5 Sentinel One Jobs

You are an experienced professional with over 8 years of experience, seeking to set up SOC L1 operations, develop processes, procedures, and integrate teams. In this role, you will collaborate with Cadence SOC L2/L3 teams to establish a fully operational L1 framework. Your expertise in tools used in the SOC ecosystem such as Splunk, Devo, and Sentinel One is essential. Your key responsibilities will include designing and implementing SOC L1 workflows, processes, and escalation paths, onboarding and guiding the L1 team to align with L2/L3 operations, developing SOPs, incident response playbooks, and documentation. You will configure monitoring tools and dashboards for effective threat management and provide full-time onsite support for 6-8 weeks, transitioning to part-time remote support. To excel in this role, you should have proven experience in SOC operations and team setup, strong knowledge of SOC tools like SIEM and cybersecurity frameworks, excellent documentation, and communication skills. Possessing relevant certifications such as Security+ or CSA would be advantageous. This is a full-time position with a rotational shift schedule. The job requires you to be based in Noida, Uttar Pradesh and have the flexibility to commute or relocate before starting work. You will also be expected to provide details regarding your current CTC, expected CTC, notice period, current location, the level you are supporting, years of experience in SOC tools and cybersecurity frameworks, experience in Splunk and Sentinel One, and your comfort level with 24/7 support. If you meet the qualifications and are ready to take on the challenges of setting up SOC L1 operations and collaborating with cross-functional teams, this role offers an exciting opportunity to contribute to Cadence's cybersecurity initiatives.,

We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position and Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols

Exp in SIEM,AV,Asset Monitoring tools(Rapid7,SentinelOne,Palo Alto Panorama,Nagios,Proofpoint TAP).Knowledge of malware prevention,threat detection,IT infra.Familiar with Office365,Azure,Citrix(XenApp),Windows OS.Exp in ticketing system(ConnectWise) Required Candidate profile Degree inMIS, Computer Science or similar. MS Certified (MCSE) or equivalent certification a plus.Security Certification (current/within 6 months),CompTIA Security+, CySA or Network+, ISC-2 CC

Role Summary: Protects endpoint devices (laptops, servers, mobile) from cyber threats. Key Responsibilities: Design and implement endpoint protection strategies. Monitor and manage antivirus, EDR, and DLP tools. Respond to endpoint-related incidents. Maintain awareness of emerging threats Skills Required: Knowledge of Windows/Linux OS security. Experience with endpoint protection platforms (CrowdStrike, Sentinel One). Familiarity with encryption and certificate management. Qualifications: Bachelors in IT or Cybersecurity. Certifications: CISSP, CEH, or GIAC.

Role & responsibilities - Lead Engineer - Email gateway Reports to Senior Manager/Architect location) University degree in the field of computer science or IT. This role involves acting as primary point of contact for operational tickets resolution, enhancing, email security measures and providing document support. Experience/Qualifications * The ideal candidate will have a strong background in email security and vendor collaboration. * Must possess patching experience as well as upgrade and update and implementation of email gateways * Mandatory skills are Email authentication spf, dkim. dmarc also should be aware of spam, phishing, spoofing * Should possess basic networking and dns records knowledge Act as a primary point of contact for resolving operational tickets related to Trend micro email gateway which specifically includes ddei and imsva Daily monitoring reports for services, resource optimization, patching and Responsibilities upgrade activity. Rca preparation for mail flow issues Provide full email analysis for spam, spoofing,phishing, malware etc. Manage and maintaining server resources for email gateway Preferred candidate profile - Mandatory skills are Email authentication spf, dkim.dmarc also should be aware of spam, phishing, spoofing Must possess patching experience as well as upgrade and update and implementation of email gateways Rca preparation for mail flow issues