903 Sentinel Jobs - Page 4

Please email your resume to: hr@sanganan.co.in 🚀 Open Positions 1. Team Lead – IT Support (Microsoft 365 / Azure) Reports To: Head of Managed Services & Support Key Responsibilities: Lead a team of L2/L3 engineers delivering Microsoft 365 and Azure support. Own escalations and ensure end-to-end incident resolution. Monitor ticket SLAs, response quality, and customer satisfaction. Plan 24x7 shift/standby rosters and oversee rotation. Coordinate with internal teams (Sales, Projects, Security). Drive team coaching, documentation standards, and SOPs. Must-Have: 5+ years of IT support experience, 1–2 years in leadership. Strong expertise in Microsoft 365 (Exchange, Intune, Teams, SharePoint) and Azure (Entra ID, VM, networking). Excellent spoken and written English – clear and professional communication is a must. Experience managing support teams and planning rotations. Good-to-Have: Microsoft certifications (e.g. MS-101, AZ-104, SC-series) Familiarity with Jira, Freshservice, ServiceNow Exposure to managed services, documentation, SOP design Best-to-Have: Fortinet experience (FortiGate firewall, VPN, policies) Familiarity with Defender for Endpoint, Sentinel, Purview Prior SOC or cybersecurity support experience 2. IT Support Engineer – Microsoft 365 / Azure (L2/L3) Reports To: Team Lead – IT Support We are hiring engineers across Level 2 and Level 3 support tiers. Internally designated as L2/L3; externally positioned as L1/L2 to clients. Key Responsibilities – L2: Troubleshoot Microsoft 365 issues (Teams, Outlook, SharePoint, OneDrive, Intune). Manage device onboarding, MFA, Conditional Access. Communicate effectively via phone/email and document resolutions. Escalate critical issues to L3 or vendors. Key Responsibilities – L3: Deep-dive troubleshooting and advanced Azure/M365 configurations. Handle escalated or high-impact incidents. Execute support for projects (tenant migrations, VM setup, scripting). Use PowerShell for automation and diagnostics. Must-Have: 3+ years in IT support with Microsoft 365/Azure. Strong English communication (written & spoken). Experience with admin centers, Intune, Entra ID, Azure VMs, basic PowerShell. Willingness to work in shift/standby coverage as needed. Good-to-Have: Microsoft certifications (e.g. MS-100, AZ-104, SC-300) Experience with managed services or client-facing support Familiarity with ticketing systems and knowledge bases Best-to-Have: Fortinet firewall (VPN, policy config) Microsoft security tools (Sentinel, Defender, Purview) SOC background or experience with security triage and alerts

Join our Team About this opportunity: We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations. What you will do: 24x7 Security monitoring and incident handling across a complex network. End-to-End triage & investigation of all the threat detections originating from technology. Participate in incident response. Support use case development of detection analytics. Conduct research into new threats, identifying new IOC/TTPs. Work in shifts with efficient and accurate handover procedures. Identify improvements in automation and investigation procedures. Work with the Red team to identify gaps or weaknesses in security coverage. Create threat hunting use cases through security research and threat intelligence. Adhere to SLAs for security investigations. The skills you bring: A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment. Organization and project management skills, Good documentation skills, Positive can-do attitude. Ability to work at odd hours and work constructively under pressure. Worked across different cultures in a global setting and with many stakeholders. Impeccable integrity and track record of working with sensitive information. Technical Competences The Incident Response Process Core networking skills Live Windows, Linux and Memory Forensics Active Directory Analysis Network Threat Hunting Basics of Vulnerability Management Demonstrable experience with Incidence Response in leading public Clouds – Azure, AWS, GCP Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra Experience in IT Security and risk management. Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.

Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advise security controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance.

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 4+ years in Cybersecurity, with 2+ years hands-on any threat intelligence platform Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are seeking a skilled Threat Intelligence Engineer/Analyst with hands-on experience in managing and operating a Unified Threat Intelligence Platform (UIP). The ideal candidate will be responsible for integrating, enriching, analyzing, and disseminating threat intelligence across security systems (SIEM, SOAR, EDR) to enhance threat detection, hunting, and response efforts. Key Responsibilities Administer and maintain the Unified Threat Intelligence Platform (e.g., MISP, Anomali, ThreatConnect, EclecticIQ, TIP from commercial vendors). Should have worked on any of the TI platform. Experience in Recorded future preferred. Aggregate, normalize, and enrich threat intel feeds from internal, commercial, and open-source sources (OSINT). Map Indicators of Compromise (IOCs), TTPs, and threat actor profiles using frameworks such as MITRE ATT&CK and STIX/TAXII. Integrate UIP with SIEM, SOAR, and EDR platforms to enable automated threat correlation and alert enrichment. Analyze and prioritize threat intelligence based on relevance, risk level, and business impact. Coordinate with threat-hunting and SOC teams to enable actionable use of threat intelligence. Create and manage threat intelligence dashboards, reports, and alerts. Continuously improve threat ingestion, enrichment pipelines, and integration workflows. Required Skills And Qualifications Solid understanding of Threat Intelligence lifecycle: collection, processing, analysis, dissemination. Experience with commercial or open-source TIP/UIP tools (e.g., MISP, ThreatConnect, Anomali, EclecticIQ). Strong knowledge of STIX/TAXII, OpenIOC, YARA, Sigma rules. Experience integrating threat intel into SIEM (e.g., Splunk, QRadar, Sentinel) and SOAR platforms. Familiarity with threat actor behavior, campaigns, malware families, and IOC tracking. Working knowledge of scripting (Python preferred) for automation and data transformation. Ability to analyze complex data and present threat intelligence in clear, actionable formats. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification CEH/CSA/ NBAD certification

Arise Virtual Solutions has created a disruptive technology platform that connects the world’s biggest brands with the largest network of gig-economy Service Partners in the BPO industry. Innovations in dynamic scheduling can deliver up to 200% intraday flex so Brands can be there for their customers. Highly innovative virtual learning programs keep Brands aware of customers’ needs so they offer new solutions that grow share of wallet and increase revenue. Service Partners select brands they love and deliver empathetic, personal care that creates enduring relationships, keeping Brands essential and growing. Arise is using the most innovative technology in the BPO industry to transform CXM for Brands and their customers. The Customer Success Manager plays a central role at Arise Virtual Solutions, ensuring that our clients and Service Partners are able to maximize the value they obtain through use of our Platform. Each Customer Success Manager (“CSM”) serves our portfolio of clients by developing an intimate understanding of their business needs and offering subject matter expertise to support them in achieving their contact center objectives. Additionally, the CSM is responsible for KPI performance, contracts, and vendor relationship management for the hundreds of small independent businesses that provide services to Arise. ** Contact center/BPO experience at a manager level required ** Responsibilities Managing vendor contract compliance Participating in new vendor implementation Ensuring that Arise achieves and exceeds all client metrics Program analysis and reporting through strong analytical reports to illustrate results and achievement of program metrics Overseeing goal setting, monitoring of program trends Participating in client meeting and calibration sessions on a daily/weekly basis Developing and implementing improvement action plans that can be offered to vendors Initial point of escalation on the program. Responsible for escalation tracking and resolution Budget management Coordinate with the Director, Customer Success to achieve client metrics Related duties as required Special projects as assigned by Senior Manager, Customer Success or Director, Customer Success Responsible for other reports, analysis or other duties as assigned Works independently to drive client program metrics Requires little supervision to successfully deliver the core responsibilities Qualifications Minimum 5 years related Operations Management work experience in Contact Center/ BPO required. Knowledge of vendor management Strong Quality Assurance experience Bachelor’s degree or equivalent combination of education and/or work experience 24/7 client focus mentality. Flexible with schedule to attend clients’ needs Ability to facilitate/conduct virtual meetings in a one-on-one and/or group setting Proficient in Microsoft applications with a strong emphasis on Word, Excel (Pivot tables and V-lookups), Outlook and Microsoft Project. A self-motivated and proactive team-player, working quickly and accurately under pressure and time constraints, with minimal supervision Desire to roll-up your sleeves and assist with any project Extreme attention to detail Passion for helping people achieve their goals Data driven decision maker Must possess excellent interpersonal, oral, and written communication skills. Professionalism and the ability to work well with others are extremely important, as well as the ability to maintain confidentiality of information Competitive Compensation and Benefits which include: Medical Benefits through Cigna Remote working Flexible Time Off Plan! Take ownership of your time, workload, and results Great Place to Work - Sun Sentinel 2015, 2016, 2017, 2018, 2019! Empowerment Squad Activities - Philanthropy/Volunteering, Team Challenges, Fun Events! When smart creative and passionate people get together, the results are astounding and the opportunities limitless. Achieve your potential at Arise. Diversity creates a healthier atmosphere: equal opportunity employer M/F/D/V

It has been more than 60 years since SYSTRA has garnered expertise that spans the entire spectrum of Mass Rapid Transit System. SYSTRA India’s valuable presence in India roots back to 1957, where SYSTRA worked on the electrification of Indian Railways. Our technical excellence, holistic approach and the tremendous talent provides a career that puts people who join us at the heart of improving transportation and urban infrastructure efficiency. Understand better who we are by visiting www.systra.in Context In India, SYSTRA is an international consulting and engineering company operating in the fields of Metros, High Speed Rail, Railways, Roads, Buildings, Urban planning, and Water Infrastructure for public and private organizations. CTR – Regional Technical Centre of Systra India takes care of the international production of major projects at Systra Group level. CTR team has expertise in design of High-Speed Rail, Metro, Conventional Rail, Bridges, Highways, Depots, Stations and Transport Planning. Starting from Feasibility/Concept stage to Detailed Design to IFC/Shop drawings, the disciplines involved have experience of designing in accordance with various international codes and delivered projects across the world. CTR team has successfully delivered some major projects in UK, UAE, Tanzania, KSA, Australia, Canada and Denmark. One of the major achievements of India CTR team has been the design of HS2 project in UK. We played an instrumental role in delivering 3 major Sublots on HS2 with our teams proactively engaging with Front Office in UK and delivering beyond client expectations. This resulted in India team receiving many accolades from the contractor BBV and client HS2. CTR team in India is proficient in working on multi-disciplinary projects integrating Design, BIM and Drawing production in a seamless workflow incorporating different software. The technical and management teams within CTR get an opportunity to work and interact with other CTR teams within Systra Group from Paris, Poland, Dubai, Philippines and Brazil. Missions/Main Duties Job Summary We are seeking a competent and motivated Railway Signaling Engineer to contribute to the delivery of signaling design and implementation across international projects in Australia, the UK, and Sweden. The ideal candidate should have solid knowledge of regional signaling practices, tools, and standards—especially related to ERTMS/ETCS systems and conventional interlocking technologies. Key Responsibilities Support the design and development of signaling systems in accordance with applicable standards: ARTC/Aurizon (Australia), Network Rail (UK), and Trafikverket (Sweden). Assist in the preparation and verification of signaling drawings, interlocking data, control tables, and interface documentation. Collaborate in ERTMS Level 1/2 and legacy system design, including elements like RBCs, balises, LEUs, and GSM-R. Participate in safety compliance activities, including CENELEC standards (EN 50126/8/9). Work closely with multidisciplinary teams and execution. Maintain clear communication with clients, team members, and external stakeholders. Assist senior engineers and contribute to continuous improvement in design workflows. Profile/Skills Qualifications & Skills Bachelor’s degree in Electrical, Electronics, or Railway Engineering (Master’s preferred). 4–7 years of professional experience in railway signaling design. Experience in at least one or more of the following country-specific standards: Australia: ARTC/MTM standards, Microlok II, Westrace MkII, ATP. UK: Network Rail standards, SSI/Westlock, TPWS, axle counters. Sweden: Trafikverket standards, ERTMS Level 2, Eurobalise, ETCS components. Familiarity with design tools such as MicroStation, AutoCAD, and signaling simulation platforms. Good understanding of safety-critical design and regulatory compliance for signaling systems. Excellent English communication skills. Swedish language proficiency is a plus. Preferred Certifications IRSE License (UK) or equivalent national certification. OEM-specific training in signaling systems (e.g., Siemens, Alstom, Bombardier). Rail safety worker certifications like RIW (Australia) or Sentinel (UK) are a plus. We commit to put people who join us at the heart of improving transportation and urban infrastructure efficiency. As we are growing, this is time to be a part of this challenging adventure.It’s not a job - it’s a career!

Join our Team About this opportunity: We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations. What you will do: 24x7 Security monitoring and incident handling across a complex network. End-to-End triage & investigation of all the threat detections originating from technology. Participate in incident response. Support use case development of detection analytics. Conduct research into new threats, identifying new IOC/TTPs. Work in shifts with efficient and accurate handover procedures. Identify improvements in automation and investigation procedures. Work with the Red team to identify gaps or weaknesses in security coverage. Create threat hunting use cases through security research and threat intelligence. Adhere to SLAs for security investigations. The skills you bring: A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment. Organization and project management skills, Good documentation skills, Positive can-do attitude. Ability to work at odd hours and work constructively under pressure. Worked across different cultures in a global setting and with many stakeholders. Impeccable integrity and track record of working with sensitive information. Technical Competences The Incident Response Process Core networking skills Live Windows, Linux and Memory Forensics Active Directory Analysis Network Threat Hunting Basics of Vulnerability Management Demonstrable experience with Incidence Response in leading public Clouds – Azure, AWS, GCP Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra Experience in IT Security and risk management. Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.

Exigo Tech specialises in proving end-to-end technology solutions in Infrastructure, Cloud, Enterprise Application Development, Networks and Internet, Digital Transformation, Business Communication and Modern Workplace. We have forayed into the Security domain as well. We have a team of certified professionals who bring both defensive and offensive cyber security solution to all levels of Enterprise and Government customers for risk mitigation. At Exigo Tech we have a firm commitment to our clients for delivering solutions which enables them to increase their business efficiency and productivity while ensuring the security of their data. Role Objective We’re looking for a Senior Cloud Engineer (Azure) who thrives in a fast-paced MSP environment, is passionate about automation, and takes ownership of cloud infrastructure across multiple clients. You’ll be responsible for designing, deploying, and managing secure Azure environments using modern DevOps and DevSecOps practices, with a strong focus on Infrastructure as Code (IaC), governance, and scalability. Key Responsibilities Design and implement automated Azure infrastructure using Infrastructure as Code (IaC) tools across multiple client environments. Deploy and manage Azure Landing Zones aligned with enterprise-scale architecture and governance standards. Apply Microsoft’s Cloud Adoption Framework (CAF) to guide cloud strategy, readiness, governance, and management. Collaborate with internal teams and client stakeholders to translate business needs into secure, scalable technical solutions. Build and maintain CI/CD pipelines using Azure DevOps or GitHub Actions, integrating security and compliance checks. Automate infrastructure provisioning and configuration using tools such as Terraform, Bicep, and Ansible. Apply DevSecOps principles to embed security into every stage of the deployment lifecycle. Implement and manage cloud security controls using Azure-native tools like Defender for Cloud, Sentinel, Azure Policy, and Key Vault. Conduct security assessments and audits to ensure compliance with industry standards and client-specific requirements. Enforce cloud governance policies across client environments, ensuring secure and compliant operations. Monitor performance, availability, and security posture using Azure Monitor, Log Analytics, and Application Insights. Optimize resource usage and costs through effective scaling, automation, and proactive management strategies. Respond to incidents and service requests across multi-tenant environments, ensuring timely resolution and client satisfaction. Stay current with Azure innovations, DevOps trends, and emerging technologies to enhance service delivery. Propose and implement improvements to automation, security, and operational efficiency. Participate in retrospectives and service reviews to identify areas for improvement and drive continuous excellence. Technical Skills 5+ years in enterprise infrastructure and cloud operations, preferably in an MSP or multi-tenant environment. 3+ years hands-on experience with Microsoft Azure. Strong experience with infrastructure-as-code and automation tools. Proficiency in scripting (PowerShell, Azure CLI) and cloud-native DevOps workflows. Hands-on experience with cloud security, compliance, and monitoring. Familiarity with containerization and cloud-native architecture. Experience deploying and managing Azure Landing Zones and enterprise-scale environments. Understanding of Microsoft’s Cloud Adoption Framework (CAF) and its practical application. Experience with other cloud platforms (AWS, GCP) is a plus. Desirable Skills: Terraform, Bicep, Ansible Azure DevOps, GitHub Actions Microsoft Defender for Cloud, Azure Policy, Sentinel, Key Vault Azure Monitor, Log Analytics, Application Insights AKS, Azure Container Apps, Docker Azure Landing Zones, Azure Arc, Enterprise Scale Framework Soft Skills: Passionate about automation and infrastructure as code, with a hands-on and can-do mentality. Strong sense of ownership and accountability in client-facing environments. Team player with excellent communication and presentation skills in English. Able to express ideas effectively in both individual and group settings. Customer-focused with a proactive problem-solving attitude and strong customer-facing skills. Able to execute tasks independently and deliver high-quality results with limited supervision. Committed to continuous learning, long-term contribution, and a mindset of continuous improvement. Certification: Azure Administrator Associate Azure Solutions Architect Expert Azure DevOps Engineer Expert Azure Security Engineer Associate Azure Virtual Desktop Specialty Azure Network Engineer Associate (a plus). Education: Bachelor’s/Master’s degree in IT, Computer Science or related field Location: Vadodara, Gujarat, India

Overview: The Information Security Specialist ensures the seamless functioning of security operations by emphasizing proactive incident management. This role requires a mix of technical expertise, analytical thinking, and a proactive approach to improve operational efficiency. Key Responsibilities: · Incident Identification and Escalation: · Detect and log incidents with detailed and timely documentation. · Analyze, assign, and escalate high-complexity tickets as needed. · Problem Resolution: · Investigate third-line support calls and determine root causes. · Escalate unresolved issues to third-party vendors when necessary. · Vulnerability Analysis and Risk Assessment · Perform vulnerability analysis and asses the vulnerability risk by analyzing existing security controls · Stakeholder Reporting: · Prepare and deliver regular updates on security activities and incident reports to senior stakeholders. · Collaboration: · Partner with IT and security teams to create a cohesive security strategy. · Ticket Queue Management: · Monitor and action ticket queue, rapidly resolve technology incident issues for internal users. · Security Platform Maintenance: · Maintain/monitor security platforms and services, resolve issues and support SOC/IR (Incident Response) as needed. · Provide analysis, review, and reporting of the operating state for security platforms, make recommendations for any environmental changes to reduce incident volumes and downtime. · Maintain, test, and implement security policies and procedures to ensure compliance with company policy, industry standards, and regulatory requirements. · Rapidly fulfill any SOC/IR requests in response to security incidents. · Cross-Functional Collaboration: · Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows. · Mentorship: · Mentor junior team members to enhance their skills. · Continuous Learning: · Stay up to date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures. Experience Requirements: · 4-6 years of experience with SIEM tools like MS Sentinel, Splunk, QRadar, or LogRhythm. · Proficiency in, EDR tools, Email Security tools. · Strong background in SOC analysis, including triage, alert investigation, and incident qualification. · Demonstrated expertise in incident prioritization and in-depth analysis. · In-depth knowledge of most of the following security technologies: Network DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, SIEM and forensic network · Understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions. · Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems. · An understanding of cloud-based endpoint security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform. · Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues. · Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Skills and Competencies: · Proficient in SIEM tool, Email Security Tool (ProofPoint, FireEye), Incident Response, and CrowdStrike EDR · Strong leadership and stakeholder management skills. · Ability to analyze and optimize SOC operations effectively. · Proficiency in MS Office. · CEH/Security+ certification. Qualifications: · Bachelor’s degree in computer science, Information Security, Electronics & Communication or related field. · 8+years of proven experience in operating and managing security solutions in enterprise environments.

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Job Profile Summary Expert responsible for developing and administering solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Information Security Operations and Architecture function. This position will collaborate extensively with business, technology, risk and other corporate teams to establish and strengthen adoption of security by design. We operate within a complex landscape driven by client expectations and the diverse needs that comes with operating in countries across the globe. This role is part of the Information Security organization, aligning to Business Information Security Officer (BISO) for Asset Servicing and Chief Operating Office. This role will report to the BISO who reports to the Global Chief Information Security Officer (CISO). Responsibilities Works with management and the architecture team to develop the security strategy and plan and ensures objectives are met. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication. Participate in Architecture Review Boards and help teams create secure design. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements. Displays a balanced, cross-functional perspective, constantly liaising with the business to improve efficiency, effectiveness and productivity. Work with Enterprise Security Architecture team to develop Security blueprints and patterns. Good understanding of vulnerability management. Interfaces frequently with information security industry groups to stay abreast of emerging security trends. Focus of role is on execution of strategic direction of business function activities. Identifies alternative functional security strategies to balance organizational IT security concerns and business requirements. Description Guides the development, specification and communication of application or infrastructure architectures used by business or application systems. Security architect primarily focused on technologies related to authentication, authorization, access management, governance, controls, regulatory requirements etc. As a key member of Workforce authorization and authentication team this candidate will play a vital role in ensuring the secure and compliant implementation of various solutions (Hybrid and Cloud). Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements. Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc. Evaluates and selects from existing and emerging technologies those options best fitting business/project needs Promotes sharing of expertise through consulting, presentations, and documentations, etc. Experienced, functional expert with technical and/or business knowledge and functional expertise Carries out complex initiatives involving multiple disciplines and/or ambiguous projects Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness, and productivity Qualifications Knowledge of network architecture concepts including topology, protocols, components and the application of Defense-In-Depth principles Ten years of experience in the Information Security roles preferred; wide range of technical experience across multiple Cyber Security domains. Five years of experience as a Security Architect In-depth knowledge and experience on Entra ID, EPM, Sentinel, Azure, M365, AWS Security is required Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills Thoroughly understands and provides solutions considering Security technology choices, such as design, protocols support, secrets management, data security, client server communication, token handling, Session management, credential vaulting, OIDC/ OAuth flows, Okta usage and implementations, authorization patterns, identity federation, cloud architectures, cryptography, cloud native services, cloud security etc. Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure continuous improvement in Security Posture by providing consultations to application teams Exposure to API Management, Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc. Deep understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies Displays a balanced, cross-functional perspective under information security, liaising with other towers and business to help improve Security centric designs Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc. Strong knowledge of: Security architecture patterns, requirements, and security controls; Security controls like Authentication, Authorization, Data Security, IAM; Threat modeling frameworks and methodologies Secure code reviews and utilizing outputs Common frameworks and standards such as CRI and NIST Knowledge of penetration testing tools and techniques (e.g., metasploit, neosploit, etc.) Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L1 Analyst has responsibility to closely track the incidents and support for closure. Escalate more complex incidents to L2 analysts for deeper analysis. Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Handle XDR alerts and followup with customer team for agent updates Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L2 Analyst has responsibility to closely track the incidents and support for closure. Working with logsource and usecase management in integrating log sources and developing & testing usecase Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Developing SOP / instruction manual for L1 team Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents Handle XDR alerts and followup with customer team for agent updates Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Shift timings- 2 PM -11 PM Primary skills Azure Security Defender, Sentinel,(identity, Endpoint, etc.) Secondary skills Azure Infrastructure, Office 365 collab workloads Required Skills & Experience: Technical Expertise: Strong understanding of Azure security offerings, including but not limited to: Microsoft Defender for Cloud / Endpoint / Identity Microsoft Sentinel (SIEM/SOAR) Microsoft Entra (Identity Governance, Conditional Access) Hands-on experience with cloud security assessments, PoC deployments, and client workshops. Familiarity with Zero Trust architecture and related best practices. Professional Experience: 5+ years in IT security roles, with 2+ years focused on Azure or cloud security. Proven track record of leading technical engagements independently. Soft Skills: Excellent communication and presentation skills. Ability to articulate technical concepts to both technical and business audiences. Self-starter who thrives in a fast-paced, client-facing environment. Preferred Qualifications: Microsoft certifications (e.g., SC-100, AZ-500, SC-200) Experience working with Microsoft partners or within funded engagement programs. Exposure to regulatory compliance frameworks (e.g., ISO, NIST, GDPR) Key Responsibilities: Client Engagements: Conduct security assessments and discovery workshops to understand client environments, security gaps, and cloud readiness. Deliver technical Proof of Concepts (PoCs) and hands-on demonstrations of Microsoft Azure security solutions. Host and facilitate technical workshops on Zero Trust, Microsoft Defender, Sentinel, Entra, and related technologies. Provide technology walkthroughs, highlight use cases, and share practical experience to illustrate business value. Solution Design & Implementation: Design and recommend secure architectures and configurations using Azure-native tools and services. Collaborate on solution development, documentation, and client readiness for security modernization. Internal & Cross-Functional Collaboration: Work closely with Sales, PreSales, and regional delivery teams to align on customer needs, technical strategy, and success metrics. Contribute to proposal development and client presentations from a technical security standpoint. Thought Leadership & Enablement: Stay updated on Azure security advancements and share knowledge internally and with clients. Support internal enablement sessions and mentor junior team members, where applicable.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Description: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 3–5 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong experience with Intune platform. Experience with scripting (PowerShell,Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior KEY Capabilities : Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Description Why Join DAZN? Joining DAZN in Hyderabad means being part of a cutting-edge sports streaming company in a vibrant tech hub. You’ll work alongside passionate, talented professionals on innovative projects that reach millions of fans worldwide. Hyderabad offers a dynamic work environment with a great balance of career growth and lifestyle. If you’re excited about shaping the future of live and on-demand sports entertainment, DAZN Hyderabad is the perfect place to make your mark and grow your career. The Role: Join DAZN's Security Operations team as a Security Operations Analyst and help protect the world's leading global sports streaming platform. You'll be part of a dynamic team responsible for detecting, investigating, and responding to security threats across our diverse technology stack, from cloud infrastructure to broadcasting systems that deliver live sports to millions of fans worldwide. Key Responsibilities Threat Detection & Response Configure, maintain, and monitor security alerts and escalations from various tools including Microsoft Sentinel SIEM, Defender for Endpoint, WIZ, AWS WAFv2, Tenable, and other security platforms Lead and drive incident response activities from initial detection through remediation to prevention Conduct thorough incident root cause analysis and recommend actionable steps to prevent future occurrences Triage and investigate security alerts, determining true positives from false positives Threat Intelligence & Analysis Monitor and analyze global threat intelligence trends with potential impact on DAZN's business operations Get hands-on with threat feeds and real-time attack data, with particular focus on threats targeting broadcasting and streaming environments Configure new detection rules and alerts based on emerging threats, hunt results, or lessons learned from incident analysis. Security Operations Enhancement Identify, develop, and implement new processes and procedures to strengthen our security operations program Contribute to the development of custom automation tools to enhance monitoring and response capabilities Collaborate with the team to continuously improve security monitoring across our cloud and on-prem environments. Stakeholder Support Respond to internal security-related questions and requests from teams across DAZN Provide security and privacy expertise to support multiple business units and technical teams Participate in security awareness initiatives and help educate colleagues on security best practices. Skills, Knowledge & Expertise Essential Requirements Strong passion for cybersecurity, particularly threat detection and response Experience handling complex security incidents and conducting investigations Knowledge across multiple cybersecurity domains (network security, identity security, endpoint protection, cloud security, etc.) Familiarity with SIEM platforms (Microsoft Sentinel experience preferred) Understanding of security tools such as EDR, CASB, CSPM solutions Ability to work independently with minimal guidance while managing multiple tasks within set timeframes Strong analytical and problem-solving skills with attention to detail. Experience with Microsoft 365 E5 security stack and Azure security services Knowledge of AWS security services and cloud security best practices Familiarity with vulnerability management tools (Tenable, Nessus, Qualys) Experience with security automation and scripting Understanding of streaming/broadcasting technology security considerations Relevant security certifications (Security+, CySA+, GCIH, etc.) About DAZN At DAZN, we bring ambition to life. We are innovators, game-changers and pioneers. So, if you want to push boundaries and make an impact, DAZN is the place to be. As part of our team, you'll have the opportunity to make your mark and the power to make change happen. We're doing things no-one has done before, giving fans and customers access to sport anytime, anywhere. We're using world-class technology to transform sports and revolutionise the industry and we're not going to stop. DAZN VALUES – THE ‘HOW’ IN WHAT WE DO: Agility and creativity fuel growth and innovation, to Make It Happen. Prioritising what matters drives progress and positive outcomes, Focusing On Impact. Collective ambition builds optimism and success, in order to Win As One. At DAZN, we are committed to fostering an inclusive environment that values equality and diversity, where everyone can contribute and have their voices heard. This means hiring and developing talent across all races, ethnicities, religions, age groups, sexual orientations, gender identities and abilities. Everyone has the opportunity to make change and impact our DEI journey by joining our ERGs: Proud@DAZN, Women@DAZN, Disability@DAZN and ParentZone. If you’d like to include a cover letter with your application, please feel free to. Please do not feel you need to apply with a photo or disclose any other information that is not related to your professional experience. Our aim is to make our hiring processes as accessible for everyone as possible, including providing adjustments for interviews where we can. We look forward to hearing from you.

Cloud Engineer will be a part of the Engineering team and will require a strong knowledge of application monitoring, infrastructure monitoring, automation, maintenance, and Service Reliability Improvements. Specifically, we are searching for someone who brings fresh ideas, demonstrates a unique and informed viewpoint, and enjoys collaborating with a cross-functional team to develop real-world solutions and positive user experiences at every interaction. Proven work experience in designing, deploying and operating mid to large scale public cloud environments. Proven work experience in provisioning Infrastructure as Code (IaC) using Terraform Enterprise or community edition. Proven work experience in writing custom terraform providers/plug-ins with Sentinel Policy as Code Proven work experience in containerisation via Docker Good to have strong working experience in Virtualisation via Kubernetes (image building, k8s schedule) Experience in package, config and deployment management via Helm, Kustomize, ArgoCD. Strong knowledge in Github, DevOps (Tekton / GCP Cloud Build is an advantage) Should be proficient in scripting and coding, that include traditional languages like Java, Python, GoLang, JS and Node.js. Proven working experience in Messaging Middleware - Apache Kafka, RabbitMQ, Apache ActiveMQ Proven working experience in API gateway, Apigee is an advantage. Proven working experience in API development, REST. Proven working experience in Sec and IAM, SSL/TLS, OAuth and JWT. Extensive knowledge and hands-on experience in Grafana and Prometheus micro libraries. Experience in self hosted private / public cloud setup. Exposure to Cloud Monitoring and logging. Experience with distributed storage technologies like NFS, HDFS, Ceph, S3 as well as dynamic resource management frameworks (Mesos, Kubernetes, Yarn) Experience with automation tools should be a priority Professional Certification is an advantage Public Cloud >> GCP is a good to have. Preferred Qualifications Previous success in Cloud Engineering, DevSecOps. Must have 5+ experience DevSecOPs Must have minimum 3+ experience in cloud Engineering Design, automate and manage a highly available and scalable cloud deployment that allows development teams to deploy and run their services. Collaborating with engineering and Architects teams to evaluate and identify optimal cloud solutions, also leveraging scalability, high-performance and security. Modernise existing on-prem solution and improving existing systems. Extensively automated deployments and managed applications in GCP. Developing and maintaining cloud solutions in accordance with best practices. Ensuring efficient functioning of data storage and processing functions in accordance with company security policies and best practices in cloud security. Collaborate with Engineering teams to identify optimization strategies, help develop self-healing capabilities Designing and architecting middleware solutions that align with the overall system architecture and meet business requirements. This involves selecting the appropriate middleware technologies and patterns for seamless integration. Writing code and configuring middleware components to enable communication and data flow between various systems. This includes developing APIs, message queues, and other middleware services. Integrating different applications and services using middleware technologies, ensuring they can communicate effectively and exchange data in a standardized manner. Identifying and resolving issues related to middleware, such as communication failures, performance bottlenecks, or data inconsistencies. Experience in developing a strong observability capabilities Identifying, analysing, and resolving infrastructure vulnerabilities and application deployment issues. Regularly reviewing existing systems and making recommendations for improvements.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior KEY Capabilities : Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We are seeking a talented individual to join our Investments team at Mercer. This role will be based in Gurgaon/Mumbai/Noida. This is a hybrid role that has a requirement of working at least three days a week in the office. Director – Operations Due Diligence - Investments Mercer Wealth is a leading global provider of investment consulting services. We offer customised advice at every stage of the investment decision, risk management and investment monitoring process. In addition to core consulting, we have developed a number of specialist teams; the Financial Strategy Group, Mercer Sentinel, Manager Research, Responsible Investment and Fiduciary Management, thereby ensuring we offer a full range of services to our clients. We are looking for talented colleagues who understand the financial services industry and the operational functions of investment managers. Will work as part of a team of ODD specialist and client consultants. We will count on you to: Work as an extension of the UK/US team to conduct operational due diligence risk assessments of investment managers using Mercer Sentinel’s framework incorporating house views as appropriate Understanding of investment manager middle and back office operations, fund administration, portfolio accounting, custody, regulatory compliance and other relevant industry experience Maintaining knowledge of operational risk frameworks across the Mercer universe of asset classes, including equity and fixed income, hedge funds, private equity, private debt, real estate and infrastructure Liaise with investment managers to collate information, coordinate on-site visits and schedules Review responses and documentation provided by investment managers for the risk assessment and author research notes in advance of the meeting of the onsite team to support the onshore team Support virtual investment manager “on-site” visits through the preparation of pre-meeting notes, note taking in the meeting and producing high quality draft written reports after the meeting Challenging and improving operational processes for Mercer’s ODD framework Contribute to Mercer Sentinel’s intellectual capital through market research and process innovation Contribute towards Mercer Sentinel’s other products including but not limited to Surveys and Operational Reviews; support onshore team’s efforts towards key projects or activities including business development among others. Update and maintain pertinent tools/database with relevant information including research publications and coordinate with asset managers for requisite data and for scheduling research calls; prepare and distribute Ratings Committee (RC) minutes from the weekly RC call. Project management, work allocation, real-time capacity management, peer review, process training and development of team members Lead and manage end-to-end operations and ensure the seamless delivery of reports/projects. Liaison with stakeholders to build relationship for service delivery management. Play anchor role for all strategic projects and provide directions to the team. Prepare and manage KPIs and handle escalations. Lead efforts for people engagement, knowledge development initiatives for the team, and ensure adherence to compliance policy and organizational imperatives. Driving Process Improvement Initiatives and delivering results in line with Business Priorities Demonstrate subject matter expertise in leading the ODD vertical Maintain updated investment due diligence notes, meeting notes and recommendations in proprietary database Ensuring storage and organizing data on a central database What you need to have: A Masters's degree in economics, finance or other business-related areas with a high level of written content Professional qualification (Actuarial, ACA, ACCA, CFA or equivalent) – preferential requisite 12+ Years of experience with operational due diligence investment management, operations, fund management or investment consulting Previous experience in operational risk analysis, fund administration, and or financial / portfolio accounting would be beneficial Thorough knowledge of Microsoft Office applications (Word, Excel, PowerPoint) Takes ownership for work, always ensuring standards and deadlines are met and keeping others informed and up-to-date Works well under pressure, with the ability to prioritise and manage multiple tasks, stakeholders and deliverables simultaneously; candidate may be expected to attend calls with US based asset managers couple days in a week; responsibilities may stretch to taking calls with asset managers in other geographies including Pacific, UK, Europe, Middle East and Asia depending on the business requirements. Excellent organisational and time management skills Openly shares information and own expertise with colleagues Possess excellent team working skills in a global/remote working environment What makes you stand out? Demonstrates excellent oral and written communication skills Self-motivated with an eagerness to learn and a positive work ethic Challenges existing practices and conventional thinking Highly proficient in Microsoft Excel and other core Microsoft Office products (Word, PowerPoint, etc.) Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Mercer believes in building brighter futures by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and well-being. Mercer’s approximately 25,000 employees are based in 43 countries and the firm operates in over 130 countries. Mercer is a business of Marsh McLennan (NYSE: MMC), the world’s leading professional services firm in the areas of risk, strategy and people, with 85,000 colleagues and annual revenue of over $20 billion. Through its market-leading businesses including Marsh, Guy Carpenter and Oliver Wyman, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment. For more information, visit mercer.com. Follow Mercer on LinkedIn and Twitter. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex/gender, marital or parental status, ethnic origin, nationality, age, background, disability, sexual orientation, caste, gender identity or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.