879 Sentinel Jobs

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities: 1) Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks. 2) Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products. 3) Develop and maintain data connectors, APIs and custom integrations. 4) Configure and optimize incident response workflows, including automated response actions and playbooks. 5) Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes. 6) Provide training and support to security teams on Sentinel features and functionality 7) Continuously monitor and optimize Sentinel performance, scalability, and reliability 8) Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9) Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response. 10) Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11) Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel 12) Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13) Optimize Sentinel workspace performance, scalability, and security. 14) Develop and maintain reports and dashboards to provide visibility into security metrics and trends. 15) Strong knowledge of KQL and experience writing complex queries. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor - Experience with data analytics, machine learning, and threat intelligence. - Strong understanding of cloud security principles and practices. - Experience with security incident response and management. - Knowledge of regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS. - Familiarity with security tools and technologies used in cloud environments. Additional Information: - The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Hyderabad office. - A 15 years full time education is required. 15 years full time education

Senior Threat Researcher Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1853457 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As a Level 1.5 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sentinal One and Splunk SIEM, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance. Roles & Responsibilities: - Investigate alerts escalated by L1 to determine scope, impact, and root cause - Perform in-depth endpoint and network triage using Sentinel One - Use Sentinel One to perform endpoint analysis and threat validation - Correlate multiple log sources in Splunk to trace attacker activity - Enrich events with asset, identity, and threat intelligence context - Document investigation workflows, evidence, and final conclusions - Support L2 during major incidents by performing log or memory triage - Suggest improvements in alert logic & fine tunning. - Conduct threat research aligned to alert patterns and business context - Enhance alert fidelity with threat intel and historical context - Document investigation findings and communicate with stakeholders Professional & Technical Skills: - Alert Triage & Monitoring: Experience investigating escalated alerts using SIEM or EDR - Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents. - Identify opportunities for automation and work with SIEM Platform Support team for implementing it. - EDR Deep Dive: Using Real Time Response (RTR), Threat Graph, custom IOA rules - Proficiency in writing SPL queries, dashboards and providing fine tuning opportunities - Threat Hunting: Behavior-based detection using TTPs - Good understanding of malware, lateral movement, privilege escalation, and exfiltration patterns - Threat Intel Integration: Automation of IOC lookups and enrichment flows - Forensic Skills: Live host forensics, log correlation, malware behavioral analysis - Good experience in advanced threat detection and incident response - Proficiency in Sentinal One forensic and incident response capabilities - Playbook Development/Updation: Able to define, update, and optimize IR playbooks and workflows - Forensic analysis (memory, file systems, logs) - Cloud incident handling (AWS, Azure) - Dashboarding: Advanced visualizations and business-focused metrics in Splunk - Certifications: Splunk Certified Admin/ES Admin, SC-200, Sentinal One EDR vendor training - Sentinal One: Custom detections, forensic triage, threat graphs - Splunk SIEM (core + ES module): Searching Logs, Monitoring and investigating alerts. Additional Information: - The candidate should have minimum 2+ years in SOC/IR . - Experience in 24x7 environments, shift-based operations, or critical infrastructure response - This position is based at our Hyderabad office. - A 15 years full time education is required. - Bachelors in IT/Cybersecurity + advanced certifications (CISSP), Splunk Certified Admin/ES admin, EDR Certification (like Sentinal One) etc. 15 years full time education

Job Summary The Cybersecurity Consultant will oversee and manage complex cybersecurity projects ensuring alignment with organizational goals and objectives. This role requires a deep understanding of Microsoft Sentinel Azure Sentinel and other cybersecurity tools. The candidate will work in a hybrid model with rotational shifts contributing to the enhancement of cloud security measures and operations. Responsibilities Lead the planning and execution of cybersecurity projects ensuring timely delivery and alignment with business objectives. Oversee the implementation of Microsoft Sentinel and Azure Sentinel to enhance security monitoring and threat detection capabilities. Coordinate with cross-functional teams to integrate ZAP & ZIP Proxy and other security tools into existing systems. Provide expert guidance on cybersecurity best practices and strategies to mitigate risks and vulnerabilities. Develop and maintain comprehensive documentation for cybersecurity processes and procedures. Collaborate with stakeholders to identify and address security gaps in cloud environments particularly in MS Azure. Ensure compliance with industry standards and regulations related to cybersecurity and cloud security. Monitor and analyze security incidents providing actionable insights to improve response strategies. Facilitate training sessions and workshops to enhance the cybersecurity awareness of team members. Evaluate and recommend new security technologies and solutions to strengthen the organizations security posture. Manage relationships with external vendors and partners to ensure the effective delivery of cybersecurity services. Drive continuous improvement initiatives to optimize cybersecurity operations and processes. Report on project progress and security metrics to senior management highlighting key achievements and areas for improvement. Qualifications Possess extensive experience in cybersecurity with a focus on Microsoft Sentinel and Azure Sentinel. Demonstrate proficiency in using ZAP Proxy and other cybersecurity tools for threat detection and prevention. Have a strong understanding of cloud security principles particularly in MS Azure environments. Show expertise in Cisco Web Security and Cisco Cybersecurity Operations. Exhibit excellent communication and leadership skills to effectively manage cross-functional teams. Hold a bachelors degree in computer science information technology or a related field. Preferably have a masters degree or relevant certifications in cybersecurity. Certifications Required Certified Information Systems Security Professional (CISSP) Microsoft Certified: Azure Security Engineer Associate

Threat Researcher 2 Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1853455 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 3+ years relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated experience in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as an understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Responsibilities We are seeking a Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Principal Software Engineering Manager Noida, Uttar Pradesh, India Date posted Jul 30, 2025 Job number 1854221 Work site Up to 50% work from home Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core infrastructure and services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Engineering team leads the development and end-to-end implementation of infrastructure solutions, focusing on customer scenarios to enable high-volume big-data ingestion and interactive analytics for advanced security threat hunting, detection, and prevention. You will take charge of determining and developing architectural strategies and infrastructure solutions, conducting business reviews, and operating our production services. Collaboration will be essential as you work closely with other engineering teams to ensure that our services and systems are highly stable, performant, and meet the expectations of both internal and external customers and users. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required/Minimum Qualifications: Bachelor's, Master's, or Ph.D. in Computer Science Engineering, or an equivalent field. 11-15 years of software development experience. 3+ years of experience in managing and building teams. Strong problem-solving skills, along with excellent coding and debugging abilities. Good communication and cross-group collaboration skills. Prior expertise in platform components & high-scale cloud services (e.g. Azure, AWS etc.) is a plus Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. - You’ve led – you have experience leading a team of engineers by setting clear expectations, keeping team members energized, and delivering great results. - You collaborate – you can explain your work, you can ask great questions, you can listen to your peers and your customers, you can influence without authority, and you like to give and receive feedback. - You stay focused – you want to ship software that solves real problems for real people, now. - You’re a professional – you understand that it’s not enough to write working code. It must also be well-designed, easy to test, and easy to add to over time. - You’re learning – no matter how much you know, you are always seeking to learn more and to become a better engineer and leader. #MSFTSecurity MSFTSecurity Responsibilities We are looking for a highly motivated, fast-learning, creative and analytical Software Engineer Manager. In this position, you will collaborate with other security engineering disciplines to plan, architect, design, implement, and validate security products and features. In addition to strong technical skills, you should have a passion for innovation and software quality. You must be comfortable with the fast-paced security industry by courageously exploring uncharted territories and thinking ahead of highly sophisticated attackers. You will be responsible for conducting investigations and investing in complex areas, designing and delivering features end to end - including system architecture, coding, deployment, scaling, performance, and quality from conception to delivery. Responsibilities include: Working closely with peers, partners, and building diverse and high-performing teams. Designing and implementing scalable, reliable, and maintainable services. Demonstrating strategic understanding of the timing and rationale for design choices within the scope of work. Consistently contributing key ideas to the product or service design and vision that meets customer needs. Applying metrics to drive the quality and stability of code. Having a sense of pride, commitment, and personal accountability for service quality, completeness, and resultant user experience throughout the product or service lifecycle. Working closely with a geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering Systems. We are looking for someone who shares our passion for building great software for enterprises. You will work on a forward-looking product as part of an agile, collaborative, and cross-discipline team. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Hello, Greetings from Dev Information Technology Ltd ! Company Details: We are trusted as one of the leading IT enabled services provider, having a remarkable track record of consistently delivering workable and robust solutions. This becomes possible as we adopt continual innovation and remain committed to quality, implement and refine processes and leverage technological prowess. With the best software and hardware environments coupled with state-of-the-art communication facilities; our offices are fully equipped to work as virtual extensions of clients’ environment, providing 24×7 services. Founded in 1997 in Ahmedabad, India – one of the fastest growing metros of India Branch offices in India, USA and Canada Multi-million US$ turnover with CAGR of 20% 1000+ certified and skilled professionals serving more than 300+ clients globally Offering end-to-end solutions to meet IT and ICT needs of clients Website : https://www.devitpl.com/ Designation : Sr. SOC Analyst Experience : 4 + Years Work Location : Ahmedabad Job type: Full -Time Perks & Benefits: • Health Insurance • Employee rewards and recognition • Flexible working hours • Gratuity • Professional Development • Comprehensive Leave Benefit Job Description: As a SOC L2 Analyst, you are responsible for monitoring, detecting, and responding to security incidents. You will work closely with other SOC teams and support team members to ensure the security of the organization's IT infrastructure. Monitoring and Incident Triage: Continuously monitor alerts from security tools such as Microsoft Sentinel and Cortex XDR in the Oracle RightNow ticket portal. Investigate and analyze the source of alerts and potential incidents (e.g., analyzing source IPs , timestamps, network traffic, etc.). Validate whether alerts generated by tools like Cortex XDR or Microsoft Sentinel require further investigation or if they can be safely closed. Evaluate potential false positives by checking various threat intelligence sources such as VirusTotal and AbuseIPDB for any indications of malicious activity. Threat Hunting and Analysis: Conduct proactive searches for potential threats within the environment based on known indicators of compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) . Review historical logs, security events, and other telemetry data from different tools (e.g., Cortex XDR , Palo Alto Panorama ) to identify unusual patterns or malicious activities. Check alerts against known false positives, especially for alerts related to tools like Cortex XDR and Microsoft Sentinel . For repeated alerts, suggest white-listing those alerts to the Support or SecEng team based on past historical data Threat Response: Respond to detected incidents by following the predefined Standard Operating Procedures (SOPs) . For incidents that require further action, escalate to higher-level SOC analysts ( SOC L3) for deeper analysis or containment. When alerts require whitelisting or other configuration adjustments, escalate incidents to SOC L3 teams for further action. Escalate unresolved alerts to the CSM (Customer Success Manager) when a customer has not responded to alerts over an extended period. Open manual tickets in the Oracle RightNow ticket portal if Sentinel automation fails to generate the required incident tickets. Ensure all relevant incident data, including the nature of the alert, any investigation steps, and actions taken, is logged accurately for tracking purposes. Coordination and Communication: Coordinate with the Security Engineering (SecEng) team or other teams if misconfiguration alerts are detected or if a new configuration task is required to address potential vulnerabilities. If a customer has not responded to alerts or incidents, reach out to the CSM (Customer Success Manager) for further engagement and communication with the customer. Suggest and share any relevant findings or insights with the SOC team to enhance investigations and improve incident response Configuration Management and Automation: Report any issues with automated systems or configurations that may impact alert accuracy or effectiveness. If automation (e.g., Sentinel automation ) fails to generate tickets or does not trigger appropriate actions, escalate the issue to the team responsible for fixing the automation pipeline. Work with L3 or SecEng team to white-list alerts regarding Cortex XDR and Microsoft Sentinel Documentation and SOP Adherence: Ensure that all activities are in line with SOC Standard Operating Procedures (SOPs) , and follow established processes for escalation, investigation, and resolution. Tools and Technologies Security Monitoring Tools: Microsoft Sentinel Cortex XDR Palo Alto Panorama Grafana (for dashboarding and visualizing security data) Best Regards, Shruti Mistry | Talent Acquisition Executives HR (TALENT ACQUISITION) Job Types: Full-time, Permanent Pay: ₹50,000.00 - ₹90,000.00 per month Benefits: Food provided Health insurance Schedule: Night shift Rotational shift Weekend only Work Location: In person

Location Baglan, GB Department Name EG SM(S), Port Talbot, Direct (894612) G5 About Network Rail At Network Rail, we’re part of a large family serving millions of passengers and freight users throughout the UK every day. Our service impacts millions of people and we strive to become more efficient as we enhance, maintain and operate our network. Now is a fantastic time and join our team in Wales and Western region as we finalise the reforms to our maintenance organisation which will deliver: A safer and more reliable and punctual service for passengers and employees – quicker fault fixes by more agile multi-disciplined response teams. Individual rostering – enabling us to send the right number or people to fix a fault. Multi-skilling – investing in the knowledge and skills of our people so they are better equipped to fix the most common faults themselves. Accelerated and improved technology deployment – we have a raft of labour and life-saving technology ready to be rolled out. Our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. When you're part of our team, you matter to us and you matter to millions. Watch our video to find out more! About our people and the recruitment process - We’re an inclusive employer of choice and we welcome applications from everyone! We look for opportunities to offer great opportunities to learn and grow through personal and professional development. And, if you make the grade then you can look forward to a rewarding and fulfilling career with a company that joined the top 50 in the Glassdoor's 2021 Best Places to Work. We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone . For more information about Network Rail click here Brief Description You’ll help keep our nation moving every single day. This is a critical part of the work we do is the daily upkeep of the rail network. As a technician you’ll work outdoors in a team, supporting essential maintenance to keep the railway running safely and smoothly for passengers and freight users. Our technician community comes from a variety of different backgrounds, and this might be the first time that you’ve even considered a career in rail. We’re focused on your transferrable skills and behaviours and if you can demonstrate that, then we will provide you with all the necessary training to have you working safely and competently out on the network. About The Role (External) Our technicians work outside in all conditions, at all times of the year, day or night. You could be involved in demanding manual work, often with the need to transport kit, across tricky terrain. Being safety focused, respectful of rules and a team player will be critical as you’ll often be working next to moving trains travelling at highspeed. You matter to your team You will be a natural team player; you’ll also be able to lead the team when asked by the team leader. You’ll use your skills to deliver work safely and will check the team has the right competencies to meet our strict safety standards. You’ll also be a role model for safe working behaviours and be confident to challenge any potential risks to safety, so that everyone gets home safe every day. Today’s technicians can go onto become tomorrow’s team leaders. Your Skills Matter Our technicians play a vital role in our maintenance teams. You don’t necessarily need rail experience, but you do need to show how your transferrable skills meet the following: Leadership – You’re able to lead, motivate and direct a team for safe and efficient work delivery. Effective communicator – You’ll need strong communication skills and be able to deliver clear instructions to the team and other colleagues. Technical skills –You’ll have knowledge and experience of inspection, faulting, maintenance and renewal techniques in the discipline that you are applying for. Safety – You consistently role model safe behaviours, can arrange and implement safe systems of work, and are confident to challenge if you think a situation is unsafe. Problem solver – You’ll be persistent in finding safe and effective solutions. You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. To issues you find out in your working environment. Willingness to learn – You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. Relevant qualification – You’ll ideally hold an NVQ Level 1 or 2 linked to the discipline you are applying for. Or you have achieved an equivalent level of relevant experience. It matters that this is the right role for you Here’s some additional information which might help you. Shifts – Technician roles involve a changing shift pattern including days, nights and weekends. Outdoor working - Our technicians work outside in all weathers and so you’ll be comfortable working in different conditions. Safe working - Offers of employment are subject to drug and alcohol testing and passing of the relevant medical assessment and BPSS pre-employment checks. This will include a hearing and eyesight examination. Driving - As a technician you’ll also need a driving licence (category B) so you can drive Network Rail vehicles. Commute times - You’ll also need to be within a 60-minute commute of the location that you’re applying for. You matter to us Your commitment to self-development and continuous learning is hugely important in this role and we'll provide you with all the training to develop both technical skills and non-technical skills. If you’re joining us from another industry, the structured training will give you the skills and confidence to move into a rewarding career in rail. Today’s technicians are tomorrow’s technicians and team leaders, and we offer a clear career path for you. As a Network Rail employee, you will enjoy a wide range of benefits! Privileged staff travel - Leisure travel discount of 75% on all leisure travel and includes family members. A subsidy of up to 75% on rail and underground season tickets if you travel to work on the train. Benefits package including healthcare offers, a cycle to work scheme, discounted healthcare club membership, and a discounted offers and benefits including childcare, healthcare and online shopping site. Effectively manage work-life balance with a 35hrs per week contract, with hybrid working, flexible working, and family friendly support. 5 days paid volunteering leave. 2 weeks paid reserve leave for the Armed Forces community. In Wales and Western region, you will have the opportunity to join PROUD, our reward and recognition scheme where you can say thanks and recognise colleagues across the region who have demonstrated outstanding values How To Apply (External) Salary: £43,997 per annum Some on call may be required. Network Rail Benefits – To find out about what benefits we offer, click here Closing date : 13th August 2025 Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted. The assessment process will consist of a competency and technical interview. Click ‘ apply now’ to apply. Our Drugs and Alcohol Standard has changed. All prospective candidates will be required to undergo and pass a drugs and alcohol test. Your application will be rescinded if you record a positive test. All positive drugs and alcohol test results for prospective candidates will be securely held on Sentinel database and a 5-year suspension from applying for a safety critical role, a role which requires PTS certification or a Key Safety role on Network Rail Managed Infrastructure will be enforced. We are an equal opportunity employer and value diversity. We do not discriminate based on race, religion, national origin, gender, sexual orientation, age, marital status, or disability status. Click here for more information. Diversity and inclusion are more than just buzz words for us. We’re constantly striving to make sure we provide a welcoming and safe environment for everyone. We recognise that certain groups are under-represented within our team and we’re working closely with our regional diversity and inclusion networks to make sure we support these groups as best as we can. Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application. All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information Keeping people safe on the railway is at the heart of everything we do. Safe behaviour is therefore a requirement of working for Network Rail. You should demonstrate your personal dedication to safety on your application.

Location Baglan, GB Department Name EG SM(Tr) Llanelli Direct (894311) G1 About Network Rail At Network Rail, we’re part of a large family serving millions of passengers and freight users throughout the UK every day. Our service impacts millions of people and we strive to become more efficient as we enhance, maintain and operate our network. Now is a fantastic time and join our team in Wales and Western region as we finalise the reforms to our maintenance organisation which will deliver: A safer and more reliable and punctual service for passengers and employees – quicker fault fixes by more agile multi-disciplined response teams. Individual rostering – enabling us to send the right number or people to fix a fault. Multi-skilling – investing in the knowledge and skills of our people so they are better equipped to fix the most common faults themselves. Accelerated and improved technology deployment – we have a raft of labour and life-saving technology ready to be rolled out. Our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. When you're part of our team, you matter to us and you matter to millions. Watch our video to find out more! About our people and the recruitment process - We’re an inclusive employer of choice and we welcome applications from everyone! We look for opportunities to offer great opportunities to learn and grow through personal and professional development. And, if you make the grade then you can look forward to a rewarding and fulfilling career with a company that joined the top 50 in the Glassdoor's 2021 Best Places to Work. We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone . For more information about Network Rail click here Brief Description You’ll help keep our nation moving every single day. This is a critical part of the work we do is the daily upkeep of the rail network. As a technician you’ll work outdoors in a team, supporting essential maintenance to keep the railway running safely and smoothly for passengers and freight users. Our technician community comes from a variety of different backgrounds, and this might be the first time that you’ve even considered a career in rail. We’re focused on your transferrable skills and behaviours and if you can demonstrate that, then we will provide you with all the necessary training to have you working safely and competently out on the network. About The Role (External) Our technicians work outside in all conditions, at all times of the year, day or night. You could be involved in demanding manual work, often with the need to transport kit, across tricky terrain. Being safety focused, respectful of rules and a team player will be critical as you’ll often be working next to moving trains travelling at highspeed. You matter to your team You will be a natural team player; you’ll also be able to lead the team when asked by the team leader. You’ll use your skills to deliver work safely and will check the team has the right competencies to meet our strict safety standards. You’ll also be a role model for safe working behaviours and be confident to challenge any potential risks to safety, so that everyone gets home safe every day. Today’s technicians can go onto become tomorrow’s team leaders. Your Skills Matter Our technicians play a vital role in our maintenance teams. You don’t necessarily need rail experience, but you do need to show how your transferrable skills meet the following: Leadership – You’re able to lead, motivate and direct a team for safe and efficient work delivery. Effective communicator – You’ll need strong communication skills and be able to deliver clear instructions to the team and other colleagues. Technical skills –You’ll have knowledge and experience of inspection, faulting, maintenance and renewal techniques in the discipline that you are applying for. Safety – You consistently role model safe behaviours, can arrange and implement safe systems of work, and are confident to challenge if you think a situation is unsafe. Problem solver – You’ll be persistent in finding safe and effective solutions. You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. To issues you find out in your working environment. Willingness to learn – You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. Relevant qualification – You’ll ideally hold an NVQ Level 1 or 2 linked to the discipline you are applying for. Or you have achieved an equivalent level of relevant experience. It matters that this is the right role for you Here’s some additional information which might help you. Shifts – Technician roles involve a changing shift pattern including days, nights and weekends. Outdoor working - Our technicians work outside in all weathers and so you’ll be comfortable working in different conditions. Safe working - Offers of employment are subject to drug and alcohol testing and passing of the relevant medical assessment and BPSS pre-employment checks. This will include a hearing and eyesight examination. Driving - As a technician you’ll also need a driving licence (category B) so you can drive Network Rail vehicles. Commute times - You’ll also need to be within a 60-minute commute of the location that you’re applying for. You matter to us Your commitment to self-development and continuous learning is hugely important in this role and we'll provide you with all the training to develop both technical skills and non-technical skills. If you’re joining us from another industry, the structured training will give you the skills and confidence to move into a rewarding career in rail. Today’s technicians are tomorrow’s technicians and team leaders, and we offer a clear career path for you. As a Network Rail employee, you will enjoy a wide range of benefits! Privileged staff travel - Leisure travel discount of 75% on all leisure travel and includes family members. A subsidy of up to 75% on rail and underground season tickets if you travel to work on the train. Benefits package including healthcare offers, a cycle to work scheme, discounted healthcare club membership, and a discounted offers and benefits including childcare, healthcare and online shopping site. Effectively manage work-life balance with a 35hrs per week contract, with hybrid working, flexible working, and family friendly support. 5 days paid volunteering leave. 2 weeks paid reserve leave for the Armed Forces community. In Wales and Western region, you will have the opportunity to join PROUD, our reward and recognition scheme where you can say thanks and recognise colleagues across the region who have demonstrated outstanding values and behaviours. How To Apply (External) Salary: £37,073 per annum Some on call may be required at times. Network Rail Benefits – To find out about what benefits we offer, click here Closing date : 13th August 2025 Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted. The assessment process will consist of a competency and technical interview. Click ‘ apply now’ to apply. Our Drugs and Alcohol Standard has changed. All prospective candidates will be required to undergo and pass a drugs and alcohol test. Your application will be rescinded if you record a positive test. All positive drugs and alcohol test results for prospective candidates will be securely held on Sentinel database and a 5-year suspension from applying for a safety critical role, a role which requires PTS certification or a Key Safety role on Network Rail Managed Infrastructure will be enforced. We are an equal opportunity employer and value diversity. We do not discriminate based on race, religion, national origin, gender, sexual orientation, age, marital status, or disability status. Click here for more information. Diversity and inclusion are more than just buzz words for us. We’re constantly striving to make sure we provide a welcoming and safe environment for everyone. We recognise that certain groups are under-represented within our team and we’re working closely with our regional diversity and inclusion networks to make sure we support these groups as best as we can. Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application. All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information

Senior Threat Researcher Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1853457 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

You will be responsible for leading advanced threat detection and response activities within the organization. Your main tasks will include developing and optimizing SIEM use cases, correlation rules, and dashboards. Additionally, you will investigate and respond to escalated incidents from L2 analysts and perform root cause analysis for complex incidents to provide actionable insights. You will also lead threat hunting exercises to identify advanced persistent threats (APTs) and configure and maintain SIEM platforms to ensure optimal performance and scalability. In this role, you will be expected to integrate new log sources and ensure proper parsing and normalization. Collaboration with SOC management to define and enhance incident management workflows will be essential. You will also conduct training sessions and mentor L1/L2 analysts while staying updated with emerging threats, vulnerabilities, and industry best practices. The ideal candidate will possess expertise in SIEM tools such as Splunk, Sentinel, and QRadar, along with experience in SIEM administration, deployment, and configuration. Familiarity with Arcsight Admin is considered a plus. Strong knowledge of threat detection, correlation rules, and dashboards is required, as well as the ability to lead incident response and threat hunting activities. An understanding of security frameworks and best practices is crucial, and preferred certifications include GCIH and CISSP. To qualify for this position, you should hold a Bachelor's Degree in a related field. Relevant certifications such as GIAC Certified Incident Handler (GCIH) or Certified Information Systems Security Professional (CISSP) are preferred.,

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core infrastructure and services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Engineering team leads the development and end-to-end implementation of infrastructure solutions, focusing on customer scenarios to enable high-volume big-data ingestion and interactive analytics for advanced security threat hunting, detection, and prevention. You will take charge of determining and developing architectural strategies and infrastructure solutions, conducting business reviews, and operating our production services. Collaboration will be essential as you work closely with other engineering teams to ensure that our services and systems are highly stable, performant, and meet the expectations of both internal and external customers and users. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are looking for a highly motivated, fast-learning, creative and analytical Software Engineer Manager. In this position, you will collaborate with other security engineering disciplines to plan, architect, design, implement, and validate security products and features. In addition to strong technical skills, you should have a passion for innovation and software quality. You must be comfortable with the fast-paced security industry by courageously exploring uncharted territories and thinking ahead of highly sophisticated attackers. You Will Be Responsible For Conducting Investigations And Investing In Complex Areas, Designing And Delivering Features End To End - Including System Architecture, Coding, Deployment, Scaling, Performance, And Quality From Conception To Delivery. Responsibilities Include: Working closely with peers, partners, and building diverse and high-performing teams. Designing and implementing scalable, reliable, and maintainable services. Demonstrating strategic understanding of the timing and rationale for design choices within the scope of work. Consistently contributing key ideas to the product or service design and vision that meets customer needs. Applying metrics to drive the quality and stability of code. Having a sense of pride, commitment, and personal accountability for service quality, completeness, and resultant user experience throughout the product or service lifecycle. Working closely with a geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering Systems. We are looking for someone who shares our passion for building great software for enterprises. You will work on a forward-looking product as part of an agile, collaborative, and cross-discipline team. Qualifications Required/Minimum Qualifications: Bachelor's, Master's, or Ph.D. in Computer Science Engineering, or an equivalent field. 11-15 years of software development experience. 3+ years of experience in managing and building teams. Strong problem-solving skills, along with excellent coding and debugging abilities. Good communication and cross-group collaboration skills. Prior expertise in platform components & high-scale cloud services (e.g. Azure, AWS etc.) is a plus Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. - You’ve led – you have experience leading a team of engineers by setting clear expectations, keeping team members energized, and delivering great results. - You collaborate – you can explain your work, you can ask great questions, you can listen to your peers and your customers, you can influence without authority, and you like to give and receive feedback. - You stay focused – you want to ship software that solves real problems for real people, now. - You’re a professional – you understand that it’s not enough to write working code. It must also be well-designed, easy to test, and easy to add to over time. - You’re learning – no matter how much you know, you are always seeking to learn more and to become a better engineer and leader. #MSFTSecurity MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Ascentt is building cutting-edge data analytics & AI/ML solutions for global automotive and manufacturing leaders. We turn enterprise data into real-time decisions using advanced machine learning and GenAI. Our team solves hard engineering problems at scale, with real-world industry impact. We’re hiring passionate builders to shape the future of industrial intelligence. Azure Cloud Engineer Experience 5+ years of experience managing cloud infrastructure, preferably in Azure. Location: Indore/Pune Job Description We are seeking an experienced and proactive Azure Cloud Engineer to join our cloud infrastructure team. The ideal candidate will be responsible for designing, implementing, managing, and optimizing Azure cloud solutions, ensuring high availability, security, and performance of our cloud-based systems. This role will involve close collaboration with DevOps, security, application development, and operations teams. Key Duties And Tasks Design, deploy, and manage Azure infrastructure using best practices (IaaS, PaaS, containers, serverless). Implement and maintain Azure services such as VMs, VNets, Azure AD, Storage, AKS, App Services, Functions, Event Grid, Logic Apps, etc. Automate infrastructure provisioning using ARM templates, Bicep, or Terraform. Develop and manage CI/CD pipelines using Azure DevOps, GitHub Actions, or other DevOps tools. Ensure cloud security posture by implementing RBAC, NSGs, firewalls, policies, and identity protection. Monitor system performance, health, and costs using Azure Monitor, Log Analytics, and Cost Management. Troubleshoot and resolve issues related to cloud infrastructure and deployments. Stay current with Azure features and best practices and propose improvements or migrations as needed. Qualification And Skills Required 5+ years of experience managing cloud infrastructure, preferably in Azure. Strong Hands-on Experience With Azure Compute (VMs, Scale Sets, Functions) Azure Networking (VNet, Load Balancers, VPN Gateway, ExpressRoute) Azure Identity (Azure AD, RBAC, Managed Identities) Azure Storage and Databases Azure Kubernetes Service (AKS) or containers (Docker) Experience with infrastructure-as-code (Terraform, Bicep, or ARM templates). Knowledge of CI/CD and DevOps principles. Scripting in PowerShell, Bash, or Python. Familiarity with monitoring/logging tools like Azure Monitor, Application Insights, or Prometheus/Grafana. Experience with Git-based version control systems. Technical Skills Proven experience in security architecture and designing, building, and deploying secure cloud workloads. Expertise in IAC, Terraform, and scripting languages (Git, PowerShell, Terraform, Jenkins, Python, Bash). Experience in a DevOps environment with knowledge of Continuous Integration, Containers, and DAST/SAST tools. Strong knowledge of security technologies, identity and access management, and containerized security models. Experience with monitoring and alerting solutions for critical infrastructure. Good to have: Experience with distributed systems, Linux, CDNs, HTTP, TCP/IP basics, database and SQL skills, Rest API, microservices-based development, and automation experience with Kubernetes and Docker. Experience with hybrid cloud setups or migrations from on-prem to Azure. Familiarity with governance tools like Azure Policy, Blueprints, and Cost Management. Exposure to Microsoft Defender for Cloud or Sentinel for security monitoring. Experience with Databricks, Glue, Athena, EMR, Data Lake and related solutions and services. Certifications/Licenses Azure certifications such as AZ-104 (Azure Administrator), AZ-305 (Solutions Architect), or AZ-400 (DevOps Engineer). Education Bachelor's degree in Computer Science, Information Technology, or related field.

5 - 7 Years 1 Opening Trivandrum Role description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience: Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep technical expertise in: Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications: Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Security Operations Engineer II Hyderabad, Telangana, India Date posted Jul 29, 2025 Job number 1853495 Work site Microsoft on-site only Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Operations Engineering Employment type Full-Time Overview Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Senior Help Desk Administrator SIB seeks a skilled Senior Help Desk Administrator to join our technology team. This role offers an opportunity to work with modern cloud technologies and provide essential technical support to our organisation. Position Summary We seek a detail-oriented Senior Help Desk Administrator to provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware. The successful candidate will troubleshoot technical problems, maintain IT infrastructure, and ensure optimal system performance across our organisation. Key Responsibilities Help Desk & Ticketing Provide timely and professional responses to user inquiries Document and track all support requests from initiation to resolution Escalate complex issues to appropriate team members when necessary Manage and resolve technical support tickets using the Jira ticketing system Cloud Infrastructure Support Assist users with cloud-based applications and services Monitor system performance and identify potential issues Support user account management and access permissions Troubleshoot and resolve issues within Azure, Microsoft 365 and Digital Ocean environments End-User Device Support Assist with device setup and user onboarding/offboarding Provide technical support for Windows and Mac laptops Install, configure, and maintain operating systems and applications Perform hardware diagnostics and coordinate repairs when needed Network Support Document network configurations and changes Diagnose and resolve switch-related network issues Troubleshoot fundamental networking issues, including Wi-Fi connectivity Collaborate with the network team on infrastructure improvements Security Management Respond to security alerts and incidents Assist with security software deployment and updates Ensure compliance with security policies and procedures Monitor and manage including Sentinel One, Automox, and DNS Filter Required Qualifications Technical Skills Strong knowledge of Windows and Mac operating systems Basic networking fundamentals and troubleshooting skills Experience with Jira for helpdesk ticketing and issue tracking Proficiency in Azure and Microsoft 365 administration and troubleshooting Hands-on experience with security tools: Sentinel One, Automox, and DNS Filter Experience creating, decommissioning and supporting Droplets in Digital Ocean Professional Skills Strong problem-solving and analytical abilities Detail-oriented with strong documentation skills Excellent English written and verbal communication skills Customer service oriented with patience and professionalism Ability to work independently and manage multiple priorities Preferred Qualifications Familiarity with ITIL best practices Previous helpdesk or technical support experience Industry certifications (CompTIA A+, Network+, Microsoft certifications) Associate’s degree in information technology, Computer Science, or related field What We Offer Collaborative team environment Opportunity to work with modern cloud technologies Job Type: Full-time Pay: Up to ₹1,550,000.00 per year Benefits: Commuter assistance Health insurance Leave encashment Life insurance Paid sick time Paid time off Provident Fund Work Location: In person Expected Start Date: 01/08/2025

Hi, We are having an opening for Network Security Operations Manager at our Mumbai location. Job Summary : We are looking for a highly capable Network Security Operations Manager to lead, manage, and enhance the organizations network security infrastructure and operations. This role will be responsible for managing key security technologies such as firewalls, proxies, VPNs, NAC, DNS security, WAF , EDR & Data Security and ensuring operational governance and compliance. The ideal candidate should have hands-on experience managing large-scale network security operations and coordinating with cross-functional and incident response teams. Areas Of Responsibility : Security Operations Management Lead day-to-day operations of all network security tools and platforms , including: Firewalls (NGFW Palo Alto, Fortinet, Cisco)- Policy governance, segmentation, and high-availability Web Proxy & Cloud Proxy (e.g., Zscaler, Netskope)- URL filtering, threat prevention, and data leak protection VPN (IPSec, SSL VPN, Remote Access Solutions)- Strong encryption and access control for workforce and partner Network Access Control (NAC)- Role-based access, posture checks, and OT/IoT security DNS Security & Filtering- DNS-layer protection, malicious domain filtering, and response management Web Application Firewall (WAF) On-prem & Cloud-based- Protection of patient data, portals, financial apps, and APIs Ensure continuous monitoring, tuning, and updating of policies and signatures across platforms. Manage security device configurations, rule optimization, and lifecycle management. Compliance, Audit & Governance Ensure adherence to security compliance requirements such as ISO 27001, NIST, GDPR, and internal IT security policies . Ensure full compliance with sector-specific regulations ( Pharma: GxP, 21 CFR Part 11, HIPAA) Prepare and present periodic audit reports, incident reports, and configuration review summaries . Drive risk assessments and remediation plans for security operations. Maintain security documentation, SOPs, and audit trails Team & Vendor Management Lead and mentor a team of network security engineers and analysts. Oversee vendor engagements, support contracts, SLAs, and AMC renewals for security technologies. Engage with audit, QA, compliance, and legal teams for incident reporting and regulatory inspections Coordinate with for integrated security coverage (EDR/DS, if escalation/overlap arises). Incident Response & Troubleshooting Collaborate with SOC for effective investigation and response to network security incidents . Coordinate the response to security incidents, including detection, analysis, containment, eradication, and recovery. Lead root cause analysis and containment for network-based threats (e.g., suspicious VPN activity, firewall rule violations). Manage escalations and coordinate with external vendors or OEMs for critical issues. Projects & Improvements Drive security hardening and optimization projects related to network security tools. Lead or support security hardening, firewall rule optimization, and proxy architecture redesign projects Lead or contribute to technology upgrades, migration projects, mergers, acquisitions, data center shifts. Maintain security documentation, playbooks, and standard operating procedures. Prepare and validate BOM, BOQ, and risk registers for new deployments Educational Qualification : Bachelor's or Masters in Computer Science, Information Security, or related field Specific Certification : CISSP, CISM, CCNP Security, CP, Palo Alto PCNSE, Fortinet NSE, ISO 27001 LA Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Firewalls: Checkpoint, Fortinet, Palo Alto, Cisco Firepower Proxies: Netskope, Forcepoint, Zscaler VPN: Cloudflare, Cisco AnyConnect, FortiClient, GlobalProtect NAC: Forescout, Cisco ISE, Aruba ClearPass DNS Security: Cisco Umbrella, Infoblox, Cloudflare DNS WAF: AWS/Azure WAF, F5, Imperva, Akamai, Cloudflare EDR & DS: Crowdstrike, Falcon, Trellix, MS Defender, Sentinel, etc

Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Principal Software Engineering Manager Noida, Uttar Pradesh, India Date posted Jul 30, 2025 Job number 1854221 Work site Up to 50% work from home Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core infrastructure and services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Engineering team leads the development and end-to-end implementation of infrastructure solutions, focusing on customer scenarios to enable high-volume big-data ingestion and interactive analytics for advanced security threat hunting, detection, and prevention. You will take charge of determining and developing architectural strategies and infrastructure solutions, conducting business reviews, and operating our production services. Collaboration will be essential as you work closely with other engineering teams to ensure that our services and systems are highly stable, performant, and meet the expectations of both internal and external customers and users. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required/Minimum Qualifications: Bachelor's, Master's, or Ph.D. in Computer Science Engineering, or an equivalent field. 11-15 years of software development experience. 3+ years of experience in managing and building teams. Strong problem-solving skills, along with excellent coding and debugging abilities. Good communication and cross-group collaboration skills. Prior expertise in platform components & high-scale cloud services (e.g. Azure, AWS etc.) is a plus Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. - You’ve led – you have experience leading a team of engineers by setting clear expectations, keeping team members energized, and delivering great results. - You collaborate – you can explain your work, you can ask great questions, you can listen to your peers and your customers, you can influence without authority, and you like to give and receive feedback. - You stay focused – you want to ship software that solves real problems for real people, now. - You’re a professional – you understand that it’s not enough to write working code. It must also be well-designed, easy to test, and easy to add to over time. - You’re learning – no matter how much you know, you are always seeking to learn more and to become a better engineer and leader. #MSFTSecurity MSFTSecurity Responsibilities We are looking for a highly motivated, fast-learning, creative and analytical Software Engineer Manager. In this position, you will collaborate with other security engineering disciplines to plan, architect, design, implement, and validate security products and features. In addition to strong technical skills, you should have a passion for innovation and software quality. You must be comfortable with the fast-paced security industry by courageously exploring uncharted territories and thinking ahead of highly sophisticated attackers. You will be responsible for conducting investigations and investing in complex areas, designing and delivering features end to end - including system architecture, coding, deployment, scaling, performance, and quality from conception to delivery. Responsibilities include: Working closely with peers, partners, and building diverse and high-performing teams. Designing and implementing scalable, reliable, and maintainable services. Demonstrating strategic understanding of the timing and rationale for design choices within the scope of work. Consistently contributing key ideas to the product or service design and vision that meets customer needs. Applying metrics to drive the quality and stability of code. Having a sense of pride, commitment, and personal accountability for service quality, completeness, and resultant user experience throughout the product or service lifecycle. Working closely with a geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering Systems. We are looking for someone who shares our passion for building great software for enterprises. You will work on a forward-looking product as part of an agile, collaborative, and cross-discipline team. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Technical Support Engineering Bangalore, Karnataka, India Date posted Jul 30, 2025 Job number 1852774 Work site Up to 100% work from home Travel None Role type Individual Contributor Profession Technical Support Discipline Technical Support Engineering Employment type Full-Time Overview With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world. Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Technical Support Engineer, you will own, troubleshoot and solve customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and develop your technical proficiency. This role is flexible in that you can work up to 100% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualifications: Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 1+ years of technical support, technical consulting experience, or information technology experience o OR 3+ years of technical support, technical consulting experience, or information technology experience. o OR equivalent experience Language Qualification English Language: fluent in reading, writing and speaking. CyberDefender Mindset: A CyberDefender Mindset is a proactive, collaborative, and customer-centric approach adopted by technical support teams to anticipate, prevent, and mitigate cybersecurity threats—shifting from purely reactive issue resolution to active partnership in safeguarding organizational and customer security. Preferred Qualifications: CISSP, Comptia Security +, ISC2 CC, BTL1/2, GSIF/GCIC/GCED/GSEC, PSAA, Kepner-Tregoe or equivalent certification Customer Service Foundations (LinkedIn Learning) or other Customer Service Training/Experience Ability to effectively communicate with customer managers and executives on technical and business issues. Organization, time management, project management, and negotiation skills. 3+ years of experience providing support for enterprise level premier customers. Cloud Protection: Background/experience in security engineering (blue/red team) preferred Background in system/network engineering, DevOps/SRE or software engineering, with a passion for cybersecurity Previous experience with / exposure to Microsoft Sentinel or the Microsoft Defender suite Good understanding of the TCP/IP stack, working in a cloud environment and (at a minimum) basic system administration in Linux and/or Windows Server environments Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter. Responsibilities Response and Resolution: You own, investigate and solve customer technical issues, collaborating within and across teams and leveraging troubleshooting tools and practices. Readiness: You lead or participate in building communities with peer delivery roles and, where appropriate, share your knowledge. You develop specific technical and professional proficiency to enable you to resolve customer issues, through training and readiness. Product/Process Improvement: You identify potential product defects and escalate appropriately to resolve, contributing to Microsoft product improvements. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Technical Support Engineering Bangalore, Karnataka, India Date posted Jul 30, 2025 Job number 1852772 Work site Up to 100% work from home Travel 0-25 % Role type Individual Contributor Profession Technical Support Discipline Technical Support Engineering Employment type Full-Time Overview With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world. Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Technical Support Engineer, you will own, troubleshoot and solve customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and develop your technical proficiency. This role is flexible in that you can work up to 100% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualifications: Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience o OR 5+ years of technical support, technical consulting experience, or information technology experience. o OR equivalent experience Language Qualification English Language: fluent in reading, writing and speaking. CyberDefender Mindset: A CyberDefender Mindset is a proactive, collaborative, and customer-centric approach adopted by technical support teams to anticipate, prevent, and mitigate cybersecurity threats—shifting from purely reactive issue resolution to active partnership in safeguarding organizational and customer security. Preferred Qualifications: CISSP, Comptia Security +, ISC2 CC, BTL1/2, GSIF/GCIC/GCED/GSEC, PSAA, Kepner-Tregoe or equivalent certification Customer Service Foundations (LinkedIn Learning) or other Customer Service Training/Experience Ability to effectively communicate with customer managers and executives on technical and business issues. Organization, time management, project management, and negotiation skills. 3+ years of experience providing support for enterprise level premier customers. Cloud Protection: Background/experience in security engineering (blue/red team) preferred Background in system/network engineering, DevOps/SRE or software engineering, with a passion for cybersecurity Previous experience with / exposure to Microsoft Sentinel or the Microsoft Defender suite Good understanding of the TCP/IP stack, working in a cloud environment and (at a minimum) basic system administration in Linux and/or Windows Server environments Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter. Responsibilities Response and Resolution: You own, investigate and solve customer technical issues, collaborating within and across teams and leveraging troubleshooting tools and practices. Readiness: You lead or participate in building communities with peer delivery roles and, where appropriate, share your knowledge. You develop specific technical and professional proficiency to enable you to resolve customer issues, through training and readiness. Product/Process Improvement: You identify potential product defects and escalate appropriately to resolve, contributing to Microsoft product improvements. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

As an Enterprise Security Architect, you will be an integral part of a dynamic organization, taking the lead in developing and overseeing a cutting-edge enterprise security program. Your role will involve identifying, defining, and steering the security technology strategy across a wide range of areas including IAM, Cloud, End Point, Network, and Web security, as well as evaluating new identity technologies at an enterprise scale. Being a senior member of the team, you will collaborate with senior leaders throughout the organization, leveraging your vast experience in security technology management, implementation, and architecture, along with exceptional communication skills to shape strategies, influence roadmaps, drive solution adoption, and advocate for security enhancements that enhance capabilities and reduce risks. Your responsibilities will include defining architectural visions and solutions for complex systems, ensuring alignment with enterprise architecture strategies, and outlining non-functional requirements to support new features and opportunities. You will work closely with stakeholders and vendors to evaluate design decisions and drive best practices and standardized templates within defined domains. In addition, you will create reference architectures and design patterns for endpoint/host and workplace productivity security, contribute to the architecture roadmap, and collaborate with Product Managers/Owners to prioritize technology-focused tasks to enable business features and growth opportunities. Furthermore, you will play a key role in interpreting business and technology drivers to develop security roadmaps, establish data security frameworks, and align technical controls with industry best practices. Your expertise in cloud architecture, access management, monitoring, and other security solutions will be crucial in ensuring the security of company data and systems. To excel in this role, we are seeking individuals who excel in collaboration, prioritize client experience, thrive in fast-paced environments, and are dedicated to continuous improvement. The ideal candidate will possess over 10 years of hands-on experience in architecting IAM solutions, in-depth knowledge of authentication/authorization standards, familiarity with various security tools and platforms, and a strong background in cloud security concepts. Moreover, expertise in security frameworks, data loss prevention, Hybrid cloud architectures, DevSecOps processes, and web application technologies will be highly advantageous. Strong communication skills, the ability to lead technical discussions, and experience in managing stakeholder relationships are also essential qualities we are looking for. If you have a Bachelor's degree in Computer Science, Computer Engineering, or a related field, along with a passion for security architecture and a drive for continuous learning and improvement, we encourage you to apply for this exciting opportunity.,

Role Description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep Technical Expertise In Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM

We are looking for a proactive and experienced L2 Security Operations Analyst to strengthen our Security Operations Centre (SOC) team. This role will be responsible for detecting, analysing, and responding to cybersecurity incidents in a hybrid infrastructure comprising AWS Cloud, on-prem infrastructure, and diverse endpoint systems including Linux, Windows, and macOS. The candidate should have hands-on experience with SIEM, EDR, firewalls, and cloud-native security tools, along with a solid understanding of threat landscapes and incident response processes. Responsibilities Act as the first level of the escalation point to the L1 team and investigate, validate, and escalate security alerts received from SIEM and other monitoring tools. Monitor and analyse security events from various sources, including CNAPP, SIEM, EDR, firewalls, AWS CloudTrail, Guard Duty, and endpoint logs. Triage security alerts and escalate incidents based on severity and impact. Correlate data across sources to identify patterns of malicious activity and potential breaches. Review and refine detection use cases and rule tuning to reduce false positives. Update and maintain incident response runbooks and knowledge base. Assist in the development of automation using SOAR platforms for repetitive tasks. Document incidents, root cause analysis, and lessons learned in a structured and timely manner. Provide regular status reports and metrics to SOC leads and management. Collaborate with infrastructure, application, and IT teams for investigation and remediation. Requirements Bachelor's degree in information security, Computer Science, or related field. 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency with SIEM tools (e. g., Sentinel, Splunk). Hands-on experience with EDR/XDR platforms (e. g., CrowdStrike, Sentinel One). Strong understanding of network protocols, operating systems, malware analysis, and threat actor behaviour. Familiarity with frameworks such as MITRE ATT& CK, NIST CSF, Incident response and investigation skills, including log analysis and packet inspection. Experience with ticketing systems and incident tracking tools. This job was posted by Debapti Roy from mPokket.

Requisition Number: 101414 Location: The role will be a hybrid position located in Delhi NCR, Hyderabad, Bangalore, Pune, Mumbai, Chennai. Insight at a Glance 14,000+ engaged teammates globally #20 on Fortune’s World's Best Workplaces™ list $9.2 billion in revenue Received 35+ industry and partner awards in the past year $1.4M+ total charitable contributions in 2023 by Insight globally Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organisations through complex digital decisions. About The Role As a Cloud Technical Lead you will: Extensive experience with Azure IaaS, PaaS, Networking, Storage, and Security Ability to work with clients in designing new Azure solutions Proven background in repeatable implementation and deploy models Possess comfort in leading war rooms, troubleshooting sessions, or producing RCA findings Good experience merging traditional data centers with newer cloud topologies General knowledge of IAM, role assignments, and Azure Active Directory Bonus consideration: familiarity with Conditional Access, Just in Time, EMS E3/E5, MCAS or Azure Sentinel Exposure to Containerization - Docker Kubernetes What We’re Looking For Excellent understanding of provisioning and optimizing VM and managed disks. Expert understanding of cloud infrastructure, primarily Azure, secondary AWS and/or GCP Experience with security concepts such as encryption, identity management, access control and key vaults. Experience with networking concepts such as software-defined networking, routing, virtual private networks, load balancers, and firewalls. What You Can Expect We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another location—even an international destination—for up to 30 consecutive calendar days per year. But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India