903 Sentinel Jobs - Page 11

Job Description Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What you’ll do: The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisation’s overall cyber resilience. What you’ll need: Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Why you’ll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders help bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives to spark originality, imagination and creativeness in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. Please contact us to request any such accommodation.

Job Description Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What you’ll do: The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisation’s overall cyber resilience. What you’ll need: Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Why you’ll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders help bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives to spark originality, imagination and creativeness in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. Please contact us to request any such accommodation.

Critical Skills to Possess: A degree in Cybersecurity, Information Security, Computer Science, or equivalent practical experience. 2–4 years of experience in security operations, incident response, or threat detection, ideally with cloud focus. Familiarity with Wiz, including security graph analysis, alert triage, and custom WQL queries. Understanding of common cloud threats and misconfigurations in AWS, Azure, and/or GCP. Experience with tools like Microsoft Sentinel, Defender for Cloud, or other SIEM/SOAR platforms. Knowledge of core security concepts such as IAM, network security, and the MITRE ATT&CK framework. Comfortable working in fast-paced environments with cross-functional teams. Strong analytical and communication skills for documenting and sharing threat insights.

SOC Analyst 3+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must . About the role As a SOC Analyst, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destinationfor up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you dont feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Technical and Professional : Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

About AkzoNobel Since 1792, we’ve been supplying the innovative paints and coatings that help to color people’s lives and protect what matters most. Our world class portfolio of brands – including Dulux, International, Sikkens and Interpon – is trusted by customers around the globe. We’re active in more than 150 countries and use our expertise to sustain and enhance the fabric of everyday life. Because we believe every surface is an opportunity. It’s what you’d expect from a pioneering and long-established paints company that’s dedicated to providing sustainable solutions and preserving the best of what we have today – while creating an even better tomorrow. Let’s paint the future together. For more information please visit www.akzonobel.com © 2024 Akzo Nobel N.V. All rights reserved. Job Purpose Cyber security is a top priority for AkzoNobel as for any global organization operating in the cyberspace. Our objective is to protect our information and digital assets (IT and OT) by reducing our cyber risk exposure to pursue our business objectives. As part of the new cyber security strategy, supported by the ExCo, we have recently redefined our security governance in line with the evolution of the threat landscape and modern best practices. In this regard the new Information Security function, under responsibility of the CISO and part of the IT, is responsible for Information and cyber security for the entire organization covering Cyber Risk Management & Compliance, Security Architecture, Security Operations and Cyber Security Awareness and Training. Security Operations, led by the Security Operations Manager covers all the operational aspects of cyber security within Second Line of Defense including the three core cyber security processes: Vulnerability Management, Security and Threat Monitoring, and Cyber Security Incident. We are looking for a seasoned and proactive SOC Incident Response Analyst to join our Cybersecurity Operations team. This role will be responsible for managing alerts & incidents that are raised by the MSSP provider. From investigation to containment and remediation, this role is responsible to manage those end to end. Key Activities Incident Command: Act as the Incident Commander during security incidents, ensuring timely and effective resolution of alerts triaged by the Managed Security Service Provider (MSSP). Investigation & Analysis: Conduct detailed investigations into security alerts to determine the scope, impact, and root cause of incidents. Utilize Microsoft Defender, Sentinel, and Azure tools for analysis and incident management. Remediation & Containment: Provide clear and actionable remediation and containment instructions to IT and relevant teams to mitigate and resolve security incidents. Ensure all stakeholders are aligned in restoring operations while preventing further escalation. Crisis Management Support: Support on crisis management during high-severity incidents, ensuring effective communication and status reporting. Automation Integration: Assist on automation and hyper-automation tools to improve incident response efficiency. Participate in design and implementation of automated workflows to accelerate threat detection, investigation, containment, and remediation processes. Incident Documentation: Maintain accurate incident records, including detailed timelines, incident impact assessments, and post-incident analysis reports. Ensure compliance with internal and regulatory requirements for incident documentation. Collaboration & Communication: Work closely with internal IT teams, external MSSP providers, and other stakeholders to ensure a coordinated response to incidents. Continuous Improvement: Conduct post-incident reviews to identify lessons learned and propose improvements to response processes. Work with the security operations team to enhance detection, investigation, and remediation capabilities. These key responsibilities are peered with key technologies (and linked skills) that are used in the company environment: Microsoft Defender Suite (Endpoint, Identity, Office, Cloud Apps) Zscaler Technologies, including ZIA and ZPA Microsoft Sentinel and Azure Logic Apps (automation and orchestration) Nozomi (OT/IoT network visibility and threat detection) Familiarity with API integrations, automation scripting (PowerShell, KQL), and incident enrichment techniques is highly desirable. Experience 5+ years of hands-on experience in incident response, SOC operations, or threat detection roles within large and complex environments. Demonstrated experience in incident response efforts in real-world scenarios, including root cause analysis, containment, and lessons learned processes. Strong understanding of enterprise security architecture, endpoint and network detection tools, and alerting pipelines. Solid experience with Microsoft security technologies, especially Microsoft Defender XDR and Sentinel. Practical knowledge of SOC automation practices using tools such as Logic Apps, playbooks, or SOAR platforms. Demonstrated ability to work collaboratively, make sound decisions under pressure, and coordinate across teams during high-impact security events. Strong knowledge of incident handling frameworks, playbook development, and SOC maturity models. Certifications in incident response, such as GCIH, GCFA, GCIA, or similar. General blue team certifications such as SC-200, AZ-500 Experience in operationalizing threat intelligence and aligning detection strategies to frameworks such as MITRE ATT&CK. Prior experience assessing and improving SOC performance against frameworks like NIST, MITRE D3FEND, or CMMI. At AkzoNobel we are highly committed to ensuring an inclusive and respectful workplace where all employees can be their best self. We strive to embrace diversity in a context of tolerance. Our talent acquisition process plays an integral part in this journey, as setting the foundations for a diverse environment. For this reason we train and educate on the implications of our Unconscious Bias in order for our TA and hiring managers to be mindful of them and take corrective actions when applicable. In our organization, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or disability. Requisition ID: 47658

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Senior Software Engineer Noida, Uttar Pradesh, India Date posted Jul 09, 2025 Job number 1843990 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Control Plane Engineering team is responsible for developing and implementing control plane services that coordinate the setup & interaction between various 1P & internal components needed to onboard an end user and provide complete experience of the Modern Security Data Lake. As a senior engineer, you will contribute to these services by designing and developing solutions that establish the platform's core functionality. . You will work in a forward-looking product as part of an agile, collaborative, and cross-discipline team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 8+ years of experience in software development. (Required) BS in Computer Science or higher, equivalent industry experience. Experience in handling large software engineering projects, modularizing them into deliverables for the team, shepherding them to quality delivery, and working closely with engineering partners across the globe. (Required) Demonstrated problem solving and debugging skills. (Required) Breadth and depth technical knowledge in software engineering. Experience in building, shipping, and operating reliable system software preferably with experience in large scale high availability distributed systems. Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Hastags: #MSFTSecurity #sde Responsibilities We are looking for someone who is a highly motivated, self-starter who thrives in a bottoms-up, fast paced, highly technical environment, has a strong customer focus and understands the importance of Live Site, has a demonstrated ability to establish and manage relationships across organizational boundaries, has proven experience dealing with large scale data architecture, operational architecture and or network Architecture and proven experience creating distributed systems tools of moderate-to-high complexity. You will be responsible to perform investigations and investments in complex areas; designing and delivering features end to end - including system architecture, code, deployment, scale, performance and quality, from conception to delivery. In short, you will be responsible for all aspects of a feature area including design Design and implement scalable, reliable, maintainable services Demonstrate strategic understanding of the timing and rationale for design choices, within the scope of work. Consistently contribute key ideas to the product or service design and vision that meets the customer's needs - Drive design reviews across the team and apply expertise in available technologies Apply metrics to drive the quality and stability of code - Have a sense of pride, commitment, and personal accountability for the service quality, completeness and resulting user experience for the life of the product or service • Work closely with geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering System. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Job Summary: We are seeking an experienced ServiceNow Architect to lead the design and implementation of complex ServiceNow integrations and enhancements. This role requires deep technical expertise in ServiceNow modules (ITSM, ITOM, SecOps, CMDB, AIOps), as well as integration experience with tools like Salesforce, Jira, New Relic, IBM Risk, and Microsoft Sentinel. The ideal candidate will be responsible for architectural oversight, technical leadership, stakeholder engagement, and delivery of end-to-end solutions aligned with business needs. Key Responsibilities: 1. Integration Architecture & Implementation Architect and implement integration between Salesforce and ServiceNow : Automatically create ServiceNow incidents upon Salesforce case escalation. Ensure inclusion and mandatory visibility of Salesforce Case Number in incident forms. Design visibility and access rules for client-facing teams. Design and implement Jira integration enhancements : Enable Correlated ID search and defect visibility across platforms. Configure bi-directional mapping for Assignment Group and Assigned To fields. Enhance notification flow from Jira to ServiceNow (Work Notes updates, etc.). Lead integration of IBM Risk Tool into ServiceNow: Ingest risk assessments into Security Incident and Risk tables. Trigger workflows based on IBM events. Oversee New Relic APM/Infrastructure integration into ServiceNow ITOM: Auto-create incidents from alerts. Enrich CMDB with performance data and enable incident correlation. Lead Microsoft Sentinel integration for event management and SecOps. 2. Platform Enhancements & Configuration Customize Incident forms based on user roles (e.g., mandatory Salesforce Case Number for client-facing teams). Build and maintain dashboards and reports: Metrics: total escalations, resolution time, category trends. Stakeholder-facing visualization for performance and SLA adherence. 3. AIOps & Proactive Problem Management Deploy and configure ServiceNow AIOps capabilities : Analyze incident trends. Auto-create Problem Records based on thresholds. Recommend resolutions using historical patterns. 4. CMDB Ownership Lead the design, build, and governance of CMDB . Integrate multiple data sources to ensure configuration accuracy and compliance. Required Skills & Experience: 8+ years of experience in ServiceNow platform architecture and development. Proven experience integrating Salesforce, Jira, IBM Risk, New Relic , and Sentinel with ServiceNow. Strong knowledge and hands-on implementation of: ITSM, ITOM, CMDB, SecOps, AIOps. MID Server configurations, web services (REST, SOAP), IntegrationHub. Experience building dashboards, reports , and visual analytics in ServiceNow. Solid understanding of ServiceNow data models , access control, performance tuning. Expertise in Problem, Incident, Change , and Request Management modules. Experience with scripted REST APIs, Flow Designer , Business Rules, and Client Scripts. Familiarity with risk management processes , security incident flows, and event management. Excellent communication and stakeholder engagement skills. ServiceNow certifications (Architect, CIS in ITSM/ITOM/SecOps/AIOps) strongly preferred. Preferred Qualifications: Hands-on experience with ServiceNow AI/ML capabilities . Prior experience in regulated environments or enterprise transformation projects. Agile delivery methodology exposure and ability to work in cross-functional teams. What We Offer: Opportunity to work on cutting-edge ServiceNow initiatives. Collaborative and innovative work environment. Competitive compensation and growth opportunities.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure Sentinel Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also monitor security systems and respond to incidents, all while staying updated on the latest cyber threats and security technologies to effectively safeguard the organization’s information and infrastructure. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular security assessments and audits to identify vulnerabilities. - Develop and implement security policies and procedures to enhance the organization's security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM). - Good To Have Skills: Experience with Microsoft Azure Sentinel. - Strong understanding of security protocols and best practices. - Experience in incident response and threat hunting. - Familiarity with network security technologies and tools. Additional Information: - The candidate should have minimum 3 years of experience in Splunk Security Information and Event Management (SIEM). - This position is based at our Noida office. - A 15 years full time education is required., 15 years full time education

System Administrator Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. It’s a claim backed by our True Performance System - a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. It’s why we’ve structured our business to help our teams, and their talents, shine bright. It's why we’ve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And it’s why we’ve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognise excellence Brennan Daredevils - our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities Discounted hardware and software An environment that embraces learning and development The Role To provide 1st, 2nd or 3rd level technical support to Brennan IT clients, engineers and staff, 1st level monitoring and technical support to Brennan IT clients and staff. To coordinate, collaborate and escalate incidents within stipulated timelines, maintain existing cloud/infrastructure services and ensure that environment runs in an optimal way. and Continuously Improve the Efficiency and Excellence of Service Delivery as Measured by Client facing Surveys and Ratings in every department you are part of. 2-5 yrs minimum experience in Windows Server Administration / System Administration / Wintel Administration / Hyper V Administration / IT Technical Support role/ for international clients, preferably in Managed Services IT provider / IT Companies. Role Responsibilities Maintaining/contributing to KMS for client and internal team, for both technical & processes Server monitoring using SCOM, N-ABLE, Logic Monitor, Basic Intune / SCCM configurations Understanding of O365, Mimecast, Intune, Azure integration Vendor Management (hardware and Software vendors - HP, Dell, MS, VM, Citrix and others) Storage understanding NAS, SAN e.g., data domain, IBM, Netapp, Hitachi, Fujitsu, HP 3par Administration of Windows Server, groups, group policies, DNS, DHCP Understanding of backups, replications for Veeam, Symantec, Zetro, Commvault On premises backup alert management, monitoring and restoration SSL certificate renewal and installation on various roles (IIS, ADFS, ADC-Netscaler, Apache, SQL Reporting Services, WAS, Load Balancers) Smooth and timely customer engagement Disk, CPU, Snapshot management provisioning Monitor, manage experience with ESXI/Hyper-V hosts, Nutanix, Dell, HP SimpliVity Manage understand Failover Cluster, NLB Citrix/RDS/WVD knowledge with application publishing, upgrading, managing securely Manage windows update compliance. Antivirus Management, Sophos, Defender. Patching ESXi hosts and vCenter updates Knowledge of vulnerability management and critical remediation Change management, performing RCA and able to clearly articulate the actions/outcomes Key Competencies and Qualifications required Knowledge of as many more technologies like VMware, Windows Hypervisors, Azure Administrations, O365, Mimecast, SQL Administration, Windows Administration. Should have experience in VM Deployment, VM Migration, managing host clusters Extremely high-level attention to detail with methodical troubleshooting process Good verbal and written communication skills Must have knowledge of Storage technologies like HP, IBM, Dell, Cisco servers, O365, Azure Administration) Proactive vs Reactive approach ITIL Service Management Foundation accreditation Essential Skills Windows Server including 2016/2019, DNS, DHCP, Group Policy Active Directory 2012 and above VMware / Virtualization (Hyper - V, VMware) O365, Azure Administration Desired Skills Exposure to Backup tools like Veeam/Commvault/Backup exec Windows Administration certifications 2012 and above Exposure to SAN /NAS MS Azure and Office 365 Administration Symantec Endpoint or McAfee or Sophos or Sentinel One or CrowdStrike Exposure to Blade servers and configurations ITIL Foundation and ServiceNow ITSM tool Brennan is an equal opportunity employer

Senior Software Engineer Noida, Uttar Pradesh, India Date posted Jul 09, 2025 Job number 1843990 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Control Plane Engineering team is responsible for developing and implementing control plane services that coordinate the setup & interaction between various 1P & internal components needed to onboard an end user and provide complete experience of the Modern Security Data Lake. As a senior engineer, you will contribute to these services by designing and developing solutions that establish the platform's core functionality. . You will work in a forward-looking product as part of an agile, collaborative, and cross-discipline team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 8+ years of experience in software development. (Required) BS in Computer Science or higher, equivalent industry experience. Experience in handling large software engineering projects, modularizing them into deliverables for the team, shepherding them to quality delivery, and working closely with engineering partners across the globe. (Required) Demonstrated problem solving and debugging skills. (Required) Breadth and depth technical knowledge in software engineering. Experience in building, shipping, and operating reliable system software preferably with experience in large scale high availability distributed systems. Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Hastags: #MSFTSecurity #sde Responsibilities We are looking for someone who is a highly motivated, self-starter who thrives in a bottoms-up, fast paced, highly technical environment, has a strong customer focus and understands the importance of Live Site, has a demonstrated ability to establish and manage relationships across organizational boundaries, has proven experience dealing with large scale data architecture, operational architecture and or network Architecture and proven experience creating distributed systems tools of moderate-to-high complexity. You will be responsible to perform investigations and investments in complex areas; designing and delivering features end to end - including system architecture, code, deployment, scale, performance and quality, from conception to delivery. In short, you will be responsible for all aspects of a feature area including design Design and implement scalable, reliable, maintainable services Demonstrate strategic understanding of the timing and rationale for design choices, within the scope of work. Consistently contribute key ideas to the product or service design and vision that meets the customer's needs - Drive design reviews across the team and apply expertise in available technologies Apply metrics to drive the quality and stability of code - Have a sense of pride, commitment, and personal accountability for the service quality, completeness and resulting user experience for the life of the product or service • Work closely with geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering System. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Microsoft 365 Threat Protection SME – FastTrack Bangalore, Karnataka, India Date posted Jul 09, 2025 Job number 1838031 Work site Up to 100% work from home Travel 0-25 % Role type Individual Contributor Profession Technical Support Discipline Technical Support Engineering Employment type Full-Time Overview We are the FastTrack Team, a diverse group of passionate technology professionals driven to help our customers derive high value from their Microsoft investment. Focused on driving E5 Security and Compliance, Copilot growth and the required security posture at scale with customers, FastTrack plays a primary worldwide role in executing this strategy at scale across our customers and partners while working side by side with multiple Microsoft engineering, data analysis, marketing, sales, support, and operational teams. We are looking for individuals who are passionate about helping customers adopt Microsoft 365 products by envisioning, designing, and executing innovative approaches to solve their business challenges, and effectively work side by side with a team of driven technology and business professionals to improve our products. As a FastTrack Defender Product Subject Matter Expert (SME), your main goal is to help customers enable, deploy their E5 Defender licenses, provide guidance on Microsoft Security and zero trust concepts, drive key usage scenarios and adoption for Microsoft Defender Product and services such as Microsoft Defender for Endpoint (MDE), Microsoft Defender for Office 365 (MDO), Microsoft Defender for Identity (MDI) and Microsoft Defender for Cloud Apps (MDA), Zero Trust. Knowledge of Defender portal, Microsoft Copilot for Security Integrations, Defender XDR and Microsoft Sentinel will be an added advantage. You should be seen as the trusted advisor and drive the technical decision of customers to continually use our product and technology. You will work in a team, deepening the customer security posture while helping them through their digital transformation. As a Defender SME, you will work with FTAs, other SMEs, Account Team, Partner, Support and Consulting resources to help educate your customers at a technical level, demonstrate, and prove our solutions, and drive value in all engagements. Being part of this team will allow you to maintain and develop your deep technical expertise across Microsoft and non-Microsoft (compete) Security products and services. This role is flexible in that you can work up to 100% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualifications Hands-on experience in M365 product platform (Security & Compliance), technical enablement, solution design, Product demonstration and Proof of Concept, deployment and adoption. Bachelor's or Master's Degree in Computer Science, Information Technology, or related field (or equivalent experience) combined with technical deployment, pre-sales or technical consulting experience. Education/Experience: Required Minimum Qualifications Bachelor's Degree in Engineering, Business, or related field AND 4+ years’ experience in Microsoft Defender and other cloud-based Security technologies, technical deployment, process management, execution, optimization, or related experience OR Master's Degree in Engineering, Business, or related field AND 2+ years’ experience in Microsoft Defender and other cloud-based Security technologies, technical deployment, process management, execution, optimization, or related experience Additional Experience: Proven ability to engage clients, understand their needs, and map them with Microsoft Security and Compliance products and services, drive technical deployment and adoption. Understand the customer segment, apply competitive analysis and market insights, that drive key business outcomes. Strong presentation, demonstration, and communication skills. Additional or Preferred Qualifications Experience with cloud and hybrid, or on premises infrastructures, architecture designs, migrations, industry standards, and/or technology management. Certification in relevant technologies or disciplines (e.g. Security, Identity and Purview data security). Experience with Sentinel, Entra ID, Intune, Purview and Microsoft Security Exposure Management. Responsibilities Job Description Technical Enablement, Onboarding and adoption: You will reach out to customers proactively and independently using knowledge of customer context; expertise in Microsoft Defender workloads (MDE, MDO, MDA, MDI, SIEM and XDR); along with other technical and industry knowledge. Leading technical discussions with customers and establishing rules of engagement You will deliver onboarding sessions for MDE, MDO, MDA, MDI, and XDR to ensure customers understand deployment. You will assist customers with MDE configuration and best practices across Windows, Linux, Mac, Android, iOS, and Defender for Servers. You will provide guidance on MDE features like TVM, incident management, alert tuning, AIR, ASR, NGP, and device control. You will identify prerequisites, run sizing tool and provide configuration best practices for complex MDI deployments to customers. You will identify prerequisites and provide guidance to deploy Defender for cloud apps use cases in customer environment. You will provide guidance for migrating customers from third-party email security solutions to EOP and Microsoft Defender for Office 365. You will help customer troubleshoot issues and remove deployment blockers. Provide configuration guidance and best practices for the Unified Security Operations Platform and Defender XDR capabilities. You will provide deployment guidance on Microsoft Entra ID capabilities including Conditional Access, Multi Factor Authentication, SSPR, PIM, MTO / B2B collaboration, Global Secure Access, Identity provisioning and LCW. Driving Customer Success: You will engage with customers and partners to remove technical deployment blockers across Support Levels and Security workloads, and/or help transition off a compete product. Lead with automation, empowering customers to self-serve. Partner with all FastTrack delivery roles to achieve shared FastTrack program key objectives. Education: You will proactively identify learning gaps; monitoring & responding to internal tech community posts, attending community calls, sessions, hackathons, etc. Practicing expertise by communicating with customers, partners, and senior colleagues to expand knowledge of architecture and demonstrating new and updated Microsoft Defender and XDR products and services. Leverage Partner Ecosystem: You will act as the liaison between the partner and team and facilitate partner resources and processes. Identifying MDE, MDO, MDI, MDA, XDR, and Microsoft Security Copilot skills and resource gaps and providing feedback to internal teams. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Description Key Responsibilities: Advanced incident investigation: Conduct deep-dive investigations into complex security alerts and incidents, correlating events across multiple security tools and logs (SIEM, EDR, network logs, cloud logs). Incident response leadership: Lead containment, eradication, and recovery efforts for security incidents, collaborating with IT, engineering, and other teams. Threat hunting: Proactively search for threats within our environment using threat intelligence, hypotheses, and advanced analytical techniques. Root cause analysis: Perform root cause analysis for security incidents and recommend preventative measures to enhance our defenses. Threat Hunting: Exercises and proactive detection activities. Stay updated on emerging threats, vulnerabilities, attack techniques, and security news Vulnerability Management: Conduct regular vulnerability scans and assessments using industry-standard tools and ASPM. Analyze scan results to identify and classify security vulnerabilities, understanding their potential impact and exploitability. Develop playbooks: Contribute to the creation and refinement of incident response playbooks, runbooks, and standard operating procedures, including SOAR. Security tool optimization: Recommend and assist with the configuration, tuning, and optimization of SIEM rules, EDR policies, and other security controls. Threat intelligence integration: Integrate and operationalize threat intelligence (IOCs) and TTPs to improve detection capabilities and inform proactive defense strategies. Reporting: Generate comprehensive incident reports and provide actionable insights to management. Required Qualifications Minimum of 5 years of experience in a Security Operations Center (SOC) or a similar cybersecurity role Strong understanding of security frameworks (MITRE ATT&CK, NIST, ISO 27001, etc.) Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel, etc.) Familiarity with EDR solutions (e.g., CrowdStrike, Carbon Black, Defender ATP) Solid knowledge of networking concepts, log analysis, and common attack vectors Experience in the incident response lifecycle, malware analysis, and threat hunting Ability to perform effectively in high-pressure situations and manage multiple incidents simultaneously Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience) Preferred Skills And Certifications Certifications such as GCIA, GCIH, CEH, CISSP, OSCP, or Security+ Experience with scripting (Python, PowerShell, Bash) for automation and log parsing Knowledge of cloud security monitoring (AWS, Azure, GCP) Experience with SOAR platforms and the automation of incident response workflows

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas – IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position And Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications And Experience Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years’ experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Requisition Number: 101414 Cloud Technical Lead - Infra Shift- 2 PM- 11 PM IST Location: The role will be a hybrid position located in Delhi NCR, Hyderabad, Bangalore, Pune, Mumbai, Chennai. Insight at a Glance 14,000+ engaged teammates globally #20 on Fortune’s World's Best Workplaces™ list $9.2 billion in revenue Received 35+ industry and partner awards in the past year $1.4M+ total charitable contributions in 2023 by Insight globally Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organisations through complex digital decisions. About the role As a Cloud Technical Lead you will: Extensive experience with Azure IaaS, PaaS, Networking, Storage, and Security Ability to work with clients in designing new Azure solutions Proven background in repeatable implementation and deploy models Possess comfort in leading war rooms, troubleshooting sessions, or producing RCA findings Good experience merging traditional data centers with newer cloud topologies General knowledge of IAM, role assignments, and Azure Active Directory Bonus consideration: familiarity with Conditional Access, Just in Time, EMS E3/E5, MCAS or Azure Sentinel Exposure to Containerization - Docker Kubernetes What we’re looking for Excellent understanding of provisioning and optimizing VM and managed disks. Expert understanding of cloud infrastructure, primarily Azure, secondary AWS and/or GCP Experience with security concepts such as encryption, identity management, access control and key vaults. Experience with networking concepts such as software-defined networking, routing, virtual private networks, load balancers, and firewalls. What you can expect We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another location—even an international destination—for up to 30 consecutive calendar days per year. But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India

What We Do: At ClearTrail, work is more than ‘just a job’. Our calling is to develop solutions that empower those dedicated to keep their people, places and communities safe. For over 23 years, law enforcement & federal agencies across the globe have trusted ClearTrail as their committed partner in safeguarding nations & enriching lives. We are envisioning the future of intelligence gathering by developing artificial intelligence and machine learning based lawful interception & communication analytics solutions that solve the world’s most challenging problems. Role Summary: Lead the development of advanced AI/computer vision capabilities for analyzing and fusing imagery from drones, satellites, and ground-based video feeds. Roles and responsibilities: Design and lead implementation of computer vision models for aerial (drone/satellite) and terrestrial video data. Architect data fusion pipelines across multiple visual and spatiotemporal modalities. Guide research into cross-resolution image fusion, change detection, and anomaly identification. Collaborate with platform, data, and MLOps teams to productionize models Skills Must Have: Expert in deep learning frameworks: PyTorch, TensorFlow, Keras Proficient with vision/model libraries: MMDetection, Detectron2, OpenCV Experience with multi-source data fusion, such as drone-satellite alignment, optical/LiDAR fusion, or time series modeling Good to Have : Familiarity with remote sensing data (e.g., Sentinel, Landsat, PlanetScope) Qualification: Education: B.E./B.Tech/MCA/M.Tech Joining Location: Indore Experience: 10-12 Years Job Types: Full-time, Permanent Schedule: Day shift Monday to Friday Application Question(s): As this is an onsite opportunity, are you okay to relocate to Indore? How many years of experience you have using NumPy, Pandas, SciPy, PyTorch and TensorFlow? Do you have experience with satellite/drone geospatial fusion? Work Location: In person Application Deadline: 01/08/2025 Expected Start Date: 04/08/2025

Oreta is a leading technology services company that empowers business outcomes through advisory, delivery and managed services using network, cloud, security, and analytics. Our commitment to innovation and excellence has earned us numerous prestigious awards in the Australian technology sector, including recognition from ARN, Telstra, Deloitte and CRN. We maintain strategic partnerships with renowned industry leaders such as Microsoft, Telstra, Cisco, Sentinel One, Palo Alto Networks, VMware Premium, and Qualys, enabling us to deliver top-tier solutions and services. Role & responsibilities Delivery of projects related to O365, Teams calling, SharePoint, Microsoft Teams, Intune, Azure, Active Directory, endpoint security, email security and VDI Responding and resolving service tickets within the required SLAs for proactive and reactive support tickets Configuring/troubleshooting Microsoft Collaboration solutions, PCs and network equipment Troubleshooting and supporting Microsoft Collaboration solutions via our ticketing system, telephone, email, and in-person Monitoring and controlling usage and help identify efficiencies in process and solutions Upgrading devices/solutions to the latest patches and major releases Monitoring system performance and capacity, and providing periodic system status reports Performing timely escalations as per SLAs Providing inputs for creation of SOPs and process improvements Maintaining high customer satisfaction Working collaboratively with the Service Delivery and Support team, Investigating faults in customers' O365 environment and maximizing performance through ongoing monitoring and troubleshooting Updating network equipment to the latest firmware releases Reporting on service scope to key stakeholders Preferred candidate profile 3+ years experience working in some of the following areas: IT service desk experience PC deployment and build O365, Microsoft Teams, Intune, Azure, Active Directory, endpoint security, email security, VDI, IP Telephony, VPN O365 mailbox migrations, Sharepoint migrations M365- Windows 10 Exposure to Cisco, Meraki, Check Point and other vendors (desirable) Exposure to any Video conferencing equipment (desirable). Prior experience working in an ITIL environment Microsoft certified Associate: MD-100, MD-101, AZ-104, MS-700, MS-100 Prior experience with SCCM and Intune Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Responsibilities: * Design, implement & optimize Azure infrastructure using Terraform, Sentinel & Defender. * Develop automation scripts with PowerShell & ARM templates for CI/CD pipelines. Health insurance Provident fund Annual bonus

Company Description Thinkcloudly is a global IT learning platform helping individuals build careers in cloud computing , cybersecurity , and DevOps . We offer hands-on, job-ready training with a focus on Microsoft Azure , security tools , and interview preparation . Role Description This is a part-time remote role for a Sentinel Consultant. The Sentinel Consultant will be responsible for providing expert guidance on Sentinel deployment, configuration, and optimization. Daily tasks include troubleshooting issues, delivering training sessions, creating documentation, and staying updated with the latest Sentinel features and best practices. Qualifications Experience with Sentinel deployment, configuration, and troubleshooting Ability to deliver training sessions and create detailed documentation Hands-on experience with Microsoft Sentinel / Azure SIEM Excellent communication and presentation skills Ability to work independently and manage time effectively Knowledge of KQL , Azure Security Center , and incident response Bachelor's degree in Computer Science, Information Technology, or related field

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary As a Security Operations lead, your typical day will involve leading SOC related activities on Google SecOps and Microsoft Sentinel, providing end to end investigation in a client facing role. You will also engage in ensuring proactive monitoring of security systems to analyze and respond to incidents effectively, all while staying updated on the latest cybersecurity trends and threats as well as maintaining quality of service. Roles & Responsibilities:- Expected to contribute in Team lead capacity for a SOC team.- Required participation/contribution in team discussions.- Contribute in providing solutions to work related problems on the client side.- Conduct regular security assessments and audits to identify gaps in the configuration and detections of false positives.- Develop and implement security policies and procedures to safeguard information, inclusive of optimization of analytic rules. Professional & Technical Skills: - Must Have Skills: Proficiency in Microsoft Azure Security, including Microsoft sentinel, Microsoft Defender XDR and KQL and have a good understanding of Microsoft Defender solution platform for MDE, MDI, XDR, MDA and MDO- Good to have Skills: Google SecOps security incident management and understanding of Azure, GCP WAF platforms and configuration- Strong understanding of cloud security principles and best practices.- Experience with security tools and technologies on Microsoft Azure. Multi-Cloud experience will be additional.- Knowledge of security frameworks like MITRE.- Ability to analyze security incidents from L3 perspective as well as developing effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in Microsoft Azure Security suite.- This position is based at our Bengaluru office.- A 15 years full time education is required Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Cloud Security Architecture Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Security Delivery Specialist to support the planning, implementation, and delivery of cybersecurity services across Microsoft security technologies. The ideal candidate will have practical expertise with MDC, MDE, MDI, Azure Firewall, and Microsoft Sentinel, and will play a key role in delivering secure, scalable, and compliant security solutions for internal stakeholders or clients.You will engage in problem-solving activities, participate in team meetings, and contribute to the overall success of projects by delivering high-quality applications that enhance operational efficiency and user experience. Roles & Responsibilities:- Deliver security solutions using Microsofts security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.Translate business and technical requirements into well-architected security solutions and support delivery from design to deployment.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.Implement and operationalize MDC for cloud security posture management and workload protection.Support deployment and ongoing management of MDE for endpoint threat detection and response.Integrate MDI into customer environments to monitor identity-related threats and provide remediation recommendations.Design and maintain Azure Firewall rules and policies as part of secure cloud network implementations.Coordinate with engineering, operations, and risk teams to ensure consistent and secure delivery of services.Create technical documentation, deployment guides, and knowledge transfer materials for clients or internal teams.Collaborate with project managers and stakeholders to ensure timely and successful delivery of security services.Contribute to continuous improvement initiatives and automation of delivery processes. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cloud Security.- Strong knowledge on MDC, MDE, MDI, MCAS, Azure Sentinel, Firewall- Strong understanding of cloud security principles and best practices.- Experience with security frameworks and compliance standards.- Ability to assess and mitigate security risks in cloud environments.- Familiarity with identity and access management solutions. Additional Information:- The candidate should have minimum 5 years of experience in Cloud Security Architecture.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education