plus. Proven experience in information security with a focus on SOC operations and incident response. Proactive Threat Intelligence Management Effective Incident Response and Management Continuous Monitoring and Analysis Desirable success factors for the Role Strong understanding of security technologies, threat detection, and incident handling. Leadership experience with the ability to manage and mentor a team. Proficiency in SIEM tools (Microsoft Sentinel) and other security technologies. Excellent communication and stakeholder management skills. Knowledge of security policies, compliance standards, and best practices.

Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you'll work with and learn from some of the best and brightest in business. Before you know it, you'll be in the middle of a rewarding career at a company headed in one direction: upward. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world's leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce. Sr Director of Cloud Operations at Perforce is searching for a Sr. SecOps Engineer to design and optimize the security operations for Perforce's SaaS product portfolio. In this key role, you will drive the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of our production and CI/CD environments, applications, and infrastructure. You will lead the efforts to establish SecOps best practices across the organization, ensuring that all environments adhere to the highest security standards. Responsibilities: - Develop and implement vulnerability management practices using tools such as Qualys, Lacework, Prisma, and Mend (SAST and SCA). - Experience in managing operations/cadence in Vulnerability management, SIEM, and CSPM. - Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications. - Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to eliminate manual work and improve efficiency. - Automate the detection and mitigation of security threats by integrating SIEM tools with incident response workflows. - Drive the implementation of security hardening best practices across the infrastructure, including OS, network, application, and database layers. - Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data. - Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows. - Collaborate closely with Developer and DevOps teams to ensure security is embedded at every stage of the development and deployment processes. - Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools. - Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations. - Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to technical and non-technical stakeholders. - Assist with incident response planning, including the triage, investigation, and remediation of security incidents. - Stay updated on the latest security threats, tools, and methodologies, and continuously improve the security frameworks and policies of Perforce. Requirements: - Bachelor's or master's degree in computer science, Information Security, Engineering, or a related field. - 7+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment. - Strong hands-on experience with security automation tools and practices for CI/CD pipeline integration and infrastructure-as-code (IaC). - Hands-on experience with vulnerability management tools such as Qualys, Prisma, Lacework, and Mend (SAST/SCA). - Development/Automation experience to automate the workflows, security operations/tooling by using Python/Ruby/Go. - Proficient in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments. - Strong understanding of Cloud Security Posture Management (CSPM) tools and processes. - Experience with SIEM tools and security monitoring best practices. - Proficient with secret management and scanning in CI/CD environments. - Familiarity with hardening techniques across various platforms (Linux, Windows, network, databases, etc.). - Proficient in driving security sprint boards using Jira or other task management tools. - Excellent presentation and communication skills, with experience in running security meetings and cadence discussions. - Strong documentation skills to ensure security processes and incidents are thoroughly recorded. - Knowledge of infrastructure-as-code frameworks such as Terraform, Ansible, or similar, with experience automating security configurations a plus. - Strong problem-solving skills and the ability to work under pressure in a fast-paced environment. - Continuous desire to learn and stay updated on the latest in cybersecurity practices and threats. If you are passionate about the technology that impacts our day-to-day lives and want to work with talented and dedicated people across the globe, apply today!,

Position Summary: Security operations team is responsible for ensure that the Confidentiality, Integrity, and availability of the organization is always protected. The person working in L2 SOC team operates the security monitoring solutions, reacting timely to security events as identified. In this role, individual is expected to manage and configure security tools, manage security incidents, implementing proactive security measures, identifying, and analyzing potential security threats and vulnerabilities. This role requires working in shift Job Functions and Responsibilities: Develop and enhance SIEM rules, use-cases, log source integration, log parsing, queries, dashboards, channels and custom rules. Provide support to configure, analyze, and remediate issues on the SIEM. Investigate suspicious activities, contain, and prevent them. Correlate and validate alerts. Analyze these events within the network environment of the business, and coordinate response activities with key staff in real time Monitor security alerts and events from various sources to identify potential threats and security incidents. Analyze security data and logs to detect unauthorized access, malware infections, and other suspicious activities. Lead or assist in responding to security incidents, coordinating efforts to contain and mitigate the impact. Implement, configure, and manage end point and network security solutions. Analysis of phishing emails reported by internal end users. Escalation of incidents to be handled to L3/ Leads, when relevant. Follow up on remediation activities Triage on general information security tickets. Stay current with emerging security threats, vulnerabilities, and attack techniques. Utilize threat intelligence sources to proactively identify potential risks. Bachelor s degree from an accredited college / university with basic knowledge of Information Security. Familiarity with security technologies, including firewalls, EDR, antivirus , Email Security and Deception Keen to learn the security technologies and how security operates. Reliability and overall good communication skills. Well-developed logical thinking capabilities, to be able to investigate cases. Able to work in shift and weekend. Qualifications: 4-5 years of progressive experience in SIEM Implementation/Administration, Alert Monitoring and Incident Management. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM / 10 PM to 7 AM IST. No travel.

Advance Software Engineer About the Connectivity Enablers The Aircraft Date Gateway routers are avionics networking computers, built to provide Cyber industrial-class security and connectivity to the aircraft. The securely connected platform enhances wireless connectivity, network domain switching, routing and Cyber security operations. ADGs ensure ready to send Avionics data to Honeywell Sentience Cloud. ADGs encompass Connectivity, Computation and Storage capabilities: SATCOM, 4G LTE Air-To-Ground connectivity links throughout the world; and 802. 11ac WiFi for connectivity to passengers, crew, pilot and ground operations. The ADG also supports routing for both wireless and wired network connections and has an internal L2-managed Gigabit Ethernet Switch. The ADG includes other important Avionics interfaces such as ARINC 429, ASCB, AFDX, and aircraft discrete I/O and USB ports. ADG provides edge computing facility, for minimizing the response time, the power consumption, and the bandwidth cost, to deliver functionality such as big data collection, management, real-time communication, expandable peripherals, and various other services. Must have : Bachelor s degree in engineering (Electrical/Systems/Computer) Minimum 7+ years of engineering experience Core Skill Set : C, C++, Linux Protocols, Standard Template Library, Design Patterns, DevOps, Development in Linux Environment. Good understanding of Linux Kernel , Type 1/Type 2 hypervisors. Working experience with hypervisors will be a plus. Understanding various software development lifecycle Demonstrate the ability to develop efficient and high-quality software. Can quickly analyze, incorporate, and apply new information and concepts. Ability to consistently make timely decisions even in the face of complexity, balancing systematic analysis with decisiveness. Ability to convey subtle or complex messages clearly, as appropriate for the topic and audience. Some relevant experience Diverse and global teaming and collaboration Individuals who are self-motivated and able to work with little supervision, who consistently take the initiative to get things done Multi-tasking and has the ability to manage a variety of complicated tasks. Must have : Bachelor s degree in engineering (Electrical/Systems/Computer) Minimum 7+ years of engineering experience Core Skill Set : C, C++, Linux Protocols, Standard Template Library, Design Patterns, DevOps, Development in Linux Environment. Good understanding of Linux Kernel , Type 1/Type 2 hypervisors. Working experience with hypervisors will be a plus. Understanding various software development lifecycle Demonstrate the ability to develop efficient and high-quality software. Can quickly analyze, incorporate, and apply new information and concepts. Ability to consistently make timely decisions even in the face of complexity, balancing systematic analysis with decisiveness. Ability to convey subtle or complex messages clearly, as appropriate for the topic and audience. Some relevant experience Diverse and global teaming and collaboration Individuals who are self-motivated and able to work with little supervision, who consistently take the initiative to get things done Multi-tasking and has the ability to manage a variety of complicated tasks. Job Responsibilities: Implementing Cockpit Connectivity Software Excellent communication and problem-solving skills. Should possess excellent soft skills to work and deliver in an agile environment. Constantly look to automate manual and repetitive tasks while reducing or optimizing build/release times. Automate and implement the Continuous Integration and Continuous Deployment pipeline. Engage with teams and manage build requirements. Follow emerging technologies and build reusable code and libraries. Troubleshoot and debug Exiting product Installers. Serve as an expert on our system s installation for debugging & production. Have a firm understanding of requirements development, test plans and procedures. Job Responsibilities: Implementing Cockpit Connectivity Software Excellent communication and problem-solving skills. Should possess excellent soft skills to work and deliver in an agile environment. Constantly look to automate manual and repetitive tasks while reducing or optimizing build/release times. Automate and implement the Continuous Integration and Continuous Deployment pipeline. Engage with teams and manage build requirements. Follow emerging technologies and build reusable code and libraries. Troubleshoot and debug Exiting product Installers. Serve as an expert on our system s installation for debugging & production. Have a firm understanding of requirements development, test plans and procedures.

We are seeking a Senior ServiceNow Developer - Core Platform to lead the design, development, and governance of the ServiceNow platform, ensuring scalability, automation, and security compliance across ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and Security Operations. This role will drive platform standardization, automation initiatives, and technical leadership while ensuring data integrity and compliance with regulatory requirements. The ideal candidate will have deep hands-on experience in ServiceNow development, expertise in core tables across all supported applications, and the ability to influence platform-wide strategies. Key Responsibilities: Architect, develop, and optimize ServiceNow s core platform components, ensuring efficiency, security, and scalability. Ensure compliance with GDPR and security policies, working closely with risk and compliance teams to implement best practices. Implement and support Security Operations (SecOps) capabilities, including security incident response, vulnerability response, and threat intelligence. Develop and maintain expertise in ServiceNow core tables across ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and SecOps to ensure data integrity and system performance. Lead technical reviews, including code reviews, to enforce platform development standards and maintain system health. Drive platform governance efforts, ensuring security best practices, performance tuning, and data integrity. Optimize workflows and automation, reducing manual processes through scripting, Flow Designer, and other automation tools. Partner with business leaders, IT teams, and process owners to gather and refine requirements, translating them into scalable ServiceNow solutions. Mentor junior developers and administrators, providing technical leadership and best practice guidance. Lead and coordinate UAT and deployment activities, ensuring smooth feature releases. Stay updated on industry trends and new ServiceNow capabilities, making recommendations to enhance the platform. Qualifications & Skills: 6+ years of hands-on experience in ServiceNow development and administration. Certified ServiceNow Administrator (CSA) and Certified Application Developer (CAD) certifications are required. Expertise in ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and Security Operations (SecOps). In-depth understanding of core ServiceNow tables across all supported applications. Proficiency in JavaScript, Glide APIs, Flow Designer, UI policies, business rules, and integrations (REST/SOAP). Experience with Agile development methodologies, SDLC best practices, and DevOps principles for ServiceNow. Strong knowledge of platform governance, access control, and security best practices. Ability to lead development efforts, mentor teams, and drive strategic platform improvements. Excellent problem-solving, analytical, and leadership skills. Why Join Us Lead and shape the future of the ServiceNow platform, driving compliance, security, and automation. Work on cutting-edge initiatives across GDPR, Security Operations, and enterprise-wide automation. Collaborate with an elite team focused on innovation, efficiency, and platform optimization. Opportunities for continuous learning, professional growth, and advanced ServiceNow certifications. Competitive salary and benefits package.