674 Security Operations Jobs - Page 7

We are seeking a highly skilled Software Engineer II to help shape the future of AI-powered application development. If youre passionate about cutting-edge technology, scalable systems, and solving real-world challenges, this is your opportunity. What Youll Do as a Software Engineer II As part of our engineering team, you will: Leverage AI-powered Development Use Cursor, Copilot, and other AI tools to enhance productivity, optimize workflows, and automate repetitive tasks. Develop Data-Driven Applications Build consumer-grade interfaces and APIs that power our advanced behavioral AI insights. Combat Modern Cyber Threats Design and deploy secure, scalable systems that detect and prevent sophisticated cyberattacks. Collaborate with Fortune 500 Enterprises Work with customers and security teams to rapidly iterate and deliver impactful solutions. Build at Scale Design backend services and cloud architectures that support billions of security events across enterprises worldwide. Technical Requirements Were looking for engineers who have: 3+ years of professional experience in software development. Backend development experience with Python, TypeScript, or Go. Proficiency in frontend frameworks React, Angular, or Vue. Familiarity with AI development tools such as Cursor, GitHub Copilot, or Claude. Experience / passion in building scalable, enterprise-grade applications. Knowledge of cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Strong fundamentals in computer science, data structures, and performance optimization.

We are seeking a highly skilled Software Engineer II to help shape the future of AI-powered application development. If youre passionate about cutting-edge technology, scalable systems, and solving real-world challenges, this is your opportunity. What Youll Do as a Software Engineer II As part of our engineering team, you will: Leverage AI-powered Development Use Cursor, Copilot, and other AI tools to enhance productivity, optimize workflows, and automate repetitive tasks. Develop Data-Driven Applications Build consumer-grade interfaces and APIs that power our advanced behavioral AI insights. Combat Modern Cyber Threats Design and deploy secure, scalable systems that detect and prevent sophisticated cyberattacks. Collaborate with Fortune 500 Enterprises Work with customers and security teams to rapidly iterate and deliver impactful solutions. Build at Scale Design backend services and cloud architectures that support billions of security events across enterprises worldwide. Technical Requirements Were looking for engineers who have: 3+ years of professional experience working on data-intensive applications and distributed systems. This is not a Data Engineering role. Backend development experience with Python or Go. Depth in at least one key area of the data platform tech stack - batch processing, streaming systems, data orchestration, data infrastructure. Familiarity with AI development tools such as Cursor, GitHub Copilot, or Claude. Experience / passion in building scalable, enterprise-grade applications. Experience with any big data technologies such as Spark or Databricks or Trino or Kafka/Hadoop etc. Knowledge of cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Strong fundamentals in computer science, data structures, and performance optimization.

About You Youre an experienced, customer-obsessed technical support professional with a passion for solving complex problems in high-stakes environments. With 4+ years of experience, youve developed a track record of supporting enterprise customers, driving technical investigations, and advocating for continuous product improvement. You're energized by the evolving threat landscape in email and SaaS security, and youre excited to support a platform that uses behavioral AI to stop the attacks others miss. You're equal parts communicator, troubleshooter, and customer championcommitted to delivering exceptional support and building customer trust at every step. What You Bring: 4+ years in technical support roles, ideally in cybersecurity, enterprise SaaS, or API-driven platforms. Strong knowledge of email security fundamentals, SaaS platforms, and cloud ecosystems like Microsoft 365, Google Workspace, Slack, Okta, Splunk, Crowdstrike, Cortex SOAR, Rest API or Zoom. Proven ability to debug complex technical issues, analyze logs, and collaborate cross-functionally with Engineering and Product teams. Excellent written and verbal communication skills, with the ability to explain technical concepts to both technical and non-technical stakeholders. Familiarity with support and collaboration tools such as Zendesk, Salesforce, Jira, and Confluence. A mindset for continuous learning, efficiency, and improving both the customer experience and internal support processes. Experience using AI tools (e.g., GPT-based assistants, internal chatbots, or AI-powered support platforms) for troubleshooting or prompting is a strong plus. In This Role, You Will: Act as a trusted L1 technical advisor for enterprise customers using Abnormals Cloud Email Security, AI Security Agents, and Saas Security. Own and resolve inbound support ticketsincluding configuration issues, API questions, behavioral false positives, and threat investigations. Provide customers with clear, timely updates, root cause insights, and solution recommendations that reinforce product confidence and trust. Collaborate closely with Engineering to ensure timely, high-quality resolutions and robust post-mortem documentation. Support seamless customer onboarding and engagement by working alongside Customer Success Managers. Create and maintain internal and external knowledge base content to improve case deflection and empower customers. Identify patterns in support interactions to flag recurring pain points and drive product improvements.

About the Role Abnormal Security is looking for a Senior Detection Engineer to join our Security & Privacy team. As a cybersecurity leader, we continuously adapt to threat actor behaviors by building resilient detection logic and automated response mechanisms. In this role, youll take ownership of the SIEM platform(s) by administering, optimizing, and building high-fidelity detection content. You will also drive automation initiatives using SOAR platforms, working closely with Cyber Defense analysts, Security Engineering, and broader infrastructure teams to improve detection efficacy and incident response at scale. What you will do SIEM Engineering & Administration: Own the administration and optimization of our SIEM platform. Ensure ingestion, normalization, parsing, correlation, and search performance are tuned for security use cases. Detection Engineering: Create and maintain detection content to identify malicious behaviors, suspicious activities, and policy violations. Continuously tune rules and logic to reduce false positives and improve fidelity. SOAR & Security Automation: Design and implement automation playbooks to streamline incident triage, enrichment, response, and escalation workflows using SOAR platforms. Threat-Informed Detection: Collaborate with Threat Intelligence and Incident Response teams to operationalize attacker TTPs into automated detections mapped to frameworks like MITRE ATT&CK. Content Development: Build custom queries, dashboards, and visualizations in the SIEM to provide insights to stakeholders and measure security control efficacy. Detection Lifecycle Management: Define and implement processes to govern the full lifecycle of detections from ideation and development to validation, deployment, and tuning. Cross-Team Collaboration: Work with Infrastructure, Application Security, and IT teams to ensure comprehensive coverage of logs and telemetry and to support response automation. Documentation & Enablement: Maintain documentation for detection rules, automation workflows, and SOPs. Train analysts on how to use and improve detection content. Must Haves Bachelors Degree in Information Security, Computer Science, Engineering, or equivalent practical experience. 5+ years of experience in cybersecurity, with a focus on SIEM and detection engineering. Hands-on experience administering one or more SIEM platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Sumo Logic, ELK). Strong knowledge of query languages (e.g., SPL, KQL, SQL) and ability to write performant and accurate detection logic. Experience with SOAR platforms (e.g., Tines, Torq, Cortex XSOAR, or Splunk SOAR) and automation playbook development. Deep understanding of attacker TTPs, detection use cases, and incident response workflows. Good scripting skills (e.g., Python, PowerShell, Bash) to support data parsing, enrichment, or automation. Excellent communication skills and a team-oriented mindset. Nice to Haves Security certifications such as GCIH, GCDA, GCTI, OSCP, or Splunk Certified Admin/User. Experience with threat detection in cloud environments (AWS, Azure, GCP). Familiarity with EDR tools, log forwarding agents, cloud-native logging pipelines, and enrichment platforms. Understanding of CI/CD pipelines and how to integrate detection logic testing and deployment into them. A

Your Role As the Platform Infrastructure EM for APAC, you'll: Build and Lead a Team : Establish the first PI team in APAC, setting standards and best practices while developing engineering talent Drive Key Initiatives : Take ownership of critical areas within our PI charter, including: Batch Data Platform : Develop infrastructure, products, and tooling for offline data processing that supports analytics, machine learning, data governance, and AI innovation Observability (O11y) : Deliver an observability stack providing real-time visibility into services and infrastructure across all environments Shape Our Culture : Influence the working culture within APAC and across the global organization Bridge Regions : Collaborate with global PI teams to ensure consistency and knowledge sharing Tackle Diverse Challenges : Address both 01 (launching new products) and 1n (scaling existing solutions) problems We Are Seeking Individuals Who: Have a strong technical background in cloud infrastructure, data platforms, or observability systems Are passionate about building and scaling engineering teams, with a commitment to developing people through effective coaching and mentorship Demonstrate excellent communication across all stakeholders, strategic thinking with execution bias, and experience working in distributed global teams Are driven to empower engineers through innovative platform tooling and infrastructure, turning complex problems into elegant solutions

Abnormal AI is seeking a IT Manager for APAC to enhance our IT team. As a rapidly expanding cybersecurity firm, our focus is on scaling technology support processes while ensuring a secure environment that optimally balances superior security practices with user experience and productivity. In this pivotal role, you will manage our IT support team in India, driving efficiency in technical issue resolution and maintaining our high standards of customer service. You will leverage trend analysis and data-driven dashboards to monitor performance metrics, enabling informed decision-making that enhances user support and satisfaction in a remote work setting. Key Responsibilities Trend Analysis & Dashboard Development: Utilize data-driven dashboards to analyze support trends, identify patterns, and report insights that inform service improvements and strategic decisions. Team Leadership: Lead and motivate a remote technical support team, fostering a culture of excellence and accountability while ensuring effective use of tools like ServiceNow, Google Workspaces, MacOS, Windows, JAMF, Intune, Slack, and Zoom. Process Optimization: Drive continuous improvement by analyzing current processes and implementing optimized workflows that enhance efficiency and support quality. KPI Definition & Monitoring: Define, implement, and track key performance indicators (KPIs) to measure the effectiveness, efficiency, and satisfaction of end-user services, continuously identifying areas for enhancement and corrective actions. Cross-Functional Collaboration: Work closely with IT engineering, Security, and HR to ensure seamless delivery of solutions that support the entire employee lifecycle, from onboarding to offboarding. Vendor Management: Manage relationships and contracts with vendors related to end-user support tools and services, ensuring alignment with organizational goals. Forecasting & Resource Management: Oversee computer inventory management, including resource allocation and procurement, while forecasting hardware and software expenditures based on current and future needs. Who You Are Strong communicator with excellent documentation and reporting skills. Collaborative team player capable of motivating and developing a diverse team. Results-oriented, adaptable, and thrives in a fast-paced environment. Intellectually curious and committed to continuous improvement, always seeking to enhance service quality through innovative solutions. Must Haves 7+ years of experience in IT support or end-user services. Bachelors degree in Computer Engineering, Information Technology, Business Administration, or a related field. Proven experience in a global and remote-first work environment. Nice to Have ITIL Certification. Familiarity with hardware as a service (HaaS) partnerships. Experience with Apple Business Manager and Automated Device Enrollment.

Abnormal Security is looking for a Senior Software Engineer to join the Message Detection - Entity Scoring Signals team. At Abnormal, we protect our customers against nefarious adversaries who are constantly evolving their techniques and tactics to outwit and undermine the traditional approaches to Security. Thats what makes our novel behavioral-based approach soAbnormal. Abnormal has constantly been named as one of the cybersecurity startups and our behavioral AI system has helped us win various accolades resulting in being trusted to protect more than 8% of the Fortune 1000 ( and ever growing ). In a landscape where a single successful attack can lead to financial losses of millions of dollars, the Message Detection team plays the central role of building an extremely high recall Detection Engine that can operate on hundreds of millions of messages at milliseconds latency. The Message Detection teams mission statement is to provide world-class detector efficacy to tackle changing attack landscape using a combination of generalizable and auto trained models as well as specific detectors for high value attack categories. The Entity Scoring Signals team is spearheading the advancement of our email security engine by developing cutting-edge signals and detectors to identify cybersecurity threats. The team's innovative approach involves breaking down emails into granular components, known as entities, and developing sophisticated heuristics to assess the suspiciousness of each entity. This entity-centric approach enhances the accuracy, actionability, and explainability of threat detection.The team plays a key role in helping the engine quickly adapt to emerging attack patterns by refining and specializing entity-level heuristics and signals. These highly specific entity signals are then used by downstream systems, including heuristic and machine learning models, to continuously improve the overall detection performance. This role would also have an opportunity to have a significant impact on the overall charter, direction and roadmap of the team. The Senior Software Engineer would be involved in understanding the domain of false negatives i.e. the current and future attacks which can cause significant customer workflow disruption. They would help define the technical roadmap required to address the most pressing customer problems and simultaneously operate our detection decisioning system at an extremely high recall. What you will do Architect, design, build, and deploy backend services and infrastructure that support a world-class Detection Engine Owning impactful projects such as building and improving our feature store, optimizing models to run with lower latency/memory requirements, and generally being the bridge between our ML and platform teams Coach and mentor junior engineers via 1on1s, pair programming, high quality code reviews and design reviews Must Haves 8+ years of professional experience as a hands-on engineer building complex data-oriented end user facing products. Track record of success in translating business requirements into scalable, maintainable systems with a bias toward simpler but iterative systems. Strong analytical mindset, capable of approaching complex problems with a data-driven and methodical approach. Experience with real-time, online, and/or high-throughput & low-latency distributed systems in python or Golang. Effective software engineering skills who can find answers quickly from code base and writes structured, readable, well tested and efficient code. Works well with other stakeholders - has worked with cross-functional teams to drive projects over the finish-line. BS degree in Computer Science, Applied Sciences, Information Systems or other related engineering field Nice to Have Knowledge of ML systems/products and/or distributed system technologies (feature platform serving systems, ML training and ML serving platforms, etc.) Familiarity with cyber security industry

What you will do Lead the design and implementation of a scalable , unified observability stack that bridges existing fragmented systems across federal and commercial environments, enabling comprehensive monitoring across all cellular deployments. Architect and deliver greenfield observability solutions including distributed request tracing, log analysis, and Prometheus scaling to support Abnormal's rapidly growing multi-region infrastructure spanning US, EU, Japan, and new data centers. Balance operational excellence with engineering innovation by automating repetitive tasks, resolving operational challenges through code, and maintaining an on-call rotation within a follow-the-sun model across global time zones. Drive technical ownership of critical observability infrastructure that directly impacts system reliability, performance, and availability across all Abnormal products while collaborating with cross-functional teams including TPMs, PMs, and Data Scientists. Must Haves 8+ years of software engineering experience with expertise in distributed systems, Python/GoLang, and AWS services Proven track record designing and implementing enterprise-scale observability solutions (metrics, logging, tracing) for complex multi-region environments Strong technical leadership abilities with experience balancing operational excellence and engineering innovation while mentoring team members Exceptional problem-solving skills with demonstrated success optimizing high-throughput, low-latency systems and automating operational workflows Effective communicator who can translate complex technical concepts across diverse stakeholders and drive collaboration between engineering, product, and data teams Nice to Have MS degree in Computer Science, Electrical Engineering or other related engineering field Experience with o11y tools including but not limited to Datadog, Chronosphere, Splunk, Prometheus, Grafana Familiarity with the cyber security industry

This position represents a unique opportunity to contribute significantly to our mission of providing unparalleled detection capabilities worldwide. The team's mission revolves around empowering our detection team with high-quality data and cutting-edge tools, ensuring that all misclassifications can be easily assessed and analyzed. Our strategic approach encompasses the development of essential detection tools, improved misclassification comprehension, and enhanced communication with customers. Misclassification Analysis & Detection Enablement (MADE) - Core components the team owns include the rule-based email detection engine, analysis tools for misclassification understanding and flow comprehension, data quality for ML model analysis and training, and the backend platforms for customer interaction regarding detection concerns. What You Will Do Enhance the speed and quality of detection systems development. Develop and maintain pipelines to process and respond to customer feedback efficiently and responsibly. Supply detection teams with top-notch, accurate data used for evaluating and training ML models. Automate backend processes to improve customer responses. Develop, design, modify, and test systems for enhanced data quality and understanding. Collaborate with Technical Program Managers, Product Managers, Data Engineers, Data Scientists, and operational and engineering teams to implement, verify, and iterate on product development. Exercise sound judgment in selecting methods and techniques for problem-solving. Write code with testability, readability, edge cases, and errors in mind. Write and review technical design documents. Must Haves 8+ years of professional, production-level experience in backend development, showcasing a comprehensive understanding of backend technologies and systems. Proficient in Python or Golang, Spark, and Postgres. Familiarity with large-scale backend solutions or environments that involve complex integrations, demanding latency requirements, or significant throughput challenges. Adept at performance debugging and benchmarking to ensure efficient operation of applications. Proven ability to translate business requirements into detailed software requirements, effectively articulating systems design to technical and non-technical stakeholders alike. Experience in identifying, analyzing, and resolving complex technical issues, demonstrating a methodical approach to troubleshooting and problem-solving. Proven experience working effectively with cross-functional teams, demonstrating the ability to collaborate with a diverse range of stakeholders. Ability to lead and motivate team members, setting high standards and expectations for project execution, both for themselves and their collaborators. Bachelor of Science degree in Computer Science, Applied Sciences, Information Systems, or a closely related engineering field. Nice to Have MS degree in Computer Science, Electrical Engineering, or another related engineering field. Experience with Databricks & Airflow Experience with algorithms and optimization. Familiarity with the cybersecurity industry.

About the Role The HSP team is driving the development of an innovative suite of cybersecurity products aimed at protecting our customers from threats that exploit the human elementthe weakest link in security. Our co-located team thrives on close collaboration between product managers and engineers, ensuring we deliver solutions that make a tangible impact on our customers security posture. Were committed to staying ahead of evolving cyber threats and empowering our customers to defend against sophisticated attacks. Were seeking a highly skilled Senior Software Engineer (TL) to join our team and lead the development of critical backend systems for products like Email-like Messaging Systems and AI-driven Security Awareness Training platforms. What Were Looking For: Ownership & Impact: Youre a proactive leader who takes full ownership of your work, driving projects to completion with a focus on delivering high-impact results. System Design Expertise: You bring proven experience in designing and building scalable systems, with a track record of delivering high-performance applications. Detail-Oriented: Youre meticulous about code quality, testing, and performance, ensuring that every aspect of your work meets the highest standards. Growth Mindset: Youre committed to continuous learning and personal growth, leveraging opportunities to expand your skills alongside seasoned professionals in engineering, product, and design. Effective Communicator: You excel in communication, working autonomously and asynchronously with other teams to drive projects forward. Technical Proficiency: Youre comfortable with test-driven development and thrive in complex organizations where standardized interfaces and best practices are key to success. What Youll Do Design and Development: Lead the design and development of robust, scalable, and secure backend systems using Golang, Python. You will own the delivery of end-to-end projects, from conceptual design through to deployment, ensuring that each project meets the high standards expected within the Division. Ownership & Technical Leadership: Take full ownership of key deliverables within the Divisions Quarterly Roadmap. Youll set the technical direction, define milestones, and drive projects to successful completion. Cross-Division Leadership: Align teams around key projects, de-risk complex initiatives, and ensure seamless execution across the Division. As a Senior Engineer, youll be a multiplier, enhancing the capabilities of those around you. Support and On-call: Provide expert technical support, troubleshoot complex issues, and participate in on-call rotations to maintain system reliability and performance. Collaboration and Communication: Engage in asynchronous communication with team members to share updates, resolve challenges, and propose solutions. Youll also participate in code reviews and system design discussions, contributing to the teams technical excellence. Continuous Learning and Improvement: Actively share your knowledge with the team and participate in professional development activities to keep your skills sharp and relevant. Must Have Skills 8+ years of industry experience as a Backend Software Engineer, with deep expertise in developing production-grade Golang/Python applications. Strong understanding of Golang and its ecosystem, as well as Python, REST frameworks, and authentication mechanisms. Familiarity with AWS services and deployment practices. Proficiency in containerization using Docker or similar technologies. Solid understanding of database systems and SQL proficiency.

About the Role Abnormal Security is looking for an Engineering manager to join the Message Detection - Entity Scoring Signals team. At Abnormal, we protect our customers against nefarious adversaries who are constantly evolving their techniques and tactics to outwit and undermine the traditional approaches to Security. Thats what makes our novel behavioral-based approach soAbnormal. Abnormal has constantly been named as one of the cybersecurity startups and our behavioral AI system has helped us win various accolades resulting in being trusted to protect more than 8% of the Fortune 1000 ( and ever growing ). In a landscape where a single successful attack can lead to financial losses of millions of dollars, the Message Detection team plays the central role of building an extremely high recall Detection Engine that can operate on hundreds of millions of messages at milliseconds latency. The Message Detection teams mission statement is to provide world-class detector efficacy to tackle changing attack landscape using a combination of generalizable and auto trained models as well as specific detectors for high value attack categories. The Entity Scoring Signals team is spearheading the advancement of our email security engine by developing cutting-edge signals and detectors to identify cybersecurity threats. The team's innovative approach involves breaking down emails into granular components, known as entities, and developing sophisticated heuristics to assess the suspiciousness of each entity. This entity-centric approach enhances the accuracy, actionability, and explainability of threat detection.The team plays a key role in helping the engine quickly adapt to emerging attack patterns by refining and specializing entity-level heuristics and signals. These highly specific entity signals are then used by downstream systems, including heuristic and machine learning models, to continuously improve the overall detection performance. The Engineering Manager will lead a dedicated group of software engineers focused on enhancing the email detection engine through the development of advanced entity-level heuristics and signals. They will be responsible for managing the execution of the team's roadmap and deliverables while optimizing both human and system resource utilization. The ability to effectively manage team dynamics, set strategic goals, and optimize resource utilization will be crucial in achieving key outcomes, particularly in integrating entity scores into the detection engine to amplify the teams impact on emerging attack patterns. Additionally, the Engineering Manager will foster an environment of mentorship and performance excellence, supporting the team in navigating the fast-paced cybersecurity landscape and achieving extremely high recall in the detection decisioning system. What you will do Own the execution success of the quarterly roadmap for the Entity Signal Scoring team; engage continuously with the Tech Leads to help adjust and prioritize current roadmap items according to the teams charter and company priorities. Drive processes to enable the team to deliver on projects that are set by TLs as part of the technical roadmap. Manage the quarterly roadmap updates, project time estimates, weekly sprint planning, day-to-day standups Identify risks on project delivery (technical, operational, dependency risks) and escalate to appropriate technical leads Able to assess progress in a metrics-oriented manner Own both directly customer impacting metrics and system metrics and able to work with the team to proactively identify new attacks and repair degradations: Drive stakeholder alignment: Proactively identify and collaborate with machine learning and infrastructure teams on interfacing and adoption of the entity scoring signals in the overall detection engine. Ensure project execution aligns with the companys detection strategy and maintain continuous stakeholder communication. Mentor, develop, and grow the engineers on your team, ensuring they have a clear career progression and high levels of engagement. Must Haves 10+ years of overall experience in software engineering, among which 3+ years of management experience At least 5 years of professional, production-level experience in building and safely shipping backend heavy product features or ML adjacent systems at high velocity. Has led a team of engineers in building out systems and displayed the ability to define metrics of excellence and setup processes to continuously monitor and maintain high standards on metrics. Proven ability to translate business requirements into detailed software requirements, effectively articulating systems design to technical and non-technical stakeholders alike. Proven experience working effectively with cross-functional teams, demonstrating the ability to collaborate with a diverse range of stakeholders. Ability to lead and motivate team members, setting high standards and expectations for project execution, both for themselves and their collaborators. Experience with hiring and retention of top talent A Bachelor of Science degree in Computer Science, Applied Sciences, Information Systems, or a closely related engineering field. Nice to Have Familiarity with cyber security industry Exposure to ML/AI systems MS degree in Computer Science, Electrical Engineering or other related engineering field

We are seeking an experienced Associate skilled in Zscaler Proxy, Firewalls, Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) solutions. The successful candidate will play a pivotal role in ensuring the security, availability, and performance of our IT infrastructure by implementing both proactive and reactive measures to secure our network and endpoint environments. Key Responsibilities Zscaler Proxy Management Configure, manage, and optimize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Implement and enforce web security policies to ensure compliance with organizational standards. Troubleshoot and resolve Zscaler-related issues to ensure continuous internet and private application access. Conduct periodic health checks and performance tuning of the Zscaler infrastructure. Firewall Administration Manage and configure firewalls to secure internal and external network traffic. Create and maintain firewall rules, Network Address Translation (NAT) configurations, and VPN setups as per business requirements. Monitor and analyze firewall logs to detect and respond to potential security incidents. Regularly review firewall policies to ensure adherence to industry best practices and compliance standards. Endpoint and Data Protection Monitor endpoint activity for suspicious behavior and respond to threats promptly. Provide incident response support and recommend corrective actions for endpoint security incidents. Participate in vulnerability assessments and implement remediation plans. Collaborate with cross-functional teams to ensure seamless integration of security tools. Prepare and maintain technical documentation, configurations, and standard operating procedures. Experience 3-5 years of hands-on experience with Zscaler Proxy, Firewalls, DLP, and EDR solutions in an enterprise environment. Technical Skills: Strong knowledge of Zscaler technologies, including policy configuration, SSL inspection, and application control. Proficiency in managing firewalls, creating security rules, and implementing VPNs. Expertise in deploying and managing EDR tools for threat detection and response. Understanding of network protocols, IP subnetting, and traffic analysis tools. Familiarity with SIEM solutions and their integration with security tools. Strong understanding of security operations and incident management. Knowledge of endpoint security, malware detection, and response. Soft Skills: Strong problem-solving and analytical skills. Excellent verbal and written communication abilities. Capability to work independently and collaboratively in a fast-paced environment. Proactive attitude towards learning and adapting to new technologies. We are looking an experienced Associate skilled in Zscaler Proxy, Firewalls, Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) solutions. The candidate will play a pivotal role in ensuring the security, availability, and performance of our IT infrastructure by implementing both proactive and reactive measures to secure our network and endpoint environments. Key Responsibilities Zscaler Proxy Management Configure, manage, and optimize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Implement and enforce web security policies to ensure compliance with organizational standards. Troubleshoot and resolve Zscaler-related issues to ensure continuous internet and private application access. Conduct periodic health checks and performance tuning of the Zscaler infrastructure. Firewall Administration Manage and configure firewalls to secure internal and external network traffic. Create and maintain firewall rules, Network Address Translation (NAT) configurations, and VPN setups as per business requirements. Monitor and analyze firewall logs to detect and respond to potential security incidents. Regularly review firewall policies to ensure adherence to industry best practices and compliance standards. Endpoint and Data Protection Monitor endpoint activity for suspicious behavior and respond to threats promptly. Provide incident response support and recommend corrective actions for endpoint security incidents. Participate in vulnerability assessments and implement remediation plans. Collaborate with cross-functional teams to ensure seamless integration of security tools. Prepare and maintain technical documentation, configurations, and standard operating procedures. Experience 3-5 years of hands-on experience with Zscaler Proxy, Firewalls, DLP, and EDR solutions in an enterprise environment. Technical Skills: Strong knowledge of Zscaler technologies, including policy configuration, SSL inspection, and application control. Proficiency in managing firewalls, creating security rules, and implementing VPNs. Expertise in deploying and managing EDR tools for threat detection and response. Understanding of network protocols, IP subnetting, and traffic analysis tools. Familiarity with SIEM solutions and their integration with security tools. Strong understanding of security operations and incident management. Knowledge of endpoint security, malware detection, and response. Soft Skills: Strong problem-solving and analytical skills. Excellent verbal and written communication abilities. Capability to work independently and collaboratively in a fast-paced environment. Proactive attitude towards learning and adapting to new technologies.

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.

What you will do In this vital role you will Information Security Operations manages a CSOC Tier 1 (T1) shift as part of a 24/7 Cybersecurity Operations Center (CSOC). This role acts as a technical lead, ensuring alignment with standard operating procedures, analyzing security events, and contributing to the improvement of cybersecurity processes. Additionally, the Sr. Associate assists in incident response across the lifecycle phases, from response to lessons learned. Roles & Responsibilities: Act as a technical lead for the CSOC T1 shift, ensuring alignment with standard operating procedures. Analyze security events, identifying common tactics, techniques, and procedures used by threat actors. Improve cybersecurity operations processes, critical metrics, and documentation. Participate in and optimize CSOC T1 knowledge-sharing and learning sessions. Assist incident responders with coordinating the response, containment, eradication, recovery, and lessons learned phases of the incident response lifecycle. Basic Qualifications: Masters degree and 1 to 3 years of Information Technology or Cybersecurity experience OR Bachelors degree and 3 to 5 years of experience in Security Operations or related field OR Diploma and 7 to 9 years of experience in Security Operations or a related field Preferred Qualifications: Must-Have Skills: Solid understanding of security technologies and their core functionality Experience in analyzing cybersecurity threats, with up-to-date knowledge of attack vectors and the threat landscape. Experience documenting and optimizing information security processes and procedures. Ability to prioritize tasks and solve problems efficiently in a diverse, global team environment. Good knowledge of Windows and/or Linux systems, including scripting languages. Good-to-Have Skills: Familiarity with 24/7 CSOC operations and incident response lifecycle. Experience in leading CSOC shifts and implementing cybersecurity improvements. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) MTA Security Fundamentals (preferred) CISSP (preferred) Soft Skills: Strong communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing.

Job highlights Graduate/Post Graduate with 5-10 years in security industry at managerial level or ex-defense Maintain branch operations, ensure compliance, manage finance, promote business, and meet monthly targets Best salary in the industry for deserving candidates DESIGNATION: BRANCH MANAGER JOB LOCATION: Jabalpur /Pune QUALIFICATION: Any Graduate / Post Graduate DESIRED EXPERIENCE: 5 to10 Years IN SECURITY INDUSTRY AT MANAGERIAL LEVEL AND/OR 5 YEARS AS as Branch Manager in Security Industry or Ex Defense. SALARY:- Best In the Industry SKILLS & Knowledge : Strong Leadership & good Industrial Relationship skills Computer Savvy, can generate the report & can access mails. JOB PROFILE: Self Driven, Ex Defense /Security Industry background person with excellent Communication Skill, Strong Leadership, with a track record of successfully heading security business and setting of a benchmark in growth of business for minimum 5 years of branch with a turnover of 1 crore and willing to work anywhere in India. 5-10 years of work experience with Private Security Industry. To maintain the branch Office with good hold over of operation, Admin, Statutory Compliance, Finance Management, clients retention, business promotion. Can ensure that no corruption under his Branch and on site. Bring in discipline in the branch. Ensure that bills should be prepared on time and salary to be paid properly to guards. He also be able to bring new business and ability to retain the existing business. SHOULD BE ABLE TO MEET MONTHLY TARGETS . Can negotiate with new clients to convert them for business. Be capable of supervising operations and training by infusing modern trends in security Management. He should have good command over recovery without any loss to existing business. Remuneration is not a bar for deserving candidates. Candidates may forward their detailed CV's through e-mail clearly specifying the post applied for as subject at hrd@bombayintegrated.com Regards Manoj Singh 9001345247

What You'll Do Avalara is looking for Detection Engineer to join the Detection and Response Team. The ideal candidate will have a track record in incident response, demonstrating advanced technical expertise and leadership capabilities. Your role will be of an Incident Response Analyst, you will help protect Avalara. This includes detecting, investigating, and mitigating security incidents. You will also be a key contributor in improving our incident response capabilities. You will report to Security leadership at Avalara. This is a remote position. What Your Responsibilities Will Be You will perform incident response activities and workstreams as the Incident Response Senior Analyst. You will monitor security systems, including Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) platforms, software firewalls, and Security Information and Event Management (SIEM) platforms. Gather and analyze evidence from affected systems, logs, and network traffic. You will conduct detailed investigations of security incidents to determine the root cause, scope, and impact. Document all aspects of security incidents, including timelines, actions taken, and lessons learned. Perform forensic analysis of compromised systems to identify the techniques and tactics used by attackers, or as directed by Legal. Collaborate with cross-functional teams including Engineering, IT, Security Operations, Legal, HR, and Compliance to manage and mitigate incidents. Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders. Participate in rotating On Call shifts that utilize a paging system in case a security event requires attention. What You'll Need to be Successful 5+ years experience in Security Incident Response. Experience across the information security domain, including familiarity with endpoint, email, network, cloud security, vulnerability management, incident response, and threat intelligence. Experience with log analysis, network security, digital forensics, and incident response investigations. Ability to script / code using Python or an equivalent language. Bachelor's degree in computer science, information security, or relevant experience. Certifications related to digital forensics and incident response.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers