899 Sentinel Jobs - Page 2

Hello, Greetings from Dev Information Technology Ltd ! Company Details: We are trusted as one of the leading IT enabled services provider, having a remarkable track record of consistently delivering workable and robust solutions. This becomes possible as we adopt continual innovation and remain committed to quality, implement and refine processes and leverage technological prowess. With the best software and hardware environments coupled with state-of-the-art communication facilities; our offices are fully equipped to work as virtual extensions of clients’ environment, providing 24×7 services. Founded in 1997 in Ahmedabad, India – one of the fastest growing metros of India Branch offices in India, USA and Canada Multi-million US$ turnover with CAGR of 20% 1000+ certified and skilled professionals serving more than 300+ clients globally Offering end-to-end solutions to meet IT and ICT needs of clients Website : https://www.devitpl.com/ Designation : Sr. SOC Analyst Experience : 4 + Years Work Location : Ahmedabad Job type: Full -Time Perks & Benefits: • Health Insurance • Employee rewards and recognition • Flexible working hours • Gratuity • Professional Development • Comprehensive Leave Benefit Job Description: As a SOC L2 Analyst, you are responsible for monitoring, detecting, and responding to security incidents. You will work closely with other SOC teams and support team members to ensure the security of the organization's IT infrastructure. Monitoring and Incident Triage: Continuously monitor alerts from security tools such as Microsoft Sentinel and Cortex XDR in the Oracle RightNow ticket portal. Investigate and analyze the source of alerts and potential incidents (e.g., analyzing source IPs , timestamps, network traffic, etc.). Validate whether alerts generated by tools like Cortex XDR or Microsoft Sentinel require further investigation or if they can be safely closed. Evaluate potential false positives by checking various threat intelligence sources such as VirusTotal and AbuseIPDB for any indications of malicious activity. Threat Hunting and Analysis: Conduct proactive searches for potential threats within the environment based on known indicators of compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) . Review historical logs, security events, and other telemetry data from different tools (e.g., Cortex XDR , Palo Alto Panorama ) to identify unusual patterns or malicious activities. Check alerts against known false positives, especially for alerts related to tools like Cortex XDR and Microsoft Sentinel . For repeated alerts, suggest white-listing those alerts to the Support or SecEng team based on past historical data Threat Response: Respond to detected incidents by following the predefined Standard Operating Procedures (SOPs) . For incidents that require further action, escalate to higher-level SOC analysts ( SOC L3) for deeper analysis or containment. When alerts require whitelisting or other configuration adjustments, escalate incidents to SOC L3 teams for further action. Escalate unresolved alerts to the CSM (Customer Success Manager) when a customer has not responded to alerts over an extended period. Open manual tickets in the Oracle RightNow ticket portal if Sentinel automation fails to generate the required incident tickets. Ensure all relevant incident data, including the nature of the alert, any investigation steps, and actions taken, is logged accurately for tracking purposes. Coordination and Communication: Coordinate with the Security Engineering (SecEng) team or other teams if misconfiguration alerts are detected or if a new configuration task is required to address potential vulnerabilities. If a customer has not responded to alerts or incidents, reach out to the CSM (Customer Success Manager) for further engagement and communication with the customer. Suggest and share any relevant findings or insights with the SOC team to enhance investigations and improve incident response Configuration Management and Automation: Report any issues with automated systems or configurations that may impact alert accuracy or effectiveness. If automation (e.g., Sentinel automation ) fails to generate tickets or does not trigger appropriate actions, escalate the issue to the team responsible for fixing the automation pipeline. Work with L3 or SecEng team to white-list alerts regarding Cortex XDR and Microsoft Sentinel Documentation and SOP Adherence: Ensure that all activities are in line with SOC Standard Operating Procedures (SOPs) , and follow established processes for escalation, investigation, and resolution. Tools and Technologies Security Monitoring Tools: Microsoft Sentinel Cortex XDR Palo Alto Panorama Grafana (for dashboarding and visualizing security data) Best Regards, Shruti Mistry | Talent Acquisition Executives HR (TALENT ACQUISITION) Job Types: Full-time, Permanent Pay: ₹50,000.00 - ₹90,000.00 per month Benefits: Food provided Health insurance Schedule: Night shift Rotational shift Weekend only Work Location: In person

Location Baglan, GB Department Name EG SM(S), Port Talbot, Direct (894612) G5 About Network Rail At Network Rail, we’re part of a large family serving millions of passengers and freight users throughout the UK every day. Our service impacts millions of people and we strive to become more efficient as we enhance, maintain and operate our network. Now is a fantastic time and join our team in Wales and Western region as we finalise the reforms to our maintenance organisation which will deliver: A safer and more reliable and punctual service for passengers and employees – quicker fault fixes by more agile multi-disciplined response teams. Individual rostering – enabling us to send the right number or people to fix a fault. Multi-skilling – investing in the knowledge and skills of our people so they are better equipped to fix the most common faults themselves. Accelerated and improved technology deployment – we have a raft of labour and life-saving technology ready to be rolled out. Our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. When you're part of our team, you matter to us and you matter to millions. Watch our video to find out more! About our people and the recruitment process - We’re an inclusive employer of choice and we welcome applications from everyone! We look for opportunities to offer great opportunities to learn and grow through personal and professional development. And, if you make the grade then you can look forward to a rewarding and fulfilling career with a company that joined the top 50 in the Glassdoor's 2021 Best Places to Work. We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone . For more information about Network Rail click here Brief Description You’ll help keep our nation moving every single day. This is a critical part of the work we do is the daily upkeep of the rail network. As a technician you’ll work outdoors in a team, supporting essential maintenance to keep the railway running safely and smoothly for passengers and freight users. Our technician community comes from a variety of different backgrounds, and this might be the first time that you’ve even considered a career in rail. We’re focused on your transferrable skills and behaviours and if you can demonstrate that, then we will provide you with all the necessary training to have you working safely and competently out on the network. About The Role (External) Our technicians work outside in all conditions, at all times of the year, day or night. You could be involved in demanding manual work, often with the need to transport kit, across tricky terrain. Being safety focused, respectful of rules and a team player will be critical as you’ll often be working next to moving trains travelling at highspeed. You matter to your team You will be a natural team player; you’ll also be able to lead the team when asked by the team leader. You’ll use your skills to deliver work safely and will check the team has the right competencies to meet our strict safety standards. You’ll also be a role model for safe working behaviours and be confident to challenge any potential risks to safety, so that everyone gets home safe every day. Today’s technicians can go onto become tomorrow’s team leaders. Your Skills Matter Our technicians play a vital role in our maintenance teams. You don’t necessarily need rail experience, but you do need to show how your transferrable skills meet the following: Leadership – You’re able to lead, motivate and direct a team for safe and efficient work delivery. Effective communicator – You’ll need strong communication skills and be able to deliver clear instructions to the team and other colleagues. Technical skills –You’ll have knowledge and experience of inspection, faulting, maintenance and renewal techniques in the discipline that you are applying for. Safety – You consistently role model safe behaviours, can arrange and implement safe systems of work, and are confident to challenge if you think a situation is unsafe. Problem solver – You’ll be persistent in finding safe and effective solutions. You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. To issues you find out in your working environment. Willingness to learn – You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. Relevant qualification – You’ll ideally hold an NVQ Level 1 or 2 linked to the discipline you are applying for. Or you have achieved an equivalent level of relevant experience. It matters that this is the right role for you Here’s some additional information which might help you. Shifts – Technician roles involve a changing shift pattern including days, nights and weekends. Outdoor working - Our technicians work outside in all weathers and so you’ll be comfortable working in different conditions. Safe working - Offers of employment are subject to drug and alcohol testing and passing of the relevant medical assessment and BPSS pre-employment checks. This will include a hearing and eyesight examination. Driving - As a technician you’ll also need a driving licence (category B) so you can drive Network Rail vehicles. Commute times - You’ll also need to be within a 60-minute commute of the location that you’re applying for. You matter to us Your commitment to self-development and continuous learning is hugely important in this role and we'll provide you with all the training to develop both technical skills and non-technical skills. If you’re joining us from another industry, the structured training will give you the skills and confidence to move into a rewarding career in rail. Today’s technicians are tomorrow’s technicians and team leaders, and we offer a clear career path for you. As a Network Rail employee, you will enjoy a wide range of benefits! Privileged staff travel - Leisure travel discount of 75% on all leisure travel and includes family members. A subsidy of up to 75% on rail and underground season tickets if you travel to work on the train. Benefits package including healthcare offers, a cycle to work scheme, discounted healthcare club membership, and a discounted offers and benefits including childcare, healthcare and online shopping site. Effectively manage work-life balance with a 35hrs per week contract, with hybrid working, flexible working, and family friendly support. 5 days paid volunteering leave. 2 weeks paid reserve leave for the Armed Forces community. In Wales and Western region, you will have the opportunity to join PROUD, our reward and recognition scheme where you can say thanks and recognise colleagues across the region who have demonstrated outstanding values How To Apply (External) Salary: £43,997 per annum Some on call may be required. Network Rail Benefits – To find out about what benefits we offer, click here Closing date : 13th August 2025 Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted. The assessment process will consist of a competency and technical interview. Click ‘ apply now’ to apply. Our Drugs and Alcohol Standard has changed. All prospective candidates will be required to undergo and pass a drugs and alcohol test. Your application will be rescinded if you record a positive test. All positive drugs and alcohol test results for prospective candidates will be securely held on Sentinel database and a 5-year suspension from applying for a safety critical role, a role which requires PTS certification or a Key Safety role on Network Rail Managed Infrastructure will be enforced. We are an equal opportunity employer and value diversity. We do not discriminate based on race, religion, national origin, gender, sexual orientation, age, marital status, or disability status. Click here for more information. Diversity and inclusion are more than just buzz words for us. We’re constantly striving to make sure we provide a welcoming and safe environment for everyone. We recognise that certain groups are under-represented within our team and we’re working closely with our regional diversity and inclusion networks to make sure we support these groups as best as we can. Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application. All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information Keeping people safe on the railway is at the heart of everything we do. Safe behaviour is therefore a requirement of working for Network Rail. You should demonstrate your personal dedication to safety on your application.

Location Baglan, GB Department Name EG SM(Tr) Llanelli Direct (894311) G1 About Network Rail At Network Rail, we’re part of a large family serving millions of passengers and freight users throughout the UK every day. Our service impacts millions of people and we strive to become more efficient as we enhance, maintain and operate our network. Now is a fantastic time and join our team in Wales and Western region as we finalise the reforms to our maintenance organisation which will deliver: A safer and more reliable and punctual service for passengers and employees – quicker fault fixes by more agile multi-disciplined response teams. Individual rostering – enabling us to send the right number or people to fix a fault. Multi-skilling – investing in the knowledge and skills of our people so they are better equipped to fix the most common faults themselves. Accelerated and improved technology deployment – we have a raft of labour and life-saving technology ready to be rolled out. Our passengers and freight users are at the heart of everything we do. We help connect people to their friends and families and get goods to their destination safely and efficiently. We’re an organisation where people matter. When you're part of our team, you matter to us and you matter to millions. Watch our video to find out more! About our people and the recruitment process - We’re an inclusive employer of choice and we welcome applications from everyone! We look for opportunities to offer great opportunities to learn and grow through personal and professional development. And, if you make the grade then you can look forward to a rewarding and fulfilling career with a company that joined the top 50 in the Glassdoor's 2021 Best Places to Work. We want to help deliver a railway which is safe, reliable, affordable and that provides great customer service to everyone . For more information about Network Rail click here Brief Description You’ll help keep our nation moving every single day. This is a critical part of the work we do is the daily upkeep of the rail network. As a technician you’ll work outdoors in a team, supporting essential maintenance to keep the railway running safely and smoothly for passengers and freight users. Our technician community comes from a variety of different backgrounds, and this might be the first time that you’ve even considered a career in rail. We’re focused on your transferrable skills and behaviours and if you can demonstrate that, then we will provide you with all the necessary training to have you working safely and competently out on the network. About The Role (External) Our technicians work outside in all conditions, at all times of the year, day or night. You could be involved in demanding manual work, often with the need to transport kit, across tricky terrain. Being safety focused, respectful of rules and a team player will be critical as you’ll often be working next to moving trains travelling at highspeed. You matter to your team You will be a natural team player; you’ll also be able to lead the team when asked by the team leader. You’ll use your skills to deliver work safely and will check the team has the right competencies to meet our strict safety standards. You’ll also be a role model for safe working behaviours and be confident to challenge any potential risks to safety, so that everyone gets home safe every day. Today’s technicians can go onto become tomorrow’s team leaders. Your Skills Matter Our technicians play a vital role in our maintenance teams. You don’t necessarily need rail experience, but you do need to show how your transferrable skills meet the following: Leadership – You’re able to lead, motivate and direct a team for safe and efficient work delivery. Effective communicator – You’ll need strong communication skills and be able to deliver clear instructions to the team and other colleagues. Technical skills –You’ll have knowledge and experience of inspection, faulting, maintenance and renewal techniques in the discipline that you are applying for. Safety – You consistently role model safe behaviours, can arrange and implement safe systems of work, and are confident to challenge if you think a situation is unsafe. Problem solver – You’ll be persistent in finding safe and effective solutions. You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. To issues you find out in your working environment. Willingness to learn – You’ll consistently develop your skills and competencies relevant to your discipline, keeping up to date with new standards, procedures and instructions. Relevant qualification – You’ll ideally hold an NVQ Level 1 or 2 linked to the discipline you are applying for. Or you have achieved an equivalent level of relevant experience. It matters that this is the right role for you Here’s some additional information which might help you. Shifts – Technician roles involve a changing shift pattern including days, nights and weekends. Outdoor working - Our technicians work outside in all weathers and so you’ll be comfortable working in different conditions. Safe working - Offers of employment are subject to drug and alcohol testing and passing of the relevant medical assessment and BPSS pre-employment checks. This will include a hearing and eyesight examination. Driving - As a technician you’ll also need a driving licence (category B) so you can drive Network Rail vehicles. Commute times - You’ll also need to be within a 60-minute commute of the location that you’re applying for. You matter to us Your commitment to self-development and continuous learning is hugely important in this role and we'll provide you with all the training to develop both technical skills and non-technical skills. If you’re joining us from another industry, the structured training will give you the skills and confidence to move into a rewarding career in rail. Today’s technicians are tomorrow’s technicians and team leaders, and we offer a clear career path for you. As a Network Rail employee, you will enjoy a wide range of benefits! Privileged staff travel - Leisure travel discount of 75% on all leisure travel and includes family members. A subsidy of up to 75% on rail and underground season tickets if you travel to work on the train. Benefits package including healthcare offers, a cycle to work scheme, discounted healthcare club membership, and a discounted offers and benefits including childcare, healthcare and online shopping site. Effectively manage work-life balance with a 35hrs per week contract, with hybrid working, flexible working, and family friendly support. 5 days paid volunteering leave. 2 weeks paid reserve leave for the Armed Forces community. In Wales and Western region, you will have the opportunity to join PROUD, our reward and recognition scheme where you can say thanks and recognise colleagues across the region who have demonstrated outstanding values and behaviours. How To Apply (External) Salary: £37,073 per annum Some on call may be required at times. Network Rail Benefits – To find out about what benefits we offer, click here Closing date : 13th August 2025 Please get your application in as soon as possible, we may close the advert before the listed closing date if we receive enough applications. Late applications will not be accepted. The assessment process will consist of a competency and technical interview. Click ‘ apply now’ to apply. Our Drugs and Alcohol Standard has changed. All prospective candidates will be required to undergo and pass a drugs and alcohol test. Your application will be rescinded if you record a positive test. All positive drugs and alcohol test results for prospective candidates will be securely held on Sentinel database and a 5-year suspension from applying for a safety critical role, a role which requires PTS certification or a Key Safety role on Network Rail Managed Infrastructure will be enforced. We are an equal opportunity employer and value diversity. We do not discriminate based on race, religion, national origin, gender, sexual orientation, age, marital status, or disability status. Click here for more information. Diversity and inclusion are more than just buzz words for us. We’re constantly striving to make sure we provide a welcoming and safe environment for everyone. We recognise that certain groups are under-represented within our team and we’re working closely with our regional diversity and inclusion networks to make sure we support these groups as best as we can. Network Rail is a Disability Confident Leader and we’ll try our best to adapt the process and offer a reasonable alternative to help support people with disabilities access, apply and interview for roles. You can visit Evenbreak’s Career Hive for advice on accessibility support if you’re unsure of the options available. Should you require any reasonable adjustments/modifications, please add a note to your application. All offers of employment are conditional upon satisfactory completion of pre-employment checks. Click here for more information

Senior Threat Researcher Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1853457 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Threat Hunter 2 Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1854813 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Graduate degree in engineering or equivalent discipline. 3–7 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Proficiency in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

You will be responsible for leading advanced threat detection and response activities within the organization. Your main tasks will include developing and optimizing SIEM use cases, correlation rules, and dashboards. Additionally, you will investigate and respond to escalated incidents from L2 analysts and perform root cause analysis for complex incidents to provide actionable insights. You will also lead threat hunting exercises to identify advanced persistent threats (APTs) and configure and maintain SIEM platforms to ensure optimal performance and scalability. In this role, you will be expected to integrate new log sources and ensure proper parsing and normalization. Collaboration with SOC management to define and enhance incident management workflows will be essential. You will also conduct training sessions and mentor L1/L2 analysts while staying updated with emerging threats, vulnerabilities, and industry best practices. The ideal candidate will possess expertise in SIEM tools such as Splunk, Sentinel, and QRadar, along with experience in SIEM administration, deployment, and configuration. Familiarity with Arcsight Admin is considered a plus. Strong knowledge of threat detection, correlation rules, and dashboards is required, as well as the ability to lead incident response and threat hunting activities. An understanding of security frameworks and best practices is crucial, and preferred certifications include GCIH and CISSP. To qualify for this position, you should hold a Bachelor's Degree in a related field. Relevant certifications such as GIAC Certified Incident Handler (GCIH) or Certified Information Systems Security Professional (CISSP) are preferred.,

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core infrastructure and services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Engineering team leads the development and end-to-end implementation of infrastructure solutions, focusing on customer scenarios to enable high-volume big-data ingestion and interactive analytics for advanced security threat hunting, detection, and prevention. You will take charge of determining and developing architectural strategies and infrastructure solutions, conducting business reviews, and operating our production services. Collaboration will be essential as you work closely with other engineering teams to ensure that our services and systems are highly stable, performant, and meet the expectations of both internal and external customers and users. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are looking for a highly motivated, fast-learning, creative and analytical Software Engineer Manager. In this position, you will collaborate with other security engineering disciplines to plan, architect, design, implement, and validate security products and features. In addition to strong technical skills, you should have a passion for innovation and software quality. You must be comfortable with the fast-paced security industry by courageously exploring uncharted territories and thinking ahead of highly sophisticated attackers. You Will Be Responsible For Conducting Investigations And Investing In Complex Areas, Designing And Delivering Features End To End - Including System Architecture, Coding, Deployment, Scaling, Performance, And Quality From Conception To Delivery. Responsibilities Include: Working closely with peers, partners, and building diverse and high-performing teams. Designing and implementing scalable, reliable, and maintainable services. Demonstrating strategic understanding of the timing and rationale for design choices within the scope of work. Consistently contributing key ideas to the product or service design and vision that meets customer needs. Applying metrics to drive the quality and stability of code. Having a sense of pride, commitment, and personal accountability for service quality, completeness, and resultant user experience throughout the product or service lifecycle. Working closely with a geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering Systems. We are looking for someone who shares our passion for building great software for enterprises. You will work on a forward-looking product as part of an agile, collaborative, and cross-discipline team. Qualifications Required/Minimum Qualifications: Bachelor's, Master's, or Ph.D. in Computer Science Engineering, or an equivalent field. 11-15 years of software development experience. 3+ years of experience in managing and building teams. Strong problem-solving skills, along with excellent coding and debugging abilities. Good communication and cross-group collaboration skills. Prior expertise in platform components & high-scale cloud services (e.g. Azure, AWS etc.) is a plus Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. - You’ve led – you have experience leading a team of engineers by setting clear expectations, keeping team members energized, and delivering great results. - You collaborate – you can explain your work, you can ask great questions, you can listen to your peers and your customers, you can influence without authority, and you like to give and receive feedback. - You stay focused – you want to ship software that solves real problems for real people, now. - You’re a professional – you understand that it’s not enough to write working code. It must also be well-designed, easy to test, and easy to add to over time. - You’re learning – no matter how much you know, you are always seeking to learn more and to become a better engineer and leader. #MSFTSecurity MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Ascentt is building cutting-edge data analytics & AI/ML solutions for global automotive and manufacturing leaders. We turn enterprise data into real-time decisions using advanced machine learning and GenAI. Our team solves hard engineering problems at scale, with real-world industry impact. We’re hiring passionate builders to shape the future of industrial intelligence. Azure Cloud Engineer Experience 5+ years of experience managing cloud infrastructure, preferably in Azure. Location: Indore/Pune Job Description We are seeking an experienced and proactive Azure Cloud Engineer to join our cloud infrastructure team. The ideal candidate will be responsible for designing, implementing, managing, and optimizing Azure cloud solutions, ensuring high availability, security, and performance of our cloud-based systems. This role will involve close collaboration with DevOps, security, application development, and operations teams. Key Duties And Tasks Design, deploy, and manage Azure infrastructure using best practices (IaaS, PaaS, containers, serverless). Implement and maintain Azure services such as VMs, VNets, Azure AD, Storage, AKS, App Services, Functions, Event Grid, Logic Apps, etc. Automate infrastructure provisioning using ARM templates, Bicep, or Terraform. Develop and manage CI/CD pipelines using Azure DevOps, GitHub Actions, or other DevOps tools. Ensure cloud security posture by implementing RBAC, NSGs, firewalls, policies, and identity protection. Monitor system performance, health, and costs using Azure Monitor, Log Analytics, and Cost Management. Troubleshoot and resolve issues related to cloud infrastructure and deployments. Stay current with Azure features and best practices and propose improvements or migrations as needed. Qualification And Skills Required 5+ years of experience managing cloud infrastructure, preferably in Azure. Strong Hands-on Experience With Azure Compute (VMs, Scale Sets, Functions) Azure Networking (VNet, Load Balancers, VPN Gateway, ExpressRoute) Azure Identity (Azure AD, RBAC, Managed Identities) Azure Storage and Databases Azure Kubernetes Service (AKS) or containers (Docker) Experience with infrastructure-as-code (Terraform, Bicep, or ARM templates). Knowledge of CI/CD and DevOps principles. Scripting in PowerShell, Bash, or Python. Familiarity with monitoring/logging tools like Azure Monitor, Application Insights, or Prometheus/Grafana. Experience with Git-based version control systems. Technical Skills Proven experience in security architecture and designing, building, and deploying secure cloud workloads. Expertise in IAC, Terraform, and scripting languages (Git, PowerShell, Terraform, Jenkins, Python, Bash). Experience in a DevOps environment with knowledge of Continuous Integration, Containers, and DAST/SAST tools. Strong knowledge of security technologies, identity and access management, and containerized security models. Experience with monitoring and alerting solutions for critical infrastructure. Good to have: Experience with distributed systems, Linux, CDNs, HTTP, TCP/IP basics, database and SQL skills, Rest API, microservices-based development, and automation experience with Kubernetes and Docker. Experience with hybrid cloud setups or migrations from on-prem to Azure. Familiarity with governance tools like Azure Policy, Blueprints, and Cost Management. Exposure to Microsoft Defender for Cloud or Sentinel for security monitoring. Experience with Databricks, Glue, Athena, EMR, Data Lake and related solutions and services. Certifications/Licenses Azure certifications such as AZ-104 (Azure Administrator), AZ-305 (Solutions Architect), or AZ-400 (DevOps Engineer). Education Bachelor's degree in Computer Science, Information Technology, or related field.

5 - 7 Years 1 Opening Trivandrum Role description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience: Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep technical expertise in: Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications: Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Security Operations Engineer II Hyderabad, Telangana, India Date posted Jul 29, 2025 Job number 1853495 Work site Microsoft on-site only Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Operations Engineering Employment type Full-Time Overview Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Senior Help Desk Administrator SIB seeks a skilled Senior Help Desk Administrator to join our technology team. This role offers an opportunity to work with modern cloud technologies and provide essential technical support to our organisation. Position Summary We seek a detail-oriented Senior Help Desk Administrator to provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware. The successful candidate will troubleshoot technical problems, maintain IT infrastructure, and ensure optimal system performance across our organisation. Key Responsibilities Help Desk & Ticketing Provide timely and professional responses to user inquiries Document and track all support requests from initiation to resolution Escalate complex issues to appropriate team members when necessary Manage and resolve technical support tickets using the Jira ticketing system Cloud Infrastructure Support Assist users with cloud-based applications and services Monitor system performance and identify potential issues Support user account management and access permissions Troubleshoot and resolve issues within Azure, Microsoft 365 and Digital Ocean environments End-User Device Support Assist with device setup and user onboarding/offboarding Provide technical support for Windows and Mac laptops Install, configure, and maintain operating systems and applications Perform hardware diagnostics and coordinate repairs when needed Network Support Document network configurations and changes Diagnose and resolve switch-related network issues Troubleshoot fundamental networking issues, including Wi-Fi connectivity Collaborate with the network team on infrastructure improvements Security Management Respond to security alerts and incidents Assist with security software deployment and updates Ensure compliance with security policies and procedures Monitor and manage including Sentinel One, Automox, and DNS Filter Required Qualifications Technical Skills Strong knowledge of Windows and Mac operating systems Basic networking fundamentals and troubleshooting skills Experience with Jira for helpdesk ticketing and issue tracking Proficiency in Azure and Microsoft 365 administration and troubleshooting Hands-on experience with security tools: Sentinel One, Automox, and DNS Filter Experience creating, decommissioning and supporting Droplets in Digital Ocean Professional Skills Strong problem-solving and analytical abilities Detail-oriented with strong documentation skills Excellent English written and verbal communication skills Customer service oriented with patience and professionalism Ability to work independently and manage multiple priorities Preferred Qualifications Familiarity with ITIL best practices Previous helpdesk or technical support experience Industry certifications (CompTIA A+, Network+, Microsoft certifications) Associate’s degree in information technology, Computer Science, or related field What We Offer Collaborative team environment Opportunity to work with modern cloud technologies Job Type: Full-time Pay: Up to ₹1,550,000.00 per year Benefits: Commuter assistance Health insurance Leave encashment Life insurance Paid sick time Paid time off Provident Fund Work Location: In person Expected Start Date: 01/08/2025

Hi, We are having an opening for Network Security Operations Manager at our Mumbai location. Job Summary : We are looking for a highly capable Network Security Operations Manager to lead, manage, and enhance the organizations network security infrastructure and operations. This role will be responsible for managing key security technologies such as firewalls, proxies, VPNs, NAC, DNS security, WAF , EDR & Data Security and ensuring operational governance and compliance. The ideal candidate should have hands-on experience managing large-scale network security operations and coordinating with cross-functional and incident response teams. Areas Of Responsibility : Security Operations Management Lead day-to-day operations of all network security tools and platforms , including: Firewalls (NGFW Palo Alto, Fortinet, Cisco)- Policy governance, segmentation, and high-availability Web Proxy & Cloud Proxy (e.g., Zscaler, Netskope)- URL filtering, threat prevention, and data leak protection VPN (IPSec, SSL VPN, Remote Access Solutions)- Strong encryption and access control for workforce and partner Network Access Control (NAC)- Role-based access, posture checks, and OT/IoT security DNS Security & Filtering- DNS-layer protection, malicious domain filtering, and response management Web Application Firewall (WAF) On-prem & Cloud-based- Protection of patient data, portals, financial apps, and APIs Ensure continuous monitoring, tuning, and updating of policies and signatures across platforms. Manage security device configurations, rule optimization, and lifecycle management. Compliance, Audit & Governance Ensure adherence to security compliance requirements such as ISO 27001, NIST, GDPR, and internal IT security policies . Ensure full compliance with sector-specific regulations ( Pharma: GxP, 21 CFR Part 11, HIPAA) Prepare and present periodic audit reports, incident reports, and configuration review summaries . Drive risk assessments and remediation plans for security operations. Maintain security documentation, SOPs, and audit trails Team & Vendor Management Lead and mentor a team of network security engineers and analysts. Oversee vendor engagements, support contracts, SLAs, and AMC renewals for security technologies. Engage with audit, QA, compliance, and legal teams for incident reporting and regulatory inspections Coordinate with for integrated security coverage (EDR/DS, if escalation/overlap arises). Incident Response & Troubleshooting Collaborate with SOC for effective investigation and response to network security incidents . Coordinate the response to security incidents, including detection, analysis, containment, eradication, and recovery. Lead root cause analysis and containment for network-based threats (e.g., suspicious VPN activity, firewall rule violations). Manage escalations and coordinate with external vendors or OEMs for critical issues. Projects & Improvements Drive security hardening and optimization projects related to network security tools. Lead or support security hardening, firewall rule optimization, and proxy architecture redesign projects Lead or contribute to technology upgrades, migration projects, mergers, acquisitions, data center shifts. Maintain security documentation, playbooks, and standard operating procedures. Prepare and validate BOM, BOQ, and risk registers for new deployments Educational Qualification : Bachelor's or Masters in Computer Science, Information Security, or related field Specific Certification : CISSP, CISM, CCNP Security, CP, Palo Alto PCNSE, Fortinet NSE, ISO 27001 LA Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Firewalls: Checkpoint, Fortinet, Palo Alto, Cisco Firepower Proxies: Netskope, Forcepoint, Zscaler VPN: Cloudflare, Cisco AnyConnect, FortiClient, GlobalProtect NAC: Forescout, Cisco ISE, Aruba ClearPass DNS Security: Cisco Umbrella, Infoblox, Cloudflare DNS WAF: AWS/Azure WAF, F5, Imperva, Akamai, Cloudflare EDR & DS: Crowdstrike, Falcon, Trellix, MS Defender, Sentinel, etc

Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Principal Software Engineering Manager Noida, Uttar Pradesh, India Date posted Jul 30, 2025 Job number 1854221 Work site Up to 50% work from home Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core infrastructure and services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Engineering team leads the development and end-to-end implementation of infrastructure solutions, focusing on customer scenarios to enable high-volume big-data ingestion and interactive analytics for advanced security threat hunting, detection, and prevention. You will take charge of determining and developing architectural strategies and infrastructure solutions, conducting business reviews, and operating our production services. Collaboration will be essential as you work closely with other engineering teams to ensure that our services and systems are highly stable, performant, and meet the expectations of both internal and external customers and users. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required/Minimum Qualifications: Bachelor's, Master's, or Ph.D. in Computer Science Engineering, or an equivalent field. 11-15 years of software development experience. 3+ years of experience in managing and building teams. Strong problem-solving skills, along with excellent coding and debugging abilities. Good communication and cross-group collaboration skills. Prior expertise in platform components & high-scale cloud services (e.g. Azure, AWS etc.) is a plus Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. - You’ve led – you have experience leading a team of engineers by setting clear expectations, keeping team members energized, and delivering great results. - You collaborate – you can explain your work, you can ask great questions, you can listen to your peers and your customers, you can influence without authority, and you like to give and receive feedback. - You stay focused – you want to ship software that solves real problems for real people, now. - You’re a professional – you understand that it’s not enough to write working code. It must also be well-designed, easy to test, and easy to add to over time. - You’re learning – no matter how much you know, you are always seeking to learn more and to become a better engineer and leader. #MSFTSecurity MSFTSecurity Responsibilities We are looking for a highly motivated, fast-learning, creative and analytical Software Engineer Manager. In this position, you will collaborate with other security engineering disciplines to plan, architect, design, implement, and validate security products and features. In addition to strong technical skills, you should have a passion for innovation and software quality. You must be comfortable with the fast-paced security industry by courageously exploring uncharted territories and thinking ahead of highly sophisticated attackers. You will be responsible for conducting investigations and investing in complex areas, designing and delivering features end to end - including system architecture, coding, deployment, scaling, performance, and quality from conception to delivery. Responsibilities include: Working closely with peers, partners, and building diverse and high-performing teams. Designing and implementing scalable, reliable, and maintainable services. Demonstrating strategic understanding of the timing and rationale for design choices within the scope of work. Consistently contributing key ideas to the product or service design and vision that meets customer needs. Applying metrics to drive the quality and stability of code. Having a sense of pride, commitment, and personal accountability for service quality, completeness, and resultant user experience throughout the product or service lifecycle. Working closely with a geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering Systems. We are looking for someone who shares our passion for building great software for enterprises. You will work on a forward-looking product as part of an agile, collaborative, and cross-discipline team. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Technical Support Engineering Bangalore, Karnataka, India Date posted Jul 30, 2025 Job number 1852774 Work site Up to 100% work from home Travel None Role type Individual Contributor Profession Technical Support Discipline Technical Support Engineering Employment type Full-Time Overview With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world. Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Technical Support Engineer, you will own, troubleshoot and solve customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and develop your technical proficiency. This role is flexible in that you can work up to 100% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualifications: Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 1+ years of technical support, technical consulting experience, or information technology experience o OR 3+ years of technical support, technical consulting experience, or information technology experience. o OR equivalent experience Language Qualification English Language: fluent in reading, writing and speaking. CyberDefender Mindset: A CyberDefender Mindset is a proactive, collaborative, and customer-centric approach adopted by technical support teams to anticipate, prevent, and mitigate cybersecurity threats—shifting from purely reactive issue resolution to active partnership in safeguarding organizational and customer security. Preferred Qualifications: CISSP, Comptia Security +, ISC2 CC, BTL1/2, GSIF/GCIC/GCED/GSEC, PSAA, Kepner-Tregoe or equivalent certification Customer Service Foundations (LinkedIn Learning) or other Customer Service Training/Experience Ability to effectively communicate with customer managers and executives on technical and business issues. Organization, time management, project management, and negotiation skills. 3+ years of experience providing support for enterprise level premier customers. Cloud Protection: Background/experience in security engineering (blue/red team) preferred Background in system/network engineering, DevOps/SRE or software engineering, with a passion for cybersecurity Previous experience with / exposure to Microsoft Sentinel or the Microsoft Defender suite Good understanding of the TCP/IP stack, working in a cloud environment and (at a minimum) basic system administration in Linux and/or Windows Server environments Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter. Responsibilities Response and Resolution: You own, investigate and solve customer technical issues, collaborating within and across teams and leveraging troubleshooting tools and practices. Readiness: You lead or participate in building communities with peer delivery roles and, where appropriate, share your knowledge. You develop specific technical and professional proficiency to enable you to resolve customer issues, through training and readiness. Product/Process Improvement: You identify potential product defects and escalate appropriately to resolve, contributing to Microsoft product improvements. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Technical Support Engineering Bangalore, Karnataka, India Date posted Jul 30, 2025 Job number 1852772 Work site Up to 100% work from home Travel 0-25 % Role type Individual Contributor Profession Technical Support Discipline Technical Support Engineering Employment type Full-Time Overview With more than 45,000 employees and partners worldwide, the Customer Experience and Success (CE&S) organization is on a mission to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. We drive cross-company alignment and execution, ensuring that we consistently exceed customers’ expectations in every interaction, whether in-product, digital, or human-centered. CE&S is responsible for all up services across the company, including consulting, customer success, and support across Microsoft’s portfolio of solutions and products. Join CE&S and help us accelerate AI transformation for our customers and the world. Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Technical Support Engineer, you will own, troubleshoot and solve customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and develop your technical proficiency. This role is flexible in that you can work up to 100% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualifications: Bachelor's degree in Computer Science, Information Technology (IT), or related field AND 3+ years of technical support, technical consulting experience, or information technology experience o OR 5+ years of technical support, technical consulting experience, or information technology experience. o OR equivalent experience Language Qualification English Language: fluent in reading, writing and speaking. CyberDefender Mindset: A CyberDefender Mindset is a proactive, collaborative, and customer-centric approach adopted by technical support teams to anticipate, prevent, and mitigate cybersecurity threats—shifting from purely reactive issue resolution to active partnership in safeguarding organizational and customer security. Preferred Qualifications: CISSP, Comptia Security +, ISC2 CC, BTL1/2, GSIF/GCIC/GCED/GSEC, PSAA, Kepner-Tregoe or equivalent certification Customer Service Foundations (LinkedIn Learning) or other Customer Service Training/Experience Ability to effectively communicate with customer managers and executives on technical and business issues. Organization, time management, project management, and negotiation skills. 3+ years of experience providing support for enterprise level premier customers. Cloud Protection: Background/experience in security engineering (blue/red team) preferred Background in system/network engineering, DevOps/SRE or software engineering, with a passion for cybersecurity Previous experience with / exposure to Microsoft Sentinel or the Microsoft Defender suite Good understanding of the TCP/IP stack, working in a cloud environment and (at a minimum) basic system administration in Linux and/or Windows Server environments Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter. Responsibilities Response and Resolution: You own, investigate and solve customer technical issues, collaborating within and across teams and leveraging troubleshooting tools and practices. Readiness: You lead or participate in building communities with peer delivery roles and, where appropriate, share your knowledge. You develop specific technical and professional proficiency to enable you to resolve customer issues, through training and readiness. Product/Process Improvement: You identify potential product defects and escalate appropriately to resolve, contributing to Microsoft product improvements. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

As an Enterprise Security Architect, you will be an integral part of a dynamic organization, taking the lead in developing and overseeing a cutting-edge enterprise security program. Your role will involve identifying, defining, and steering the security technology strategy across a wide range of areas including IAM, Cloud, End Point, Network, and Web security, as well as evaluating new identity technologies at an enterprise scale. Being a senior member of the team, you will collaborate with senior leaders throughout the organization, leveraging your vast experience in security technology management, implementation, and architecture, along with exceptional communication skills to shape strategies, influence roadmaps, drive solution adoption, and advocate for security enhancements that enhance capabilities and reduce risks. Your responsibilities will include defining architectural visions and solutions for complex systems, ensuring alignment with enterprise architecture strategies, and outlining non-functional requirements to support new features and opportunities. You will work closely with stakeholders and vendors to evaluate design decisions and drive best practices and standardized templates within defined domains. In addition, you will create reference architectures and design patterns for endpoint/host and workplace productivity security, contribute to the architecture roadmap, and collaborate with Product Managers/Owners to prioritize technology-focused tasks to enable business features and growth opportunities. Furthermore, you will play a key role in interpreting business and technology drivers to develop security roadmaps, establish data security frameworks, and align technical controls with industry best practices. Your expertise in cloud architecture, access management, monitoring, and other security solutions will be crucial in ensuring the security of company data and systems. To excel in this role, we are seeking individuals who excel in collaboration, prioritize client experience, thrive in fast-paced environments, and are dedicated to continuous improvement. The ideal candidate will possess over 10 years of hands-on experience in architecting IAM solutions, in-depth knowledge of authentication/authorization standards, familiarity with various security tools and platforms, and a strong background in cloud security concepts. Moreover, expertise in security frameworks, data loss prevention, Hybrid cloud architectures, DevSecOps processes, and web application technologies will be highly advantageous. Strong communication skills, the ability to lead technical discussions, and experience in managing stakeholder relationships are also essential qualities we are looking for. If you have a Bachelor's degree in Computer Science, Computer Engineering, or a related field, along with a passion for security architecture and a drive for continuous learning and improvement, we encourage you to apply for this exciting opportunity.,

Role Description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep Technical Expertise In Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM

We are looking for a proactive and experienced L2 Security Operations Analyst to strengthen our Security Operations Centre (SOC) team. This role will be responsible for detecting, analysing, and responding to cybersecurity incidents in a hybrid infrastructure comprising AWS Cloud, on-prem infrastructure, and diverse endpoint systems including Linux, Windows, and macOS. The candidate should have hands-on experience with SIEM, EDR, firewalls, and cloud-native security tools, along with a solid understanding of threat landscapes and incident response processes. Responsibilities Act as the first level of the escalation point to the L1 team and investigate, validate, and escalate security alerts received from SIEM and other monitoring tools. Monitor and analyse security events from various sources, including CNAPP, SIEM, EDR, firewalls, AWS CloudTrail, Guard Duty, and endpoint logs. Triage security alerts and escalate incidents based on severity and impact. Correlate data across sources to identify patterns of malicious activity and potential breaches. Review and refine detection use cases and rule tuning to reduce false positives. Update and maintain incident response runbooks and knowledge base. Assist in the development of automation using SOAR platforms for repetitive tasks. Document incidents, root cause analysis, and lessons learned in a structured and timely manner. Provide regular status reports and metrics to SOC leads and management. Collaborate with infrastructure, application, and IT teams for investigation and remediation. Requirements Bachelor's degree in information security, Computer Science, or related field. 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency with SIEM tools (e. g., Sentinel, Splunk). Hands-on experience with EDR/XDR platforms (e. g., CrowdStrike, Sentinel One). Strong understanding of network protocols, operating systems, malware analysis, and threat actor behaviour. Familiarity with frameworks such as MITRE ATT& CK, NIST CSF, Incident response and investigation skills, including log analysis and packet inspection. Experience with ticketing systems and incident tracking tools. This job was posted by Debapti Roy from mPokket.

Requisition Number: 101414 Location: The role will be a hybrid position located in Delhi NCR, Hyderabad, Bangalore, Pune, Mumbai, Chennai. Insight at a Glance 14,000+ engaged teammates globally #20 on Fortune’s World's Best Workplaces™ list $9.2 billion in revenue Received 35+ industry and partner awards in the past year $1.4M+ total charitable contributions in 2023 by Insight globally Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organisations through complex digital decisions. About The Role As a Cloud Technical Lead you will: Extensive experience with Azure IaaS, PaaS, Networking, Storage, and Security Ability to work with clients in designing new Azure solutions Proven background in repeatable implementation and deploy models Possess comfort in leading war rooms, troubleshooting sessions, or producing RCA findings Good experience merging traditional data centers with newer cloud topologies General knowledge of IAM, role assignments, and Azure Active Directory Bonus consideration: familiarity with Conditional Access, Just in Time, EMS E3/E5, MCAS or Azure Sentinel Exposure to Containerization - Docker Kubernetes What We’re Looking For Excellent understanding of provisioning and optimizing VM and managed disks. Expert understanding of cloud infrastructure, primarily Azure, secondary AWS and/or GCP Experience with security concepts such as encryption, identity management, access control and key vaults. Experience with networking concepts such as software-defined networking, routing, virtual private networks, load balancers, and firewalls. What You Can Expect We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another location—even an international destination—for up to 30 consecutive calendar days per year. But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. What youll do: Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration What youll bring: Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH

Summary The Director DDIT ISC CSOC Automation Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about actively defending against the most sophisticated cyber threats and attacks. The Director DDIT ISC CSOC Automation Engineering is a seasoned leader who will lead a team of skilled SOAR engineers and manage tools to support the proactive detection, investigation, and mitigation of emerging and persistent threats that impact Novartis’ networks, systems, users, and applications. This role will involve coordination and communication with technical and non-technical teams, including security leadership and business stakeholders. As an experienced and skilled manager, this role will also involve coaching and mentoring talented Security Engineers with diverse backgrounds. About the Role MAJOR ACCOUNTABILITIES In addition to accountabilities listed above in Job Purpose: SOAR Manager Lead and manage a geographically distributed team of skilled SOAR Engineers, providing guidance and support while leveraging their diverse skill sets and personalities. Evaluate and review performance metrics and KPIs to ensure the SOAR team is meeting targets and delivering efficient and effective results. Take accountability for the team's performance in various areas, including, but not limited to: Manage SOAR platforms Support audit requests and reports Engage with product teams to address technical challenges Manage stakeholders' commitments Act as the primary point of contact for first-level escalations, addressing any issues or concerns that arise and ensuring timely resolution. Develop and maintain comprehensive documentation to facilitate knowledge sharing and ensure consistently achieving quality outcomes. Drive a culture of continuous improvement and innovation within the team, identifying opportunities to optimize processes and enhance efficiency. Serve as a subject matter expert in SOAR processes and play an active role in guiding the team and providing expertise whenever needed. Workflow Orchestration and Process Automation Define, design, evaluate, and improve business processes and playbooks integrating automation and orchestration. Integrate a variety of technology devices, applications, and datasets to support workflow orchestration and process automations. Gather requirements, plan, design, implement, and test automations with SOAR platform and surrounding technologies. Develop custom integrations to support CSOC workflow automation and orchestration. Develop and maintain effective documentation; including automation playbooks, processes, and other supporting operational material. Case Management and Analytics Interface with engineering teams to design, test, and implement case management with workflow orchestration and automation. Define, design, evaluate, and enhance case management features including front end interface, backend data model, and technology integrations to support measurable, effective, and streamlined CSOC activities. Scripting and Development Design, develop, and test scripts and other solutions to support CSOC mission and activities. Research and test new technologies and platforms; develop recommendations and improvement plans. Cooperating with stakeholders Management – Periodically report to management the current status of sources and use cases in the system. Operational stakeholders (CSOC analysts, Cyber Center) – Maintain a good understanding of stakeholders’ needs in regard to activities and requirements. Essential Requirements: University working and thinking level, degree in business/technical/scientific area or comparable education/experience. Desirable Requirements: Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred. Preferably one or more XSOAR, Phantom trainings/certifications. EXPERIENCE 6+ Years work experience. 4+ Years Python scripting or other similar coding experience. Experience with Python and Splunk. Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc). Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.). Experienced IT administration with broad and in-depth technical, analytical and conceptual skills. Experience in reporting to and communicating with senior level management (with and without IT background, with and without in depth risk management background) on incident response topics. Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences. Excellent understanding and knowledge of general IT infrastructure technology and systems. Proven experience to initiate and manage projects that will affect CSOC services and technologies. SKILLS/JOB RELATED KNOWLEDGE Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions. Understanding of configuration files and relationship between GUI configuration and backend configuration file impact. Experience with software development lifecycle and user acceptance testing. An understanding of error messages and logs displayed by various software. Ability to troubleshoot, diagnose and solve issues independently. Self-learner, ability to document learning as experience is gained. Understanding of network protocols and topologies. Strong technical troubleshooting and analytical skills. Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket). A knowledge of the MITRE ATT&CK framework is a beneficial. Ability to prioritise workload. Excellent written and spoken English. Calm and logical approach. NETWORKS High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Ability to handle competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions. CORE COMPETENCIES Leadership Establishes clear direction and sets stretch objectives. Aligns and energizes Associates behind common objectives. Champions the Novartis Values and Behaviors. Rewards/encourages the right behaviors and corrects others. Establishes clear directives and objectives. Communicates positive expectations for others on the team. Integrates and applies learning to achieve business goals. Customer/Quality Focus Assigns highest priority to customer satisfaction. Listens to customer and creates solutions for unmet customer needs. Established effective relationships with customers and gains their trust and respect. Defines quality standards to ensure customer satisfaction. Creates and supports world-class quality standards to ensure customer satisfaction. Fast, Action-Oriented Is action-oriented and full of energy to face challenging situations. Is decisive, seizes opportunities and ensures fast implementation. Strives for simplicity and clarity. Avoids 'bureaucracy'. Alerts others to potential risks and opportunities. Keeps organizational processes simple and efficient. Takes acceptable/calculated risks by adopting new or unknown directions. Results Driven Can be relied upon to succeed targets successfully. Does better than the competition. Pushes self and others for results. Anticipates potential barriers to achievement of shared goals. Pushes self and others to see new ways of achieving results (e.g., better business model). Uses feasibility and ROI analyses to ensure results. Keeps pace with new developments in the industry. Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards Division Operations Business Unit Universal Hierarchy Node Location India Site Hyderabad (Office) Company / Legal Entity IN10 (FCRS = IN010) Novartis Healthcare Private Limited Functional Area Technology Transformation Job Type Full time Employment Type Regular Shift Work No

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. CAPABILITIES Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. #LI-JK1 Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Greetings from Newwave Computing ! One of our esteemed clients is looking to hire a seasoned Microsoft Security Consultant with a minimum of 5 years of experience. . Role & responsibilities Implementation & Deployment: Lead end-to-end implementation of Microsoft Defender products (Defender for Endpoint, Identity, Office 365, Cloud Apps, and defender for cloud). Configure and deploy Azure Sentinel for SIEM/SOAR capabilities, including custom alert rules, automation playbooks, and threat hunting. Implement Microsoft Purview (Data Security & Compliance) solutions, including Data Loss Prevention (DLP), Endpoint DLP, Information Protection, and Insider Risk Management. Design and execute Microsoft 365 E5 Security implementations, covering Advanced Threat Protection, Identity & Access Management, Conditional Access Policies and Intune MAM/MDM. Integration & Optimization: Optimize security configurations for threat detection, automated remediation, and compliance reporting. Deliver workshops and training sessions for client teams on security operations and tool management. Preferred candidate profile Certifications: Microsoft Certified: SC-400, SC-200, SC-300, AZ-500 , or equivalent. (Optional) Technical Expertise: Hands-on experience deploying Microsoft Defender suite, Azure Sentinel, and M365 E5 Security . Proficiency in Microsoft Purview (DLP, Information Protection, Audit, eDiscovery) . Strong knowledge of Microsoft Entra ID (Azure AD), Conditional Access, and Intune . Experience with KQL (Kusto Query Language), PowerShell, and automation (Logic Apps, Playbooks) . Soft Skills: Excellent communication and client-facing consulting skills. Ability to translate technical concepts into business value. Strong problem-solving and analytical mindset. Interested candidates kindly send the updated resume to rugma.s@newwavecomputing.com

Security Operations Engineer II Hyderabad, Telangana, India Date posted Jul 29, 2025 Job number 1853495 Work site Microsoft on-site only Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Operations Engineering Employment type Full-Time Overview Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.