14 Sentinelone Jobs

As a seasoned Cybersecurity professional in a leadership role, you will be responsible for overseeing various aspects of Digital Forensics and Incident Response (DFIR) across Operational Technology/Industrial Control Systems (OT/ICS) and Information Technology (IT) environments. Your primary duties will involve conducting forensic investigations and root cause analyses of cyber incidents, coordinating incident response activities, and ensuring compliance with breach containment and recovery protocols. You will play a crucial role in the development and maintenance of playbooks, Standard Operating Procedures (SOPs), and readiness frameworks for both proactive and reactive DFIR measures. Additionally, you will be tasked with establishing and managing forensic labs and tooling infrastructure to support memory, disk, network, and cloud forensics. Collaborating with client Chief Information Security Officer (CISO) teams and legal/compliance counterparts during forensic escalations will also be a key aspect of your role. As a mentor and leader, you will guide junior investigators, ensuring their skill development through hands-on training. Your expertise will drive continuous improvement initiatives in forensic collection, chain of custody, and evidence handling procedures. Furthermore, you will be expected to provide support for expert testimony, litigation response, and legal documentation as needed. Your role will require close collaboration with red, blue, and purple teams to develop an integrated threat mitigation strategy. You will also conduct forensic workshops, table-top exercises, and readiness assessments for clients. Building relationships with global Original Equipment Manufacturers (OEMs) and DFIR product partners to enhance capabilities will be essential for the success of the organization. In terms of required skills and tools, you should be proficient in utilizing tools such as EnCase, FTK, Magnet AXIOM, Autopsy, Volatility, and Wireshark. Experience with Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) platforms like CrowdStrike, SentinelOne, and Carbon Black is crucial. Familiarity with OT forensic challenges, including air-gapped ICS/SCADA systems, and a deep understanding of ICS protocols such as Modbus, DNP3, and OPC-UA are also expected. Your personality traits and leadership abilities will be put to the test in this role. Strong analytical skills, attention to detail, and strategic thinking will be essential, especially in high-pressure situations. Your proven ability to lead in crisis scenarios, communicate effectively with stakeholders, and manage teams will be highly valued. Collaborating seamlessly with cross-functional teams, including Security Operations Center (SOC), engineering, legal, and client teams, will be instrumental in achieving the organization's cybersecurity goals. To qualify for this position, you should hold a Bachelor's or Master's degree in Cybersecurity, Computer Science, or related fields. Preferred certifications include GCFA, GCFE, CHFI, CISSP, or their equivalents. A minimum of 14 years of cybersecurity experience, with at least 5 years in DFIR leadership roles, and prior experience managing DFIR services for critical infrastructure or consulting environments are prerequisites for this role.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

Job Title: Security Operations / Security Analyst (SOC Orange Team) Job Summary: We are seeking a skilled and motivated Security Analyst to join our Security Operations Center (SOC) Orange Team. The ideal candidate will possess hands-on experience in firewall and SIEM tools, with strong analytical and troubleshooting skills in managing security infrastructure. This role is critical in monitoring, auditing, and enhancing the organizations cybersecurity posture. Key Responsibilities: Manage and maintain network security appliances, with a primary focus on Fortinet firewalls . Conduct firewall rule auditing and configuration reviews to ensure alignment with security best practices. Utilize and monitor SIEM tools such as Splunk , QRadar , and SentinelOne for threat detection and incident response. Understand how SIEM systems operate, and demonstrate hands-on experience in usage (L1 and L2) . Create and manage SOAR/XOAR playbooks , including design, development, and implementation . Perform log analysis , incident detection, and threat intelligence correlation. Collaborate with internal teams to strengthen security controls and implement corrective actions. Stay current with emerging security threats and recommend appropriate defensive measures. Required Skills and Experience: Proven experience in managing routers and firewalls , especially Fortinet, following industry best practices. Strong expertise in firewall rule auditing and security configuration management . Practical experience with SIEM platforms : Splunk, QRadar, SentinelOne usage experience is essential (configuration knowledge is a plus). Understanding of SOC operations and incident lifecycle management . Knowledge of SOAR/XOAR platforms and ability to build and customize automated response playbooks. Familiarity with security event analysis, alert triage, and escalation procedures. Preferred Qualifications: Certifications such as Fortinet NSE , Splunk Certified , Security+ , or equivalent. 25 years of experience in a SOC environment or cybersecurity operations. Strong communication and documentation skills.

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of our cloud environments, specifically across AWS or Azure. Your primary responsibilities will revolve around collaborating with DevOps and IT teams to implement and oversee security measures, identify and mitigate risks, and ensure compliance with industry standards. Your key responsibilities will include: - Utilizing Microsoft Defender for Cloud and EDR tools like SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint to enhance security measures. - Applying AI coding techniques for anomaly detection, threat prediction, and automated response systems. - Managing Microsoft Defender for Cloud to safeguard Azure environments. - Leveraging Endpoint Detection and Response (EDR) tools for threat detection and response. - Designing, implementing, and managing security solutions across AWS, Azure, and GCP. - Employing AWS security capabilities such as AWS Inspector, WAF, GuardDuty, and IAM for cloud infrastructure protection. - Implementing Azure security features including Azure Security Center, Azure Sentinel, and Azure AD. - Managing security configurations and policies across GCP using tools like Google Cloud Armor, Security Command Center, and IAM. - Conducting regular security assessments and audits to ensure vulnerability identification and compliance. - Developing and maintaining security policies, procedures, and documentation. - Collaborating with cross-functional teams to integrate security best practices into the development lifecycle. - Monitoring and responding to security incidents and alerts. - Implementing and managing Cloud Security Posture Management (CSPM) solutions with tools like Prisma Cloud, Dome9, and AWS Security Hub to continuously enhance cloud security posture. - Utilizing Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, and ARM templates for cloud infrastructure automation and management. Qualifications: Must Have Qualifications: - Bachelor's degree in computer science, Information Technology, or a related field. - 1-3 years of experience in cloud security engineering. - Proficiency in AWS security capabilities. - Strong skills in Terraform for Infrastructure as Code (IaC). - Experience with Cloud Security Posture Management (CSPM) tools. - Familiarity with Web Application Firewall (WAF). - Relevant certification such as CISSP or AWS Certified Security Specialty or similar. Good to Have Qualifications: - Additional experience with AWS security capabilities. - Strong understanding of cloud security frameworks and best practices. - Proficiency in Infrastructure as Code (IaC) tools like CloudFormation and ARM templates. - Experience with AI coding and applying machine learning techniques to security. - Excellent problem-solving skills and attention to detail. - Strong communication and collaboration skills. This role will be based at The Leela Office on Airport Road, Kodihalli, Bangalore. The position follows a hybrid work model with office presence on Tuesdays, Wednesdays, and Thursdays, and remote work on Mondays and Fridays. The work timings are from 1 PM to 10 PM IST, with cab pickup and drop facility available. Candidates based in Bangalore are preferred.,

Job Title : Cybersecurity Analyst Fortinet, SIEM, and SOAR Expert Location : Chennai Experience : 5 to 8 Years Employment Type : Contract Job Summary : We are looking for an experienced Cybersecurity Analyst with a strong background in Fortinet firewall configuration , SIEM tools (like Splunk, QRadar, or SentinelOne), and SOAR platforms . The ideal candidate will be highly skilled in threat detection, incident response automation, and log analysis. A basic understanding of OT/IoT security concepts is desirable. Key Responsibilities : Configure and audit firewall rules in Fortinet environments Work with SIEM tools (e.g., Splunk, QRadar, SentinelOne) to: Monitor and analyze logs and security events Create and tune correlation rules and alerts Manage incident detection workflows Develop and manage automated playbooks in SOAR/XSOAR platforms Integrate security tools and enable automation for incident response Understand OT/IoT security threats and risk areas (hands-on experience not mandatory) Required Skills : Hands-on experience with Fortinet firewall configuration and policy audits Strong knowledge of at least one SIEM tool (Splunk, QRadar, or SentinelOne) Practical experience in log analysis , threat detection, and workflow creation Familiarity with SOAR tools and playbook development Basic understanding of OT/IoT security environments Good analytical and troubleshooting skills Ability to work in a fast-paced environment Preferred Qualifications : Certifications such as Fortinet NSE , Splunk Certified , etc. Experience in scripting/automation using Python , PowerShell , or similar tools Exposure to MITRE ATT&CK framework and incident response procedures

Key Responsibilities: Lead advanced incident response, including triage, containment, eradication, and root cause analysis. Perform forensic investigations, malware analysis, and threat hunting activities. Manage and fine-tune enterprise security solutions: SIEM, EDR, NDR, firewalls, IDS/IPS, DLP, WAF, VPNs , etc. Act as a subject matter expert (SME) for escalated security events from L1/L2 teams. Review and update runbooks, threat detection rules, and incident response procedures. Collaborate with threat intelligence teams to analyze IOCs, TTPs, and emerging threats. Perform regular vulnerability assessments and coordinate patch management with IT/DevOps. Conduct security reviews of infrastructure, applications, and network architecture. Ensure compliance with ISO 27001, NIST, GDPR, PCI-DSS , or other applicable standards. Automate security operations and incident response workflows using tools/scripts (e.g., Python, PowerShell). Mentor junior engineers and conduct technical training sessions. Required Skills and Qualifications: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 510 years of hands-on experience in cybersecurity, with at least 23 years in an L3 or advanced SOC role. Expertise in managing and troubleshooting security tools: SIEM (Splunk, QRadar, ArcSight, etc.) EDR/XDR (CrowdStrike, SentinelOne, Defender ATP) Firewalls (Palo Alto, Fortinet, Cisco ASA) IDS/IPS, DLP, VPN, NAC, etc. Strong knowledge of cyberattack techniques , threat detection , and incident response lifecycle . Familiarity with MITRE ATT&CK , Cyber Kill Chain , STIX/TAXII , and YARA rules . Proficiency in scripting or automation (Python, Bash, PowerShell). Excellent documentation, troubleshooting, and analytical skills.

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of the cloud environments in either AWS or Azure. Your responsibilities will involve collaborating closely with the DevOps and IT teams to implement and manage security measures, identify risks, and ensure compliance with industry standards. You will be expected to have experience with Microsoft Defender for Cloud and Endpoint Detection and Response (EDR) tools such as SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint. Furthermore, you will apply AI coding techniques to enhance security measures, implement Microsoft Defender for Cloud for Azure protection, and utilize EDR tools for threat detection and response. Designing, implementing, and managing security solutions across various cloud platforms like AWS, Azure, and GCP will be a key part of your role. Utilizing security capabilities specific to each platform, such as AWS Inspector, WAF, GuardDuty, Azure Security Center, Sentinel, and IAM, will be essential in safeguarding the cloud infrastructure. Regular security assessments, audits, and the development of security policies and documentation will also fall within your responsibilities. Collaborating with cross-functional teams to integrate security best practices into the development lifecycle, monitoring and responding to security incidents, and managing Cloud Security Posture Management (CSPM) solutions using tools like Prisma Cloud and AWS Security Hub will be crucial aspects of your role. You should hold a Bachelor's degree in computer science, Information Technology, or a related field, along with 1-3 years of experience in cloud security engineering. Proficiency in AWS security capabilities, Azure AD, Microsoft Defender, M365, Exchange security, and Terraform for Infrastructure as Code (IaC) is required. Relevant certifications such as CISSP or AWS Certified Security Specialty will be beneficial. Additional qualifications that would be advantageous include experience with cloud security frameworks, Infrastructure as Code (IaC) tools like CloudFormation and ARM templates, AI coding, and machine learning techniques applied to security. Strong problem-solving skills, attention to detail, and effective communication and collaboration abilities are also desired. This position is based at The Leela Office in Bangalore, with a hybrid work model of 3 days in the office and 2 days remote work. The work timings are from 1 pm to 10 pm IST, with cab pickup and drop facilities available. Candidates based in Bangalore are preferred for this role.,

Qualification and Skills: Minimum of 10+ years of overall technical experience in IT Infrastructure with 5+ years in the Pre-sales Technical consultant capacity. Should be a graduate from a reputed institute. MBA (Preferable) Must have experience building technical solutions, working with system integrators, resolving customer IT problems, and the ability to work well in a team setting. A comprehensive understanding of IT Infrastructure. Excellent knowledge of technologies like Netskope, Paloalto, Fortinet, SentinelOne, and F5. Experience in building solutions that includes opportunity information gathering, building a business case, high & low-level architecture definition, services, etc. Excellent communication skills, both written and oral are required. Possess the ability to effectively present ideas, properly describe problems, and propose solutions. Excellent documentation skills with fluent English for Technical write-up and proposal writing Strong presentation skills Candidate should have good domain knowledge in the Government bid process and their domain solution. Strong ability to identify, document and articulate the business and technical requirements of a prospective customer during the full sales cycle - qualification, proposal, post-sale transition.

Engineer - IT Application Admin and Cyber Security KSB Pumps Limited is looking for an Engineer - IT Application Admin and Cyber Security to bolster our cybersecurity defenses. This role is perfect for a professional with a firm IT security mindset and a dedication to proactive threat detection and response, ensuring the robust security of our applications and infrastructure. Responsibilities: Conduct security monitoring , including SentinelOne incident response and security analytics. Perform proactive threat hunting and utilize threat intelligence platforms, incorporating Indicators of Compromise (IOC) and other threat intelligence (vulnerabilities, strategic, tactical, etc.). Implement User & Entity Behavioral Anomaly Detection and vulnerability scanning for threat detection. Monitor contemporary threats and develop response plans. Assess and monitor application security , and if feasible, coordinate with service providers for post-assessment application security monitoring. Skills: Hands-on experience with security technologies , such as firewalls, IDS/IPS, SIEM, EDR, antivirus, and vulnerability scanning tools. Expertise with SentinelOne. Threat Modeling skills and a firm IT security mindset. Advanced knowledge of Windows Server, Windows Clients, and Linux Server. In-depth understanding of different types of security vulnerabilities (e.g., SQL injection, XSS, buffer overflow). Understanding of attack vectors. Familiarity with different network topologies and protocols such as TCP/IP, DNS, HTTP(S), SMTP, VLANs, VPNs, and routing/switching. Firm knowledge of technical details of SMTP / e-mail in general, and the ability to analyze e-mail headers to determine additional data such as real origin. Expert regarding the operation of Outlook & Exchange from a user's perspective. Firm grasp of phishing techniques and e-mail based attack patterns. Commitment to continuous learning. Familiarity with security-related regulations , such as GDPR, HIPAA, and PCI-DSS. Excellent verbal, written, and interpersonal communication skills , especially the ability to break down complex technical information for non-technical stakeholders and articulate the impact of security design flaws, attack surfaces, and vulnerabilities. Qualifications: Preferable (Nice to have) skill: Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications.

About Position: As a SOC Level 2 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security incidents and threats within our organization's environment. You will work closely with SOC Level 1 analysts, as well as other cybersecurity professionals, to ensure the integrity, confidentiality, and availability of our systems and data. Role: SOC L2/L3 Support Location: Pune Experience: 5-12Years Job Type: Full Time Employment What You'll Do: Security Monitoring and Analysis: Monitor security event alerts generated by various security systems, including Sumo logic, QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Analyze security events to identify potential security incidents or anomalies that may pose a risk to the organization. Incident Triage and Investigation: Triage incoming security alerts based on their severity and potential impact on the organization. Conduct preliminary investigations to determine the nature and scope of security incidents. Gather and analyze evidence, including logs, network traffic, and system artifacts, to identify indicators of compromise (IOCs). Incident Response and Mitigation: Assist in the containment, eradication, and recovery phases of security incidents. Follow established incident response procedures and workflows to ensure timely and effective response to security threats. Collaborate with other members of the SOC team and relevant stakeholders to coordinate incident response efforts. Threat Intelligence Analysis: Stay informed about the latest cyber threats, vulnerabilities, and attack techniques by analyzing threat intelligence feeds and reports. Use threat intelligence to enhance the organization's detection capabilities and proactively identify emerging threats. Documentation and Reporting: Maintain accurate and detailed records of security incidents, including timelines of events, actions taken, and findings. Prepare incident reports and post-mortems to document the outcomes of security incidents and lessons learned. Ensure that all documentation complies with internal policies and regulatory requirements. Continuous Improvement: Participate in ongoing training and professional development activities to enhance knowledge and skills in cybersecurity. Provide feedback and suggestions for improving SOC processes, procedures, and tools. Stay abreast of industry best practices and emerging technologies in cybersecurity. Expertise You'll Bring: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in a cybersecurity role, preferably in a SOC environment. Strong understanding of cybersecurity principles, concepts, and technologies. Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS). Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus. Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent "Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind."

Job Title: Senior Cyber Defense Operations Analyst Location: Bengaluru, India Experience: 8+ years Job Type: Full-time Department: Cybersecurity / Information Security / SOC Job Summary: We are seeking a highly skilled and experienced Senior Cyber Defense Operations Analyst to join our cybersecurity team in Bengaluru. The ideal candidate will lead and coordinate cyber defense activities, manage incident response efforts, monitor threats, and provide strategic guidance to strengthen our cyber defense posture. This is a hands-on technical and leadership role within a fast-paced, mission-critical environment. Key Responsibilities: Lead day-to-day operations of Cyber Defense including threat detection, response, and mitigation. Manage and mentor a team of SOC analysts and incident responders. Monitor SIEM and other security tools for indications of compromise, suspicious behavior, and known threats. Coordinate and manage high-severity incidents and support root cause analysis and post-incident reviews. Develop and implement advanced threat detection use cases and response playbooks. Work closely with IT, Infrastructure, and AppSec teams to address vulnerabilities and security gaps. Participate in threat hunting and proactive intelligence-driven defense activities. Collaborate with global security teams to align local and enterprise-wide defense strategies. Ensure compliance with internal security policies, industry standards, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR). Regularly review and improve security operations processes and toolsets. Provide executive-level reporting on threat landscape, incident metrics, and defense posture. Required Qualifications: 8+ years of experience in cybersecurity with a strong focus on Security Operations or Cyber Defense. Proven experience with SIEM (e.g., Splunk, QRadar, LogRhythm), EDR (e.g., CrowdStrike, SentinelOne), and SOAR platforms. Strong understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence frameworks. Expertise in incident response, digital forensics, malware analysis, and threat hunting. Familiarity with cloud security (AWS, Azure, or GCP), including monitoring and defending cloud-native environments. Experience with scripting (Python, PowerShell, etc.) for automation and analysis. Strong understanding of TCP/IP, network protocols, and security architectures. Certifications such as CISSP, GCIA, GCIH, CEH, or similar are highly desirable. Preferred Qualifications: Experience working in a global or large-scale enterprise security environment. Knowledge of DevSecOps and integration of security into CI/CD pipelines. Understanding of data privacy regulations relevant to cybersecurity (e.g., GDPR, HIPAA). Leadership experience in managing small-to-mid sized security teams. Benefits: Competitive salary and performance-based bonuses Health and wellness benefits Flexible work hours and hybrid work options Learning and development support (certifications, courses) Opportunity to work with cutting-edge cybersecurity technologies Please share your updated profiles to naseeruddin.khaja@infosharesystems.com

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose - the relentless pursuit of a world that works better for people - we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. Inviting applications for the role of Technical Associate - Security Analyst Responsibilities Cyber security analyst is responsible for ensuring the security of an organization%27s computer systems, networks, and data. Their job involves identifying potential security risks, analyzing security breaches, and implementing measures to prevent future incidents. Here are some key responsibilities of a cyber security analyst: . Monitoring SOC (Arctic Wolf, SentinelOne, Varonis, etc.) . Experience on Arctic Wolf Vulnerability Management, Barracuda Email Security, Varonis and Sentinel One Security tools . Candidate should have experience of Cyber Security Administration.? . Monitoring and analyzing security systems: They monitor networks, systems, and applications for any suspicious activity or vulnerabilities. They use various tools and technologies to identify and analyze potential security threats. . Incident response and investigation: When a security breach occurs, cyber security analysts respond quickly to contain and mitigate the impact. They investigate the incident to understand the cause, assess the damage, and develop strategies to prevent future occurrences. . Vulnerability assessment and penetration testing: They conduct regular assessments to identify weaknesses in systems or networks. They perform penetration testing to simulate attacks and identify vulnerabilities before malicious hackers exploit them. . Implementing security measures: Based on their analysis and findings, cyber security analysts develop and implement security measures, such as firewalls, encryption methods, access controls, and security policies. . Security awareness and training: They educate employees on security best practices, conduct training sessions, and create awareness campaigns to foster a security-conscious culture within the organization. . Keeping up with industry trends: Cyber security is a rapidly evolving field. Analysts need to stay up to date with the latest threats, vulnerabilities, and industry best practices to effectively protect organizations from emerging risks. . Compliance and risk management: They ensure compliance with relevant security standards and regulations. They assess risks associated with data breaches and provide recommendations to manage those risks effectively. . Review and Approve firewall rules mostly around Palo Alto firewall. . Review and approve local admin rights and other requests. . Triage and respond to end user queries and escalations related to phishing or suspicious emails. Qualifications we seek in you! Minimum Qualifications . Bachelor%27s Degree required. Preferred Qualifications/ Skills Rapid7 Vulnerability Management, Mimecase Email Security, Sumo Logic SIEM, Intrusion Prevention Competencies . Fluent English, oral and written. . Strong Analytical Thinking . Excellent organisational - multitasking skills . Flexibility, commitment, and ability to work under pressure, absolute integrity, and utmost discretion. . Attention to detail, well organized, and able to set priorities. . Ability to anticipate, identify and solve critical problems and conflicts. . Proven experience in a network administrator role . Hands on experience in Zscaler . Experience with firewalls, Internet VPN&rsquos remote implementation, troubleshooting, and problem resolution is desired. . Great at organising, prioritising, and multitasking . Juniper, Cisco, CWNA or BCNE training Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. For more information, visit www.genpact.com . Follow us on Twitter, Facebook, LinkedIn, and YouTube. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Role & responsibilities Preferred candidate profile