Skills: Windows Server Administration, ITIL Processes, Virtualization, Disaster Recovery, Office 365, Patch Management, Active Directory, Backup & Exchange, JOB TITLE: Technical Specialist - Windows Admin - L3 (India) JOB PURPOSE: Seeking a highly skilled and experienced Windows Admin L3 professional to join our team. The ideal candidate will be responsible for the advanced management, troubleshooting, and support of Windows-based systems. This role demands expertise in Server Administration, Patch Management, Vulnerability Management, Performance Management, Windows Hardening and Security, Active Directory, Backup administration, and Storage Management. QUALIFICATION: Engineering Degree/Diploma (Computers / Electronics) CERTIFICATIONS: MCSE / ITIL EXPERIENCE: Overall Experience: 1013 years, Relevant Experience: 810 years, with a minimum of 35 years in L3-level roles Responsibilities (includes All Tasks) We are seeking a highly skilled and experienced Windows Admin L3 professional to join our team. The ideal candidate will be responsible for the advanced management, troubleshooting, and support of Windows-based systems. This role demands expertise in Server Administration, Patch Management, Antivirus & Vulnerability Management, Active Directory, Backup administration, and Storage Management. Candidates with additional knowledge of Linux environments will have a competitive edge. Key Responsibilities Windows Server Administration: Manage and support Windows server environments at an advanced level. Provide Level 3 troubleshooting and resolution for complex system issues. Virtualization and Windows cluster administration Windows Server Upgrade and Migration management Patching and Updates: Plan, implement, and manage patching activities using tools like ManageEngine or SCCM. Ensure compliance with security standards and operational policies. Security: Windows Hardening and Security Vulnerability mitigation management Antivirus administration (Ex: Sentinel, TrendMicro) Active Directory (AD): Administer, optimize, and troubleshoot Active Directory (AD) and Group Policy Objects (GPO). Maintain security and best practices for AD management. Backup and Disaster Recovery: Manage backup and disaster recovery processes using Veeam solutions. Safeguard data integrity and availability through robust disaster recovery procedures. System Monitoring and Optimization: Proactively monitor system performance, identify issues, and implement enhancements. Handle critical incidents swiftly to minimize downtime. Documentation and Reporting: Maintain comprehensive documentation for system configurations, processes, and updates. Generate detailed reports on system performance, backup activities, and patch management status. Collaboration and Teamwork: Collaborate with cross-functional teams to ensure smooth IT services integration. Provide mentorship and guidance to junior team members. Technical Skills / Competencies MANDATORY Advanced knowledge of Windows servers and related technologies. Proficiency in Virtualization, Licensing, Terminal Services, Windows Hardening/ Security and System Performance Optimization. Expertise in patch management tools (e.g., ManageEngine, SCCM, Intune). Strong skills in Antivirus administration, Active Directory management and backup solutions (e.g., Veeam, veritas). Excellent troubleshooting and problem-solving abilities. Capability to thrive in a fast-paced, collaborative work environment. OPTIONAL Solid experience with Microsoft hybrid environments and Intune. Hands-on knowledge on Linux administration. Relevant certifications such as MCSE, Veeam VMCE, or Linux certifications. IIS, AD connect Soft Skills MANDATORY Excellent written, verbal and interpersonal skills Strong customer communication skills, with the ability to communicate clearly with customers and technical personnel Show more Show less

Role & responsibilities Understands SIEM tools (Sentinel ) functionality and logic behind creating rules and filters, integrating with different solution based on client security policy and requirements e.g. AV software, IDS, IPS etc... Good TCP /IP concepts Good understanding on Vulnerability Management tools such Nessus, Qualys Guard Diagnosing and resolving issues and problems with the clients information technology systems involving several processes. Act as a point of escalation for L1Team Members Develop/Fine Tune Use Cases Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations. Provide log analysis to provide views of misuse, fraudulent or malicious activities. Provide updates as the incident progresses through the incident response process as requested by client. Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting. Coordinate with client Information Security and Capgemini activities required to respond to security incident notifications received from Capgemini. Implement and manage a security incident management process according to the Security Policy. Maintain a security corrective action tracking methodology. Coordinate notification of security incident occurrence with client. Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis. Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution. Investigating causes, analyzing and diagnosing the problem and repairing or providing detailed alternative solutions Technical Experience: - 1: Experience in SIEM tools, Strong working experience in SIEM ES 2: Team management Incident handling skills, use case management, risk assessment 3: SOC operations for very large enterprises 4: Security Analytics skills is added advantage 5: Should have excellent customer handling skills Professional Attributes: 1: Good verbal communication skills to connect with customers at varying Levels of the organization methods 2: Ability to operate independently and make decisions with little or no supervision. Educational Qualification: Bachelor or college degree in related field or equivalent work experience

We are seeking a talented and highly motivated Microsoft Sentinel SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining Microsoft Security technologies to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in major SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. Responsibilities: Architect, deploy, and maintain Microsoft Sentinel for SIEM use cases including log ingestion, data normalization, and incident correlation. Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, Office 365, and other Defender tools to maximize protection and visibility. Develop custom queries,detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency. Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation. Collaborate with threat analysts and incident response teams to triage, investigate, and respond to security alerts and incidents. Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools. Continuously assess the security landscape and recommend improvements to policies, tools, and configurations. In addition to strong technical acumen, the ideal candidate will bring excellent communication and client-facing skills to collaborate directly with customers, understand their security needs, and deliver tailored solutions that align with their risk posture and compliance requirements. Outcomes: Integration & Optimization: Integrate and optimize Microsoft Sentinel to improve visibility and automate threat detection workflows Threat Detection: Utilize Microsoft Sentinel AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on Microsoft data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to Microsoft Sentinel deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate Microsoft Sentinel capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: 5 years of SIEM experience in Splunk, Qradar, Microsoft, and comparable SIEMS Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Experience working with Sentinel One Core EDR technology Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience). Preferred Qualifications: 5 years of experience in cybersecurity in a SOC or security engineering capacity. Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite. Deep knowledge of Kusto Query Language (KQL) and building custom analytics rules and workbooks in Sentinel. Strong experience in customer-facing roles. Experience with incident response, threat detection, and threat hunting techniques. Strong understanding of cloud security, especially in Azure environments. Familiarity with MITRE ATT&CK, NIST, and other security frameworks. Experience integrating Sentinel with third-party solutions (e.g., threat intel feeds, ticketing systems).

Requisition Number: 101209 Consultant II- Azure Security Location: This is a hybrid opportunity in Delhi-NCR, Bangalore, Hyderabad and Gurugram area. Insight at a Glance 14,000+ engaged teammates globally with operations in 25 countries across the globe. Received 35+ industry and partner awards in the past year $9.2 billion in revenue #20 on Fortune’s World's Best Workplaces™ list #14 on Forbes World's Best Employers in IT – 2023 #23 on Forbes Best Employers for Women in IT- 2023 $1.4M+ total charitable contributions in 2023 by Insight globally Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organisations through complex digital decisions. About The Role As a Consultant II, we are seeking a highly skilled and motivated Azure Security Consultant to join our ICAT team. As an individual contributor, you will lead technical security engagements with clients, including discovery and assessments, Proof of Concept (PoC) implementations, and hands-on workshops. You will play a critical role in showcasing the value of Microsoft Azure’s security capabilities through practical demonstrations and strategic guidance, working closely with sales, presales, and regional teams to drive client success. Key Responsibilities Client Engagements: Conduct security assessments and discovery workshops to understand client environments, security gaps, and cloud readiness. Deliver technical Proof of Concepts (PoCs) and hands-on demonstrations of Microsoft Azure security solutions. Host and facilitate technical workshops on Zero Trust, Microsoft Defender, Sentinel, Entra, and related technologies. Provide technology walkthroughs, highlight use cases, and share practical experience to illustrate business value. Solution Design & Implementation: Design and recommend secure architectures and configurations using Azure-native tools and services. Collaborate on solution development, documentation, and client readiness for security modernization. Internal & Cross-Functional Collaboration: Work closely with Sales, PreSales, and regional delivery teams to align on customer needs, technical strategy, and success metrics. Contribute to proposal development and client presentations from a technical security standpoint. Thought Leadership & Enablement: Stay updated on Azure security advancements and share knowledge internally and with clients. Support internal enablement sessions and mentor junior team members, where applicable. What We’re Looking For- Required Skills & Experience Technical Expertise: Strong understanding of Azure security offerings, including but not limited to: Microsoft Defender for Cloud / Endpoint / Identity Microsoft Sentinel (SIEM/SOAR) Microsoft Entra (Identity Governance, Conditional Access) Microsoft Purview (Information Protection, Compliance) Hands-on experience with cloud security assessments, PoC deployments, and client workshops. Familiarity with Zero Trust architecture and related best practices. Professional Experience: 5+ years in IT security roles, with 2+ years focused on Azure or cloud security. Proven track record of leading technical engagements independently. Soft Skills: Excellent communication and presentation skills. Ability to articulate technical concepts to both technical and business audiences. Self-starter who thrives in a fast-paced, client-facing environment. Preferred Qualifications Microsoft certifications (e.g., SC-100, AZ-500, SC-200) Experience working with Microsoft partners or within funded engagement programs. Exposure to regulatory compliance frameworks (e.g., ISO, NIST, GDPR) What you can expect Benefits We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another location—even an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's Talent Leads Tomorrow's Success. Learn More About Insight https://www.linkedin.com/company/insight/ Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India Show more Show less

Job Description Cloud Engineer will be a part of the Engineering team and will require a strong knowledge of application monitoring, infrastructure monitoring, automation, maintenance, and Service Reliability Improvements. Specifically, we are searching for someone who brings fresh ideas, demonstrates a unique and informed viewpoint, and enjoys collaborating with a cross-functional team to develop real-world solutions and positive user experiences at every interaction. Responsibilities Role & Responsibilities Design, automate and manage a highly available and scalable cloud deployment that allows development teams to deploy and run their services. Collaborating with engineering and Architects teams to evaluate and identify optimal cloud solutions, also leveraging scalability, high-performance and security. Design and implement sustainable cloud and platform services. Build a robust, scalable and stable infrastructure. Manage hosting external containers in Private cloud. Extensively automated deployments and managed applications in GCP. Developing and maintaining cloud solutions in accordance with best practices. Ensuring efficient functioning of data storage and processing functions in accordance with company security policies and best practices in cloud security. Collaborate with Engineering teams to identify optimization strategies, help develop self-healing capabilities Experience in developing a strong observability capabilities Identifying, analysing, and resolving infrastructure vulnerabilities and application deployment issues. Regularly reviewing existing systems and making recommendations for improvements. Required Skills and Selection Criteria: Proven work experience in designing, deploying and operating mid to large scale public cloud environments. Proven work experience in Docker/Kubernetes (image building, k8s schedule) Experience in package, config and deployment management via Helm, Kustomize, ArgoCD. Proven working experience in onboarding and troubleshooting Cloud Services. Proven work experience in provisioning Infrastructure as Code (IaC) using Terraform Enterprise or community edition. Proven work experience in writing custom terraform providers/plug-ins with Sentinel Policy as Code Professional Certification is an advantage Public Cloud >> GCP is a good to have. Strong knowledge in Github, DevOps (Cloud Build is an advantage) Should be proficient in scripting and coding, that include traditional languages like Python, PowerShell, GoLang,Java, JS and Node.js. Proven working experience in Messaging Middleware - Apache Kafka, RabbitMQ, Apache ActiveMQ Proven working experience in API gateway, Apigee is an advantage. Proven working experience in API development, REST. Proven working experience in Sec and IAM, SSL/TLS, OAuth and JWT. Extensive knowledge and hands-on experience in Grafana and Prometheus micro libraries. Exposure to Cloud Monitoring and logging. Experience with distributed storage technologies like NFS, HDFS, Ceph, S3 as well as dynamic resource management frameworks (Mesos, Kubernetes, Yarn) Experience with automation tools should be a priority Qualifications Preferred Qualifications Previous success in technical engineering Must have > 5 overall experience Must have >3 years of experience in public cloud Must have >3 years of experience in Cloud Infrastructure provisioning Must have >3 years of experience in Cloud Engineering Show more Show less

Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 4+ years of demonstrated information security applications and systems experience 4+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks / Python) working on automation and engineering projects Proficiency in detection engineering developing and maintaining effective detection rules and correlation logic. Correlation searches, rules, alerts. Behavioral detections (e.g., brute-force, privilege escalation). Anomaly detections (e.g., unusual logon patterns, entropy-based detections). Hands-on experience with parsing configurations (props, transforms, regex, normalization techniques). Expertise in log source onboarding , source categorization, and enrichment. Strong understanding of security event types (firewall, endpoint, identity, cloud, SaaS logs). Familiarity with common attack vectors (credential abuse, privilege escalation, lateral movement). Knowledge of threat detection frameworks like MITRE ATT&CK, NIST, CIS . Ability to work with threat intelligence feeds to build contextual detections. Experience with log analysis , anomaly detection , and statistical detection methods. Proficient in developing content for SIEMs such as Splunk, Sentinel, QRadar, ArcSight, Elastic, etc. Optimize search performance and false positive tuning of existing detection rules. Maintain deployment workflows for apps, configurations, and detection packages across the SIEM infrastructure. Work with security analytics teams to develop data models or normalized schemas (CIM or equivalent). Job Expectations: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Operations Manager As part of our EY-cyber security team, Threat Detection & Response Operations Manager will lead Operations/Delivery for TDR engagements with end-to-end security incident investigation support ensuring client SLAs and KPIs leveraging multiple SIEM/EDR/NSM solutions. The opportunity We’re looking for Security Manger with expertise in SOC Operations & Delivery with hands-on knowledge on SIEM, EDR, NSM and Threat Intelligence solutions. Your Key Responsibilities Oversee the process of detecting, reporting, and responding to security incidents, ensuring that the SOC team can effectively manage incidents when they occur. Responsible for managing the security tools and technologies used by the SOC team, ensuring that they are properly configured and maintained, and that they can effectively monitor and detect security threats. Lead and manage the Security operation centre primarily responsible for security event monitoring of client’s network Ensure that Service Level Agreements are defined, tracked, and met for all clients Provide technical leadership and advise to junior team members on SOC activities Revise Standard operation policies & procedures as required and ensure it is followed by the team Identify opportunities to improve security monitoring and operational tasks Convey complex technical security concepts to technical and non-technical audiences including executives. Develop and maintain productive working relationships with client personnel Oversee the daily SOC task that can be automated Provide both strategic view and benefits to client and work with limited resource to achieve it. Skills And Attributes For Success Hands-on expertise of SIEM technologies such as Microsoft Sentinel, Splunk from a security analyst’s point of view Expert knowledge and experience in Security Monitoring Expert knowledge and experience in Cyber Incident Response Knowledge in cloud security and IOT/OT is a value add Knowledge in Network monitoring technology platforms such as Fidelis, ExtraHop, Darktrace etc Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Defender, CrowdStrike Ability to work with minimal levels of supervision or oversight. Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Ability to work in client time zone Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 10 years of Hands-on experience of operating/implementing/designing SIEM solutions and proven experience in Project Management. Certification in any of the SIEM platforms Knowledge of RegEx, Perl scripting and SQL query language is a value add. Certification – CISM, CEH, CISSP, GCIH, GIAC, SABSA, TOGAF. What We Look For Who has proven experience in Leading operations for SOC projects, with hands-on experience in SIEM configuration and setup. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Lead the frontline of cyber defense. Join Hitachi Cyber as a Team Lead – Security Operations Center (SOC) and take charge of protecting global organizations from today’s most advanced threats. As a global leader in cybersecurity, Hitachi Cyber empowers businesses to stay ahead of evolving risks. Based in Pune-India, you’ll lead a team of skilled analysts, work with cutting-edge tools, and play a critical role in safeguarding digital infrastructures across industries. Your Mission: As SOC Team Lead, you’ll oversee day-to-day operations, mentor analysts, and ensure rapid, effective incident response. You’ll be the bridge between tactical execution and strategic security leadership. Key Responsibilities: Lead and manage a team of SOC analysts across shifts. Oversee real-time monitoring, triage, and incident response activities. Ensure adherence to SLAs, escalation protocols, and documentation standards. Collaborate with threat intelligence, engineering, and client teams to improve detection and response. Drive continuous improvement in SOC processes, playbooks, and automation. Provide coaching, performance reviews, and training to develop team capabilities. What We’re Looking For: 5+ years of experience in cybersecurity, with at least 2 years in a SOC leadership role. Strong knowledge of SIEM tools (e.g., Splunk, Sentinel, QRadar), EDR, and incident response frameworks. Experience managing 24/7 operations and working with global clients. Excellent leadership and communication skills in English . Relevant certifications (e.g., GCIA, GCIH, CISSP, or equivalent) are a plus. Why Join Hitachi Cyber? Work with global clients and cutting-edge technologies. Be part of a collaborative, high-performance security culture. Accelerate your career in a fast-growing, mission-driven company. Ready to lead the charge? Apply now and help shape the future of cybersecurity. Show more Show less

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers – program is called BMC on BMC! We are seeking a proactive and technically capable Cyber Threat Management Engineer to join our cybersecurity threat management team. This early-career role is ideal for individuals with foundational experience in cybersecurity who are ready to grow their technical skills and contribute to BMC’s threat detection and response capabilities. You will play an integral part in identifying, analyzing, and mitigating cyber threats across BMC’s global environment. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Monitor and analyze data from security systems including open source and enterprise solutions. Effectively communicate identified threats and track remediations until completion. Participate in the investigation and technical analysis of security incidents and provide remediation guidance. Integrate threat intelligence feeds and use frameworks like MITRE ATT&CK to assess and defend against current adversary tactics. Contribute to automation initiatives to streamline threat detection, alerting, and response workflows. Support threat hunting and red team exercises. Document findings, techniques, and outcomes in knowledge bases and reports. To ensure you’re set up for success, you will bring the following skillset & experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field—or equivalent hands-on experience. Foundational experience (e.g., 1–2 years) in cybersecurity operations, threat analysis, or incident response. Proficiency with at least one SIEM platform (e.g., Splunk, QRadar, Sentinel). Proficiency with enterprise solutions providing dark web monitoring, attack surface management, threat intelligence, and risk rating. Understanding of network protocols, operating systems, and cybersecurity fundamentals. Strong scripting or automation skills (e.g., Python, PowerShell, Bash) Excellent communication and documentation abilities. Whilst these are nice to have, our team can help you develop in the following skills: Familiarity with threat intelligence tools and frameworks (e.g., MISP, STIX/TAXII). Knowledge of cloud security practices (AWS, Azure, or GCP). Relevant certifications such as CompTIA Security+, CySA+, SC-200, or GIAC (GCIH, GCIA, GCTI). Curiosity for cybersecurity and continuous learning. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism SAP Management Level Senior Associate Job Description & Summary A career in our New Technologies practice, within Application and Emerging Technology services, will provide you with a unique opportunity to help our clients identify and prioritise emerging technologies that can help solve their business problems. We help clients design approaches to integrate new technologies, skills, and processes so they can drive business results and innovation. Our team helps organisations to embrace emerging technologies to remain competitive and improve their business by solving complex questions. Our team focuses on identifying and prioritising emerging technologies, breaking into new markets, and preparing clients to get the most out of their emerging technology investments. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking an experienced and highly motivated Azure Infrastructure Solutions Expert to join our team. You will be responsible for designing, implementing, and managing complex Azure infrastructure solutions that meet our client's evolving needs. You will work closely with our team to ensure solutions are optimized for performance, cost-efficiency, and security. Responsibilities Design and architect robust Azure infrastructure solutions, including virtual networks, storage, compute, security, and monitoring. Implement and configure Azure services like Azure Virtual Machines, Azure Kubernetes Service (AKS), Azure Storage, Azure Active Directory, Azure Sentinel, and more. Develop and maintain infrastructure-as-code (IaC) solutions using tools like Terraform or Azure Resource Manager (ARM). Automate infrastructure provisioning, configuration management, and application deployments using Azure DevOps or similar tools. Troubleshoot and resolve infrastructure issues, ensuring high availability and performance. Optimize cloud infrastructure for cost-efficiency and resource utilization. Stay up-to-date on the latest Azure technologies, best practices, and industry trends. Collaborate with development teams and other stakeholders to integrate infrastructure solutions with applications. Develop and maintain comprehensive documentation and technical standards. Provide technical guidance and mentorship to junior team members. Mandatory Skill Sets Azure infra, networking, automation, monitoring Preferred Skill Sets Azure IaaS, Azure CLI, PowerShell Years Of Experience Required 6+ Years (Sr. Associate) Education Qualification Bachelor's degree in computer science, Engineering, or a related field. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Science, Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Security Architecture Design Optional Skills Microsoft Azure Security, Microsoft Azure Sentinel Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas – IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position And Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years’ experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

We are seeking a highly skilled SOC Security Engineer with expertise in Azure DevOps and Azure Sentinel to join our Security Operations Centre (SOC). The ideal candidate will have a strong technical security background and a deep understanding of cloud environments, particularly Azure. This role requires the ability to develop and implement security use cases and rules within the Azure Sentinel platform, ensuring the SOC delivers professional and effective services to its customers. Role & responsibilities Excellent knowledge of one of the SIEM products Azure DevOps. Proven experience in a SOC environment, with a focus on Azure Sentinel and Azure DevOps. Must have technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers. Good knowledge of Cloud especially Azure Experience of building Azure sentinel is a must. Understanding of security threats attack scenarios analysis and intrusion detection skills. develop use cases and rules to be developed into the SIEM Azure Sentinel platform Knowledge of network technologies Windows and Unix administration Knowledge of typical security devices such as firewalls intrusion detection systems AV and End Point security Web Application Firewalls anti-spam systems event correlation systems. Primary Skills Terraform Azure DevOps. Azure Security. Education and Certification: Degree in Computer Science, Information Technology, or a related field. Certification: Good to have Azure Security Certifications AZ-900,AZ-104

Date: Jun 2, 2025 Job Requisition Id: 61334 Location: Hyderabad, TG, IN Hyderabad, IN YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation. At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future. We are looking forward to hire NIST Professionals in the following areas : Position Name: Lead Consultant - OT/ IOT Description YASH is a Digital services enabler organization delivering vast portfolio of digital services to customers across the globe. Our topline services include Cybersecurity services. This role will be part of vibrant YASH’s Cybersecurity – Security Operations Team. We are looking for candidates who will embrace our Security strategy in the design, implementation and operations of Azure Sentinel with a focus on Azure. As an Azure Sentinel Administrator, you should have experience in all aspects of SIEM tools including estimating, designing, fine tuning, log source integration, threat hunting and automation. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving. In addition, this position is responsible for analyzing security vulnerabilities and determining if there is an attack surface and impact. The ideal candidate understands the complete implementation of a SIEM tool. Position – Lead Consultant - OT/ IOT Security Number – 1 Location – Bangalore/ Pune / Indore Total Experience – 8 -10 Years How do you grow and be successful: At YASH, we will offer all support to grow in your career. At the very beginning you will receive a deep knowledge on the current SOPs once you are fully onboarded into our Security Operations team. You will be measured on the positive contribution in delivering the SIEM services to our customers. Fluency will be measured on the goals such as improvement of cyber posture of customers through our Manage detect and respond services. Our employees will have global exposure from day-1. We offer to learn multiple security domains through our mentored on-the-job training program. Aspiring candidates will reach to highest positions and make a global career. Preferred Skills: Minimum 8+ years of experience in developing use cases customized to the environment. Work on Cloud SIEM project implementations for various customers in different locations, starting with estimating the SIEM configuration to successful deployment and fine tuning of the solution Configure data digestion types and connectors. Create incident categorization and threat management plan. End to end operational knowledge of Azure Incident Management Process/SLAs. Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks. Support on-going development and troubleshooting of Azure Sentinel. Advise and develop Azure Sentinel adoption migration roadmap for clients. Analytic design and configuration of the events and logs being digested. Preferred with experience on SOAR tools like IBM SOAR(Resilient), Splunk SOAR(Phantom) , Microsoft Sentinel SOAR, knowledge in Jupyter and logicApps or any other SOAR Tool. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc Use Case Fine tuning and New Use case creation. Hands-on experience with Azure Sentinel/Kusto Query language preferred). Azure Security Services for Vulnerability Assessment and Compliance practices analysis, Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events. Tuning threat detection to minimize noise and amplify a signal. Experience in SIEM/ SOAR & Playbook creation technologies understanding the log source integration. Responsible for integration review of standard and non-standard logs in SIEM Provide support to the Security Operations Center (SOC) during incident response, event monitoring, and threat hunting activities. Proficient in one or more of the following computer languages PowerShell, Bash ,Python & KQL to support cyber threat detection or reporting. Security API implementations can be considered as well. Deep understanding of either MITRE Attack framework (MITRE preferred) or the Cyber Kill Chain Experience in threat management. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix. Knowledge of applications, databases, middleware to address security threats against the same. Proficient in preparation of reports, dashboards and documentation. Working knowledge Passion for Cyber Security, being the basic ingredient of success. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives Necessary soft-skills set to successfully understand, challenge and translate the business needs and communicate to the relevant parties with a structured and methodical approach to problem solving You are a team player with good communication skills, proactive and highly motivated individual with a serious hands-on work ethic Qualifications: A bachelor's or master's degree in computer science, information technology Preferred Certifications: Azure Security Certifications, SIEM certifications At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale. Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture

Country/Region: IN Requisition ID: 26012 Work Model: Position Type: Salary Range: Location: INDIA - NOIDA- BIRLASOFT OFFICE Title: Architect Description: Area(s) of responsibility About Us: Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Job Title: Advanced Threat Management, Security Design, and Implementation Architect Job Summary: We are seeking a highly experienced Advanced Threat Management, Security Design, and Implementation Architect to lead our efforts in developing and deploying cutting-edge security solutions. The successful candidate will have deep expertise in advanced threat management, security architecture, and the implementation of robust security frameworks to protect an organization's critical assets. Key Responsibilities: Design and implement advanced threat management strategies to identify, mitigate, and respond to security threats. Develop and maintain comprehensive security architectures that align with business goals and regulatory requirements. Lead security design initiatives for new and existing systems, ensuring robust protection against cyber threats. Oversee the implementation of security controls, policies, and procedures across the organization. In-depth knowledge of XDR Technology, SIEM, SOAR, SOC Architecture, Infrastructure and Data Security, Advisory and GRC Processes. Outstanding problem-solving skills and a strategic, analytical mindset, and be able to decipher the complex cybersecurity landscapes. Conduct strategies for vulnerability management and lead initiatives around effective VM in the organization. Collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC). Provide expert guidance on the latest security trends, tools, and technologies to enhance the organization’s security posture. Develop and deliver training programs to educate employees on security best practices and threat management. Ensure compliance with industry standards, regulations, and frameworks (e.g., NIST, ISO 27001). Professionalism, integrity, and a commitment to maintaining the highest ethical standards in conducting professional responsibilities Required Qualifications: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 10+ years of experience in advanced threat management, security design, and implementation. Proven expertise in developing and implementing security architectures and frameworks. Strong understanding of security assessment methodologies, vulnerability analysis, and penetration testing. Experience with security tools such as SIEM, SOAR, EDR, VM, Unified VM, ZTNA, IDS/IPS, firewalls, and endpoint protection, EASM, Deep/ Dark Web and Brand Protection. Excellent problem-solving skills and attention to detail. Strong communication and leadership skills. Experience with cloud security and securing hybrid environments. Preferred Qualifications: Master’s degree in Information Security or a related field. Preferred certification in multiple SIEM and SOAR solution implementation (MS Sentinel, Splunk, Phantom, Swimlane, QRADAR) Relevant certifications such as CISSP, CISM, CEH, or OSCP.

Netoyed is a CMMI Maturity Level 5 digital technology company specializing in digital transformation and product engineering services, with locations in Australia, New Zealand, the US, and India. Our expertise cuts across a number of sectors, including telecommunications, healthcare, banking and finance, and education, and our team is made up of professionals with a wide range of skills, from development and entrepreneurship to analytics and business agility. At Netoyed, we pride ourselves on delivering cutting-edge digital platforms and products that help to supercharge businesses wherever they may b. Company Link: https://www.netoyed.com/ LinkedIn Link: https://www.linkedin.com/company/netoyed/posts/?feedView=all Headquartered: Sydney, NSW Founded : 2015 Location - Noida, Sec 63 Shift - EST business hours (US) Overview: We are looking for a Senior MAC Support Engineer who has experience using JAMF and has completed multiple, moderately complex technical tasks. Good to have experience in the Windows Desktop support process as well. Requirements: Proficient in one or more modern scripting languages (Ex: Python, Bash, Shell, PowerShell) Provide automated software deployment to user workstations via JAMF management solution. Provide tier 2 and tier 3 support for all related technical questions for the Mac OS platform. Support and management of the Macintosh environment, knowledge of the following Mac infrastructure -Mac OS Security and Policy Compliance to include patching, encryption, configuration management, energy management, remote device management, and reporting/visibility, image creation and compatibility that support desktop/laptops. Expertise with MacOS: Sentinel One, JamfPro, Advanced knowledge of JAMF Pro management platform Advanced knowledge of patch management concepts and methodologies Advanced knowledge of macOS OS and Apple hardware Show more Show less

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation. At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future. We are looking forward to hire SOC Management Professionals in the following areas : SOC L2 Experience : 4-6 Years. Location : Hyderabad / Pune / Indore Shift : Rotational JD for SOC L2. Desired Candidate Must Have Below Experience Resolve escalations from L1 and assit them if required in triaging. SIEM - Azure Sentinel troubleshooting skills Must have knowledge of creation / modification of Rules / Use cases / Playbooks (KQL Queries) SOP Creations / Fine-tuning use cases. Incident Triaging Log Source Integration Understand security incident management and ticket resolution process Experience in participating in critical Incident Management Process and Contribute at L2/L3 level trouble shooting Collaborate with peer groups and promote problem solving Flexible to work in shift hours Experience in handling technical client inquiries Perform both internal and external stakeholder management. Must be able to articulate the report and provide more technical deep dive where appropriate and architecture where necessary Good communication skills and analytical skills. Good knowledge on the concepts like Host base firewall, DDoS, Vulnerability Assessment, Threat Management. Threat Analysis Monitor for emerging threats and vulnerabilities. Analyze threat intelligence to identify potential risks to the organization. Develop and maintain threat indicators and detection rules. Experience in participating in critical Incident Management Process and Contribute at L2/L3 level trouble shooting Reporting Prepare incident reports and security metrics. (Daily / Weekly/ Monthly Reports) Provide regular updates to management on the security posture of the organization. Understand security incident management and ticket resolution process Documentation Maintain up-to-date documentation of security procedures and processes. Assist in the development and maintenance of security policies and standards. Incident Response Investigate and analyze security alerts and events. Coordinate with other teams to ensure a timely and effective response to major incidents. Triage incidents and escalate to L3 analysts as necessary. Conduct in-depth analysis of security incidents to identify root causes and recommend remediation steps. Coordinate with other teams (e.g., IT, network, application) to resolve incidents. Qualifications Bachelor's degree in computer science, information security, or a related field. 4-6 years of experience in cybersecurity, with at least 4 years in a SOC environment. Strong understanding of security concepts, including threat vectors, attack methods, and mitigation techniques. Proficiency in using security tools and technologies (e.g., SIEM, IDS/IPS, firewall, vulnerability scanners). Knowledge of scripting languages (e.g., KQL) is a must. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work effectively in a fast-paced, high-pressure environment. Certifications (preferred) Certified Ethical Hacker (CEH) Certified Security Analyst (CSA) At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale. Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture Show more Show less

Role Description Microsoft 365 Administration Manage Microsoft 365 services, including Exchange Online, SharePoint, Teams, and OneDrive. Oversee user provisioning and deprovisioning in Azure AD. Enforce M365 security policies such as Conditional Access, MFA, and password policies. Troubleshoot M365-related issues (email, authentication, Teams performance, etc.). Monitor service health and updates via the Microsoft 365 Admin Center. Azure AD Management Configure and manage Azure AD users, groups, and roles. Implement and maintain Conditional Access policies. Set up and manage Azure AD Connect and hybrid identity solutions. Ensure Single Sign-On (SSO) and identity federation with third-party applications. Monitor and troubleshoot Azure AD authentication and access issues. Intune & Mobile Device Management (MDM) Deploy and manage Microsoft Intune for endpoint management. Configure and enforce MDM policies for Windows, iOS, Android, and macOS devices. Implement device enrollment processes for both BYOD and corporate-owned devices. Manage compliance policies to uphold endpoint security standards. Deploy software, applications, and updates via Intune. Troubleshoot device enrollment and policy application issues. Security & Compliance Apply Zero Trust security principles across M365 and Azure AD environments. Configure Microsoft Defender for Endpoint, M365 Defender, and Microsoft Sentinel. Implement Data Loss Prevention (DLP), encryption, and data retention policies. Monitor audit logs and security reports for threats and anomalies. Conduct regular security assessments and implement necessary remediations. Automation & Scripting Use PowerShell to automate tasks across M365, Azure AD, and Intune. Develop scripts for bulk user management, reporting, and policy enforcement. Automate license assignments, compliance reporting, and system monitoring. Incident Management & Troubleshooting Diagnose and resolve authentication, device compliance, and M365 service issues. Collaborate with Microsoft Premier Support for escalated technical problems. Maintain documentation and a knowledge base for troubleshooting and solutions. Governance & Best Practices Define and enforce M365 and endpoint management best practices. Conduct training and knowledge-sharing sessions for internal IT teams. Ensure alignment with organizational and regulatory compliance requirements. Skills M365, Azure AD, Intune, Powershell & MDM Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization. Key Responsibilities SIEM Administration: Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix). Log Management Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.) Custom log source integration and parser development. System Monitoring & Troubleshooting Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues. Conduct regular performance tuning and capacity planning Perform root cause analysis for system failures & performance issues. Optimize system performance and storage management for SIEM Integration & Automation Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM. Compliance & Audits Ensure log retention policies comply with regulatory standards. Develop & enforce SIEM access controls & user roles/permissions. Documentation & Training Document system configurations, SOP’s & troubleshooting documents. Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement. Dashboard & Report Development Create & maintain custom dashboards & reports Optimize searches & reports for performance and efficiency. Hands on experience with Linux OS & Windows OS Basic to mediator level knowledge in networking skills Should be familiar with Azure, AWS or GCP products Basic Qualifications B.E./B.Tech in Computers or related field (preferred). 4+ Years of Experience in SOC Administration. Strong knowledge of SIEM architecture, log sources, and event correlation. Preferred Qualifications Proficiency in log management, regular expressions, and network security concepts. Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.) Scripting knowledge (Python, Bash, or PowerShell) is a plus. Training or Certificate on Splunk or IBM Qradar Preferred. Experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc. Proficiency in IBM Qradar & Splunk administration. Configuring, maintaining, and troubleshooting SIEM solutions. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

We're seeking a seasoned Director – Security Architecture to join our CTO Office at TeKnowledge. This pivotal role involves overseeing the security architecture across the company’s diverse portfolio of solutions. The ideal candidate will possess a blend of deep technical expertise and strong customer engagement skills, ensuring that our solutions are secure and effectively communicated to clients. Understanding the company’s security portfolio, based on three main pillars, and identifying the appropriate security offerings to meet client needs is an essential part of the role. Accelerating Progress. Securing Futures. At TeKnowledge we help governments, businesses, and technology providers not only navigate but thrive in today’s complex technology landscape. Our services provide unparalleled value and impact to our clients across cybersecurity, advanced technical skilling, and enterprise technical support. We are committed to enabling technology, AI, CX, and security, uniquely positioning us in the market, and ensuring our customers are equipped to achieve their strategic goals. Advisory and Implementation: Developing tailored frameworks, aligning with threats prevention needs, and strengthening security controls. Asess their current situation/landscape and then mitigate the gaps that we are finding. Secure new technologies such as LLMS and agents and applications that are getting into the organization. Help customers understand how to better secure their environment and be ready for digital transformation. Compliance and regulatory advisory. Capability Building: Enhancing organizational readiness through targeted training, technical labs, and awareness programs. Capability building within existing teams, for example building an incident response team within the organization Threat intelligence Help building their internal capabilities. Managed Security Services: Microsoft SIEM and SOAR Solutions. Using Sentinel and Microsoft Defender when it comes to OPS and XDRS (Extended Detection and Response), endpoint security. Providing continuous monitoring, incident response, security operation, and proactive threat management. Responsibilities: Security Architecture Design: Develop and implement comprehensive security architectures for TeKnowledge’s solutions, ensuring alignment with industry best practices and regulatory requirements. Understanding the AI technology landscape and how security needs to be integrated within the AI solution fabric is essential. Customer Engagement: Act as a trusted advisor to clients, articulating complex security concepts and solutions in a clear and accessible manner. Present security architectures and strategies to prospective and existing customers, addressing their specific concerns and requirements. Architectural Governance: Lead the review of complex deals, identifying potential security risks and proposing effective mitigation strategies. Ensure that all solutions adhere to TeKnowledge's security standards and policies. Solution Integration: Collaborate with cross-functional teams to design and implement multi-product solution offerings that integrate various components of TeKnowledge’s security portfolio, delivering cohesive and secure solutions to clients. Standardization and Best Practices: Develop and maintain standardized design blueprints and repeatable solution frameworks to streamline the deployment of secure solutions across different projects and clients. Risk Assessment: Conduct thorough security assessments of proposed solutions, identifying vulnerabilities and recommending enhancements to bolster security postures. Continuous Improvement: Stay abreast of emerging security trends, technologies, and threats. Incorporate this knowledge into the ongoing enhancement of TeKnowledge's security architectures and practices. Other Responsibilities: Engage directly with CISO/CxO-level stakeholders using consultative selling techniques. Deliver solution advice, proposals, presentations, and customer communications during pursuits. Participate in contract negotiations, focusing on technical and compliance elements. Provide input to the product, offer, and sales teams to evolve security capabilities based on market trends. Optimize interdependencies across service towers and solution components. Develop standardized security design blueprints and repeatable frameworks to ensure consistency and scalability. Qualifications: Education: Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity , or a related field. Experience: Minimum of 7 years of experience in a security architecture role , with a proven track record of designing and implementing secure solutions across diverse technologies and platforms. Certifications: Relevant certifications such as CISSP, CISM, Microsoft Cyber Security Architect, Google, AWS Security certifications or equivalent are highly desirable. Technical Expertise: In-depth knowledge of security architectures and services aligned with TeKnowledge’s security pillars. Communication Skills: Exceptional ability to convey complex security concepts to both technical and non-technical audiences. Experience in delivering presentations and leading discussions with clients and stakeholders. Problem-Solving: Strong analytical and problem-solving skills, with the ability to identify risks and develop effective mitigation strategies. Collaboration: Demonstrated ability to work collaboratively in a team environment, managing multiple stakeholders and projects simultaneously. Cloud Security: Experience in developing security solutions for cloud-based environments and services . Regulatory Knowledge: Familiarity with regulatory and compliance frameworks relevant to the technology industry. Solution Standardization: Experience in creating standardized design blueprints and repeatable solution frameworks. TeKnowledge is an equal opportunity employer, and we believe in celebrating – diversity, equity, and inclusion. We are committed to building an equitable environment by providing fair employment opportunities in our communities without regard to gender, ethnicity, socio-economic background, disability, marital and veteran status. Our employees join us in adopting, celebrating, and championing our drive towards building an equitable opportunity environment. We do not and will not ask you to send or share with us any sensitive personal data. Show more Show less

Job Title: Information Security Analyst Experience Required: 2+ Years Location: WFO Job Type: Full-Time Role Overview: As an Information Security Analyst, you will be responsible for safeguarding the organization’s digital assets by identifying vulnerabilities, monitoring threats, and ensuring compliance with security frameworks such as ISO 27001 and SOC 2. You will work closely with IT, compliance, and risk teams to maintain a robust security posture. Key Responsibilities: Implement and manage an Information Security Management System (ISMS) in alignment with ISO 27001 . Support SOC 2 Type I & II audit activities including control implementation, evidence gathering, and remediation. Apply NIST Cybersecurity Framework (CSF) and CIS Benchmarks to enhance infrastructure security and compliance. Assist in internal and external audits , preparing documentation and audit artifacts. Deploy and manage SIEM tools (e.g., Microsoft Sentinel, Splunk) for log aggregation, threat detection, and incident response. Configure and monitor Azure security services , including Microsoft Defender for Cloud , Azure Policy , Key Vault , Network Security Groups (NSG) , Azure Firewall / WAF , Azure Security Center / Microsoft Purview Support Cloud Security Posture Management (CSPM) , Cloud Access Security Broker (CASB) , and Cloud Workload Protection (CWP) . Deploy, configure, and monitor Data Loss Prevention (DLP) controls across endpoints and cloud apps. Conduct risk assessments , vulnerability evaluations , and assist in incident handling . Stay updated on the latest threats, vulnerabilities, and security compliance requirements. Required Skills and Experience: Minimum of 2 years of experience in information security, cloud security, or related roles. Solid understanding of ISO/IEC 27001 implementation and audit processes. Experience supporting or conducting SOC 2 Type I/II readiness. Working knowledge of NIST CSF , NIST 800-53 , or similar frameworks. Proficiency with SIEM tools (especially Microsoft Sentinel ). Good understanding of cloud security controls , preferably in Microsoft Azure . Familiarity with DLP , antivirus/EDR/XDR solutions , and endpoint security . Preferred Certifications: ISO27001 Lead Implementer / Auditor. Nice to have: Microsoft Certified: Azure Security Engineer Associate. CompTIA Security+ About Company: Dynatech System is Gold partner of Microsoft , CMMI level 3 Multinational organization . DynaTech Systems is providing Consulting, Implementation, Support and Offshore development services designed to improve the productivity and performance of organizations. We help our clients become industry innovators through the use of effective technology and solutions, focusing on providing exceptional on stop service. With the right team composition, we are very well positioned to help our customers with every service related to Microsoft Dynamics 365, Dynamics AX 2012 and related technologies. We have a precise and the right team, that we think is the best fit to help our employees in the most effective ways. Our team strength is 200+ intellectual mates. Let’s join us and be a part of one of fastest growing organization! Company Website – Microsoft Dynamics Partner & Technology Experts - DynaTech Systems (dynatechconsultancy.com) LinkedIn - DynaTech Systems: My Company | LinkedIn Show more Show less

Area(s) of responsibility About Us Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Job Title: Advanced Threat Management, Security Design, and Implementation Architect Job Summary: We are seeking a highly experienced Advanced Threat Management, Security Design, and Implementation Architect to lead our efforts in developing and deploying cutting-edge security solutions. The successful candidate will have deep expertise in advanced threat management, security architecture, and the implementation of robust security frameworks to protect an organization's critical assets. Key Responsibilities Design and implement advanced threat management strategies to identify, mitigate, and respond to security threats. Develop and maintain comprehensive security architectures that align with business goals and regulatory requirements. Lead security design initiatives for new and existing systems, ensuring robust protection against cyber threats. Oversee the implementation of security controls, policies, and procedures across the organization. In-depth knowledge of XDR Technology, SIEM, SOAR, SOC Architecture, Infrastructure and Data Security, Advisory and GRC Processes. Outstanding problem-solving skills and a strategic, analytical mindset, and be able to decipher the complex cybersecurity landscapes. Conduct strategies for vulnerability management and lead initiatives around effective VM in the organization. Collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC). Provide expert guidance on the latest security trends, tools, and technologies to enhance the organization’s security posture. Develop and deliver training programs to educate employees on security best practices and threat management. Ensure compliance with industry standards, regulations, and frameworks (e.g., NIST, ISO 27001). Professionalism, integrity, and a commitment to maintaining the highest ethical standards in conducting professional responsibilities Required Qualifications Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 10+ years of experience in advanced threat management, security design, and implementation. Proven expertise in developing and implementing security architectures and frameworks. Strong understanding of security assessment methodologies, vulnerability analysis, and penetration testing. Experience with security tools such as SIEM, SOAR, EDR, VM, Unified VM, ZTNA, IDS/IPS, firewalls, and endpoint protection, EASM, Deep/ Dark Web and Brand Protection. Excellent problem-solving skills and attention to detail. Strong communication and leadership skills. Experience with cloud security and securing hybrid environments. Preferred Qualifications Master’s degree in Information Security or a related field. Preferred certification in multiple SIEM and SOAR solution implementation (MS Sentinel, Splunk, Phantom, Swimlane, QRADAR) Relevant certifications such as CISSP, CISM, CEH, or OSCP. Show more Show less

Area(s) of responsibility About Us Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Job Title: Advanced Threat Management, Security Design, and Implementation Architect Job Summary: We are seeking a highly experienced Advanced Threat Management, Security Design, and Implementation Architect to lead our efforts in developing and deploying cutting-edge security solutions. The successful candidate will have deep expertise in advanced threat management, security architecture, and the implementation of robust security frameworks to protect an organization's critical assets. Key Responsibilities Design and implement advanced threat management strategies to identify, mitigate, and respond to security threats. Develop and maintain comprehensive security architectures that align with business goals and regulatory requirements. Lead security design initiatives for new and existing systems, ensuring robust protection against cyber threats. Oversee the implementation of security controls, policies, and procedures across the organization. In-depth knowledge of XDR Technology, SIEM, SOAR, SOC Architecture, Infrastructure and Data Security, Advisory and GRC Processes. Outstanding problem-solving skills and a strategic, analytical mindset, and be able to decipher the complex cybersecurity landscapes. Conduct strategies for vulnerability management and lead initiatives around effective VM in the organization. Collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC). Provide expert guidance on the latest security trends, tools, and technologies to enhance the organization’s security posture. Develop and deliver training programs to educate employees on security best practices and threat management. Ensure compliance with industry standards, regulations, and frameworks (e.g., NIST, ISO 27001). Professionalism, integrity, and a commitment to maintaining the highest ethical standards in conducting professional responsibilities Required Qualifications Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. 10+ years of experience in advanced threat management, security design, and implementation. Proven expertise in developing and implementing security architectures and frameworks. Strong understanding of security assessment methodologies, vulnerability analysis, and penetration testing. Experience with security tools such as SIEM, SOAR, EDR, VM, Unified VM, ZTNA, IDS/IPS, firewalls, and endpoint protection, EASM, Deep/ Dark Web and Brand Protection. Excellent problem-solving skills and attention to detail. Strong communication and leadership skills. Experience with cloud security and securing hybrid environments. Preferred Qualifications Master’s degree in Information Security or a related field. Preferred certification in multiple SIEM and SOAR solution implementation (MS Sentinel, Splunk, Phantom, Swimlane, QRADAR) Relevant certifications such as CISSP, CISM, CEH, or OSCP. Show more Show less

Job Title: Lead Engineer – Security Operations Department: Engineering and Operations Location: Mumbai Reporting: Manager Security Operations Job Type: Full Time Shift: Rotational Shift PRE-REQUISITES Strong technical and subject matter expertise in at least four or more of the following security specialties: Firewall: Cisco, Palo Alto, Checkpoint, Fortinet, Zscaler, Barracuda VPN - IPSEC, SSL VPN: Ivanti, F5, Cisco, GlobalProtect NAC: Cisco ISE, Aruba ClearPass Unified Thread Management (UTM) SIEM products Qradar, Microsoft Sentinel etc. Load Balancers: F5 BigIP LTM/GTM, Citrix ADC Network Security (multi-vendor) experience. Cloud Infrastructure Mgmt.: Cloud stack, OpenStack, AWS, Azure, Netskope, PaloAlto Prisma Knowledge on scripting language like Python and automation Working knowledge and hands-on experience on Linux/Unix OS is desirable. Customer service experience preferably in a Global Operations Center environment Ticketing system knowledge Ability to workdays, evenings and weekends as required; 24x7 support in rotating shifts Flexibility with the ability to manage stressful situations and adapt to rapidly changing environments and requirements Analytical thinker willing to “think outside the box” to resolve customer impacting situations on first contact; understand customer pain Ability to work with Operations and Engineering on the priority of issues to resolve the urgent customer impacting issues first Aptitude and desire to learn advanced Network Security services. Creative, flexible thinker who is willing to take initiatives and share alternative solutions with peers and management Hands-on experience on Vulnerability Scanning, Penetration Testing Tools (Qualys, Nessus, Rapid7) Exceptional documentation and communication skills Ability to thrive in a fast paced, multi-cultural, customer-oriented environment MS Office proficiency RESPONSIBILITIES Incident Resolution Ticket resolution - work on trouble tickets, support the operation of advanced Network Security Services and take escalations Queue Management - keep a watch on queue and assign tickets Service Request - working on request for changes as per client requirements Perform the minor/major changes as per defined SoC process and work instructions Be a Subject Matter Expert (SME) on a few products Create Standard Operation Procedure Attend client calls and other technical meetings Assist in creation of Root Cause analysis (RCA) Security Performance Tuning Identify areas of Service Improvement Program (SIP) for key clients and reduce incidents Review code upgrade and test implement before rolling on to production Review documentation Recognize successful intrusions and compromises through review and analysis of relevant event detail information Review and update ROE on yearly basis Other Functions Work with hardware/software vendors to resolve problems Coordinate shifts and exchange handoff between various shifts Cross-train and mentor juniors Participate in various network and security related projects Perform other duties as assigned Any additional task given to the incumbent from time-to-time based on business needs TRAINING AND CERTIFICATION REQUIRED CCNA, CCSA, Fortinet NSE-4, PCNSE, CCIE, CEH EXPERIENCE Minimum 10 years of progressive, relevant experience and proven capability to work in a complex network environment EDUCATION Bachelor in Engineering - Computers/Electronics/Communication or related field Graduate/Post Graduate in Science/Maths/IT or related streams with relevant technology experience TECHNICAL AND OTHER SKILLS Knowledge of ITIL, ISO27K, SOC 2 will be beneficial Show more Show less

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you’ll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft CertifiedSecurity Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud CertificationsAWS Security Specialty Perks & Benefits ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com