702 Security Operations Jobs - Page 18

Summary CSOC Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about the active defence against the most sophisticated cyber threats and attacks. By leveraging various tools and resources, the CSOC Engineer Lead will help to proactively detect, investigate, and mitigate both emerging and persistent threats that pose a risk to Novartis networks, systems, users, and applications. The main objective of the CSOC Engineering Lead is to design, develop, implement, and manage dataflow pipelines and integrate them with SIEM platforms such as Sentinel and Splunk. The Data onboarded to SIEM will be Crucial for CSOC Analysts and the content development and SOAR Engineers to develop monitoring alerts and automation playbooks. Collaboration with internal and external stakeholders, including Novartis internal teams, external vendors, and Product/Platform engineers, will be a crucial aspect of this role. The CSOC Engineering Lead will collaborate closely with these stakeholders to understand and integrate various datasources. This may involve utilizing services such as Cribl, Syslog NG, Azure Monitoring Agent, Universal Forwarder to list a few. Furthermore, the CSOC Engineering Lead will work in close partnership with the CSOC stakeholders, including TDR, THR, Forensic, Content Development, and SOAR teams. Their expertise and collaboration will be instrumental in quickly resolving any Data onboarding requests or resolve any issues with the detection rule on security tool such as SIEM, DLP, EDR. Overall, the CSOC Engineering Lead role is pivotal in ensuring the proactive defence of Novartis critical assets, systems, and infrastructure against the ever-evolving landscape of cyber threats. About the Role MAJOR ACCOUNTABILITIES In addition to accountabilities listed above in Job Purpose: CSOC Engineering Lead Lead and manage a geographically distributed team of Skilled Engineers, providing guidance and support while leveraging their diverse skillsets and personalities. Evaluate and review performance metrics and KPIs to ensure the Onboarding team is meeting targets and delivering efficient and effective results. Take accountability for the teams performance in various areas, including but not limited to data onboarding to: SIEM platforms such as Sentinel and Splunk Supporting audit requests and reports Engaging with product teams to address technical challenges Managing stakeholders commitments Act as the primary point of contact for first-level escalations, addressing any issues or concerns that arise and ensuring timely resolution. Develop and maintain comprehensive documentation to facilitate knowledge sharing and ensure quality outcomes are consistently achieved. Drive a culture of continuous improvement and innovation within the team, identifying opportunities to optimize processes and enhance efficiency. Serve as a subject matter expert in onboarding processes and play an active role in guiding the team and providing expertise whenever needed. CSOC Engineer Evaluate and onboard new data sources, performing data analysis for identifying anomalies and trends, and developing dashboards and visualizations for data reporting. Design and create security detection rules, alerts, and Use Cases utilizing platforms such as SIEM, DLP, EDR, and WAF. Develop robust detection mechanisms to identify and respond to potential security threats across various security technologies. Collaborate with cross-functional teams to understand risks and develop effective detection strategies that align with organizational security goals. Regularly review and enhance existing detection rules and Use Cases to ensure their effectiveness and alignment with emerging threats and vulnerabilities. Troubleshoot and provide support for onboarding issues with platforms like Sentinel, Splunk, and Cribl. Validate and ensure proper configuration and implementation of new logics with security system and application owners. Perform data normalization, establish datasets, and develop data models. Manage backlog of customer requests for onboarding new data sources. Detect and resolve issues in various data sources, implementing health monitoring for data sources and feeds. Identify opportunities for automation in data onboarding and proactively detect parsing/missing-data issues. KEY PERFORMANCE INDICATORS / MEASURES OF SUCCESS Maintaining and Improving Data Onboarding team performance according set KPIs. Evaluate and review Team performance. Identify technology and process gaps that affect CSOC services; propose solutions and make recommendations for continuous improvement. PERSONAL CONSIDERATIONS As the role is part of a global organization, willingness for required traveling and flexible work hours is important. Provide 24x7 on-call support on a rotational basis, including weekends, to ensure system stability and incident response readiness. EDUCATION / EXPERIENCE EDUCATION Essential: University working and thinking level, degree in business/technical/scientific area or comparable education/experience. Desirable: Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner. Professional (information system) risk or audit certification such as CIA, CISA or CRISC. Advanced training/certification on S ecurity tools like Splunk, Sentinel, XDR, DLP SANS certification s (for security analyst/SIEM) EXPERIENCE 8+ Years work experience. Strong managing skills. Good general security knowledge. Strong knowledge of security tools (DLP, XDR, SIEM, Firewalls). Experienced IT administration with broad and in-depth technical, analytical and conceptual skills. Experience in scripting and Automation for Security tools. Experience in Security Engineering tasks such as SIEM alert creation, SOAR playbook development Experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on incident response topics. Strong written and verbal communication and presentation abilities, with the capacity to effectively convey information risk-related and incident response concepts to both technical and non-technical stakeholders. Exceptional interpersonal and collaborative skills, fostering effective communication and cooperation with diverse individuals and teams. Exceptional understanding and knowledge of general IT infrastructure technology and systems. Proven experience to initiate and manage projects that will affect CSOC services and technologies. PRODUCT/MARKET/CUSTOMER KNOWLEDGE Good understanding of pharmaceutical industry. Good understanding and knowledge of business processes in a global pharmaceutical industry. SKILLS/JOB RELATED KNOWLEDGE Firsthand experience of Security tools like Splunk, Sentinel, XDR, DLP. Direct experience managing Data ingestion pipeline through Cribl. Understanding of security systems (such as AV, IPS, Proxy, FW) . Security use-case design and development Understanding of SOAR Development experience in python (SDKs) An understanding of error messages and logs displayed by various software. Understanding of network protocols and topologies. Strong technical troubleshooting and analytical skills. A knowledge of the MITRE ATT&CK framework is beneficial. Ability to prioritise workload. Team management Excellent written and spoken English. Calm and logical approach. NETWORKS High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Ability to manage competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions. OTHER Fluency (written and spoken) in English CORE COMPETENCIES Leadership Establishes clear direction and sets stretch objectives. Aligns and energizes Associates behind common objectives. Champions the Novartis Values and Behaviors. Rewards/encourages the right behaviors and corrects others. Establishes clear directives and objectives. Communicates positive expectations for others on the team. Integrates and applies learning to achieve business goals. Customer/Quality Focus Assigns highest priority to customer satisfaction. Listens to customer and creates solutions for unmet customer needs. Established effective relationships with customers and gains their trust and respect. Defines quality standards to ensure customer satisfaction. Creates and supports world-class quality standards to ensure customer satisfaction. Fast, Action-Oriented Is action-oriented and full of energy to face challenging situations. Is decisive, seizes opportunities and ensures fast implementation. Strives for simplicity and clarity. Avoids bureaucracy. Alerts others to potential risks and opportunities. Keeps organizational processes simple and efficient. Takes acceptable/calculated risks by adopting new or unknown directions. Results Driven Can be relied upon to succeed targets successfully. Does better than the competition. Pushes self and others for results. Anticipates potential barriers to achievement of shared goals. Pushes self and others to see new ways of achieving results (e.g., better business model). Uses feasibility and ROI analyses to ensure results. Keeps pace with new developments in the industry.

Position summary:- We are seeking a skilled and detail-oriented L2 Cloudflare Engineer to join our infrastructure and security team. This role focuses on the daily administration, monitoring, and business-as-usual (BAU) operations of Cloudflare services. The ideal candidate will have hands-on experience with Cloudflare’s platform and a strong understanding of internet security, performance optimization, and DNS management. Key Roles & Responsibilities: Administration and BAU Operations Monitor and analyze WAF logs for threats, anomalies, or false positives. Respond to security events including bot attacks, DDoS mitigations, and rate-limiting triggers. Ensure SSL/TLS configurations are up-to-date and aligned with industry best practices. Maintain and review bot management policies Monitor availability dashboards, uptime tools, and origin health status. Perform routine checks on firewall rules, rate limits, and zero-trust policies. Validate traffic analytics, error rates, and configuration drift Performance & Optimization Monitor cache hit/miss ratios and tune page/transform rules as needed. Check CDN health across global PoPs and investigate latency issues. Review and maintain performance dashboards and analytics. DNS & Routing Verify DNS resolution accuracy and monitor propagation for recent changes. Maintain zone records and ensure changes are documented and approved. Troubleshoot domain routing issues and validate failover/load balancing Incident & Change Management: Investigate and resolve Cloudflare and WAF -related issues, coordinating with IT security and application owner teams. Assist in Root Cause Analysis (RCA) and remediation security and other incidents. Document and escalate persistent to vendor support and coordinate for resolution and troubleshooting. Participate in daily change reviews and implement approved DNS/firewall/config changes. Review and manage Cloudflare access roles, ensuring MFA compliance. Audit admin actions via dashboard or integrated logging tools. Reporting, Documentation and Compliance: Generate reports on WAF status, threat detections, and remediation actions. Support compliance audits by providing endpoint security logs and configurations. Follow change management and ITIL processes for security updates and policy changes. Maintain detailed daily logs of activities, incidents, and resolution steps. Prepare daily status reports and contribute to knowledge base updates. Assist in weekly and monthly reporting for compliance and performance reviews Basic Qualification: BE / B'Tech / MCA / MSc and 3–7 years of experience in network or security operations. Minimum 1–2 years of hands-on experience with Cloudflare administration. Proficiency with WAF, DNS, CDN, and SSL/TLS concepts. Familiarity with Cloudflare APIs, scripting (Bash, Python), or automation (Terraform) is a plus. Strong understanding of internet protocols (HTTP/S, TCP/IP, DNS). Experience using monitoring tools (Pingdom, Uptime Robot, Datadog, etc.). Knowledge of change management and ITIL processes. Preferred Qualifications: Cloudflare Certified Partner or relevant vendor certifications. CompTIA Security+, CEH, or other network/security credentials Knowledge of malware detection, forensic analysis, and threat intelligence. Familiarity with SIEM integration, endpoint compliance, and security policies. Strong problem-solving and troubleshooting skills. Good communication and teamwork abilities. Ability to work in rotational shifts (if required) and handle security incidents.

Secures premises and personnel by patrolling property, monitoring surveillance equipment, and access points. Investigates security breaches, incidents, and other alarming behavior. To train, supervise and control the Watch & Ward Staff of the Corporation to ensure proper security of the premises establishing and implementing comprehensive security strategies, policies and procedures to protect the company's infrastructure, employees and visitors.

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Manage SaaS application configuration settings, integrations Build compliance requirements and SaaS Application security baselines. Perform continuous monitoring of applications identifying security vulnerabilities and address through remediation efforts Preferred technical and professional experience Validate and maintain incident response plans and processes to address potential threats Determine risks and remediation options with implemented SaaS applications Evaluate new applications to ensure implementation can meet security baselines

Overview Experience:3-5 Years Location Hyderabad Analyst, Security Operations About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Security Operations at our Hyderabad office. This role is responsible for maintaining the confidentiality, integrity, and availability of personal information and company assets, ensuring compliance with Omnicom’s internal policies and standards. The Analyst will support the tools, technologies, and operational architecture that monitor and protect Omnicom’s physical and digital environments. This role plays a vital part in defending the organization’s infrastructure and data by executing daily operational security tasks and contributing to long-term strategic security initiatives. Key Responsibilities Manage and support cybersecurity tools and software that protect Omnicom’s digital and physical environments. Operate and maintain controls such as Web Access Firewall (WAF), Zero Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), Cloud Firewall (CFW), Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM) systems. Deploy and maintain software agents and intermediate nodes to facilitate secure operations across cloud and on-premises environments. Collaborate across internal Omnicom teams as well as with external support, accounting, and engineering teams from trusted security partners. Monitor environments for security threats and respond in accordance with incident response protocols. Support ongoing security posture improvement initiatives and assist in risk mitigation efforts. Qualifications Required Qualifications 3–5 years of experience in security operations, cybersecurity, or IT infrastructure. Working knowledge of security platforms such as WAF, CASB, ZTNA, CFW, EDR, and SIEM tools. Familiarity with incident detection, triage, and response processes. Experience in agent deployment and system integration for enterprise-wide security tools. Strong analytical and problem-solving skills with a proactive security mindset. Ability to coordinate across teams and manage third-party security service providers. Excellent communication skills and a detail-oriented approach to operational tasks. Preferred Qualifications Security certifications such as CompTIA Security+, GIAC, or equivalent. Experience with cloud security frameworks and zero trust architecture. Exposure to regulatory compliance environments (e.g., GDPR, HIPAA, ISO 27001).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Description: We are looking for an enthusiastic and dependable Entry-Level NOC/SOC Support Analyst to join our on-site team in ChandigarhMohali. This position is suited for individuals at the early stages of their IT or cybersecurity careers, with a passion for monitoring, troubleshooting, and continuous learning. As part of a rostered shift, you will be responsible for monitoring and managing both NOC (Network Operations Centre) and SOC (Security Operations Centre) support queues ensuring timely responses, accurate escalation, and clear communication. Key Responsibilities Monitor networks, systems, and security alerts using various NOC and SOC platforms. Respond to and triage incidents raised in the support queue (network/system/security related). Perform initial investigation and analysis of events to determine severity and priority. Escalate incidents according to predefined workflows and procedures. Conduct basic troubleshooting on infrastructure or endpoint issues before escalation. Maintain accurate and detailed incident documentation in the ticketing system. Run scheduled infrastructure and security health checks and log observations. Coordinate with internal and external stakeholders during incident resolution. Follow shift handover procedures to ensure continuity. Participate in the 24x7 rotating roster (including nights, weekends, and holidays). Requirements A degree/diploma in Information Technology, Computer Science, Cybersecurity, or a related field. Basic understanding of: Networking (TCP/IP, LAN/WAN, DNS, firewalls, etc.) Operating systems (Windows/Linux basics) Cybersecurity fundamentals (threats, vulnerabilities, malware types) Clear written and verbal communication skills. Excellent problem-solving and team collaboration abilities. Willingness to work on-site and in a rotating 24x7 shift pattern. Preferred Qualifications Exposure to network and system monitoring along with monitoring over EDR or SIEM tools. Familiarity with ticketing systems like ServiceNow, Jira, Fresh Service or similar. Entry-level certifications such as CompTIA Security+, CCNA, or equivalent (desirable but not mandatory). What We Offer Hands-on exposure to both network and security operations. Clear career growth path with mentorship and learning support. Opportunity to work with cutting-edge cybersecurity and infrastructure technologies. A supportive team culture focused on professional development

Skills Technical process trainer in Cyber Security, Network Security, Web application, Mobile application & API, Cloud Security, Cyber Security Governance and Security Operations Centre Incident Management Excellent Communication, Strong Interpersonal skills, Organizational and Presentation skills : Conduct pre-scheduled seminars and trainings for college students and corporate employees Conduct Training sessions on Cyber Security, Web Application Security and concepts of VAPT Enhancing Course plans, Assignments and Presentations to suit the training needs Designing hands-on sessions with practice labs Providing assessments for measuring proficiency of the trainees Impart training programs, webinars, workshops in groups or individually Maintain training related MIS (attendance, feedback forms, evaluation scores and certificate issued) Incorporate participants feedback for improvisation of the training programs Working on Creative slides and upgrading training material Researching the latest security best practices, staying abreast of new threats and vulnerabilities, technologies Flexible in travelling for delivering the training at Varutra offices or client locations if needed Any Certification related in Cyber Security would be beneficial Required Skills Proven experience as technical process trainer in Cyber Security, Network Security, Application Security (Web, Mobile, API), Cloud Security, Cyber Security Governance and Security Operations Centre Incident Management Hands-on experience in delivering security testing and ethical hacking modules on Penetration Testing, OWASP testing methodologies to corporate as well as freshers Hands-on working experience and understanding of OWASP Top 10 Technical experience in conducting cyber security assessments, vulnerability and exploitation engagements Knowledge of modern training techniques and tools Should have Excellent Communication, Strong Interpersonal, Organizational, and Presentation skills Innovative and able to think outside the box

Role & responsibilities Job Role: Technical Consultant. Shift: US Shift Work Mode: Hybrid Relevant Experience: 5+ Job Description : This opportunity will suit a motivated ServiceNow Developer with a demonstrated record of offering ServiceNow related design and development support, successfully delivering on a wide range of ServiceNow related technical engagements. The successful candidate(s) will be responsible for, but not limited to, the following duties: Develop, design, and optimize security operation solutions within ServiceNow, including but not limited to, Security Incident Response and Vulnerability Response. Assist in the configuration and development of ServiceNow SecOps applications and modules. Provide technical expertise in identifying, evaluating, and implementing effective solutions, procedures, and systems that meet business requirements. Coordinate with internal stakeholders to understand their security operations needs and translate them into functional and technical requirements. Create and maintain system design documentation, process, and procedure documentation, and training materials. Perform system and integration testing with sample live data. Facilitate user acceptance testing to ensure the solutions meet requirements and operate correctly. Provide ongoing support and maintenance of the SecOps solutions VRM Solutions. Collaborate with other IT, Security, and business units to ensure comprehensive, high-quality, and timely delivery of projects. Continuously stay updated with the latest industry best practices and apply this knowledge to improve our SecOps environment. Skills Requirements: Bachelors degree in computer science, Information Systems, or related field. 5 years of experience working with ServiceNow platform with a focus on SecOps module. Experience in the development and implementation of security incident response and vulnerability response within ServiceNow. Proficiency with JavaScript, HTML, CSS, and one or more scripting languages. Knowledge of REST and SOAP web services. Strong understanding of security and privacy concepts. Proven problem-solving skills and the ability to work collaboratively with other departments to resolve complex issues with innovative solutions. Excellent communication skills, both verbal and written. Preferred: ServiceNow Certified Implementation Specialist Security Operations Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)ITIL Certification Any other relevant industry certifications related to security or ServiceNow development. Link to Apply https://www.jobs.global.fujitsu.com/job/ServiceNow-SecOps-Technical-Consultant-1024/1024-en_US/

Expertise on material management (Inwards/Outwards) Should be able to maintain visitors' entry Must be Computer proficient Should have knowledge of CCTV access & monitoring Must have exposure on fire fighting & safety Required Candidate profile Candidates must be from Manufacturing industry only Age- 40-45 years Experience reqd.- 10-15 years Should be able to work in 12 hours shift

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security. Keywords SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity* Mandatory Key Skills SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity*

Description The Information Security Analyst will work under the direction of IT Security management in the implementation and monitoring of security tools and infrastructure solutions. This mid-level hands-on role requires someone with 3 to 7 years of IT Security technical experience in a mid to large corporate environment. He/She will have a strong understanding of information security, Firewalls, Routers, Switching, IDS, SIEM, VPNs, Encryption, Vulnerability scanning, Virus and Malware, VLAN, AD, DMZ’s, Proxies, VMware and Access Control technologies. Primary Responsibilities IT Security - Monitor and analyze security alerts / logs and information, escalating as needed. Monitor and control access to secure data and segmented network environments. This individual will be responsible for conducting penetration tests and vulnerability assessments. Configure security devices and tools following management guidelines and vendor specifications. Test proposed security configurations and changes in the IT Security laboratory. Analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches. Conduct regular security vulnerability scans of wired & wireless network infrastructure and data. Recommend IT Security solutions as needed. Disaster Recovery - Assist the DR team in the DR process as needed. Provide IT Security support to the DR team as needed. Participate in quarterly DR tests. Reporting - Monitor, gather and report on IT Security related incidents and provide regular activity reports. Report on the status of Remediation work related to the implementation, change, retirement or upgrade of IT Security and DR controls and processes. Soft Skills This position involves a high level of interaction with all levels of the organization. The candidate must be able to multitask in a cooperative / collaborative multicultural environment and must be familiar with delivering security solutions following standards based frameworks (ISO 27000, NIST, COBIT or SANS) with clearly defined controls and processes. The ability to work on long term multi-stage projects will be crucial to his/her success as well as good verbal and written communication skills. Technical and Educational Experience Bachelor’s degree in Computer Science, Business Administration, or equivalent work experience. Minimum of 3 years’ experience in Information Security. Certifications, such as CISSP, CEH, GCFE, GPEN, GWAPT, CompTIA security, preferred or able to obtain within 9 months of employment. Experience with SIEM and Log management (Splunk, Syslog, Events Logs, ELK, etc.) Understanding of Automation and Machine Learning concepts Familiarity with security configurations for Microsoft Windows Networks – Microsoft Windows. Cisco Firewalls and Routers and Linux. Familiarity or hands-on experience with Nessus, Tripwire File Integrity Monitoring, IAM, WireShark, MS-Data Protection Manager, Next Generation AV tools, EDR.

Job Purpose: Chief security officer to organize and oversee all security operations to create and preserve an environment where employees, visitors and property are safe and well-protected. He / She will maintain high standards of professionalism as outlined in the code of Fernandez Foundation professional conduct. Job Responsibilities: Security Management - Maintaining 24/7 surveillance by deploying guards as per Hospital policy. - Maintained and checked daily record of Incidents. - Minimum closure of the incident will be 2-3 days but also depends on case to case. - Weekly inspection of key management and its records with signature. - Briefing of supervisors should be scheduled on the 15th of every month. - Weekly inspection of attendance registers of all units. - Weekly inspection of daily work routine of supervisors of all units with signature. - Weekly feedback from all unit administrators and resolving the issue immediately or with 2/3 days depending on case to case. - Submission of attendance to HR on the given timeline. - Monthly maintenance of safety equipment and CCTV with coordination with the maintenance and IT department. Leadership Skills - Disciplined, positive attitude, and optimized delegation of work. - To review and revise the security policy of the Hospital from time to time. - Analyse and evaluate security operations to identify risks or opportunities for improvement. - Problem solving attitude. Team/People Management - Planning and Delegation of work to the team - Liaison with Government agencies for resolving the issue as and when required. - Briefing and training monthly abouts security aspects to the team. - Submission of attendance to HR on the given timeline. - Maintaining minimum staff on ground so that the security aspect should not impact. - Minimum attrition rate. Budget Management - To ensure maximum services with minimum cost. - *Compliance and Training* - Complete all training within due dates. Ethics & Integrity - Ethical behaviour at the workplace. Job Requirements: - Professional / Educational Qualifications - Graduate/Postgraduate Skills & Knowledge: - Organizational and Leadership Skills - Good Listener and communicator - Planning and Time Management - Analytical and Critical Thinking - Problem solving skill - Communication Skills Fluency in English (verbal and written) - Computer Skills Fluent in MS office - Should be able to work under pressure

OPPORTUNITY OVERVIEW As a Platform Specialist Team Lead at ZeroFOX, you will join a team of highly skilled individuals working to prevent cyber attacks for enterprise-level commercial and government customers. Using our proprietary hybrid intelligence platform, this role specifically focuses on supporting existing customers by providing detailed analysis and contextualization regarding a variety of cyber risks. You will have the opportunity to research these risks, develop notification and alert packages, and present your findings to customers. Your goal: Keep our customers safe with detailed threat intelligence information, and present findings in a professional manner. Responsibilities: Analyze large volumes of data for customer-related risks. Create risk notification and alert packages for customers. Interface with customers and stakeholders to provide analysis reports and details. Support and respond to customer requests for further information and analysis. Responsible for communications with the customers including: phone, video, email, and authoring reports. Triage alerts for customers to give real time intelligence. Act as an escalation point for Tier 1 alert analysis, platform configuration, and trend analysis; Managing the team based on metric driven outcomes Serve as a resource for the Account Management team to explain the managed service. Act as a customer advocate internally, working across appropriate teams to solve customer challenges Support team productivity and outputs during assigned shifts. Identify opportunities for process improvement and efficiency. Provide coaching, training, and mentorship to team members. Act as a liaison between team members and upper management. Conduct regular performance evaluations and provide feedback to team members. Provide regular updates and reports on team progress to upper management. Required Qualifications: Attention to detail Experience working in a team environment and responsible for certain aspects of service delivery Ability to lead a team and be a point of contact as a subject matter expert Knowledge of the cyber threat environment including how the following sources of data enable cyber operations: major social networks (knowledge of emerging networks a big plus); dark web; domain abuse; analyze security incidents, such as account breaches, unauthorized access, or malicious content etc. Superior research and analysis skills Ability to convey complex ideas, trends, and information in a simple way (a writing sample will be requested as part of the interview process) Ability to extrapolate trends from mass amounts of disparate data Solid interpersonal and social skills Experience with other SaaS, cyber security, or social media products or services is preferred Must be willing to work alternative work schedule including partial weekends Big Bonus: Basic scripting capabilities: JavaScript, Python, or similar; at minimum being able to review and edit basic code structure Comfort working with a quickly growing team Ability to quickly adapt and recommend solutions as needed A self-starting mentality, when you find a problem, you alert the team, and fix ityou dont wait for the next task. Familiarity and comfort with producing superior work while meeting aggressive deadlines Benefits Competitive compensation Community-driven culture with employee events Generous time off Best-in-class benefits Fun, modern workspace Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture

Wayfair is the online leader for home furnishings and decor. Through technology and innovation, Wayfair makes it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 8 million items across home furnishings, d cor, home improvement, housewares and more. Wayfair operates a growing Security Operations Center and we re looking for a talented Security Engineer to join and help grow our team. Our Security Operations team is tasked with monitoring and protecting Wayfair from an ever growing number of security risks, and finding new and creative ways to do so. We have a strong focus on engineering and innovation, and are seeking individuals who love to find new problems and hate fixing the same problem twice. What You ll Need 2+ years experience working in cyber security operations Understanding of the threat landscape, the latest security trends, attack vectors for corporate and cloud environments, and how build detection and response tooling to identify and respond to malicious actors Experience with SOAR/SIEM technologies Experience with incident detection and remediation Working knowledge of threat vectors, vulnerabilities, and what anomalies to look for Working knowledge of Linux and/or Windows logs & indicators Python experience to build and automate tooling Experience writing SIEM logging parsing rules Experience with incident response and monitoring tools, such as SIEM, EDR, cloud monitoring, etc. Strong communication skills to describe challenges and roadblocks when building and maintaining our security operations tooling and logging Understanding of cyber security best practices and frameworks such as NIST, MITRE, ATT&CK Framework, and OWASP Top 10 What You ll Do In this role you will work closely with the cyber security organization to build monitoring and response tooling and processes to reduce our mean-time-to-detect and remediate to keep up with threat actors changing tactics, techniques, and procedures (TTPs) Logging - Gather all security relevant cloud, infrastructure and application logs parsed, and into our SIEM Detection - Setup detection and prevention rules and policies, PoC and deploy tools that help with detection, tune/audit deployed rules/policies in security tools on true and false positives, setting up a detection framework Response - Build plan and procedures for Incident Response, create playbooks to be followed, automate response, develop/deploy malware analysis tools and techniques, forensic tools and techniques to capture evidence/malware, PoC and deploy tools that help with response, integrate with customer service teams and engineering teams etc. Build security alerts & dashboards in various incident response tools. Monitor for suspicious activities/alerts in the cloud / infrastructure / application from various sources such as internal reports from employees as well as external reports such as customers/social media, vendors, partners, bug bounty programs etc., deployed/integrated security tools, data visualization tools etc. Build and maintain security infrastructure tooling that supports continuous SOC operations and vulnerability management As needed, support the response to security alerts and incidents, and take appropriate action to remediate and resolve .

Position : L3, Location Juinagar Shift : 9x5 Job Description: SIEM and NBAD Specialist Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Cyber threat collection & Analysis, Global Threat Feed Tools, SOC Automation, Forensics Artifact handling & Analysis, Incident Response, Tradecraft Analysis, Security Consulting & Training, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders, Perform analysis on the reported incidents, determine the root cause, recommend the appropriate solution ensure the necessary SOC documents like operating, procedures, configuration management, Low Level Design, etc. are up to date with the changes made in their respective areas. Work on tickets assigned by L1/L2 for further analysis and ensure timely response and resolution of tickets as per SLA. Maintain MTTR and MTTD. Reporting the security events/ incidents to SOC Manager other relevant/ designated stakeholders. Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior.\ SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 8+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory .

* Job Title Assistant Manager - Security & Safety Department / Division Operations External Interface (Enlist external agencies/authorities that you are required to deal with while discharging your duty) Government/ regulatory authorities/ statutory/ law enforcement agencies Security vendors/ agencies (outsourced agencies/ equipment manufacturers/ Security Guard Board, etc.) Medical Agencies Retailers Minimum Qualification (i.e education, training etc.) Graduate in any discipline Diploma in Industrial Safety & Fire Fighting Course or any other related course (desired) Minimum Experience 3-5 years of experience (retail/real estate industry preferred) Special Skills/Attributes (required for performing the job effectively) Knowledge of security operations in malls Liaisoning skills Knowledge of statutory legislations pertaining to safety Disaster Management techniques Overall Purpose/Objective Of the job Responsible for ensuring adherence to defined safety and security guidelines for all operations with focus on specific geographic areas of the Centre and assist the Chief Security Officer in establishing systems, processes and procedures for providing a safe and secure environment at the Centre Key Responsibilities (List major responsibilities, that you have, to achieve the key objectives) Ensure adherence to defined security processes and systems for all Center operations to ensure safe and secure environment for all retailers, customers, and employees Ensure the security manual is shared with all internal and external stakeholders, including retailers, other departments, contract agencies, etc. Manage the location-wise manpower deployment schedule and security equipment requirements with outsourced agency on a regular basis Regularly monitor the performance of the outsourced agency staff to ensure adherence to the defined Service Level Agreements (SLAs) Responsible for checking of quality of all safety and security equipments delivered as against requirement and also its regular maintenance Ensure timely preparation of various reports (incident/ observation report, command center report, etc.) for the functional operations Liaison with various regulatory authorities/ government agencies (such as police, fire department, RTO, courts, Security Guard Board, National Security Guards (NSG), municipal corporation, local political leaders, etc.) to establish and maintain relationship to help ensuring safe and secure environment at the Center Ensure regular audit of the security operations to ensure compliance with security protocols Ensure physical safety and provide proximity protection for employees and visitors in case of any emergency as well as provide escort services for the VIP visitors as required on a case to case basis * Minimum Qualification (i.e education, training etc.) Graduate in any discipline Diploma in Industrial Safety & Fire Fighting Course or any other related course (desired)

* Job Title Executive - Security Department / Division Operations Minimum Qualification (i.e education, training etc.) Any Graduate Minimum Experience 1 - 3 years of experience in Operations in retail industry Special Skills/Attributes (required for performing the job effectively) Knowledge of security operations in malls Knowledge of statutory legislations pertaining to safety Disaster Management techniques Overall Purpose/Objective Of the job Responsible for ensuring adherence to defined safety and security guidelines for all operations with focus on specific geographic areas of the Centre Key Responsibilities (List major responsibilities, that you have, to achieve the key objectives) Manage and execute the location-wise manpower deployment schedule and security equipment requirements with outsourced agency on a regular basis Regularly monitor the performance of the outsourced agency staff to ensure adherence to the defined Service Level Agreements (SLAs) Responsible for checking of quality of all safety and security equipments delivered as against requirement and also its regular maintenance Ensure timely preparation of various reports (incident/ observation report, command center report, etc.) for the functional operations Liaison with various regulatory authorities/ government agencies (such as police, fire department, RTO, courts, Security Guard Board, National Security Guards (NSG), municipal corporation, local political leaders, etc.) Ensure regular audit of the security operations to ensure compliance with security protocols * Minimum Qualification (i.e education, training etc.) Any Graduate

* Job Title Executive - Security Department / Division Operations Minimum Qualification (i.e education, training etc.) Any Graduate Minimum Experience 1 - 3 years of experience in Operations in retail industry Special Skills/Attributes (required for performing the job effectively) Knowledge of security operations in malls Knowledge of statutory legislations pertaining to safety Disaster Management techniques Overall Purpose/Objective Of the job Responsible for ensuring adherence to defined safety and security guidelines for all operations with focus on specific geographic areas of the Centre Key Responsibilities (List major responsibilities, that you have, to achieve the key objectives) Manage and execute the location-wise manpower deployment schedule and security equipment requirements with outsourced agency on a regular basis Regularly monitor the performance of the outsourced agency staff to ensure adherence to the defined Service Level Agreements (SLAs) Responsible for checking of quality of all safety and security equipments delivered as against requirement and also its regular maintenance Ensure timely preparation of various reports (incident/ observation report, command center report, etc.) for the functional operations Liaison with various regulatory authorities/ government agencies (such as police, fire department, RTO, courts, Security Guard Board, National Security Guards (NSG), municipal corporation, local political leaders, etc.) Ensure regular audit of the security operations to ensure compliance with security protocols * Minimum Qualification (i.e education, training etc.) Any Graduate

* Job Title Assistant Manager - Security & Safety Department / Division Operations External Interface (Enlist external agencies/authorities that you are required to deal with while discharging your duty) Government/ regulatory authorities/ statutory/ law enforcement agencies Security vendors/ agencies (outsourced agencies/ equipment manufacturers/ Security Guard Board, etc.) Medical Agencies Retailers Minimum Qualification (i.e education, training etc.) Graduate in any discipline Diploma in Industrial Safety & Fire Fighting Course or any other related course (desired) Minimum Experience 3-5 years of experience (retail/real estate industry preferred) Special Skills/Attributes (required for performing the job effectively) Knowledge of security operations in malls Liaisoning skills Knowledge of statutory legislations pertaining to safety Disaster Management techniques Overall Purpose/Objective Of the job Responsible for ensuring adherence to defined safety and security guidelines for all operations with focus on specific geographic areas of the Centre and assist the Chief Security Officer in establishing systems, processes and procedures for providing a safe and secure environment at the Centre Key Responsibilities (List major responsibilities, that you have, to achieve the key objectives) Ensure adherence to defined security processes and systems for all Center operations to ensure safe and secure environment for all retailers, customers, and employees Ensure the security manual is shared with all internal and external stakeholders, including retailers, other departments, contract agencies, etc. Manage the location-wise manpower deployment schedule and security equipment requirements with outsourced agency on a regular basis Regularly monitor the performance of the outsourced agency staff to ensure adherence to the defined Service Level Agreements (SLAs) Responsible for checking of quality of all safety and security equipments delivered as against requirement and also its regular maintenance Ensure timely preparation of various reports (incident/ observation report, command center report, etc.) for the functional operations Liaison with various regulatory authorities/ government agencies (such as police, fire department, RTO, courts, Security Guard Board, National Security Guards (NSG), municipal corporation, local political leaders, etc.) to establish and maintain relationship to help ensuring safe and secure environment at the Center Ensure regular audit of the security operations to ensure compliance with security protocols Ensure physical safety and provide proximity protection for employees and visitors in case of any emergency as well as provide escort services for the VIP visitors as required on a case to case basis * Minimum Qualification (i.e education, training etc.) Graduate in any discipline Diploma in Industrial Safety & Fire Fighting Course or any other related course (desired)

Key Responsibilities/Deliverables (Min 4 need to be filled in decreasing order of importance) 1.Ensure a full compliancy with Schneider Electric Security Policies - including new means coming from Industrialization - and rectify the potential deficiencies. 2.Own the inventory of all OT assets and ensure data accuracy via Claroty. 3. Havinfg the strong knowledge of Network and OT Devices like PLC, HMI,SCADA, Desktop and communication protocol like Modbus , TCP Modbus , TCP/IP. Must have network knowledge , Vlan and Firewall. 4.Monitor potential cyber threats and mitigate them with remote support from the Connected Services Hub. Remediate identified cyber vulnerabilities with support from Schneider Digital when needed. Support Incident Response Process when a cyber incident is detected and handled by the Security Operations Center in collaboration with Security Team.. 5. Support transformation projects launched by the global Cybersecurity Team to sustain the Plant Cybersecurity Performance. 6. Need good Communication Skills, to co-ordinate effectively with internal customers. Key Responsibilities/Deliverables (Min 4 need to be filled in decreasing order of importance) 1.Ensure a full compliancy with Schneider Electric Security Policies - including new means coming from Industrialization - and rectify the potential deficiencies

What is a SOC analyst? SOC analysts can be understood as the first point of contact to any incident/threat in basic terms. SOC stands for Security Operations Center, and it consists of multiple analysts who work 24x7 rotational shifts to fight against threats that could harm an organization. A SOC analyst generally is responsible for assessing the endpoints and look for vulnerabilities using various tools and technologies. However, the role of a SOC analyst is not limited to this: SOC Analyst Job Duties and Responsibilities: Evaluate critical security incidents using detection tools. Investigate event alerts and logs from multiple endpoints. Analyze and co-relate logs from the firewall, IDS/IPS, AVs, O365, etc. Work in a 24x7 pro-active environment and respond to security alerts. Document and report incidents/offenses to the clients. Use Endpoint detection tools to detect malware across the client s environment. Maintain and send monthly, weekly reports and other client-specific documentation. Work on industry standard SIEM solutions to analyze incidents and create complex indexed searches. Using analytical skills to whitelist False Positives incidents. Keep yourself updated on security news/vulnerabilities and compose a set of Use Cases. Use basic scripting knowledge to automate processes. Onboarding new clients from scratch and configuring their network environment. Identifying compromised Endpoints by analyzing payloads/logs and notifying clients. Work on latest security technologies, including Email filtering, Compliance and Patch management, Syslog management, MDR, and SIEM.

The primary objective of the Security & Loss Prevention coordinator is to ensure the protection of people & assets of Amazon s FC in accordance with global Security guidelines and Policies The role is cross-functional and requires deep collaboration and influencing ability with stakeholders from business and corporate functions To Assist Security Manager, in day to day activities, planning, sourcing and executing the process and procedure. The Security Coordinator along with Security Team works together to ensure and maintain high quality and timely support to the Operations of the organization 1. Security Operation Rationalization & Review of Guard Force Profiling of Guard Force Implementation & Follow-up of Security Plan Review of Post Site Instruction Reports - Daily, Weekly, Monthly, Half yearly and Annual Security Team is ensuring that SLAs for all processes are being taken care of All the Control Room systems are functioning properly Patrolling Observations & Corrective action and follow ups Daily Vehicle Movements Ensure all posts are 4M & 5S compliant 2. Audits/Certifications Keeping the plans & SOPs updated Periodical Check of Documentation Preparation of Documents for Internal & External Audits Follow up on Lights, Hydrants, Emergency Exit door, & all access reader Reports No of Employees entry / Exit thru Frisking Points Review of Manpower required at Frisking Points Maintenance of Systems Installed at Frisking Area Maintenance of Systems Installed at Frisking Area & Improvement Surprise Check and reports 5S Audits of all Frisking Points and Implementation of suggested Points 4. Process Improvement & Loss Prevention Program Process Review & Necessary Improvements Process Improvisation Quarterly Assessment Loss Prevention Report Feed backs from Shop Floors Follow up & Completion of CAPA Loss Prevention Audits 5. Scrap Disposal Auditing Process Review & Necessary Improvements No of Vehicle in & Out Movement Surprise Checks and Scrap yards and report Cross functional Team Audits 6. Security System Ensure 95 % serviceability of all Systems Ensure 100% Training of all security guards Controlling of Access & Review of Access level Hygiene Status Report & Operational Effectiveness of Security gadgets. Preventive maintenance Schedule for all Security Gadgets & its Improvements Monthly Review Meeting with AMC Vendor and Updates New Projects & Completion report Reports - Daily, Weekly & Monthly reports Daily Defect Follow ups Reports & Follow ups Of Near Miss, Suspected Movements & Process violation at production 7. Loss Prevention Analysis Working closely with ICQA team and do the analysis of all unreconciled ASINs Quick Completion Investigation and submission of reports Loss prevention audits and recommendations if any Surprise Checks and submission of reports Follow up & Completion of CAPA with regards to Concern areas 8. Security Stores and Assets Maintenance of updated Assets list Maintenance Schedule of Assets & Security Gadgets 1. Security Operations 2. Audits 3. Process Improvement & Loss Prevention Program 4. Security Stores & Assets 5. Loss Prevention Analysis Graduation with minimum 3 years of experience in the field of Security, Loss Prevention, Shrinkage, Asset Protection, Investigations, Inventory University degree level or equivalent through experience and professional certification. A minimum of 3- 5 years in law enforcement or security-related profession. Extensive and up to date knowledge of security equipment and technology. Experience in managing or coordinating security investigations of complex nature. Knowledge of information security processes and systems. Experience in security auditing. Exposure to MNC culture and dynamics. Graduation with minimum 3 years of experience in the field of Security, Loss Prevention, Shrinkage, Asset Protection, Investigations, Inventory University degree level or equivalent through experience and professional certification. A minimum of 3- 5 years in law enforcement or security-related profession. Extensive and up to date knowledge of security equipment and technology. Experience in managing or coordinating security investigations of complex nature. Knowledge of information security processes and systems. Experience in security auditing. Exposure to MNC culture and dynamics.

”’ We're HiringNetwork Security Engineer! ”’ We are seeking a skilled and detail-oriented Network Security Engineer to join in Mumbai Suburban The ideal candidate will have extensive experience in network security protocols, risk assessment, and vulnerability management to safeguard our organization's data and infrastructure. “ LocationMumbai Suburban, India Work ModeWork From Office ’ RoleNetwork Security Engineer What You'll Do: Experience in Palo Alto firewall is mandatory. Key Responsibilities: Global Network Security Operations with managing Incidents and Requests on Palo Alto Firewall, DNS, DHCP, Proxy (Zscaler and Netskope ) Key Performance Indicators: Firewall Implementation, Resolution of Palo Alto Firewall, DNS, DHCP, Proxy (Zscaler and Netskope ) Incidents and Requests to maintain high Network Availability for end users/ businesses QualificationB.E (EXTC) Functional Skills/Competencies: Perfect communication in English, End-user service oriented, Good Interpersonal skills, Ability to work under pressure,Rigour and synthesis, Advanced level of troubleshooting skills Behavioural Skills/Competencies: Autonomy, Able to demonstrate rigour and a willingness to adhere to the defined processes and procedures, Strong understanding and knowledge of Internet infrastructures, Experience in IT infrastructure support. Ready to secure our futureš" Apply now and be part of our mission! Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Monitor and analyze attempted efforts to compromise security protocols. Identify and investigate activities and conduct and provide analyses regarding results Collaborate with other Cyber Defense teams Review SIEM alerts and logs to identify and report possible security issues Serve as an escalation resource and mentor for other SOC analysts Perform investigations and escalation for complex or high severity security threats or incidents Work across the organization to define, develop, and refine correlation rules Participate in writing security status reports to provide system status, report potential and actual security violations and provide procedural recommendations Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program Participate in developing and supporting strategic plans and projects to meet Global Security and SOC goals and objectives Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Maintain a solid working knowledge of Information Security principles and practices Research the current information security and event monitoring trends, and keep up to date with SOC issues, technology, and industry best practices Coordinate evidence/data gathering and documentation and review Security Incident reports Assist in strategic initiatives Provide recommendations for improvements to security operational monitoring and incident response procedures based on operational insights Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience Security certifications (e.g. Security+, Network+, Cloud+, AZ-900 (Microsoft Azure Fundamental), SC-200 (Microsoft Security Operations Analyst, etc.) Experience in incident detection and response Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms Willing to work in a team-oriented 24/7 environment; schedule flexibility as needed to work with a global team Preferred Qualifications Experience building use cases and performing log analysis using technology like KQL, Splunk, AlienVault, Q-radar etc. SOAR or Scripting experience using Python, PowerShell etc. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.