903 Sentinel Jobs - Page 10

Bachelors degree in Computer Science, Information Security, or related field; or equivalent practical experience. Experience in a SOC or cybersecurity analyst role. Proficient in using Microsoft Sentinel, MS Unified SecOps/XDR, and other SIEM/EDR platforms. Strong knowledge of KQL and experience creating detection rules. Hands-on experience handling alerts and incidents from MDE & MDO. Ability to perform advanced analysis of logs, network flows, and security telemetry. Excellent problem-solving, analytical, and communication skills. Certifications such as CompTIA Security+, CEH, or equivalent are preferred. Mandatory Skills: Security Information Event Management. Experience: 5-8 Years.

Project description Security is a global organization within Group Technology Infrastructure and Security Engineering. Our client's services focus on identity management for users, access management for applications and infrastructure, directories, detecting/preventing measures for cyber threats, and exchanging/storing data securely. We provide consolidated and reliable security services that implement secure design principles, and create best-fit solutions. As a Python Engineer, you'll be part of our team and working closely with the client's project team. The team is global, diverse and collaborative as we work across organizations to keep our technology, applications and the businesses they support secure. Responsibilities Are you passionate about Security Engineering and looking to work as a Python Engineer in Cyber Security areaDo you want to help set the direction and strategy for the bank for vulnerability detection, keeping track of and ensuring their remediation progressAre you motivated to work in a complex, divers and global environment We are looking for an experienced Python Engineer to join our client's team and help us to engineer and integrate technical solutions, maintain & improve existing deployment and build mechanisms, develop and maintain Python applications for data sourcing, transformation, and integration, collaborate with global teams to ensure seamless integration of models into IT infrastructure (on-prem and MS Azure), utilize CI/CD and GitLab tools to manage code integration, deployment pipelines and code quality, conduct code reviews, ensure tests coverage, and contribute into application maintainability and testability, adapt to evolving technologies and integrate new tools and frameworks, ensure compliance with enterprise-level application development standards and practices. Skills Must have Proficiency with Python Mature software engineering experience with confidence in enterprise SDLC, such ascontributing into solution design; analyzing and clarifying business requirements; taking care of non-functional capabilities (testability, scalability, maintainability); maintaining tech debt, tests coverage, code quality, conducting peer reviews, resolving code integration issues etc., Solid understanding of CI/CD pipelines and experience with GitOps/DevOps tools (e.g., GitLab, Azure DevOps etc.), Proficiency in common algorithms, Python frameworks and data structures, Familiarity with public cloud providers, particularly MS Azure, Strong learning capabilities and motivation to adapt to a dynamic tech stack the role assumes possibility to utilize other programming languages, frameworks, techniques if the task requires it.This role requires 5 days' a week office presence. Nice to have Hands-on experience with databases/SQL/data management; Experience with additional programming/scripting languages (TypeScript, NodeJS, Java etc.); Experience with cloud environment (Azure preferred); Knowledge or some hands-on experience in the area of Cybersecurity would be beneficial i.e.Azure security services / applications(Log Analytics, Sentinel, Defender), Security monitoring, MITRE attack vectors, SIEM, secret management, DLP, encryption concepts, etc.

Design & deploy Microsoft Modern Workplace solutions, lead M365 projects, implement EMS & Defender tools, manage compliance (DLP, IRM), handle licensing, migrate from 3rd-party tools to MDE, and provide expert client support and communication.

Job description Department and Function Background Operating within the Global Cybersecurity function and under the management of the Global Head of Cybersecurity Operations & Intelligence, the Global Cybersecurity Operations & Intelligence (GCO&I) team provides a coordinated suite of cyber-threat defence services and are responsible for the monitoring, detection and response to cybersecurity threats across the global HSBC technology estate. The GCO&I team is split into five distinct sub-functions: Monitoring & Threat Detection (M&TD) – Monitoring, detection, alerting and triage of initial cyber-threat events. Incident Management & Response (IM&R) – Management and deep-dive investigation and response to cyber-incidents. Information Protection & Response (IPR) – Management and response to cyber-related data protection incidents. Cyber Intelligence & Threat Analysis (CITA) – Collection, curation and production of actionable cyber-threat intelligence. Sustainable Cybersecurity Operations (SCO) – Consisting of three sub-function teams focussed on the continuous improvement of the Cybersecurity Operations and Security Operations Centre (SOC), technology integrations and capability enhancements. Critical to the success of GCO&I are close partnerships with the wider Cybersecurity teams, technical infrastructure support teams and the internal HSBC stakeholders across the global businesses and functions. Role Description – Principal Cybersecurity Operations Integration Analyst Reporting directly into the ‘Head of Cybersecurity Operations Integration, the Principal Cybersecurity Operations Integration Analyst is the senior technical subject matter expert (SME) within a small team tasked with the onboarding of new technologies, business services logging feeds and cybersecurity tooling into the Global Cybersecurity Operations Security Operation Centre (SOC). The role holder will the primary technical and engagement lead, tasked with achieving the desired outcomes via proactive and collaborative stakeholder engagements across the technology landscape. Working closely with the technology owners and the SOC Monitoring & Threat Detection and Incident Response teams, the role holder will continuously review and manage onboarding requests to ensure a cyber-threat intelligence led approach to the prioritisation of engagements. This is a key role that underpins the foundational capabilities that support the Global Cybersecurity Operations & Intelligence mission to respond to cyber-threats against HSBC rapidly, effectively and consistently. Role Description – Principal Cybersecurity Operations Integration Analyst Reporting directly into the ‘Head of Cybersecurity Operations Integration, the Principal Cybersecurity Operations Integration Analyst is the senior technical subject matter expert (SME) within a small team tasked with the onboarding of new technologies, business services logging feeds and cybersecurity tooling into the Global Cybersecurity Operations Security Operation Centre (SOC). The role holder will the primary technical and engagement lead, tasked with achieving the desired outcomes via proactive and collaborative stakeholder engagements across the technology landscape. Working closely with the technology owners and the SOC Monitoring & Threat Detection and Incident Response teams, the role holder will continuously review and manage onboarding requests to ensure a cyber-threat intelligence led approach to the prioritisation of engagements. This is a key role that underpins the foundational capabilities that support the Global Cybersecurity Operations & Intelligence mission to respond to cyber-threats against HSBC rapidly, effectively and consistently. The Principal Cybersecurity Operations Integration Analyst is accountable for: Leading the technical development, implementation and maintenance of a technology and log ingestion framework that aligns to control requirements and supports a cyber-threat intelligence led approach to the detection, response and containment of cyber-threats. Leading and maintaining the technical aspects of a flexible stakeholder engagement model that caters for both proactive and reactive collaboration and can rapidly adjust and reprioritise workloads in response to the changing threat-landscape. Building and maintaining strong processes and collaborative working practices with supporting teams in Sustainable Cybersecurity Operations and the wider Global Cybersecurity Operations & Intelligence teams. Building relationships and engagements with the many technology and platform owner stakeholders Successfully maintaining these relationships and delivering prioritised outcomes in an environment where relationships can be complex and priorities are often divergent. Maintaining governance across all Cyber Ops Integration activities and ensuring the creation, collection and processing of key data points to feed into relevant service reporting e.g. service delivery metrics, KPIs, KCIs, and performance dashboards. Supporting the development and maintenance of a functional strategy that supports continuous improvement and is aligned to the wider Sustainable Cybersecurity Operations and Global Cybersecurity Operations & Intelligence strategy and goals. Impact on the Business/Function Supports the development of the GCO&I functions, engaging with colleagues across Cybersecurity and other IT functions to drive and deliver sustainable operational solutions in line with department strategy. Drives business performance, clear thinking and utilises experience whilst under pressure. Delivers sustainable business outcomes. Supports the building of effective technology and process control capabilities that continuously evolve to meet security and compliance needs Works closely with peers and business leads to build and implement controls in adlignment with risk-posture, architectural constraints, company strategic direction and industry trends and best practices. Drives delivery of the highest standards and outcomes, inspiring others to do the same. Focuses on medium and long-term goals even when under pressure or facing uncertainty. Manages expectations, results and impact of agreed outcomes, thinking ahead to identify and overcome potential issues. Strategically drives innovation to gain competitive advantage, taking calculated, entrepreneurial risks to achieve business outcomes. Generates an environment in which innovation is seamlessly embedded into working practices Customers / Stakeholders Leads a customer-focused and collaborative culture by championing customer and stake-holder engagement throughout the team. Demonstrates an understanding of customer and stakeholder requirements by providing specialist input and knowledge and having a detailed understanding of the different short and long term shifts in business/function patterns of activity and demand. Understands and interprets developments and changes in future business requirement and ensures the appropriate reaction and response through discourse and the implementation of relevant, security focused, technical and procedural solutions. Strengthens stakeholder relationships and enhances key relationships using rapport-building expertise and appropriate influencing skills to add and increase stakeholder advocacy. Key relationships to include Functional heads across the other CTO functions and external account managers for third party suppliers and vendors, along with other regional counterparts across the globe, Cultivate strong relationships with organisationally important global and/or high value stakeholders with a tailored approach. Leadership & Teamwork Leads the technical direction of the Cyber Ops Integration team, making sustainable decisions that protects and enhances HSBC’s values, reputation and stakeholder value. Actively engages in a learning culture, encouraging collaboration and cross-functional working to develop and nurture teams and identify talent. Authentically engages a diverse group of stakeholders internally and externally to influence the achievement of best outcomes for all stakeholders. Builds rapport and mutual understanding to communicate and create opportunities for cross-business and/or international working, encouraging debate and open discussion. Encourages people to build sustainable relationships beyond transactional levels and use empathy and insight to build better understanding of mutual benefits. Supports junior team members and contributes to the establishment of good coaching and mentoring practices. Demonstrates alternative techniques for diagnosing and coaching individuals and teams. Operational Effectiveness & Control Governs risk responsibly. Promote ethical management of risk across regions and business areas within their teams. Communicates changes in policy and governance effectively, reinforcing risk processes within their team. Builds and sustains a risk aware culture. Shows integrity whilst promoting and managing relevant monitoring and reporting requirements within their team. Embeds efficient risk and compliance processes and procedures into business as usual practices. Builds collaborative relationships, defines and articulates to stakeholders the targeted benefits for a change intervention. Demonstrates effective financial skills to develop a detailed business case, including investments, detailed benefits (financial, non-financial and strategic) and link to overall finances of the business. Supports the management of department finances. Accurately interprets strategic financial information: makes insightful decisions in financial planning and programme performance monitoring. Identifies and highlights financial implications of risks/issues, involves stakeholders and supports management of budget variation as appropriate Requirements Skills An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business. An understanding of organisational mission, values and goals and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. A team-focused mentality with the proven ability to work effectively with diverse stakeholders. Self-motivated and possessing of a high sense of urgency and personal integrity. Highest ethical standards and values. Good understanding of HSBC cybersecurity principles, global financial services business models, regional compliance regulations and applicable laws. Good understanding and knowledge of common industry cybersecurity frameworks, standards and methodologies, including; OWASP, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards, and the MITRE ATT&CK Framework. Experience in a leadership position within a cyber-security operations team to include team and capability development, staff development, career management, and recruitment. Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organisation. Ability to speak, read and write in English, in addition to your local language. Technical Skills Excellent knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, AV, EDR, Firewalls, Proxies etc. Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. Excellent knowledge of common enterprise technology infrastructure, platforms and tooling, including; Windows, Linux, infrastructure management and networking hardware. Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google their associated security tooling/platforms. Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation. Excellent knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools such as Splunk Enterprise Security or Microsoft Sentinel. Knowledge of cloud based “data lake” solutions used for the collection and real-time advanced analysis of security information. Ability to identify, develop and track key performance indicator (KPI) and key control indicator (KCI) metrics for accurate and contextual evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments. Good knowledge of intelligence analysis principles either though formal education / training or equivalent professional experience. Industry Experience and Qualifications Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows: Experience in a technical, cybersecurity related position, preferably in the finance or similarly regulated sector. Industry recognised cybersecurity related certifications including: CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP Formal education and advanced degree in Information Security, Cyber-security, Computer Science, or similar and/or commensurate demonstrated work experience in the same. Certified in the use and management of core security platforms such as SIEM, SOAR, EDR, XDR, NDR, Firewalls, Proxies etc. Core technical platform / OS certifications e.g. Windows, Linux, MacOS.

Job description Department and Function Background Operating within the Global Cybersecurity function and under the management of the Global Head of Cybersecurity Operations & Intelligence, the Global Cybersecurity Operations & Intelligence (GCO&I) team provides a coordinated suite of cyber-threat defence services and are responsible for the monitoring, detection and response to cybersecurity threats across the global HSBC technology estate. The GCO&I team is split into five distinct sub-functions: Monitoring & Threat Detection (M&TD) – Monitoring, detection, alerting and triage of initial cyber-threat events. Incident Management & Response (IM&R) – Management and deep-dive investigation and response to cyber-incidents. Information Protection & Response (IPR) – Management and response to cyber-related data protection incidents. Cyber Intelligence & Threat Analysis (CITA) – Collection, curation and production of actionable cyber-threat intelligence. Sustainable Cybersecurity Operations (SCO) – Consisting of three sub-function teams focussed on the continuous improvement of the Cybersecurity Operations and Security Operations Centre (SOC), technology integrations and capability enhancements. Critical to the success of GCO&I are close partnerships with the wider Cybersecurity teams, technical infrastructure support teams and the internal HSBC stakeholders across the global businesses and functions. Role Description – Lead Cybersecurity Operations Integration Analyst Reporting directly into the ‘Head of Cybersecurity Operations Integration, the Lead Cybersecurity Operations Integration Analyst is a technical subject matter expert (SME) within a small team tasked with the onboarding of new technologies, business services logging feeds and cybersecurity tooling into the Global Cybersecurity Operations Security Operation Centre (SOC). The role holder will be a key technical and engagement lead, tasked with achieving the desired outcomes via proactive and collaborative stakeholder engagements across the technology landscape. Working closely with the technology owners and the SOC Monitoring & Threat Detection and Incident Response teams, the role holder will continuously review and manage onboarding requests to ensure a cyber-threat intelligence led approach to the prioritisation of engagements. This is a key role that underpins the foundational capabilities that support the Global Cybersecurity Operations & Intelligence mission to respond to cyber-threats against HSBC rapidly, effectively and consistently. The Lead Cybersecurity Operations Integration Analyst is accountable for: Supporting the technical development, implementation and maintenance of a technology and log ingestion framework that aligns to control requirements and supports a cyber-threat intelligence led approach to the detection, response and containment of cyber-threats. Supporting and maintaining the technical aspects of a flexible stakeholder engagement model that caters for both proactive and reactive collaboration and can rapidly adjust and reprioritise workloads in response to the changing threat-landscape. Contributing to the building and maintaining strong processes and collaborative working practices with supporting teams in Sustainable Cybersecurity Operations and the wider Global Cybersecurity Operations & Intelligence teams. Building relationships and engagements with the many technology and platform owner stakeholders Successfully maintaining these relationships and delivering prioritised outcomes in an environment where relationships can be complex and priorities are often divergent. Maintaining governance across all Cyber Ops Integration activities and ensuring the creation, collection and processing of key data points to feed into relevant service reporting e.g. service delivery metrics, KPIs, KCIs, and performance dashboards. Supporting the development and maintenance of a functional strategy that supports continuous improvement and is aligned to the wider Sustainable Cybersecurity Operations and Global Cybersecurity Operations & Intelligence strategy and goals. Impact on the Business/Function Supports the development of the GCO&I functions, engaging with colleagues across Cybersecurity and other IT functions to drive and deliver sustainable operational solutions in line with department strategy. Drives business performance, clear thinking and utilises experience whilst under pressure. Delivers sustainable business outcomes. Supports the building of effective technology and process control capabilities that continuously evolve to meet security and compliance needs Works closely with peers and business leads to build and implement controls in adlignment with risk-posture, architectural constraints, company strategic direction and industry trends and best practices. Drives delivery of the highest standards and outcomes, inspiring others to do the same. Focuses on medium and long-term goals even when under pressure or facing uncertainty. Manages expectations, results and impact of agreed outcomes, thinking ahead to identify and overcome potential issues. Strategically drives innovation to gain competitive advantage, taking calculated, entrepreneurial risks to achieve business outcomes. Generates an environment in which innovation is seamlessly embedded into working practices. Customers / Stakeholders Leads a customer-focused and collaborative culture by championing customer and stake-holder engagement throughout the team. Demonstrates an understanding of customer and stakeholder requirements by providing specialist input and knowledge and having a detailed understanding of the different short and long term shifts in business/function patterns of activity and demand. Understands and interprets developments and changes in future business requirement and ensures the appropriate reaction and response through discourse and the implementation of relevant, security focused, technical and procedural solutions. Strengthens stakeholder relationships and enhances key relationships using rapport-building expertise and appropriate influencing skills to add and increase stakeholder advocacy. Key relationships to include Functional heads across the other CTO functions and external account managers for third party suppliers and vendors, along with other regional counterparts across the globe, Cultivate strong relationships with organisationally important global and/or high value stakeholders with a tailored approach. Leadership & Teamwork Supports the technical direction of the Cyber Ops Integration team, making sustainable decisions that protects and enhances HSBC’s values, reputation and stakeholder value. Actively engages in a learning culture, encouraging collaboration and cross-functional working to develop and nurture teams and identify talent. Authentically engages a diverse group of stakeholders internally and externally to influence the achievement of best outcomes for all stakeholders. Builds rapport and mutual understanding to communicate and create opportunities for cross-business and/or international working, encouraging debate and open discussion. Encourages people to build sustainable relationships beyond transactional levels and use empathy and insight to build better understanding of mutual benefits. Supports close team collaboration and mentoring practices. Operational Effectiveness & Control Governs risk responsibly. Promote ethical management of risk across regions and business areas within their teams. Communicates changes in policy and governance effectively, reinforcing risk processes within their team. Builds and sustains a risk aware culture. Shows integrity whilst promoting and managing relevant monitoring and reporting requirements within their team. Embeds efficient risk and compliance processes and procedures into business as usual practices. Builds collaborative relationships, defines and articulates to stakeholders the targeted benefits for a change intervention. Demonstrates effective financial skills to develop a detailed business case, including investments, detailed benefits (financial, non-financial and strategic) and link to overall finances of the business. Supports the management of department finances. Accurately interprets strategic financial information: makes insightful decisions in financial planning and programme performance monitoring. Identifies and highlights financial implications of risks/issues, involves stakeholders and supports management of budget variation as appropriate The role holder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation. The role holder will also continually reassess the Cyber Security and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology. This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring and by addressing any areas of concern in conjunction with entity management and/or the appropriate department. Requirements Skills An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business. An understanding of organisational mission, values and goals and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. A team-focused mentality with the proven ability to work effectively with diverse stakeholders. Self-motivated and possessing of a high sense of urgency and personal integrity. Highest ethical standards and values. Good understanding of HSBC cybersecurity principles, global financial services business models, regional compliance regulations and applicable laws. Good understanding and knowledge of common industry cybersecurity frameworks, standards and methodologies, including; OWASP, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards, and the MITRE ATT&CK Framework. Experience in a leadership position within a cyber-security operations team to include team and capability development, staff development, career management, and recruitment. Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organisation. Ability to speak, read and write in English, in addition to your local language. Technical Skills Knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, AV, EDR, Firewalls, Proxies etc. Knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. Excellent knowledge of common enterprise technology infrastructure, platforms and tooling, including; Windows, Linux, infrastructure management and networking hardware. Some technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google their associated security tooling/platforms. Knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation. Knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools such as Splunk Enterprise Security or Microsoft Sentinel. Knowledge of cloud based “data lake” solutions used for the collection and real-time advanced analysis of security information. Ability to identify, develop and track key performance indicator (KPI) and key control indicator (KCI) metrics for accurate and contextual evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments. Good knowledge of intelligence analysis principles either though formal education / training or equivalent professional experience. Industry Experience and Qualifications Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows: Experience in a cybersecurity or technical position, preferably in the finance or similarly regulated sector. Industry recognised cybersecurity related certifications including: CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP Formal education and advanced degree in Information Security, Cyber-security, Computer Science, or similar and/or commensurate demonstrated work experience in the same. Certified in the use and management of core security platforms such as SIEM, SOAR, EDR, XDR, NDR, Firewalls, Proxies etc. Core technical platform / OS certifications e.g. Windows, Linux, MacOS.

Role & responsibilities 6+ years of experience in cybersecurity operations with solid L3-level incident handling. Hands-on expertise with endpoint security solutions (CrowdStrike, SentinelOne, Microsoft Defender ATP, Carbon Black, etc.). Strong proficiency in conducting demos and technical evaluations for R&D or pre-deployment scenarios. In-depth understanding of SIEM platforms, EDR, network security, and intrusion detection. Experience with malware analysis, threat intelligence, and reverse engineering is a plus. Knowledge of Windows, Linux, and cloud environments (AWS/Azure/GCP). Familiarity with security frameworks (NIST, MITRE ATT&CK, SANS). Scripting skills (Python, PowerShell, Bash) for automation. Relevant certifications preferred: CISSP, OSCP, CEH, GCIA, GCIH .

Infosys is hiring Cybersecurity professionals in Hubli location. What We're Looking For: - Experience: 2-12 years - Skills: 1) Identity and Access Management: Beyond Trust EPM, Saviynt, SailPoint Developer, SailPoint IIQ, OKTA 2) Data Security: Data Loss Prevention, Data Protection, Public Key Infrastructure 3) Network Security: Palo Alto Firewall, Cisco firewall, Fortigate firewall 4) Unified Vulnerability Management: App sec - SAST, DAST, SCA, PT, Infra VM 5) Security Operations Center: Sentinel, SOAR, Qradar 6) GRC (Governance, Risk, Compliance) If you are passionate and thrive in a fast-paced collaborative environment, this is for you!

SOC Analyst - Sentinel - L2 Chennai/ Bangalore/ Kochi/ Hyderabad Responsibilities Thoroughly investigate security incidents escalated by L1 analysts, going beyond initial alerts to understand the full scope and impact. Analyze complex security events, logs, and incident data from various sources integrated into Azure Sentinel. Determine if a security event is a genuine incident and classify its severity. Utilize Azure Sentinel's investigation graph to explore entities, connections, and timelines of attacks. Proactively search for undetected threats within the organization's Azure environment and connected data sources using Kusto Query Language (KQL) in Azure Sentinel. Lead and coordinate incident response activities, including containment, eradication, and recovery from security incidents Develop and maintain incident response playbooks within Azure Sentinel. Execute automated response actions through Sentinel playbooks, such as blocking IPs, isolating compromised systems, or enriching incident data. Collaborate with other security teams (e.g., L1, L3, forensic teams), IT, and business stakeholders to resolve incidents effectively. Document findings, actions taken, and lessons learned to improve future incident response procedures. Desired Skills and Qualifications Required: Deep expertise in Microsoft Sentinel: Including data connectors, analytics rules, workbooks, hunting queries, incidents, and automation (Logic Apps/Playbooks). Kusto Query Language (KQL) mastery: Essential for advanced threat hunting, data analysis, and rule creation in Sentinel. Understanding of Azure security services: Strong knowledge of Azure Security Center/Defender for Cloud, Azure Active Directory (now Microsoft Entra ID), Azure Monitor, Azure Networking, and other relevant Azure services. SOAR (Security Orchestration, Automation, and Response): Experience in building and optimizing playbooks using Azure Logic Apps within Sentinel. MITRE ATT&CK Framework: Ability to map security events and detections to MITRE ATT&CK tactics and techniques for comprehensive threat analysis. Cloud Security Concepts: A solid understanding of cloud computing security principles, especially within the Azure ecosystem. General SOC Skills Strong analytical and problem-solving skills. Excellent communication (verbal and written) and interpersonal skills. Please share your resume to "priyanga.govindharaj@aspiresys.com"

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: BeyondTrust Developer/ BeyondTrust Support Key Skills: Vaulting, Session Management, Credential Rotation, AAPM,PRA,EPM,IAM Job Locations: Hyderabad Experience: 6 – 10 Years Budget: Based on your Experience Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: 2 Rounds of Technical Interview + Including Client round Job Description: JD for BeyondTrust Developer Skill: Deep hands-on expertise with BeyondTrust products: BeyondTrust Password Safe (Vaulting, Session Management, Credential Rotation, AAPM). BeyondTrust Privileged Remote Access (PRA) and Jumpoint architecture. BeyondTrust Endpoint Privilege Management (EPM) policy creation and troubleshooting. Strong understanding of Identity and Access Management (IAM) concepts: Authentication, Authorization, Single Sign-On (SSO), Multi-Factor Authentication (MFA). Roles and Responsibilities: · Ensure BeyondTrust deployments align with security best practices, compliance requirements (e.g., SOC 2, NIST, Zero Trust), and organizational policies. · Deeply understand and manage integrations between BeyondTrust products and other critical enterprise systems. · Troubleshoot complex integration issues with Identity Providers (IdPs) like Active Directory, Azure AD (Entra ID), Okta, Ping Identity, and other LDAP sources. · Work with SIEM/SOAR platforms (e.g., Splunk, Microsoft Sentinel, IBM QRadar) to ensure proper logging, alerting, and automated responses for BeyondTrust events. · Collaborate on integrations with ITSM tools (e.g., ServiceNow) for streamlined incident, problem, and change management workflows. · Develop and implement advanced monitoring strategies for BeyondTrust components to proactively identify performance bottlenecks, security anomalies, and potential failures. JD for BeyondTrust Support: Skills Deep hands-on expertise with BeyondTrust products BeyondTrust Password Safe (Vaulting, Session Management, Credential Rotation, AAPM). BeyondTrust Privileged Remote Access (PRA). BeyondTrust Endpoint Privilege Management (EPM) policy creation and troubleshooting. Experience in administration and maintenance of BeyondTrust components Thorough understanding of BeyondTrust integration with various platforms, such as different LDAP providers, Windows servers, UNIX servers, Databases and networking devices Knowledge of CyberArk PAM solutions Scripting skills: PowerShell is essential; Python or Bash is a plus for automation tasks. Basic understanding of SQL Server administration and querying. Strong understanding of modern cybersecurity principles, Zero Trust, and least privilege. Excellent problem-solving and communication skills to work cross-functionally with security, compliance, and IT teams. Prior experience with Agile practices such as Kanban or Scrum Roles and Responsibilities Support BeyondTrust solutions and services to securely manage privileged accounts and credentials across CUSTOMER platforms, systems and applications. Perform health check monitoring on all BeyondTrust severs to ensure consistent availability of system to end user. Troubleshoot and resolve technical issues related to BeyondTrust components and integrations. Monitor logs and events for Windows, UNIX and User identity management platforms to provide views of misuse or malicious activities. Participate in incident and response activities, including investigation and mitigation of security incidents involving privileged accounts. Interested Candidates please share your CV to jyothi.a@people-prime.com

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

About The Role Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time educationRole Summary :The SOC Analyst plays a critical role in the first line of cyber defense by monitoring and triaging security alerts generated by Microsoft Sentinel. This role is responsible for identifying potential threats through continuous monitoring of security dashboards, performing initial analysis, executing predefined response actions, and escalating incidents based on severity. The analyst will work closely with L2/L3 analysts to ensure timely escalation and incident closure while maintaining accuracy and SLA adherence. This role is ideal for individuals developing their skills in SIEM operations and security monitoring with a focus on Microsofts security ecosystem.Key Responsibilities- Monitor Microsoft Sentinel dashboards and respond to alerts.- Perform initial triage, classification, and correlation of security events.- Trigger and monitor predefined SOAR playbooks.- Create and update incident tickets with all required details.- Escalate validated incidents to L2/L3 teams for deeper investigation.- Support daily SOC health checks and Sentinel connector status reviews Skills Required- 4-8 years of experience in SOC / IT security.- Basic knowledge of Microsoft Sentinel and KQL.- Familiarity with Defender for Endpoint, Identity, and Microsoft 365 Security.- Ability to follow runbooks, good verbal and written communication. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Operations.- Strong understanding of incident response processes and procedures.- Experience with security monitoring tools and techniques.- Knowledge of compliance frameworks and regulations related to cybersecurity.- Ability to analyze security incidents and provide actionable insights. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time educationRole Summary :The SOC Analyst plays a critical role in the first line of cyber defense by monitoring and triaging security alerts generated by Microsoft Sentinel. This role is responsible for identifying potential threats through continuous monitoring of security dashboards, performing initial analysis, executing predefined response actions, and escalating incidents based on severity. The analyst will work closely with L2/L3 analysts to ensure timely escalation and incident closure while maintaining accuracy and SLA adherence. This role is ideal for individuals developing their skills in SIEM operations and security monitoring with a focus on Microsofts security ecosystem.Key Responsibilities-Monitor Microsoft Sentinel dashboards and respond to alerts.-Perform initial triage, classification, and correlation of security events.-Trigger and monitor predefined SOAR playbooks.-Create and update incident tickets with all required details.-Escalate validated incidents to L2/L3 teams for deeper investigation.-Support daily SOC health checks and Sentinel connector status reviews. Professional & Technical Skills: -Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).-Strong understanding of cloud security principles and frameworks.-Experience with security incident response and management.-Knowledge of regulatory compliance requirements related to cloud security.-Familiarity with security tools and technologies used in cloud environments.-Experience in SOC / IT security.-Basic knowledge of Microsoft Sentinel and KQL.-Familiarity with Defender for Endpoint, Identity, and Microsoft 365 Security.-Ability to follow runbooks, good verbal and written communication. Additional Information:-The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).-This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time educationRole Summary :The SOC Analyst plays a critical role in the first line of cyber defense by monitoring and triaging security alerts generated by Microsoft Sentinel. This role is responsible for identifying potential threats through continuous monitoring of security dashboards, performing initial analysis, executing predefined response actions, and escalating incidents based on severity. The analyst will work closely with L2/L3 analysts to ensure timely escalation and incident closure while maintaining accuracy and SLA adherence. This role is ideal for individuals developing their skills in SIEM operations and security monitoring with a focus on Microsofts security ecosystem. Roles & Responsibilities-Monitor Microsoft Sentinel dashboards and respond to alerts.-Perform initial triage, classification, and correlation of security events.-Trigger and monitor predefined SOAR playbooks.-Create and update incident tickets with all required details.-Escalate validated incidents to L2/L3 teams for deeper investigation.-Support daily SOC health checks and Sentinel connector status reviews. Professional & Technical Skills: -Experience in SOC / IT security.-Basic knowledge of Microsoft Sentinel and KQL.-Familiarity with Defender for Endpoint, Identity, and Microsoft 365 Security.-Ability to follow runbooks, good verbal and written communication.-Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).-Strong understanding of cloud security principles and frameworks.-Experience with security incident response and management.-Knowledge of regulatory compliance requirements related to cloud security.-Familiarity with security tools and technologies used in cloud environments. Additional Information:-The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).-This position is based at our Bengaluru office.-A 15 years full time education is required. Qualification 15 years full time education

About The Opportunity Netrix Global team is looking for an experienced Senior Security Engineer to join our growing security team. In this role, you'll be defending our clients and infrastructure against evolving cyber threats. You'll work collaboratively within a global SOC environment, helping detect, investigate, and respond to incidents-while also contributing to threat hunting, process improvement, and security automation initiatives. It's a role for someone with a deep curiosity for cybersecurity, a proactive mindset, and a desire to improve enterprise security at scale. If you're motivated by continuous learning and thrive in fast- paced environments, we'd love to talk to you. How You Will Make An Impact Act as a senior member of the Security Operations Center (SOC), independently handling and resolving incidents, while driving lessons learned and continuous improvement. Collaborate with global teams and develop best practices around processes, tools, and awareness. Perform in-depth analysis of complex security logs, SIEM events, and correlated data to identify, assess, and remediate threats. Maintain and improve existing security tools, create and refine use cases, and tailor configurations based on evolving threat intelligence. Conduct penetration testing, vulnerability assessments, and guide remediation efforts. Take a proactive approach to identifying risks, potential issues, and opportunities for improving the security posture of the organization. Contribute to 24/7 SOC capabilities, ensuring effective detection and response coverage. Participate in compliance and audit-related efforts by helping ensure system and policy adherence. Support SOAR platform integration and automation to improve incident response workflows. Mentor junior team members and promote a strong, collaborative team culture. What You Will Bring To The Table 4-5+ years in Information Security or related cybersecurity roles. Hands-on experience in a SOC environment, with deep exposure to SIEM and endpoint/network security. 2+ years of experience with cloud environments and cloud-native security tools. Experience with SOAR platforms and scripting (Python, PowerShell, Bash, etc.). Experience with penetration testing, vulnerability scanning, and vulnerability management processes. Working knowledge of Linux systems and syslog analysis from CLI. 2-4 years of systems analysis and incident handling. Strong grasp of cloud security concepts such as access control, data protection, threat detection, and compliance monitoring. Tools & Technologies Azure Sentinel, QRadar, Splunk Cisco IDS/IPS, Palo Alto, McAfee Security Suite Tenable Nessus, ForeScout, Cisco ISE Comfortable with query languages such as KQL or SQL (considered an advantage). Operational knowledge of APIs is a plus. Preferred Education Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field (or equivalent experience). Certifications (Any combination of the following will be considered a strong advantage.) Required / Preferred CompTIA Security+ Certified Ethical Hacker (CEH) Certified Security Analyst (ECSA) Certified Incident Handler (ECIH) CompTIA Cybersecurity Analyst (CySA+) SC-200 or relevant cloud security certifications Cisco CCNA / CCNP + Security ITIL Foundation Linux+ Additional (Desirable): CISSP or CISSP-ISSEP SSCP MCSE Shift : The role is part of a 24x7 operational environment. The employee may be required to work in any of the rotating shifts based on business needs, including night shifts. The work schedule will follow Indian Standard Time (IST), and shift assignments may vary to ensure continuous support coverage. About Us At Netrix Global our values are the philosophies and principles that live by. They support our vision, help us achieve our goals and commit us to a common purpose. We Own Outcomes, Win Together, Make an Impact, Enjoy The Journey, and Respect All! Netrix Global is a mission-driven organization with the goal of providing the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. Our breadth of capabilities allows us to provide holistic offerings that solve even today’s most complex business challenges, delivering to you an integrated, optimized, and future-proof solution. We work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries. Netrix is consistently ranked in the CRN VAR500, detailing the country’s top system integrators. At Netrix, we’re driven to solve business problems with innovative technology solutions. We focus on end-users and are committed to client satisfaction. What You Can Expect From Us We offer a competitive compensation package, comprehensive group benefits to meet the needs of you and your family, flexibility, and time off when you need it, and a casual work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. As part of this commitment, we will ensure that persons with disabilities are provided with reasonable accommodation. If you need a reasonable accommodation, please let us know by contacting NetrixHR@Netrixglobal. To learn more about Netrix Global please go to www.netrixglobal.com

We are hiring for Manager / Senior Manager Security Operations Center (SOC) at Gurgaon About the Role: We are seeking a proactive and experienced Manager / Senior Manager to lead our Security Operations Center (SOC) and Incident Response (IR) functions. This role involves designing and implementing a comprehensive SOC and IR strategy in partnership with Managed Security Services (MSS) providers, while also developing internal SOC capabilities to effectively detect, monitor, and respond to security threats. Core Responsibilities: Design and implement a managed SOC and Incident Response strategy, architecture, and program in collaboration with MSS providers to ensure comprehensive threat detection, monitoring, and response. Provide oversight and governance of MSS/SOC partners to ensure service quality, SLA compliance, and alignment with organizational security goals. Evaluate, recommend, and implement security technologies and tools essential for SOC operations and effective incident response. Define and develop threat detection use cases; oversee red team exercises and coordinate attack simulations to evaluate SOC readiness and response effectiveness. Ensure logging is enabled and correctly configured across all critical infrastructure, applications, and security devices in coordination with IT and cloud teams. Validate ingestion and monitoring of all relevant security logs into the SIEM platform to maintain effective threat detection. Manage, mentor, and develop a lean internal SOC team, collaborating closely with the MSS/SOC partner to strengthen in-house oversight and ensure operational resilience. Optimize detection coverage, incident triage processes, and SLA adherence to ensure timely and accurate incident resolution. Lead the design and tuning of alert rules, maintain automated playbooks, and implement advanced threat monitoring techniques to improve SOC efficiency. Be responsible for coordinating threat intelligence sharing and response activities across internal and MSS partner Incident Response teams. Ensure compliance with internal incident response procedures and relevant regulatory requirements. Drive continuous improvement of SOC capabilities through KPIs, regular threat drills, and post-incident reviews. Develop and maintain SOC performance dashboards and prepare executive-level reports to communicate operational effectiveness and security posture to senior leadership. Perform additional Information Security projects and tasks as assigned by senior management to support Mobileum’s evolving security landscape. Stakeholder & Collaboration Management: Collaborate with IT, Cloud Operations, Engineering, Legal, and Risk Management teams to align SOC operations with broader organizational risk management initiatives. Serve as the primary liaison with MSS providers, ensuring clear communication, contractual compliance, and coordinated incident response. Work alongside Security Architecture, Governance, and Compliance teams to integrate SOC activities within the organization’s overall security framework. Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders. People Management & Leadership: Lead and mentor a lean internal SOC and Incident Response team, promoting a culture of proactive monitoring and continuous improvement. Encourage skill development and cross-functional collaboration to enhance SOC and IR capabilities. Balance leveraging MSS partnerships with developing strong in-house security operations expertise. Work Style & Leadership Attributes: Hands-on leader with strong technical knowledge of SOC operations and incident response methodologies. Proactive, self-driven, and solution-oriented with the ability to lead complex security programs under pressure. Excellent communicator capable of engaging technical teams, business stakeholders, and senior leadership. Ability to foster a security-aware culture and motivate teams to maintain high vigilance and operational excellence. Qualifications & Certifications: Preferred Certifications: GIAC Security Operations Certified (GSOC)/GIAC Certified Incident Handler (GCIH) Certified SOC Analyst (CSA) – EC-Council CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) PMP or equivalent project management certification (optional) Skills & Experience: 7–12 years of experience managing SOC and Incident Response teams or functions. Expertise with SIEM platforms (Splunk, IBM QRadar, ArcSight, Azure Sentinel, or equivalent) and security monitoring tools. In-depth knowledge of threat detection, incident triage, alert tuning, and automation of response processes. Experience managing Managed Security Service Providers (MSSPs) and third-party vendor relationships. Strong understanding of logging best practices, log management, and cloud security monitoring. Proven ability to analyse complex security incidents and lead root cause analysis and remediation efforts. Excellent leadership, stakeholder management, and communication skills. Work Experience: 7–12 years Educational Background: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline preferred. Location: Gurgaon

About The Opportunity Netrix Global team is looking for an experienced Senior Security Engineer to join our growing security team. In this role, you'll be defending our clients and infrastructure against evolving cyber threats. You'll work collaboratively within a global SOC environment, helping detect, investigate, and respond to incidents-while also contributing to threat hunting, process improvement, and security automation initiatives. It's a role for someone with a deep curiosity for cybersecurity, a proactive mindset, and a desire to improve enterprise security at scale. If you're motivated by continuous learning and thrive in fast- paced environments, we'd love to talk to you. How You Will Make An Impact Act as a senior member of the Security Operations Center (SOC), independently handling and resolving incidents, while driving lessons learned and continuous improvement. Collaborate with global teams and develop best practices around processes, tools, and awareness. Perform in-depth analysis of complex security logs, SIEM events, and correlated data to identify, assess, and remediate threats. Maintain and improve existing security tools, create and refine use cases, and tailor configurations based on evolving threat intelligence. Conduct penetration testing, vulnerability assessments, and guide remediation efforts. Take a proactive approach to identifying risks, potential issues, and opportunities for improving the security posture of the organization. Contribute to 24/7 SOC capabilities, ensuring effective detection and response coverage. Participate in compliance and audit-related efforts by helping ensure system and policy adherence. Support SOAR platform integration and automation to improve incident response workflows. Mentor junior team members and promote a strong, collaborative team culture. What You Will Bring To The Table 4-5+ years in Information Security or related cybersecurity roles. Hands-on experience in a SOC environment, with deep exposure to SIEM and endpoint/network security. 2+ years of experience with cloud environments and cloud-native security tools. Experience with SOAR platforms and scripting (Python, PowerShell, Bash, etc.). Experience with penetration testing, vulnerability scanning, and vulnerability management processes. Working knowledge of Linux systems and syslog analysis from CLI. 2-4 years of systems analysis and incident handling. Strong grasp of cloud security concepts such as access control, data protection, threat detection, and compliance monitoring. Tools & Technologies: Azure Sentinel, QRadar, Splunk Cisco IDS/IPS, Palo Alto, McAfee Security Suite Tenable Nessus, ForeScout, Cisco ISE Comfortable with query languages such as KQL or SQL (considered an advantage). Operational knowledge of APIs is a plus. Preferred Education: Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field (or equivalent experience). Certifications: (Any combination of the following will be considered a strong advantage.) Required / Preferred: CompTIA Security+ Certified Ethical Hacker (CEH) Certified Security Analyst (ECSA) Certified Incident Handler (ECIH) CompTIA Cybersecurity Analyst (CySA+) SC-200 or relevant cloud security certifications Cisco CCNA / CCNP + Security ITIL Foundation Linux+ Additional (Desirable): CISSP or CISSP-ISSEP SSCP MCSE Shift : The role is part of a 24x7 operational environment. The employee may be required to work in any of the rotating shifts based on business needs, including night shifts. The work schedule will follow Indian Standard Time (IST), and shift assignments may vary to ensure continuous support coverage. About Us At Netrix Global our values are the philosophies and principles that live by. They support our vision, help us achieve our goals and commit us to a common purpose. We Own Outcomes, Win Together, Make an Impact, Enjoy The Journey, and Respect All! Netrix Global is a mission-driven organization with the goal of providing the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. Our breadth of capabilities allows us to provide holistic offerings that solve even today’s most complex business challenges, delivering to you an integrated, optimized, and future-proof solution. We work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries. Netrix is consistently ranked in the CRN VAR500, detailing the country’s top system integrators. At Netrix, we’re driven to solve business problems with innovative technology solutions. We focus on end-users and are committed to client satisfaction. What You Can Expect From Us We offer a competitive compensation package, comprehensive group benefits to meet the needs of you and your family, flexibility, and time off when you need it, and a casual work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. As part of this commitment, we will ensure that persons with disabilities are provided with reasonable accommodation. If you need a reasonable accommodation, please let us know by contacting NetrixHR@Netrixglobal. To learn more about Netrix Global please go to www.netrixglobal.com

About this role: Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 4+ years of demonstrated information security applications and systems experience 4+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks Python) working on automation and engineering projects Proficiency in detection engineering developing and maintaining effective detection rules and correlation logic. Correlation searches, rules, alerts. Behavioral detections (e.g., brute-force, privilege escalation). Anomaly detections (e.g., unusual logon patterns, entropy-based detections). Hands-on experience with parsing configurations (props, transforms, regex, normalization techniques). Expertise in log source onboarding , source categorization, and enrichment. Strong understanding of security event types (firewall, endpoint, identity, cloud, SaaS logs). Familiarity with common attack vectors (credential abuse, privilege escalation, lateral movement). Knowledge of threat detection frameworks like MITRE ATT&CK, NIST, CIS . Ability to work with threat intelligence feeds to build contextual detections. Experience with log analysis , anomaly detection , and statistical detection methods. Proficient in developing content for SIEMs such as Splunk, Sentinel, QRadar, ArcSight, Elastic, etc. Optimize search performance and false positive tuning of existing detection rules. Maintain deployment workflows for apps, configurations, and detection packages across the SIEM infrastructure. Work with security analytics teams to develop data models or normalized schemas (CIM or equivalent). Job Expectations: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. Function Description: The AIM (Analytics, Investment & Marketing Enablement) team – a part of GCS Marketing– is the analytical engine that enables Global Commercial business portfolio of American Express. Accelerating growth momentum, increasing profitability, and powering up our value proposition are key objectives for this organization. The team enables GCS Marketing business by providing actionable insights to drive business strategy and growth. This Analyst (Band 30) role would be based in Gurgaon (India) and would be focused on driving sentinel measurement Analytics spanning across channels and product offerings from Amex. Key Responsibilities include: Support and enable the business partners with campaign measurements, ROI analysis and actionable data driven insights for acquisition & engagement treatments in GCS Develop analytical solutions for GCS business teams by gathering requirements from stakeholders, performing data analysis, presenting results Accurate, timely and efficient delivery of monthly results reporting for marketing & sales leadership Keen on exploration and analysis of data from various data sources, translate the same to excellent visual case studies. Quick learner quick to understand the business and support pilot projects amidst ambiguity Collaborate with functional leaders, business partners and senior leaders to assess business needs, evaluate project feasibility, ensure data integrity, and provide actionable recommendations in times of constant change Build a solid relationship/partnership with Marketing Stakeholders, drive projects end to end with full accountability and growth mindset Minimum Qualifications: Degree in a quantitative field preferred – e.g. B. Tech; BSc/MSc Statistics, Bachelors/master’s in economics Knowledge of Hive, Python, PySpark, SQL encompassing data manipulation and statistical modeling/data-mining techniques Strong analytical aptitude and technical skills Project Management Excellent verbal, written, and interpersonal communications skills with an ability to formulate and communicate results & methodologies in a clear and compelling way A demonstrated ability to work in high-pressure situations with minimal errors An optimistic and growth mind-set with a tremendous will to win Should be able to function with minimum supervision with high sense of ownership Should be comfortable with flexible shift timings to support Global Partners Strong technical and problem-solving skills Strong communication and interpersonal skills Ability to analyze large amounts of data and create innovative solutions Ability to work effectively in a team environment Ability to learn quickly and work independently with complex, unstructured initiatives Ability to challenge the status quo and drive innovation Preferred Qualifications: 1-2 years of relevant experience with strong knowledge of skills like Python, SQL & Advanced Excel required; R also good to have. Good knowledge of statistical techniques like hypothesis testing, regression, KNN, t test, chi-square test Relevant experience in campaign measurement/marketing analytics is a plus Experience in marketing analytics and campaign measurement preferred; relevant industry experience preferred We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Control Plane Engineering team is responsible for developing and implementing control plane services that coordinate the setup & interaction between various 1P & internal components needed to onboard an end user and provide complete experience of the Modern Security Data Lake. As a senior engineer, you will contribute to these services by designing and developing solutions that establish the platform's core functionality. . You will work in a forward-looking product as part of an agile, collaborative, and cross-discipline team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are looking for someone who is a highly motivated, self-starter who thrives in a bottoms-up, fast paced, highly technical environment, has a strong customer focus and understands the importance of Live Site, has a demonstrated ability to establish and manage relationships across organizational boundaries, has proven experience dealing with large scale data architecture, operational architecture and or network Architecture and proven experience creating distributed systems tools of moderate-to-high complexity. You will be responsible to perform investigations and investments in complex areas; designing and delivering features end to end - including system architecture, code, deployment, scale, performance and quality, from conception to delivery. In short, you will be responsible for all aspects of a feature area including design Design and implement scalable, reliable, maintainable services Demonstrate strategic understanding of the timing and rationale for design choices, within the scope of work. Consistently contribute key ideas to the product or service design and vision that meets the customer's needs - Drive design reviews across the team and apply expertise in available technologies Apply metrics to drive the quality and stability of code - Have a sense of pride, commitment, and personal accountability for the service quality, completeness and resulting user experience for the life of the product or service • Work closely with geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering System. Qualifications 8+ years of experience in software development. (Required) BS in Computer Science or higher, equivalent industry experience. Experience in handling large software engineering projects, modularizing them into deliverables for the team, shepherding them to quality delivery, and working closely with engineering partners across the globe. (Required) Demonstrated problem solving and debugging skills. (Required) Breadth and depth technical knowledge in software engineering. Experience in building, shipping, and operating reliable system software preferably with experience in large scale high availability distributed systems. Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Hastags: #MSFTSecurity #sde Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What you’ll do: The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisation’s overall cyber resilience. What you’ll need: Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Why you’ll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders help bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives to spark originality, imagination and creativeness in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. Please contact us to request any such accommodation. #li-bf1 #LI-hybrid

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage and passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do: Monitor Microsoft Sentinel for security alerts and events on a 24x7 basis Perform initial triage and analysis of security events, including prioritization and escalation based on defined incident response procedures Identify potential security incidents, false positives, and provide recommendations for mitigation or escalation to L2 SOC analysts Leverage KQL queries for investigations Document incidents, investigation results, and actions taken in the ticketing system Follow established SOC processes and playbooks for effective incident response Support continuous improvement by identifying gaps in monitoring and detection Monitoring of other security tools such EDR - CrowdStrike, AWS Security Alerts for level 1 analysis based on the defined playbooks Flexible in following updated playbooks as the security landscape changes Candidates must be flexible and willing to work varying 24*7 shifts to ensure consistent coverage What you’ll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience in Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Knowledge in creating KQL queries and custom alerts within Microsoft Sentinel Exposure in incident response and management procedures Experienced in conducting L1 investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Flexibility to adapt to changing priorities and shifts Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 2+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Exposure in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud Certifications: AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying? At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At: www.zs.com

Mercer is seeking candidates for the following position based in the Mumbai / Pune office: Senior Manager– Investments (Operational Due Diligence) What can you expect? Mercer Wealth is a leading global provider of investment consulting services. We offer customized advice at every stage of the investment decision, risk management and investment monitoring process. In addition to core consulting, we have developed a number of specialist teams; the Financial Strategy Group, Mercer Sentinel, Manager Research, Responsible Investment and Fiduciary Management, thereby ensuring we offer a full range of services to our clients. We have been dedicated to meeting the needs of clients for more than 30 years. Due to increasing client demand we are continuing to build a specialist team focused on ODD exercises and consulting projects. We are looking to employ talented colleagues who understand the financial services industry and the operational functions of investment managers. The job holder will work as part of a team of ODD specialist and client consultants. Through the Mercer structured development program and on-the-job training, the applicant will be supported, coached and developed in their role. What is in it for you? Employee friendly policies Health care and insurance for you and your dependents Healthy Work life balance A great working environment Future career opportunities across a global organization We will count on you to: Work as an extension of the US team to conduct operational due diligence risk assessments of investment managers using Mercer Sentinel’s framework incorporating house views as appropriate Understanding of investment manager middle and back office operations, fund administration, portfolio accounting, custody, regulatory compliance and other relevant industry experience Maintaining knowledge of operational risk frameworks across the Mercer universe of asset classes, including equity and fixed income, hedge funds, private equity, private debt, real estate and infrastructure Liaise with investment managers to collate information, coordinate on-site visits and schedules Review responses and documentation provided by investment managers for the risk assessment and author research notes in advance of the meeting of the onsite team to support the onshore team Support virtual investment manager “on-site” visits through the preparation of pre-meeting notes, note taking in the meeting and producing high quality draft written reports after the meeting Challenging and improving operational processes for Mercer’s ODD framework Contribute to Mercer Sentinel’s intellectual capital through market research and process innovation Contribute towards Mercer Sentinel’s other products including but not limited to Surveys and Operational Reviews; support onshore team’s efforts towards key projects or activities including business development among others. Update and maintain pertinent tools/database with relevant information including research publications and coordinate with asset managers for requisite data and for scheduling research calls; prepare and distribute Ratings Committee (RC) minutes from the weekly RC call. What you need to have: A bachelor's degree in economics, finance or other business-related areas with a high level of written content Professional qualification (Actuarial, ACA, ACCA, CFA or equivalent) – preferential requisite Two years plus of experience in a similar operational due diligence role preferred Experience with investment management, operations, fund management or investment consulting Previous experience in operational risk analysis, fund administration, and or financial / portfolio accounting would be beneficial Thorough knowledge of Microsoft Office applications (Word, Excel, PowerPoint) Takes ownership for work, always ensuring standards and deadlines are met and keeping others informed and up-to-date Works well under pressure, with the ability to priorities and manage multiple tasks, stakeholders and deliverables simultaneously; candidate may be expected to attend calls with US based asset managers couple days in a week; responsibilities may stretch to taking calls with asset managers in other geographies including Pacific, UK, Europe, Middle East and Asia depending on the business requirements. Excellent organizational and time management skills Openly shares information and own expertise with colleagues Possess excellent team working skills in a global/remote working environment What makes you stand out? Demonstrates excellent oral and written communication skills Self-motivated with an eagerness to learn and a positive work ethic Challenges existing practices and conventional thinking Highly proficient in Microsoft Excel and other core Microsoft Office products (Word, PowerPoint, etc.) Mercer believes in building brighter futures by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and well-being. Mercer’s approximately 25,000 employees are based in 43 countries and the firm operates in over 130 countries. Mercer is a business of Marsh McLennan (NYSE: MMC), the world’s leading professional services firm in the areas of risk, strategy and people, with 85,000 colleagues and annual revenue of over $20 billion. Through its market-leading businesses including Marsh, Guy Carpenter and Oliver Wyman, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment. For more information, visit mercer.com. Follow Mercer on LinkedIn and Twitter. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex/gender, marital or parental status, ethnic origin, nationality, age, background, disability, sexual orientation, caste, gender identity or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. Function Description: The AIM (Analytics, Investment & Marketing Enablement) team – a part of GCS Marketing– is the analytical engine that enables Global Commercial business portfolio of American Express. Accelerating growth momentum, increasing profitability, and powering up our value proposition are key objectives for this organization. The team enables GCS Marketing business by providing actionable insights to drive business strategy and growth. This Analyst (Band 30) role would be based in Gurgaon (India) and would be focused on driving sentinel measurement Analytics spanning across channels and product offerings from Amex. Key Responsibilities include: Support and enable the business partners with campaign measurements, ROI analysis and actionable data driven insights for acquisition & engagement treatments in GCS Develop analytical solutions for GCS business teams by gathering requirements from stakeholders, performing data analysis, presenting results Accurate, timely and efficient delivery of monthly results reporting for marketing & sales leadership Keen on exploration and analysis of data from various data sources, translate the same to excellent visual case studies. Quick learner quick to understand the business and support pilot projects amidst ambiguity Collaborate with functional leaders, business partners and senior leaders to assess business needs, evaluate project feasibility, ensure data integrity, and provide actionable recommendations in times of constant change Build a solid relationship/partnership with Marketing Stakeholders, drive projects end to end with full accountability and growth mindset Minimum Qualifications: Degree in a quantitative field preferred – e.g. B. Tech; BSc/MSc Statistics, Bachelors/master’s in economics Knowledge of Hive, Python, PySpark, SQL encompassing data manipulation and statistical modeling/data-mining techniques Strong analytical aptitude and technical skills Project Management Excellent verbal, written, and interpersonal communications skills with an ability to formulate and communicate results & methodologies in a clear and compelling way A demonstrated ability to work in high-pressure situations with minimal errors An optimistic and growth mind-set with a tremendous will to win Should be able to function with minimum supervision with high sense of ownership Should be comfortable with flexible shift timings to support Global Partners Strong technical and problem-solving skills Strong communication and interpersonal skills Ability to analyze large amounts of data and create innovative solutions Ability to work effectively in a team environment Ability to learn quickly and work independently with complex, unstructured initiatives Ability to challenge the status quo and drive innovation Preferred Qualifications: 1-2 years of relevant experience with strong knowledge of skills like Python, SQL & Advanced Excel required; R also good to have. Good knowledge of statistical techniques like hypothesis testing, regression, KNN, t test, chi-square test Relevant experience in campaign measurement/marketing analytics is a plus Experience in marketing analytics and campaign measurement preferred; relevant industry experience preferred We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.