437 Sentinel Jobs

Job requisition ID :: 84448 Date: Jun 16, 2025 Location: Delhi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

🔐 Hiring: Incident Response & SOC Lead 📍 Location: Pune | 🕐 Experience: 10+ years total, 5+ years in Incident Management ✅ Required Skills & Experience 10+ years in cybersecurity, including 5+ years in incident response or SOC leadership Hands-on with Microsoft Defender Suite (Endpoint, Identity, Office, Cloud Apps) Strong experience with Microsoft Sentinel and Azure Logic Apps Proficiency in PowerShell and basic scripting for automation Experience in threat detection , alert triage , incident investigation , and reporting Familiarity with SOC playbooks , detection workflows, and response orchestration Strong communication skills — capable of reporting to both technical and executive stakeholders Proven experience mentoring and leading SOC teams 🌟 Preferred Skills Exposure to MITRE ATT&CK , NIST , or CMMI frameworks Experience with Zscaler (ZIA/ZPA) and Nozomi (OT/IoT visibility tools) Knowledge of detection tuning and enrichment techniques API integration and automation scripting knowledge Relevant certifications: GCIH, GCFA, GCIA, SC-200, AZ-500 🔍 Key Responsibilities Lead investigation and response to major security incidents Manage SOC operations including alert triage, threat hunting, and response Drive automation initiatives using Sentinel , Logic Apps , and playbooks Improve SOC maturity and detection capabilities across multiple domains Foster a collaborative, high-performance team environment Show more Show less

Company Description Our mission, your future As a global community of trusted advisors, we create cutting-edge technological solutions to overcome today’s challenges and anticipate tomorrow’s needs. It all starts with the collaboration of a diverse team of passionate intrapreneurs, each driven to make a difference. Together, we challenge the status quo and push each other to new heights. Ready to make a significant impact on mission-critical projects and shape the future through digital transformation and strategic consulting? Take your ambitions to the next level and discover your next exciting challenge with us! Your role, your impact As a Security Specialist, you will report to the Vice-President and Chief Information Security Officer and be a key member of the IT team. You will be responsible to maintain the security solutions’ effectiveness, contribute to the IT security incidents and requests resolution. When a security incident does arise, you will investigate and help resolve the issue in a timely manner. In addition, you will be responsible for vulnerability management, and support the patch management and systems’ hardening procedures. You will operate on our endpoint protection platform and physical access systems, following enterprise IT security policies and standards. Your day-to-day Contribute to the Enterprise IT Operation team through coordinating IT security incidents, assessing and resolving IT security service requests, and administering Azure Sentinel SIEM, the endpoint security platform (Defender) and the vulnerability management solution (Qualys); Promptly respond to IT security incidents and coordinate mitigation and resolution (assess risk, containment, mitigation, remediation, reporting); Prepare management reports related to security (incidents, requests, alerts, breach, leak, etc.); Coordinate the remediation of identified vulnerabilities (e.g., patch management) with the Infrastructure Team and the Service Desk; Manage and handle endpoint protection alerts (virus, breach, intrusion detection, security updates and patches); Lead the deployment and operationalization of Azure Sentinel SIEM; Centralize a variety of log sources (Defender EDR, Network, Cloud apps); Develop complex KQL queries to enable reliable detection of threats; Translate real-time threat intelligence into actionable detection playbooks and automation; Contribute to the incident response process using Sentinel by providing technical guidance, coordination, and support; Support logs documentation; Serve as an expert technical resource to advise and assist in security issues, both proactively and reactively. Keys to your success Minimum 4 years of experience in a security operations role; Experience as a subject matter expert for Microsoft security solutions, such as Microsoft Defender 365, Defender for Cloud and Azure Sentinel; Experience in search query languages such as KQL (Sentinel) or SPL (Splunk); Proficiency in managing Defender; Proficiency in Azure Sentinel onboarding, Data Connectors, Content Hub, Playbooks, Workbooks; Working knowledge of SIEM, SOAR and incident management platforms; Deep knowledge of operating systems, network infrastructure and IT security solutions; Knowledge of cyber security standards, regulations, and best practices, such as ISO 27001 and NIST; Understanding of typical threat actors (Tactics, Techniques, Procedures [TTPs]); Strong skills with PowerShell, VB Script and Python. Extra edge Cyber security-specific certifications (e.g., SC-200, CISSP, CCSP, CISM, Security+, SANS, GSEC, AWS Certified Security Specialty, Azure Security Engineer Associate, Azure Sentinel). Language Skills English: Proficient Our authenticity is our strength The diversity of our backgrounds, experiences, thoughts and insights is our competitive advantage. We foster a collaborative environment rooted in our core values of respect, well-being, passion, trust, integrity and creativity. For us, diversity, equity and inclusion aren’t just buzzwords; they’re essential drivers of innovation and excellence, and powerful catalysts for inspiration and evolutionary ideas. The empowerment of our people is fundamental to being the trusted advisor to our clients. Join us in embracing our authenticity and in leveraging our unique perspectives to collectively build the future we all envision. An inclusive path to success Fostering an environment where you can thrive starts with ensuring an accessible recruitment process. If you require any accommodations, we welcome you to contact us. For more information, please visit our accessibility page at https://www.alithya.com/en/accessibility . Show more Show less

Job Description: Azure Infrastructure Engineer Exp: 7+ Years CTC: 20 LPA Notice period: Immediate – 15days Base Location: Chennai (Onsite - Saudi Arabia (KSA)) Profile source: Anywhere in India Timings: 1:00pm-10:00pm Work Mode: WFO (Mon-Fri) We are looking for an Azure Infrastructure Engineer with 3–5 years of experience who understands cloud architecture and security best practices aligned with the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM). The candidate will be responsible for designing, implementing, and managing secure and scalable infrastructure on Microsoft Azure, ensuring compliance with CSA security principles and regulatory standards. Key Responsibilities: Design and deploy Azure infrastructure with a security-first mindset, aligned with CSA CCM and Azure Well- Architected Framework. Implement identity and access controls (RBAC, Azure AD, MFA, Conditional Access) as per CSA IAM domain. Ensure data protection using Azure encryption capabilities (at-rest, in-transit, and in-use). Deploy network security architectures (NSGs, Azure Firewall, Private Link, ExpressRoute) compliant with CSA and NIST guidelines. Enable security monitoring and incident response with Azure Defender, Sentinel, and Security Center. Map and document infrastructure against CSA CCM controls. Ensure infrastructure is compliant with CIS Benchmarks, ISO 27001, and CSA STAR guidelines. Automate infrastructure provisioning with ARM templates, Bicep, or Terraform, integrating security guardrails. Perform periodic vulnerability assessments and remediation aligned with CSA guidelines. Required Skills & Qualifications: 3–5 years of experience in Azure cloud infrastructure. Strong hands-on experience in Azure IaaS (VMs, VNETs, Storage, Load Balancers, etc.). In-depth knowledge of Azure security tools (Azure Security Center, Defender for Cloud, Sentinel). Familiarity with Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) and CAIQ. Strong understanding of identity and access management principles. Proficient in scripting (PowerShell, Azure CLI) and IaC (ARM/Bicep/Terraform). Experience working in regulated industries (e.g., healthcare, finance) is a plus. Certifications (Preferred): Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Azure Solutions Architect Expert CSA CCSK (Certificate of Cloud Security Knowledge) or CCSP Soft Skills: Excellent documentation and communication skills. Ability to translate compliance requirements into technical controls. Strong collaboration skills with security, operations, and compliance teams. Job Type: Full-time Pay: From ₹60,000.00 per month Schedule: Night shift Supplemental Pay: Performance bonus Ability to commute/relocate: Chetput, Chennai, Tamil Nadu: Reliably commute or planning to relocate before starting work (Required) Experience: total work: 5 years (Preferred) Work Location: In person

Who we are We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world. Job summary As a DevOps Engineer, you will play a pivotal role in designing, implementing, and maintaining our infrastructure and deployment processes. You will collaborate closely with our development, operations, and security teams to ensure seamless integration of code releases, infrastructure automation, and continuous improvement of our DevOps practices. This role places a strong emphasis on infrastructure as code with Terraform, including module design, remote state management, policy enforcement, and CI/CD integration. You will manage authentication via Auth0, maintain secure network and identity configurations using AWS IAM and Security Groups, and oversee the lifecycle and upgrade management of AWS RDS and MSK clusters. Additional responsibilities include managing vulnerability remediation, containerized deployments via Docker, and orchestrating production workloads using AWS ECS and Fargate. What you will do Design, build, and maintain scalable, reliable, and secure infrastructure solutions on cloud platforms such as AWS, Azure, or GCP. Implement and manage continuous integration and continuous deployment (CI/CD) pipelines for efficient and automated software delivery. Develop and maintain infrastructure as code (IaC) — with a primary focus on Terraform — including building reusable, modular, and parameterized modules for scalable infrastructure. Securely manage Terraform state using remote backends (e.g., S3 with DynamoDB locks) and establish best practices for drift detection and resolution. Integrate Terraform into CI/CD pipelines with automated plan, apply, and policy-check gating Conduct testing and validation of Terraform code using tools such as Terratest, Checkov, or equivalent frameworks. Design and manage network infrastructure, including VPCs, subnets, routing, NAT gateways, and load balancers. Configure and manage AWS IAM roles, policies, and Security Groups to enforce least-privilege access control and secure application environments. Administer and maintain Auth0 for user authentication and authorization, including rule scripting, tenant settings, and integration with identity providers. Build and manage containerized applications using Docker, deployed through AWS ECS and Fargate for scalable and cost-effective orchestration. Implement vulnerability management workflows, including image scanning, patching, dependency management, and CI-integrated security controls. Manage RDS and MSK infrastructure, including lifecycle and version upgrades, high availability setup, and performance tuning. Monitor system health, performance, and capacity using tools like Prometheus, ELK, or Splunk; proactively resolve bottlenecks and incidents. Collaborate with development and security teams to resolve infrastructure issues, streamline delivery, and uphold compliance. What you will have Bachelor's degree in Computer Science, Engineering, or related field, or equivalent work experience. 6+ years in DevOps or similar role, with strong experience in infrastructure architecture and automation. Advanced proficiency in Terraform, including module creation, backend management, workspaces, and integration with version control and CI/CD. Experience with remote state management using S3 and DynamoDB, and implementing Terraform policy-as-code with OPA/Sentinel. Familiarity with Terraform testing/validation tools such as Terratest, InSpec, or Checkov. Strong background in cloud networking, VPC design, DNS, and ingress/egress control. Proficient with AWS IAM, Security Groups, EC2, RDS, S3, Lambda, MSK, and ECS/Fargate. Hands-on experience with Auth0 or equivalent identity management platforms. Proficient in container technologies like Docker, with production deployments via ECS/Fargate. Solid experience in vulnerability and compliance management across the infrastructure lifecycle. Skilled in scripting (Python, Bash, PowerShell) for automation and tooling development. Experience in monitoring/logging using Prometheus, ELK stack, Grafana, or Splunk. Excellent troubleshooting skills in cloud-native and distributed systems. Effective communicator and cross-functional collaborator in Agile/Scrum environments. Nice to have Terraform (Intermediate) • AWS (IAM, Security Groups, RDS, MSK, ECS/Fargate, Cloudwatch) • Docker • CI/CD (GitLab, Jenkins) • Auth0 • Python/Bash Benefits Generous time off policies Top shelf benefits Education, wellness and lifestyle support Show more Show less

L1 Security Specialist Job Description: We are seeking an experienced Azure Security Specialist to manage, optimize, and configure Azure security tools and services. The ideal candidate will have hands-on experience in cloud security, incident response, and threat analysis within the Azure environment. Responsibilities: Analyze security incidents and optimize Entra ID policies. Configure and manage alerts across Microsoft Defender suite. Manage Azure Firewall, NSGs, and other Defender tools. Configure Microsoft Defender for Office 365 policies (Safe Links, CASB). Integrate third-party tools (e.g., Splunk, CrowdStrike). Provide expertise in cloud security (IaaS, PaaS, SaaS) and threat analysis. Required Skills: Relevant Experience 1 – 2 Years Expertise in Microsoft Intune and policy management. Certifications: Azure Security Engineer Associate, Security Operations Analyst Associate, Microsoft 365 Certified Security Administrator Associate. Advanced proficiency in Microsoft Defender Suite and Microsoft Sentinel. Hands-on experience with Azure Security Center, Azure Firewall, NSGs, and DDoS Protection. Experience with third-party tools (e.g., Palo Alto, Splunk, CrowdStrike). Expertise in compliance tools like Microsoft 365 Compliance Center and Secure Score. Preferred Qualifications: Experience in cloud security best practices and automation. 📧 Send your CV to careers@atidan.com with the subject line “Azure Security L1 Support with Code AZSE031225” 👉 Follow Atidan Technologies on LinkedIn for quick updates! Show more Show less

Sr Director/ VP AI & Machine Learning – Strategy Overview The next evolution of AI-powered cyber defense is here. With the rise of cloud and modern technologies, organizations struggle with the vast amount of data and thereby security alerts generated by their existing security tools. Cyberattacks continue to get more sophisticated and harder to detect in the sea of alerts and false positives. According to the Forrester 2023 Enterprise Breach Benchmark Report, a security breach costs organizations an average of $3M and takes organizations over 200 days to investigate and respond. AiStrike’s platform aims to reduce the time to investigate and respond to threats by over 90%. Our approach is to leverage the power of AI and machine learning to adopt an attacker mindset to prioritize and automate cyber threat investigation and response. The platform reduces alerts by 100:5 and provides detailed context and link analysis capabilities to investigate the alert. The platform also provides collaborative workflow and no code automation to cut down the time to respond to threats significantly. We are looking for a forward-thinking Leader for AI to define and lead the AI and ML strategy for our next-generation cybersecurity platform. This role sits at the intersection of data science, cybersecurity operations, and product innovation, responsible for transforming security telemetry into intelligent workflows, automated decisions, and self-improving systems. You will lead the vision and execution for how classification, clustering, correlation, and feedback loops are built into our AI-powered threat investigation and response engine. Your work will directly impact how analysts investigate alerts, how automation adapts over time, and how customers operationalize AI safely and effectively in high-stakes security environments. Key Responsibilities ● Define the AI Strategy & Roadmap: Own and drive the strategic direction for AI/ML across investigation, prioritization, alert triage, and autonomous response. ● Architect Feedback-Driven AI Systems: Design scalable feedback loops where analyst input, alert outcomes, and system performance continuously refine models. ● Operationalize ML for Security: Work with detection engineering, platform, and data teams to apply clustering, classification, and anomaly detection on massive datasets—logs, alerts, identities, cloud events—not images or media. ● Guide Complex Security Workflows: Translate noisy, high-volume telemetry into structured workflows powered by AI—spanning enrichment, correlation, and decisioning. ● Collaborate Across Functions: Partner with product managers, detection engineers, threat researchers, and ML engineers to define use cases, data needs, and modeling approaches. ● Ensure Explainability and Trust: Prioritize model transparency, accuracy, and control—enabling human-in-the-loop or override in high-risk environments. ● Lead AI Governance and Deployment Frameworks: Define policies, versioning, validation, and release processes for customer-safe AI usage in production environments. Requirements ● 10+ years of experience in data science, applied ML, or AI product leadership, with at least 3–5 years in cybersecurity, enterprise SaaS, or complex data domains. ● Demonstrated experience applying classification, clustering, correlation, and anomaly detection on structured/semi-structured data (e.g., logs, alerts, network events). ● Strong understanding of cybersecurity workflows: detection, investigation, triage, threat hunting, incident response, etc. ● Experience in building data feedback pipelines or reinforcement learning-like systems where user input improves future predictions or decisions. ● Proven ability to scale AI/ML systems across multi-tenant environments or customer-facing platforms. ● Familiarity with platforms such as Snowflake, Google Chronicle, Sentinel (KQL), or SIEM/SOAR tools is a strong plus. ● Exceptional communication and storytelling skills: able to communicate AI strategy to technical and executive stakeholders alike. ● Experience with security-specific ML tooling or frameworks (e.g., security data lakes, Sigma correlation engines, MITRE ATT&CK mapping). ● Prior work in multi-modal learning environments (signals from logs, identity, cloud infra, etc.). ● Deep familiarity with model evaluation, drift detection, and automated retraining in production settings. ● Exposure to or leadership in building agentic AI workflows or co-pilot-style assistant models in the security space. AiStrike is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law. Show more Show less

Solution Engineer - Cybersecurity Location : Hyderabad, Bangalore Employment Type : Full-Time Experience : 8+ years (Hands-on Experience) Desired Qualification : B.Tech or BE in Computers / MCA. Certifications such as CISSP, CEH, GCIH, OSCP, OSCE are a plus. Job Requirements Minimum 3 years of experience in a large-scale IT environment focusing on Cyber/Information Security. Expertise in Pre-Sales support, Service & Solution delivery, and Program Management (Transition & Transformation). Strong knowledge of security technologies including SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, and UEBA. Hands-on experience (3+ years) with leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, and Sentinel. Familiarity with additional security tools such as Email Security Gateway, SOAR, IPS/IDS, Proxy, EDR, TI, DLP, CASB, and PAM is an advantage. Deep understanding of Detection Engineering and the MITRE ATT&CK Framework. Strong proficiency in OS (Linux, Windows) and Networking. Analytical and problem-solving skills with an ability to assess security challenges effectively. Up-to-date knowledge of IT/OT industry trends and Security Best Practices. Expertise in Digital Forensics, Malware Assessment, Incident Response, and Threat Hunting. Strong interpersonal and communication skills, both verbal and written. Ability to collaborate with organizational and client stakeholders to identify and implement security solutions. Job Responsibilities : Define, plan, and implement cybersecurity solutions tailored to organizational needs. Conduct gap analysis to assess and improve an organization's security posture. Develop detailed security requirements and design cybersecurity solutions. Perform technical proof-of-concept (POC) demonstrations to validate security solutions. Translate technical security solutions into business values aligned with organizational objectives. Respond to complex RFPs, delivering customized security solutions that meet client needs. Execute thorough design and implementation of security solutions across various industries. Conduct competitive analysis, security workshops, and executive presentations. Design and present customized cybersecurity solutions based on client requirements. Collaborate with cross-functional teams to ensure seamless service delivery of cybersecurity solutions. Develop threat scenarios and use cases based on industry-specific attack patterns. Nice to Have : Ethical hacking certifications such as CISSP, GCIH, or equivalent training are highly preferred. (ref:hirist.tech) Show more Show less

Job Overview St. Fox is looking for a proactive and seasoned L2 - Next-Gen SIEM Security Engineer to join our skilled team in Bengaluru/Pune. This onsite role involves direct collaboration at our esteemed customer's location, offering a stimulating environment with substantial opportunities to enhance your professional growth and technical expertise. You will be instrumental in the administration, management, and optimization of cutting-edge Next-Gen SIEM/EDR platforms, focusing on threat hunting, detection rule development, and fostering a strong security : Administer and provide comprehensive management support for CrowdStrike Next-Gen SIEM/EDR solutions, ensuring their optimal performance and configuration. Perform proactive threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) and translate these insights into actionable detection requirements using an intelligence-driven approach. Develop, thoroughly test, and deploy high-fidelity CrowdStrike Next-Gen SIEM detection rules to enhance the customer's security monitoring capabilities. Collaborate effectively with Security Analysts to create detailed playbooks for triage and response specifically for actionable high-fidelity detections, streamlining incident handling. Work closely with SIEM architects to develop and define best practices for parsing and normalizing data to a common event schema, ensuring consistency and usability of security logs. Build and maintain utilities and tools to enable the managed security services team to operate quickly, efficiently, and at a large scale. Analyze security data, such as logs or packet captures, from various sources within the enterprise environment and draw accurate conclusions regarding past and potential future security incidents. Develop and maintain clear, concise processes and documentation for all security operations, configurations, and incident response Skills & Qualifications : B.Tech/B.E/BCS, BCA with sound technical skills. Minimum 5+ years of hands-on experience supporting SIEM/SOAR platforms, Threat Hunting, and various Security solutions and technologies. Strong command of both verbal and written English language. Demonstrated ability to combine technical acumen with critical thinking abilities to solve complex security challenges. Strong interpersonal and presentation skills, capable of articulating technical concepts to diverse Skills : Certification in any of the SIEM platforms (Splunk, Sentinel, QRadar, Elastic SIEM). Certifications such as CEH (Certified Ethical Hacker), CompTIA Security+, CompTIA Network+, CCNA (Cisco Certified Network Associate). Direct experience with CrowdStrike products, particularly their SIEM/EDR capabilities. Experience with incident response processes and procedures. Knowledge of scripting languages for automation (e.g., Python) (ref:hirist.tech) Show more Show less

Role : Senior Consulting Engineer (Microsoft) 100% English Fluency is required this is a must. About The Role As a Senior Consulting Engineer you will provide expert consulting services and guidance to our clients on various cloud technologies, including Azure Entra ID, Azure, AWS, GCP, MDM, Active Directory, networking, and other related cloud solutions. The Senior Cloud Consultant will play a crucial role in assisting clients with cloud strategy, implementation, optimization, ongoing support, and various migration projects, including cloud tenant migrations, cross-platform migrations, identity migrations, mail migrations, and M365 migrations. Be the go-to person for Microsoft 365, Azure Cloud and all associated products and services. You should be a highly skilled and experienced Senior Consultant with a strong background in Microsoft 365 (M365) security and cloud solutions. The ideal candidate will have a deep understanding of securing privileged access, implementing Zero Trust administration, and deploying Microsoft Defender products, Microsoft Purview, and Microsoft Sentinel. This role also requires expertise in Azure Landing Zones, management group administration, and the overall Microsoft security ecosystem. You will work closely with clients, guiding them through the design and implementation of modern security solutions, ensuring compliance with best practices and regulatory requirements. This role is pivotal in delivering successful engagements that help secure enterprise environments, enhance threat detection, and streamline cloud operations. Key Responsibilities Must be well-spoken and comfortable talking with clients. Provide expert consulting services and guidance to clients for both supporting and implementing cloud technologies such as EntraID, Azure, AWS, GCP, MDM, Active Directory, networking solutions, and other cloud infrastructure solutions. Support and implement Zero Trust architectures across M365 and Azure environments. Secure privileged identities and administrative roles, leveraging tools such as Azure AD Privileged Identity Management (PIM) and Conditional Access policies. Establish robust security baselines for administrative roles, ensuring least-privilege access across all environments. Lead M365 security and compliance projects with a focus on privileged access management, Zero Trust security models, and advanced security features. Experienced in editing and writing PowerShell scripts and working with CLIs. Lead the implementation and migration of client workloads to cloud environments, ensuring seamless transitions and minimizing downtime. Implement and configure Microsoft Defender products (Defender for Identity, Defender for Endpoint, Defender for Cloud Apps, etc.) across client environments. Conduct cloud readiness assessments, identify potential risks and challenges, and provide mitigation strategies. Plan and execute cloud tenant migrations, cross-platform migrations (e.g., AWS to Azure, on-premises to GCP), identity migrations, mail migrations, and M365 migrations. Develop and deliver comprehensive training and knowledge transfer sessions to client teams on cloud technologies and best practices. Deploy and operationalize Microsoft Purview for compliance, data governance, and information protection solutions. Support, deploy, and configure Microsoft Sentinel for advanced threat detection, monitoring, and response. Provide expert guidance on supporting and deploying Azure Landing Zones and managing Azure management groups for optimal cloud governance. Collaborate with clients to understand their business requirements, assess their current infrastructure, and develop cloud strategies aligned with their goals. Capable of both providing hands on keyboard as well as guiding and walking customers through performing technical tasks and performing technical activities during implementations or migrations of solutions. Experience in writing technical solution documents including implementation guides, technical design documents, operations guides, standard operational procedures, knowledge articles and status reports. Ability to perform and conduct workshops and meetings to develop client solutions. Maintaining industry technology certifications required and ability to obtain new certifications as required based on technology trends and organizational requirements. Stay up-to-date with the latest trends, technologies, and advancements in the cloud computing industry, and proactively share insights with clients. Mentor and guide junior consultants, fostering knowledge sharing and professional growth within the team. Educate customers of all sizes on the value proposition of cloud solutions. Collaborate with cross-functional teams, including developers, architects, and project managers, to ensure successful cloud projects. Using company prescribed methodologies, can demonstrate the production of several medium to large scale designs, including some which are not based on an existing pattern, or which have substantial customization and/or contain solution components from contributing specialists. Participate and team up with sales, Enterprise Architect, Delivery and Partner ecosystem to provide complete solutions to customers. Demonstrated ability to adapt to new technologies and learn quickly. Ability to handle multiple priorities and initiatives simultaneously. Experience Requirements 5+ years of experience designing, supporting, and implementing large-scale, complex system architectures. 5+ years of experience working in Microsoft 365, Azure, and related security solutions. 5+ years of experience in Cloud migrations, implementations and supporting cloud solutions. Expertise in securing Microsoft 365 environments with tools like Azure AD PIM, Conditional Access, Microsoft Defender suite, and Azure Information Protection. Proficiency in supporting and deploying Zero Trust frameworks and identity management solutions. Strong hands-on experience with Microsoft Sentinel for security monitoring, alerting, and incident response. In-depth knowledge of Microsoft Purview for data governance and compliance. Understanding of Azure Landing Zones and management group administration. Familiarity with identity and access management (IAM) best practices, particularly in hybrid cloud environments. Required Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. (or equivalent experience). Minimum of 5 years of hands-on experience in cloud consulting, with a strong focus on EntraID, Azure, MDM, Active Directory, and networking technologies. AWS and GPC is a plus. Proven track record of successfully delivering complex cloud projects, migrations, and implementations for enterprise clients. In-depth knowledge of cloud architecture, security, scalability, and cost optimization best practices. Expertise in cloud automation, DevOps methodologies, and infrastructure as code (IaC) technologies is a plus. Strong understanding of enterprise IT infrastructure, networking, and security principles. Excellent problem-solving, analytical, and critical thinking skills. Strong communication and presentation skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences. Proven ability to work independently and lead cross-functional teams in a collaborative environment. Relevant cloud certifications (e.g., Microsoft Azure Solutions Architect Expert, AWS Certified Solutions Architect Professional, Google Cloud Professional Cloud Architect) are highly desirable. Additional Qualifications Azure Automation. Microsoft Active Directory and Azure Active Directory / Entra ID. Azure Site Recovery. Group Policy Management. DevOps experience with well architected, high performing, and scalable micro-service based architectures that are resilient and recoverable is also highly desirable. Define and enforce Well Architected framework for major cloud providers : operational excellence, security, reliability, performance efficiency, and cost optimization. Certifications (Preferred) Microsoft Certified : Security, Compliance, and Identity Fundamentals. Microsoft Certified : Azure Security Engineer Associate. Microsoft Certified : Identity and Access Administrator Associate. Microsoft Certified : Security Operations Analyst Associate. Microsoft 365 Certified : Enterprise Administrator Expert. (ref:hirist.tech) Show more Show less

General Information Job Role: Lead DevOps Engineer Functional Area: DevOps Job Location: Pan India Job Shift: General Indian/ UK Shift Education: B.Sc./ B.Tech/ B.E / MTech in Any Specialization Employment Type Full Time, Permanent About Unified Infotech Embark on a transformative journey with Unified Infotech, a beacon of innovation and excellence in the tech consulting and software development landscape for over 14 years. We are dedicated to designing custom, forward-thinking web, mobile, and software solutions for a diverse clientele, from burgeoning MSMEs to towering Enterprises. Our mission is to engineer products that not only solve complex challenges but also set new benchmarks in the digital realm. At Unified, a job is not simply a job. It is a pursuit of excellence, to build and create, to understand and consult, to imagine and be creative, to reformulate UX, to invent and redefine, to code for performance, to collaborate and communicate. Role Description We are seeking a highly skilled and motivated DevOps Lead with expertise in both AWS and Azure cloud platforms to join our dynamic team. The successful candidate will collaborate with solution architects, developers, project managers, customer technical teams, and internal stakeholders to drive results. Your primary focus will be ensuring seamless customer access to applications in the cloud, managing customer workload migrations, implementing robust backup policies, overseeing hybrid cloud deployments, and building solutions for service assurance with a strong emphasis on leveraging Azure's unique capabilities. Desired Experience Define architecture, design, implement, program manage, and lead technology teams in delivering complex technical solutions for our clients across both AWS and Azure platforms. Span across DevOps, Continuous Integration (CI), and Continuous Delivery (CD) areas, providing demonstrable implementation experience in shaping value-add consulting solutions. Deploy, automate, and maintain cloud infrastructure with leading public cloud vendors such as Amazon Web Services (AWS) and Microsoft Azure, with a keen focus on integrating Azure-specific services and tools. Set up backups, replications, archiving, and implement disaster recovery measures leveraging Azure's resilience and geo-redundancy features. Utilize Azure DevOps services for better collaboration, reporting, and increasing automation in the CI/CD pipelines. Job Requirements Detail-oriented with a holistic perspective on system architecture, including at least 1 year of hands-on experience with Azure cloud services. Strong shell scripting and Linux administration skills, with a deep understanding of Linux and virtualization. Expertise in server technologies like Apache, Nginx, and Node, including optimization experience. Knowledge of database technologies such as MySQL, Redis, and MongoDB, with proficiency in management, replication, and disaster recovery. Proven experience in medium to large-scale public cloud deployments on AWS and Azure, including the migration of complex, multi-tier applications to these platforms. In-depth working knowledge of AWS and Azure, showcasing the ability to leverage Azure-specific features such as Azure Active Directory, Azure Kubernetes Service (AKS), Azure Functions, and Azure Logic Apps. Familiarity with CI/CD, automation, and monitoring processes for production-level infrastructure, including the use of Azure Monitor and Azure Automation and third party . Practical experience in setting up full-stack monitoring solutions using Prometheus, Grafana, and Loki, including long-term storage, custom dashboard creation, alerting, and integration with Kubernetes clusters. Worked extensively with Azure Front Door , including custom routing, WAF policies, SSL/TLS certificate integration, and performance optimization for global traffic. Experienced in multi Ingress Controller architecture setup and management, including namespace-specific ingress deployments Hands-on experience in setting up, configuring, and managing Azure API Management (APIM) Deep understanding of system performance and the ability to analyze root causes using tools available in Azure. Experience with Azure-specific management and governance tools, such as Azure Policy, Azure Blueprints, and Azure Resource Manager (ARM) templates. Proficiency in CI/CD automation using tools like Jenkins, Travis CI, Circle CI, or Azure DevOps. Knowledge of security infrastructure and vulnerabilities, including Azure's security tools like Azure Security Center and Azure Sentinel. Capability to analyze costs for the entire infrastructure, including cost management and optimization in Azure environments. Hands-on experience with configuration management tools like Ansible, Puppet, Chef, or similar, with an emphasis on their integration in Azure environments. Experience with container orchestration tools such as Kubernetes, Docker Swarm, and Docker containers, with a preference for those proficient in Azure Kubernetes Service (AKS). Total Exp : 6+ Years Exp in Cloud : AWS 3+, Azure 1+ Years NP : Immediate to 30 days preferred. Show more Show less

Senior Product Manager – AI-Powered Investigation & Response Content Overview We’re seeking a seasoned Senior Product Manager to lead the strategy and delivery of AI-driven threat investigation and response content within our next-gen AI investigation platform. This role is ideal for someone who has hands-on experience with detection logic (e.g., Sigma, KQL, YAML), but is now focused on building scalable pipelines and frameworks that feed AI-based workflows for automated investigation, prioritization, and response. You’ll be responsible for defining how threat signals, detections, and analyst actions are transformed into dynamic content that powers automated and guided investigations—integrated across cloud platforms and SOC environments. Key Responsibilities Own the Product Strategy for investigation and response content that supports AI-based decision-making and automation. Operationalize Content Pipelines to continuously deliver investigation and response content (e.g., decision trees, playbooks, enrichment steps) across customers via CI/CD. Standardize Content Frameworks to ensure structured, reusable, and extensible logic using formats like YAML, Sigma, and JSON. Collaborate with Detection & ML Teams to align investigation triggers, context enrichment, and response actions with AI models and logic engines. Map Detection to Investigation: Work with engineering and threat teams to define how signals from Snowflake, Google Chronicle, Sentinel (KQL), etc., are consumed and enriched in investigation workflows. Drive Feedback Loops: Define structures that enable AI to learn from analyst feedback, human-in-the-loop responses, and investigation outcomes. Ensure Coverage Across Platforms: Coordinate across cloud environments (AWS, Azure, GCP) as well as across products aligning to the same category - Firewalls, IAM, EDR/XDR etc to ensure that AI-driven content works consistently with telemetry from each source. Measure & Optimize content usage, accuracy, and performance across customer environments. Requirements 7–10 years in Product Management or a hybrid Detection Engineering/Content role, preferably in cloud security or threat detection/response. Experience working with or building detection content in Sigma, YAML, or KQL (Microsoft Sentinel). Familiarity with SIEM / data lakes such as Snowflake, Google Chronicle, ELK,Splunk, MS Sentinel or similar systems. Strong understanding of threat detection signals, cloud telemetry, and how they map to automated investigations and playbook-driven response. Demonstrated experience in operationalizing security content using Git-based workflows, CI/CD pipelines, and versioning best practices. Strong collaboration skills; ability to work cross-functionally with engineers, threat researchers, and AI/ML teams. Nice to Have Experience with AI/ML-based investigation platforms or decision engines for security operations. Familiarity with response frameworks like SOAR, XDR, or custom security automation platforms. Prior experience in building multi-tenant, content-driven platforms or working with MSSPs. Scripting skills (Python, Bash) or previous hands-on work automating security tasks. Security certifications (e.g., GCIA, GCTI, CISSP) or prior SOC/IR background. Show more Show less

The world's top banks use Zafin's integrated platform to drive transformative customer value. Powered by an innovative AI-powered architecture, Zafin's platform seamlessly unifies data from across the enterprise to accelerate product and pricing innovation, automate deal management and billing, and create personalized customer offerings that drive expansion and loyalty. Zafin empowers banks to drive sustainable growth, strengthen their market position, and define the future of banking centered around customer value. Job Description Qualifications Required . Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 7+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell, Azure CLI, Python, or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001, SOC 2, GDPR, or HIPAA. Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. What's in it for you Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin's privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice. Show more Show less

The world's top banks use Zafin's integrated platform to drive transformative customer value. Powered by an innovative AI-powered architecture, Zafin's platform seamlessly unifies data from across the enterprise to accelerate product and pricing innovation, automate deal management and billing, and create personalized customer offerings that drive expansion and loyalty. Zafin empowers banks to drive sustainable growth, strengthen their market position, and define the future of banking centered around customer value. Job Description Qualifications Required . Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell, Azure CLI, Python, or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001, SOC 2, GDPR, or HIPAA. Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. What's in it for you Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin's privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice. Show more Show less

At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where ,Health for all, Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice. Sr. Cyber Security Analyst POSITION PURPOSE: We are seeking a highly skilled Sr. Cyber Threat Intelligence Analyst responsible for leading our efforts in cyber threat intelligence at Bayer. In this senior position, you will conduct sophisticated threat analyses and deliver actionable intelligence reporting to enable threat-informed cyber defense across our global organization. As part of our Cyber Defense Center (CDC) Platform, you'll play a critical role in identifying, analyzing, and mitigating cyber threats to protect Bayer's digital assets and operations. Join our team and help protect one of the world's leading life sciences companies against evolving cyber threats while developing your expertise in a dynamic and challenging environment. YOUR TASKS AND RESPONSIBILITIES: Monitor and analyze global cyber threat landscapes to identify trends relevant to Bayer's industry and operations Perform comprehensive threat analyses to identify and track threat actors, vulnerabilities, and emerging attack vectors Conduct in-depth analysis of security-relevant events and assess Bayer's threat situation in real-time Develop and implement threat intelligence use cases and detection rules for security monitoring systems Interface with internal and external partners globally (e.g. Security Operation Center, Incident Response Teams, Vulnerability Management, Senior Management, and other Stakeholders) Prepare detailed intelligence reports and deliver presentations of findings to technical and non-technical audiences Collaborate with security engineering teams to implement defensive measures based on intelligence findings Participate in incident response planning related to identified threats Contribute to the further development of existing and new cyber threat intelligence services Create and maintain process guidelines and documentation for threat intelligence operations WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field (7+ years of relevant working experience may be considered an equivalent) First experience in cyber threat intelligence, security operations, or related fields Demonstrated experience with OSINT (Open Source Intelligence) tools and methodologies Strong knowledge of the MITRE ATT&CK framework and Cyber Kill Chain methodology Proficiency with Threat Intelligence Platforms like RecordedFuture, Crowdstrike, Google Threat Intelligence and MISP are an advantage Experience with SIEM platforms and log analysis tools (e.g., SENTINEL, Splunk, or similar) Background in penetration testing, red team/incident response, or as a security operations analyst are an advantage Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Threat Intelligence Analyst (CTIA), or similar certifications are an advantage Familiarity with standards like ISO 27001 or NIST CSF Connections and contacts in relevant IT security communities are an advantage Required Skills: Exceptional analytical thinking and problem-solving abilities Strong understanding of network protocols, security architectures, and common attack vectors Excellent written and verbal communication skills with ability to translate technical findings for non-technical audiences Languages: Fluent English required; additional languages beneficial Proficiency in report writing, investigational techniques, and presenting to large audiences Ability to work effectively under pressure and manage multiple priorities Self-motivated with strong attention to detail and ability to work independently Team-oriented mindset with excellent collaboration skills Ever feel burnt out by bureaucracy? Us too. That's why we're changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here https://www.bayer.com/enfstrategyfstrategy Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext. Please don’t rely upon any unsolicited email from email addresses not ending with domain name “bayer.com” or job advertisements referring you to an email address that does not end with “bayer.com”. For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM. YOUR APPLICATION Bayer is an equal opportunity employer that strongly values fairness and respect at work. We welcome applications from all individuals, regardless of race, religion, gender, age, physical characteristics, disability, sexual orientation etc. We are committed to treating all applicants fairly and avoiding discrimination. Location: India : Karnataka : Bangalore Division: Enabling Functions Reference Code: 847153 Contact Us 022-25311234 Show more Show less

Are you passionate about cybersecurity and driven to protect organizations from evolving threats? Do you thrive in a collaborative environment where you work with sharp minds to detect, respond, and stay ahead of cyber adversaries? Join our DTS - Global Security Operations Team The Security Operations Team is responsible for safeguarding the security of Control Risks systems, infrastructure and providing internal advocacy for security practices. Opportunity to work closely with product and platform teams throughout the company to help ensure that Control Risks systems meet both safety and security compliance. As a Security Analyst, you will be responsible for continuous threat detection, monitoring, and incident response across the organization's environment. This role plays a critical part in safeguarding systems, networks, and data from cyber threats and requires a combination of technical expertise, situational awareness, and analytical thinking. Requirements What You'll Do: Key Responsibilities: Continuously detect, investigate, analyze, and respond to security incidents, providing root cause analysis and documenting findings for post-incident reviews. Collect, evaluate, and integrate threat intelligence—specifically related to Microsoft products and services—to strengthen detection and response capabilities. Identify and implement opportunities for automation and process improvement to reduce manual efforts and improve operational efficiency. Perform detailed analysis of security investigations and incidents to generate metrics and assess the effectiveness of operational workflows. Develop and enforce procedures for auditing and remediating non-compliance with established information security standards. Investigate, contain, and coordinate recovery from security incidents across both enterprise and cloud environments. Support the creation, enhancement, and continuous improvement of incident response playbooks and escalation procedures. To be successful in this role you will: Bring 2-4 years of relevant experience in Security Operations, IT Security, or a related domain. Have practical knowledge of security technologies including network firewalls, proxy solutions, endpoint detection and response (EDR), security information and event management (SIEM), and email security systems. Demonstrate hands-on experience with security tools and platforms, preferably but not mandatorily including Microsoft Defender for Endpoint, Microsoft Sentinel, Microsoft Defender for Identity, and Azure Security Center. Be familiar with key cybersecurity frameworks and standards such as ISO 27001, Cyber Essentials, and NIST. Have working knowledge of both Windows and Linux environments, along with exposure to open-source intelligence (OSINT) tools and techniques. Exhibit strong analytical thinking and problem-solving abilities, complemented by excellent technical documentation skills. Communicate effectively and confidently, with the ability to explain complex security issues to both technical and non-technical audiences. Show more Show less

Dear Candidate Greetings from TATA Consultancy Services Job Openings at TCS Skill : GCP Devops Engineer Exp range : 6 yrs to 12 yrs Interview date : 19th June ‘25 Role : Permanent Role Job location : Hyderabad/ Chennai Current location : Anywhere In India Interview mode : MS Teams Pls find the Job Description below. Experience in design, develop and deploy GCP resources as Infra-as-code in Google Cloud Platform Strong Knowledge in Automation frameworks, CI/CD process and tools (Jenkins, GitHub, Sonar Cube etc.) is a must Strong Knowledge in Terraform and Sentinel is a plus Familiarity with Agile Practices and Frameworks Good knowledge on Kubernetes Good knowledge on Java microservices with GCP exposure Good to have: Python, GitHUb If you are Interested in the above opportunity kindly share your updated resume to r.shruthi13@tcs.com immediately with the details below (Mandatory) Name: Contact No. Email id: Total exp : Fulltime highest qualification (Year of completion with percentage scored) : Highest Qualifiacation university Name : Current organization details(Payroll company) : Current CTC : Expected CTC : Notice period : Show more Show less

TCS is conducting in-person interview drive for Hyderabad & Chennai location NOTE: Candidate interested in WALK-IN DRIVE in Hyderabad & Chennai must apply TCS is hosting an In-Person Interview Drive on Saturday, 21st June , we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: SOC Analyst / Consultant Desired Skill Set: Cyber security, SIEM, A ntivirus, Vulnerability management, Web Proxy, Security Patch management. Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Hyderabad : TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai : TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Show more Show less

System Administrator Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. It’s a claim backed by our True Performance System - a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. It’s why we’ve structured our business to help our teams, and their talents, shine bright. It's why we’ve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And it’s why we’ve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognise excellence Brennan Daredevils - our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities Discounted hardware and software An environment that embraces learning and development The Role To provide 1st, 2nd or 3rd level technical support to Brennan IT clients, engineers and staff, 1st level monitoring and technical support to Brennan IT clients and staff. To coordinate, collaborate and escalate incidents within stipulated timelines, maintain existing cloud/infrastructure services and ensure that environment runs in an optimal way. and Continuously Improve the Efficiency and Excellence of Service Delivery as Measured by Client facing Surveys and Ratings in every department you are part of. 2-5 yrs minimum experience in Windows Server Administration / System Administration / Wintel Administration / Hyper V Administration / IT Technical Support role/ for international clients, preferably in Managed Services IT provider / IT Companies. Role Responsibilities Maintaining/contributing to KMS for client and internal team, for both technical & processes Server monitoring using SCOM, N-ABLE, Logic Monitor, Basic Intune / SCCM configurations Understanding of O365, Mimecast, Intune, Azure integration Vendor Management (hardware and Software vendors - HP, Dell, MS, VM, Citrix and others) Storage understanding NAS, SAN e.g., data domain, IBM, Netapp, Hitachi, Fujitsu, HP 3par Administration of Windows Server, groups, group policies, DNS, DHCP Understanding of backups, replications for Veeam, Symantec, Zetro, Commvault On premises backup alert management, monitoring and restoration SSL certificate renewal and installation on various roles (IIS, ADFS, ADC-Netscaler, Apache, SQL Reporting Services, WAS, Load Balancers) Smooth and timely customer engagement Disk, CPU, Snapshot management provisioning Monitor, manage experience with ESXI/Hyper-V hosts, Nutanix, Dell, HP SimpliVity Manage understand Failover Cluster, NLB Citrix/RDS/WVD knowledge with application publishing, upgrading, managing securely Manage windows update compliance. Antivirus Management, Sophos, Defender. Patching ESXi hosts and vCenter updates Knowledge of vulnerability management and critical remediation Change management, performing RCA and able to clearly articulate the actions/outcomes Key Competencies and Qualifications required Knowledge of as many more technologies like VMware, Windows Hypervisors, Azure Administrations, O365, Mimecast, SQL Administration, Windows Administration. Should have experience in VM Deployment, VM Migration, managing host clusters Extremely high-level attention to detail with methodical troubleshooting process Good verbal and written communication skills Must have knowledge of Storage technologies like HP, IBM, Dell, Cisco servers, O365, Azure Administration) Proactive vs Reactive approach ITIL Service Management Foundation accreditation Essential Skills Windows Server including 2016/2019, DNS, DHCP, Group Policy Active Directory 2012 and above VMware / Virtualization (Hyper - V, VMware) O365, Azure Administration Desired Skills Exposure to Backup tools like Veeam/Commvault/Backup exec Windows Administration certifications 2012 and above Exposure to SAN /NAS MS Azure and Office 365 Administration Symantec Endpoint or McAfee or Sophos or Sentinel One or CrowdStrike Exposure to Blade servers and configurations ITIL Foundation and ServiceNow ITSM tool Brennan is an equal opportunity employer Show more Show less

TCS is hiring for Azure DevOps With Terraform Date of Interview: 20th June, 2025 Mode of Interview: Virtual(WebEx Or MS Teams) Preferred Notice Period: 0-60 Days Years Of Experience: 5 to 9 yrs Responsibilities: Proficient in writing, modularizing, and maintaining Terraform configurations for provisioning cloud infrastructure. Experience with Terraform state management (local and remote), workspaces, and backends (e.g., Azure Storage Account). Hands-on with Terraform modules, variables, outputs, and lifecycle rules . Familiarity with Terraform Cloud or Enterprise for collaboration and policy enforcement. Expertise in designing and implementing CI/CD pipelines using Azure DevOps Pipelines (YAML and Classic). Integration of Terraform into Azure DevOps pipelines for automated infrastructure deployment. Use of pipeline stages, jobs, templates, and environments for structured deployments. Experience with pipeline triggers, approvals, and gated releases. Strong understanding of core Azure services (e.g., Azure Resource Manager, Virtual Networks, Key Vault, App Services, AKS). Experience deploying and managing Azure resources using Terraform. Familiarity with Azure RBAC, service principals, and managed identities for secure automation. Proficient in Git-based workflows (feature branching, pull requests, code reviews). Experience integrating Git repositories (Azure Repos, GitHub) with Azure DevOps pipelines. Implementing secure practices in IaC (e.g., secrets management via Azure Key Vault). Familiarity with tools like Sentinel, Checkov, or TFLint for policy-as-code and static analysis Kindly share your Updated CVs matching the above Requirements Thanks & Regards Shilpa Silonee BFSI TAG Team. Show more Show less

Senior Detection Engineer / Threat Hunter Overview The next evolution of AI-powered cyber defense is here. With the rise of cloud and modern technologies, organizations struggle with the vast amount of data and thereby security alerts generated by their existing security tools. Cyberattacks continue to get more sophisticated and harder to detect in the sea of alerts and false positives. According to the Forrester 2023 Enterprise Breach Benchmark Report, a security breach costs organizations an average of $3M and takes organizations over 200 days to investigate and respond. AiStrike’s platform aims to reduce the time to investigate and respond to threats by over 90%. Our approach is to leverage the power of AI and machine learning to adopt an attacker mindset to prioritize and automate cyber threat investigation and response. The platform reduces alerts by 100:5 and provides detailed context and link analysis capabilities to investigate the alert. The platform also provides collaborative workflow and no code automation to cut down the time to respond to threats significantly. We’re seeking a senior-level Detection Engineer and Threat Hunter with deep expertise in modern SIEMs and a strong focus on AI-augmented threat detection and investigation. In this role, you’ll design scalable, modular detection content using Sigma, KQL, and platform-specific query languages — while working with AI to automate detection tuning, threat hunting hypotheses, and investigation workflows across enterprise and cloud environments. Key Responsibilities Develop high-fidelity, AI-ready detection templates to build detection rules in Sigma, KQL, SPL, Lucene, etc., for Microsoft Sentinel, Chronicle, Splunk, and Elastic. Leverage AI-powered engines to prioritize, cluster, and tune detection content dynamically based on environment behavior and telemetry changes. Identify visibility and data coverage gaps across cloud, identity, EDR, and SaaS log sources; work cross-functionally to close them. Lead proactive threat hunts driven by AI-assisted hypotheses, anomaly detection, and known threat actor TTPs. Contribute to AI-enhanced detection-as-code pipelines, integrating rules into CI/CD workflows and feedback loops. Collaborate with SOC, threat intel, and AI/data science teams to continuously evolve detection efficacy and reduce alert fatigue. Participate in adversary emulation, purple teaming, and post-incident reviews to drive continuous improvement. Required Skills 5+ years of hands-on experience in detection engineering, threat hunting, or security operations. Expert-level knowledge of at least two major SIEM platforms: Microsoft Sentinel, Google Chronicle, Splunk, Elastic, or similar. Strong proficiency in detection rule languages (Sigma, KQL, SPL, Lucene) and mapping to MITRE ATT&CK. Experience using or integrating AI/ML for detection enrichment, alert correlation, or anomaly-based hunting. Familiarity with telemetry sources (EDR, cloud, identity, DNS, proxy) and techniques to enrich or normalize them. Ability to document, test, and optimize detection rules and threat hunt queries in a modular, scalable fashion. Strong communication skills and the ability to translate complex threat scenarios into automated, AI-ready detection logic. Nice to Have Experience integrating AI/ML platforms for security analytics, behavior baselining, or entity risk scoring. Familiarity with detection-as-code and GitOps workflows for rule development, testing, and deployment. Scripting knowledge (Python, PowerShell) for enrichment, custom detection logic, or automation. Experience with purple teaming tools like Atomic Red Team, SCYTHE, or Caldera. AiStrike is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law. Show more Show less

Job requisition ID :: 84448 Date: Jun 16, 2025 Location: Delhi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Skills: Solution Engineer Cyber Security, SIEM SOAR Threat Hunting EDR Deception NTAA NBAD UEBA, IBM Splunk Qradar Email Security Gateway, Detection Engineer MITRE ATT&CK Framework OS Linux Networking, Implementing Cybersecurity Solutions, CISSP CEH GCIH OSCP OSCE, PreSales Solution Delivery, Greetings from Netsach - A Cyber Security Company. Currently we are looking for experienced, dynamic professionals for Solution Engineer role . This position plays a vital role in designing and implementing cybersecurity solutions to our esteemed clients. Job Title: Solution Engineer Location Hyderabad, Bangalore Desired Qualification B.Tech or BE Computers / MCA. Experience 8+ years ( Hands on Experience) Employment Type Full Time Certifications from CISSP, CEH, GCIH, OSCP, OSCE is a plus. Job Requirements Minimum 3 years experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation). Key areas of expertise should include knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. 3+ years of hands-on experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Knowledge of other security technologies (such as Email Security Gateway, SOAR, IPS/IDS, Proxy, EDR, TI, DLP, CASB, PAM etc.) will be an added advantage. Deep understanding of Detection Engineering, MITRE ATT&CK Framework. Strong knowledge of OS (Linux, Windows) and Networking. Strong analytical and problem-solving skills. Staying up to date with IT/OT industry. Knowledge of Security Best Practices and Concepts. Seasoned in Digital Forensics, Malware Assessment, Incident Response and Threat Hunting. Good interpersonal skills clear communication, attentive & careful listening, empathetic behavior, being positive, supporting useful ideas & honest efforts of colleagues, being positive. Reliability and overall good communication skills both verbal and written. Capability to communicate and listen to needs from organizational or client stakeholders. Job Responsibilities Defining, Planning, and Implementing Cybersecurity Solutions. Conduct gap analysis in identifying and measuring the difference between the current state and the desired state of an organizations security posture. Possess detailed knowledge about requirement management and solution designing. Conduct technical, proof-of-concept (POC) demonstration to highlight solution ensuring alignment to organizational requirements. Translating technical solutions into business values in alignment with organizational objectives to enhance business efficiency. Respond to complex RFPs, delivering customized security solutions that meet client needs. Conduct thorough and meticulous design and implementation of security solutions across diverse industries. Conduct Competitive analysis, security workshops, technical briefing and executive presentations. Designing and presenting customized cybersecurity solutions that address specific client needs. Collaborate with cross-functional teams, to ensure end to end service delivery of Cybersecurity Solution as per client needs. Develop scenarios or use cases based on potential attacks on data relevant to the clients industry. Nice To Have Ethical hacking certifications or CISSP or GCIH or training is a major advantage. Thank You Emily Jha emily@netsach.co.in Netsach - A Cyber Security Company www.netsachglobal.com Show more Show less

Dear Candidate, TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role: Senior Analyst Experience Range: 5+ years Joining Location: Hyderabad Job Description: Must Have Skills: Thought leadership, critical thinking problem solver, strong organizational skills, report writing skills to senior level, ability to prioritize and multitask. Good understanding and hands-on experience Sentinel One EDR. Singularity XDR, Singularity iOS/iPad. Good to Have Skills: Good understanding and hands-on experience with common security systems, including IPS/IDS, EDR, DLP, authentication systems. Experience performing administration, implementation, configuration, upgrading, and policy creation. Singularity Data Lake and Purple AI, Explain how different levels of the hierarchy enable you to apply appropriate policies throughout your organization. Describe how policies work within Singularity. Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices. Role Description: Thought leadership, critical thinking problem solver, strong organizational skills, report writing skills to senior level, ability to prioritize and multitask. Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices. Regards, Priscilla Nancy HR TAG - Cyber Security Tata Consultancy Services Show more Show less

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong to Astellas! Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com . This position is based in Bangalore, India. At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines. Purpose And Scope As a Cyber Security Engineer, you will play a critical role in safeguarding our organization’s information systems and data. This position has arisen due to Astellas insourcing the responsibility for managing security operations, developing automation for threat detection, and working towards ‘best in industry’ incident response. The successful candidate will work collaboratively within the Security Operations Center (SOC) and other Value Teams across the organization to ensure a proactive security posture and to mitigate risks associated with cyber threats in several areas. Astellas has several roles that may fit candidates who do not have experience in all the areas outlined in the next section, therefore we encourage applicants who have experience in two or more areas listed below. Responsibilities And Accountabilities Security Operations Center (SOC) Management: Support daily SOC operations, ensuring effective monitoring support, development of use cases and response to security incidents. Manage application ingestion processes and email security protocols. Support SIEM management, including logging and alerting. Automation Development Develop and implement automation solutions for alerts from various security sources ensure firewalls, IDS and EDR tools are working effectively. Streamline processes to enhance the efficiency of security operations and help develop the communication with other team. Threat Modelling Conduct threat modelling for applications to identify vulnerabilities and recommend mitigation strategies. Analyze email tickets and develop tooling to improve response times and effectiveness. Provide route cause analysis for threat found and assist remediation. Anti-Malware And Endpoint Detection Assist in operational efforts to implement a global strategy for anti-virus (AV) solutions and optimize detection capabilities. Ensure consistent standards for endpoint detection and response across the organization. Incident Response Lead or support incident response efforts using an industry recognized model and report escalations to senior leadership when required. Collaborate with Red, Blue, and Purple teams to conduct penetration testing and improve security posture. Conduct forensic analysis to investigate security incidents and recommend improvements. Proactive Threat Hunting Engage in proactive threat hunting to identify potential security threats before they materialize. Collaborate with teams to enhance detection and response capabilities. Reporting And Data Analysis Engage in proactive collaboration across Value Teams working with an agile mindset and assist in the creation of dashboards and reporting for security governance. Assist in the governance of security within cloud infrastructure. Required Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field. Proven experience in a cyber security role, preferably within a SOC/SIEM/SOAR environment. Experience in using Microsoft Sentinel & Defender / Crowdstrike EDR / Wizz Cloud Security. Strong knowledge of security frameworks, threat modelling, and incident response methodologies. Awareness of infrastructure and network security features like; firewall rules, event ID’s, logging/detection and managing assets in manufacturing / OT environments. Experience of working with cloud security and insourced capabilities as well and MSP’s. Experience with SIEM/Cloud security tools and automation technologies.Familiarity with anti-malware solutions and endpoint detection strategies.Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage. Experience of digital forensics (log analysis and technical route cause assessment). Preferred Security certification an advantage. Demonstrate knowledge of change management principles Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+ etc.)Excellent analytical and problem-solving skills. Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort. International / global experience an advantage. Working Environment This is a Permanent position Remote/ Hybrid: candidates must be located within commutable distance from the office Astellas is a global company. Successful candidates will be expected to work across different time zones and according to regions or specific locations based upon demand Category Astellas is committed to equality of opportunity in all aspects of employment. EOE including Disability/Protected Veterans Show more Show less