23 Sentinelone Jobs

**Job Description:** As an Endpoint Security Applications Specialist at Lenovo, your role will involve the following responsibilities: - **Endpoint Security Applications:** Possess basic knowledge of endpoint security applications like Sentinel-One, SCCM, Netskope, and other security solutions. - **Compliance Monitoring:** Oversee and ensure compliance with relevant laws, regulations, and internal policies across systems and endpoints. - **Stakeholder Engagement:** Foster and manage effective relationships with internal and regional stakeholders regarding compliance and security issues. - **Compliance Support:** Provide guidance and assistance to internal teams in meeting security and compliance requirements. - **Process Improvement:** Identify, suggest, and help implement technical and procedural solutions to enhance compliance and security posture. - **Incident Management:** Raise, track, and follow up on incident tickets with regional SPOCs for timely resolution and system compliance. **Qualifications Required:** - Graduate with a minimum of 4 years of relevant experience. At Lenovo, we are dedicated to delivering innovative technology solutions and creating a more inclusive and smarter future for all. Visit www.lenovo.com to learn more about us and stay updated with our latest news on StoryHub.,

As a mid-level Endpoint Security Analyst, you will be responsible for managing endpoint security, responding to security incidents, and supporting solutions such as SentinelOne. Your key responsibilities will include monitoring endpoint security alerts and events, responding to and investigating security incidents, assisting in the deployment and configuration of endpoint security tools, and supporting the team in maintaining endpoint security policies. Your role will be crucial in ensuring the security of our organization's endpoints and data, contributing to the overall security posture. Your attention to detail, proactive approach to security incidents, and ability to work effectively with the team will be essential in this position.,

Req ID: Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use. We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an employer that complies with all applicable national, state and local laws pertaining to nondiscrimination and equal opportunity regardless of race, gender, religion, sex, sexual orientation, national origin, or disability. Envision yourself at Barracuda: The Endpoint Security Engineer will work among the global Security Operations Center team, supporting the optimal delivery of the endpoint protection service and support across our customer base. What you'll be working on: Full management of the endpoint protection platform for all tenants. Proactive testing of new product features and agent versions released. Proactive threat hunting within the admin console. Conduct attack and defend exercises within our lab environments to evaluate protection capabilities based on latest endpoint security threats. Responsible for supporting incident response efforts pertaining to endpoint security incidents. Ongoing development of rules within the XDR platform to alert customers of endpoint threat detections. Execute and automate remediation actions based on endpoint security threats detected within the XDR platform. Manage device policies to ensure optimal security settings are applied to best fit each tenant. Implement changes as requested by customers. Changes include but are not limited to: Exclusions Block-listing Policy changes Device updates Troubleshoot any issues that may arise within the given tenants. This typically requires remote sessions working with customers in real-time. Regularly meet with vendor representatives to manage support cases, updates, etc. Support on-call schedule for the endpoint security team. Conduct knowledge-share and training for the GSOC team as a whole on endpoint protection updates. Ensure the customer security dashboard displays visualizations and reports of all relevant endpoint protection data to the customers. What you'll bring to the role: Hands-on experience working with and managing advanced endpoint protection tools such as: Carbon Black CrowdStrike Cylance SentinelOne Experience working in a security operations center. Security analysis and incident response skills pertaining specifically to endpoint security threats such as malware, ransomware, etc. Experience conducting testing within lab/sandbox environments. Knowledgeable in conducting cybersecurity threat hunting. Strong customer service skills. Knowledge and understanding of corporate IT environments: networking, cloud, etc. Bachelor's/Master's degree in cybersecurity or relevant field is preferred. CEH, CompTIA Security+, and similar certifications or cybersecurity bootcamps are preferred. What you'll get from us: A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility - there are opportunities for cross training and the ability to attain your next career step within Barracuda. In addition, you will receive equity, in the form of non-qualifying options.

You should have at least 5 years of experience in Cybersecurity and EDR Solutions to be considered for this role. As the ideal candidate, your responsibilities will include leading the installation, configuration, and policy deployments of SentinelOne in enterprise environments. You will be in charge of administering and maintaining the SentinelOne console and endpoint agents, as well as performing advanced troubleshooting and root cause analysis of endpoint issues. Proactive threat hunting and incident investigation using SentinelOne will also be part of your duties. Moreover, you will collaborate closely with clients and internal teams to optimize and tune solutions, integrate SentinelOne with SIEM/SOAR platforms for enhanced threat visibility, and maintain detailed documentation of configurations, procedures, and best practices. To qualify for this position, you must possess strong hands-on experience with SentinelOne in both administration and implementation. You should have expertise in L3 troubleshooting, incident response, and threat containment, along with an understanding of threat detection, forensic investigation, and EDR reporting. While certifications like SentinelOne Certified Admin/Engineer are preferred, they are not mandatory. If you meet these requirements and are ready to take on the challenge, please submit your application or send your CV to Piyush.s@protechmanize.com / 8879773419.,

As an Endpoint Security Engineer, you will play a crucial role in implementing, monitoring, and optimizing endpoint protection platforms to ensure the security of our IT infrastructure against modern threats. Your primary responsibilities will include deploying, configuring, and managing security tools such as Microsoft Defender for Endpoint, CrowdStrike Falcon, and SentinelOne. You will also be tasked with monitoring and responding to security alerts, investigating suspicious activities, and collaborating with SOC/IT teams for root cause analysis. In this role, it is essential to tune policies, rules, and detection logic to enhance threat visibility and reduce false positives. You will support day-to-day operations, including patching, EDR tool maintenance, and threat hunting, while maintaining documentation for configurations, incident reports, and remediation actions. Staying updated with the latest threats, vulnerabilities, and EDR technology updates will be crucial to your success. To excel in this position, you should have experience with Microsoft Defender for Endpoint, CrowdStrike, and/or SentinelOne, along with familiarity with SIEM platforms like Microsoft Sentinel. A solid understanding of endpoint threat vectors, malware behavior, and basic forensic techniques is desirable. Exposure to compliance frameworks such as ISO 27001 and NIST would be a plus. Soft skills such as strong problem-solving abilities, effective communication, attention to detail, and the capability to work both independently and collaboratively are essential for this role. Your ability to document findings and present security insights clearly will be key to ensuring the effectiveness of our endpoint security measures.,

As a potential candidate for this role, you will be responsible for working with SIEM Azure Sentinel and EDR technologies like MDE and SentinelOne. Your expertise will also be required with the Microsoft Security Suite, which includes MCAS, MDO, MDI, MDC, and MDE among others. Proficiency in KQL ranging from basic to advanced/mid level is essential for this position. Additionally, experience with threat intelligence tools such as Recorded Future, VMRay, or similar tools will be considered a secondary preference. Familiarity with SNOW (ServiceNow) as a ticketing tool will also be acknowledged in this role.,

About Syfe Syfe is a digital investment platform with a mission to empower people to grow their wealth for a better future. Built on the pillars of advice, access and innovation, we cater to the full spectrum of an individual&aposs wealth needs across diversified proprietary portfolios, cash management solutions and a state-of-the-art brokerage. The Syfe team combines world-class financial expertise with best in-class technology talent. Excellence in execution is in our DNA and we offer equity ownership to all employees regardless of seniority and designation. We are regulated by the financial authorities across Singapore, Hong Kong and Australia. In Singapore alone, where we are headquartered, over 250,000 investors trust Syfe to grow their wealth. Since its founding, Syfe has raised US$132 million from world-class investors. The company has won multiple awards including Wealth Management Fintech of the Year by the Asian Banking and Finance Awards, as well as being recognized as one of the Top LinkedIn Startups in Singapore. Key Responsibilities Provide day-to-day technical support for laptops, desktops, and software (macOS, Windows). Respond promptly to user-reported issues via ITSM platforms and ensure effective resolution. Manage onboarding and offboarding activities (device setup, account provisioning, access revocation, device recovery). Administer user accounts across systems such as Google Workspace, Slack, Jira, etc. Monitor and manage endpoint protection solutions. Maintain IT asset inventory in tools like Snipe-IT and ensure accurate records. Troubleshoot hardware and software issues remotely or on-site. Coordinate with vendors for warranty claims, servicing, or procurement. Create and update IT documentation, SOPs, and knowledge base articles. Assist in periodic access reviews, audits, and compliance activities. Support VPN and security solutions like JumpCloud Go or Twingate. What Were Looking For Hands-on experience with macOS and Windows. Familiarity with tools like Google Workspace, JumpCloud, Slack, Jira, Snipe-IT, SentinelOne. Basic networking knowledge (IP, DNS, VPN, firewalls). Experience with ITSM tools such as Jira ITSM. Strong documentation and organizational skills. Excellent communication and customer service orientation. Bachelors degree in IT, Computer Science, or a related field. 13 years of IT support experience. Preferred certifications: ITIL, MCSA (not mandatory). The Syfe Advantages: Annual learning allowance for work related online courses and books Annual recreational allowance Allowance for home-office setup Latest M1 Macbook Pro + as required hardware and software Best of all, our speciality is helping people manage their money. We will help you learn how to manage your own money like a pro Medical Insurance Show more Show less

Job Title: SOC Analyst Location: Remote Position Overview We are seeking a SOC Analyst to join our security operations team. The role involves continuous monitoring, detection, investigation, and response to security incidents across enterprise systems. The SOC Analyst will work with SIEM, SOAR, IDS/IPS, NGFW, EDR, and other security technologies to protect against evolving threats, ensure rapid incident response, and strengthen the overall security posture. Key Responsibilities Monitor and analyze security events through SIEM platforms to detect potential threats. Investigate alerts and incidents using IDS/IPS, NGFW, EDR, WAF, vulnerability scanners, and bot management solutions. Perform network protocol analysis (TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.) to identify abnormal traffic and possible intrusions. Utilize EDR tooling to analyze endpoint activity and provide containment/remediation recommendations. Respond to and mitigate DDoS attacks and other advanced threat vectors. Operate SOAR platforms to streamline and automate detection and response processes. Contribute to defensive security strategies, incident response playbooks, and continuous improvement of SOC operations. Document investigation findings, response actions, and lessons learned. Required Skills & Qualifications Experience with SIEM platforms (Splunk, QRadar, ArcSight, or similar). Strong knowledge of IDS/IPS, NGFW, WAF, and vulnerability management tools. Hands-on experience with EDR solutions such as CrowdStrike, Carbon Black, or SentinelOne. Familiarity with bot management solutions and DDoS mitigation strategies. Solid understanding of network protocols and protocol analysis tools. Exposure to SOAR platforms for incident response automation. Strong analytical, problem-solving, and communication skills. Bachelors degree in Information Security, Computer Science, or a related field (or equivalent work experience). Security certifications (CompTIA Security+, CEH, GCIH) preferred) Show more Show less

Description: SentinelOne Administrator Job Title: SentinelOne Administrator (Z2) Department: Cybersecurity Job Summary: We are seeking a skilled SentinelOne Administrator to manage, configure, and maintain our Endpoint Detection and Response (EDR) environment. You will be responsible for overseeing the deployment, monitoring, and ongoing optimization of SentinelOne across the enterprise. This role ensures endpoint security across IT, OT, and cloud environments, playing a key part in protecting against cyber threats and supporting incident response. Key Responsibilities: • Manage and maintain the SentinelOne EDR platform across all endpoints. • Monitor alerts, events, and incidents generated by SentinelOne. • Fine-tune detection policies to reduce false positives and optimize detection efficacy. • Collaborate with SOC teams to investigate, contain, and remediate security threats. • Integrate SentinelOne with SIEM/SOAR tools (e.g., Microsoft Sentinel, Splunk). • Perform periodic health checks, audits, and updates of the SentinelOne environment. • Onboard new systems or business units into SentinelOne. • Ensure compliance with internal security policies and external regulatory requirements. • Provide technical support during security incidents and forensic investigations. • Generate dashboards and reports for KPIs, such as incident trends and endpoint health. • Collaborate with the IT, Cloud, and OT Security teams for policy enforcement and rollouts. Qualifications: • 3+ years of experience in cybersecurity or endpoint security. • Proven experience managing SentinelOne or other EDR solutions (e.g., CrowdStrike, Defender for Endpoint). • Familiarity with incident response processes and SOC workflows. • Hands-on experience integrating EDR with SIEMs (e.g., Microsoft Sentinel, Splunk). • Strong knowledge of Windows, Linux, and macOS endpoint security. • Understanding of MITRE ATT&CK, Cyber Kill Chain, and threat detection techniques. • Experience with automation via SOAR or scripting (PowerShell, Python) is a plus. • Certifications such as SentinelOne Ranger, Security+, CEH, or SC-200 are preferred. Soft Skills: • Strong analytical and troubleshooting skills. • Excellent communication and documentation abilities. • Ability to work independently and as part of a cross-functional team. • Proactive and detail-oriented approach to security operations. Enable Skills-Based Hiring No Additional Details Planned Resource Unit : (55)IT_TRUCKS;(11)F/TC - Application Engineer - 3-6 Yrs ;Cyber Security;(Z2)3-6 Year send your resume: aman.a@acesoftlabs.com

As a seasoned Cybersecurity professional in a leadership role, you will be responsible for overseeing various aspects of Digital Forensics and Incident Response (DFIR) across Operational Technology/Industrial Control Systems (OT/ICS) and Information Technology (IT) environments. Your primary duties will involve conducting forensic investigations and root cause analyses of cyber incidents, coordinating incident response activities, and ensuring compliance with breach containment and recovery protocols. You will play a crucial role in the development and maintenance of playbooks, Standard Operating Procedures (SOPs), and readiness frameworks for both proactive and reactive DFIR measures. Additionally, you will be tasked with establishing and managing forensic labs and tooling infrastructure to support memory, disk, network, and cloud forensics. Collaborating with client Chief Information Security Officer (CISO) teams and legal/compliance counterparts during forensic escalations will also be a key aspect of your role. As a mentor and leader, you will guide junior investigators, ensuring their skill development through hands-on training. Your expertise will drive continuous improvement initiatives in forensic collection, chain of custody, and evidence handling procedures. Furthermore, you will be expected to provide support for expert testimony, litigation response, and legal documentation as needed. Your role will require close collaboration with red, blue, and purple teams to develop an integrated threat mitigation strategy. You will also conduct forensic workshops, table-top exercises, and readiness assessments for clients. Building relationships with global Original Equipment Manufacturers (OEMs) and DFIR product partners to enhance capabilities will be essential for the success of the organization. In terms of required skills and tools, you should be proficient in utilizing tools such as EnCase, FTK, Magnet AXIOM, Autopsy, Volatility, and Wireshark. Experience with Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) platforms like CrowdStrike, SentinelOne, and Carbon Black is crucial. Familiarity with OT forensic challenges, including air-gapped ICS/SCADA systems, and a deep understanding of ICS protocols such as Modbus, DNP3, and OPC-UA are also expected. Your personality traits and leadership abilities will be put to the test in this role. Strong analytical skills, attention to detail, and strategic thinking will be essential, especially in high-pressure situations. Your proven ability to lead in crisis scenarios, communicate effectively with stakeholders, and manage teams will be highly valued. Collaborating seamlessly with cross-functional teams, including Security Operations Center (SOC), engineering, legal, and client teams, will be instrumental in achieving the organization's cybersecurity goals. To qualify for this position, you should hold a Bachelor's or Master's degree in Cybersecurity, Computer Science, or related fields. Preferred certifications include GCFA, GCFE, CHFI, CISSP, or their equivalents. A minimum of 14 years of cybersecurity experience, with at least 5 years in DFIR leadership roles, and prior experience managing DFIR services for critical infrastructure or consulting environments are prerequisites for this role.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

Job Title: Security Operations / Security Analyst (SOC Orange Team) Job Summary: We are seeking a skilled and motivated Security Analyst to join our Security Operations Center (SOC) Orange Team. The ideal candidate will possess hands-on experience in firewall and SIEM tools, with strong analytical and troubleshooting skills in managing security infrastructure. This role is critical in monitoring, auditing, and enhancing the organizations cybersecurity posture. Key Responsibilities: Manage and maintain network security appliances, with a primary focus on Fortinet firewalls . Conduct firewall rule auditing and configuration reviews to ensure alignment with security best practices. Utilize and monitor SIEM tools such as Splunk , QRadar , and SentinelOne for threat detection and incident response. Understand how SIEM systems operate, and demonstrate hands-on experience in usage (L1 and L2) . Create and manage SOAR/XOAR playbooks , including design, development, and implementation . Perform log analysis , incident detection, and threat intelligence correlation. Collaborate with internal teams to strengthen security controls and implement corrective actions. Stay current with emerging security threats and recommend appropriate defensive measures. Required Skills and Experience: Proven experience in managing routers and firewalls , especially Fortinet, following industry best practices. Strong expertise in firewall rule auditing and security configuration management . Practical experience with SIEM platforms : Splunk, QRadar, SentinelOne usage experience is essential (configuration knowledge is a plus). Understanding of SOC operations and incident lifecycle management . Knowledge of SOAR/XOAR platforms and ability to build and customize automated response playbooks. Familiarity with security event analysis, alert triage, and escalation procedures. Preferred Qualifications: Certifications such as Fortinet NSE , Splunk Certified , Security+ , or equivalent. 25 years of experience in a SOC environment or cybersecurity operations. Strong communication and documentation skills.

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of our cloud environments, specifically across AWS or Azure. Your primary responsibilities will revolve around collaborating with DevOps and IT teams to implement and oversee security measures, identify and mitigate risks, and ensure compliance with industry standards. Your key responsibilities will include: - Utilizing Microsoft Defender for Cloud and EDR tools like SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint to enhance security measures. - Applying AI coding techniques for anomaly detection, threat prediction, and automated response systems. - Managing Microsoft Defender for Cloud to safeguard Azure environments. - Leveraging Endpoint Detection and Response (EDR) tools for threat detection and response. - Designing, implementing, and managing security solutions across AWS, Azure, and GCP. - Employing AWS security capabilities such as AWS Inspector, WAF, GuardDuty, and IAM for cloud infrastructure protection. - Implementing Azure security features including Azure Security Center, Azure Sentinel, and Azure AD. - Managing security configurations and policies across GCP using tools like Google Cloud Armor, Security Command Center, and IAM. - Conducting regular security assessments and audits to ensure vulnerability identification and compliance. - Developing and maintaining security policies, procedures, and documentation. - Collaborating with cross-functional teams to integrate security best practices into the development lifecycle. - Monitoring and responding to security incidents and alerts. - Implementing and managing Cloud Security Posture Management (CSPM) solutions with tools like Prisma Cloud, Dome9, and AWS Security Hub to continuously enhance cloud security posture. - Utilizing Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, and ARM templates for cloud infrastructure automation and management. Qualifications: Must Have Qualifications: - Bachelor's degree in computer science, Information Technology, or a related field. - 1-3 years of experience in cloud security engineering. - Proficiency in AWS security capabilities. - Strong skills in Terraform for Infrastructure as Code (IaC). - Experience with Cloud Security Posture Management (CSPM) tools. - Familiarity with Web Application Firewall (WAF). - Relevant certification such as CISSP or AWS Certified Security Specialty or similar. Good to Have Qualifications: - Additional experience with AWS security capabilities. - Strong understanding of cloud security frameworks and best practices. - Proficiency in Infrastructure as Code (IaC) tools like CloudFormation and ARM templates. - Experience with AI coding and applying machine learning techniques to security. - Excellent problem-solving skills and attention to detail. - Strong communication and collaboration skills. This role will be based at The Leela Office on Airport Road, Kodihalli, Bangalore. The position follows a hybrid work model with office presence on Tuesdays, Wednesdays, and Thursdays, and remote work on Mondays and Fridays. The work timings are from 1 PM to 10 PM IST, with cab pickup and drop facility available. Candidates based in Bangalore are preferred.,

Job Title : Cybersecurity Analyst Fortinet, SIEM, and SOAR Expert Location : Chennai Experience : 5 to 8 Years Employment Type : Contract Job Summary : We are looking for an experienced Cybersecurity Analyst with a strong background in Fortinet firewall configuration , SIEM tools (like Splunk, QRadar, or SentinelOne), and SOAR platforms . The ideal candidate will be highly skilled in threat detection, incident response automation, and log analysis. A basic understanding of OT/IoT security concepts is desirable. Key Responsibilities : Configure and audit firewall rules in Fortinet environments Work with SIEM tools (e.g., Splunk, QRadar, SentinelOne) to: Monitor and analyze logs and security events Create and tune correlation rules and alerts Manage incident detection workflows Develop and manage automated playbooks in SOAR/XSOAR platforms Integrate security tools and enable automation for incident response Understand OT/IoT security threats and risk areas (hands-on experience not mandatory) Required Skills : Hands-on experience with Fortinet firewall configuration and policy audits Strong knowledge of at least one SIEM tool (Splunk, QRadar, or SentinelOne) Practical experience in log analysis , threat detection, and workflow creation Familiarity with SOAR tools and playbook development Basic understanding of OT/IoT security environments Good analytical and troubleshooting skills Ability to work in a fast-paced environment Preferred Qualifications : Certifications such as Fortinet NSE , Splunk Certified , etc. Experience in scripting/automation using Python , PowerShell , or similar tools Exposure to MITRE ATT&CK framework and incident response procedures

Key Responsibilities: Lead advanced incident response, including triage, containment, eradication, and root cause analysis. Perform forensic investigations, malware analysis, and threat hunting activities. Manage and fine-tune enterprise security solutions: SIEM, EDR, NDR, firewalls, IDS/IPS, DLP, WAF, VPNs , etc. Act as a subject matter expert (SME) for escalated security events from L1/L2 teams. Review and update runbooks, threat detection rules, and incident response procedures. Collaborate with threat intelligence teams to analyze IOCs, TTPs, and emerging threats. Perform regular vulnerability assessments and coordinate patch management with IT/DevOps. Conduct security reviews of infrastructure, applications, and network architecture. Ensure compliance with ISO 27001, NIST, GDPR, PCI-DSS , or other applicable standards. Automate security operations and incident response workflows using tools/scripts (e.g., Python, PowerShell). Mentor junior engineers and conduct technical training sessions. Required Skills and Qualifications: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 510 years of hands-on experience in cybersecurity, with at least 23 years in an L3 or advanced SOC role. Expertise in managing and troubleshooting security tools: SIEM (Splunk, QRadar, ArcSight, etc.) EDR/XDR (CrowdStrike, SentinelOne, Defender ATP) Firewalls (Palo Alto, Fortinet, Cisco ASA) IDS/IPS, DLP, VPN, NAC, etc. Strong knowledge of cyberattack techniques , threat detection , and incident response lifecycle . Familiarity with MITRE ATT&CK , Cyber Kill Chain , STIX/TAXII , and YARA rules . Proficiency in scripting or automation (Python, Bash, PowerShell). Excellent documentation, troubleshooting, and analytical skills.

As an Enterprise IT Security Analyst Cloud and Endpoints, you will play a crucial role in ensuring the security of the cloud environments in either AWS or Azure. Your responsibilities will involve collaborating closely with the DevOps and IT teams to implement and manage security measures, identify risks, and ensure compliance with industry standards. You will be expected to have experience with Microsoft Defender for Cloud and Endpoint Detection and Response (EDR) tools such as SentinelOne, CrowdStrike, or Microsoft Defender for Endpoint. Furthermore, you will apply AI coding techniques to enhance security measures, implement Microsoft Defender for Cloud for Azure protection, and utilize EDR tools for threat detection and response. Designing, implementing, and managing security solutions across various cloud platforms like AWS, Azure, and GCP will be a key part of your role. Utilizing security capabilities specific to each platform, such as AWS Inspector, WAF, GuardDuty, Azure Security Center, Sentinel, and IAM, will be essential in safeguarding the cloud infrastructure. Regular security assessments, audits, and the development of security policies and documentation will also fall within your responsibilities. Collaborating with cross-functional teams to integrate security best practices into the development lifecycle, monitoring and responding to security incidents, and managing Cloud Security Posture Management (CSPM) solutions using tools like Prisma Cloud and AWS Security Hub will be crucial aspects of your role. You should hold a Bachelor's degree in computer science, Information Technology, or a related field, along with 1-3 years of experience in cloud security engineering. Proficiency in AWS security capabilities, Azure AD, Microsoft Defender, M365, Exchange security, and Terraform for Infrastructure as Code (IaC) is required. Relevant certifications such as CISSP or AWS Certified Security Specialty will be beneficial. Additional qualifications that would be advantageous include experience with cloud security frameworks, Infrastructure as Code (IaC) tools like CloudFormation and ARM templates, AI coding, and machine learning techniques applied to security. Strong problem-solving skills, attention to detail, and effective communication and collaboration abilities are also desired. This position is based at The Leela Office in Bangalore, with a hybrid work model of 3 days in the office and 2 days remote work. The work timings are from 1 pm to 10 pm IST, with cab pickup and drop facilities available. Candidates based in Bangalore are preferred for this role.,

Qualification and Skills: Minimum of 10+ years of overall technical experience in IT Infrastructure with 5+ years in the Pre-sales Technical consultant capacity. Should be a graduate from a reputed institute. MBA (Preferable) Must have experience building technical solutions, working with system integrators, resolving customer IT problems, and the ability to work well in a team setting. A comprehensive understanding of IT Infrastructure. Excellent knowledge of technologies like Netskope, Paloalto, Fortinet, SentinelOne, and F5. Experience in building solutions that includes opportunity information gathering, building a business case, high & low-level architecture definition, services, etc. Excellent communication skills, both written and oral are required. Possess the ability to effectively present ideas, properly describe problems, and propose solutions. Excellent documentation skills with fluent English for Technical write-up and proposal writing Strong presentation skills Candidate should have good domain knowledge in the Government bid process and their domain solution. Strong ability to identify, document and articulate the business and technical requirements of a prospective customer during the full sales cycle - qualification, proposal, post-sale transition.

Engineer - IT Application Admin and Cyber Security KSB Pumps Limited is looking for an Engineer - IT Application Admin and Cyber Security to bolster our cybersecurity defenses. This role is perfect for a professional with a firm IT security mindset and a dedication to proactive threat detection and response, ensuring the robust security of our applications and infrastructure. Responsibilities: Conduct security monitoring , including SentinelOne incident response and security analytics. Perform proactive threat hunting and utilize threat intelligence platforms, incorporating Indicators of Compromise (IOC) and other threat intelligence (vulnerabilities, strategic, tactical, etc.). Implement User & Entity Behavioral Anomaly Detection and vulnerability scanning for threat detection. Monitor contemporary threats and develop response plans. Assess and monitor application security , and if feasible, coordinate with service providers for post-assessment application security monitoring. Skills: Hands-on experience with security technologies , such as firewalls, IDS/IPS, SIEM, EDR, antivirus, and vulnerability scanning tools. Expertise with SentinelOne. Threat Modeling skills and a firm IT security mindset. Advanced knowledge of Windows Server, Windows Clients, and Linux Server. In-depth understanding of different types of security vulnerabilities (e.g., SQL injection, XSS, buffer overflow). Understanding of attack vectors. Familiarity with different network topologies and protocols such as TCP/IP, DNS, HTTP(S), SMTP, VLANs, VPNs, and routing/switching. Firm knowledge of technical details of SMTP / e-mail in general, and the ability to analyze e-mail headers to determine additional data such as real origin. Expert regarding the operation of Outlook & Exchange from a user's perspective. Firm grasp of phishing techniques and e-mail based attack patterns. Commitment to continuous learning. Familiarity with security-related regulations , such as GDPR, HIPAA, and PCI-DSS. Excellent verbal, written, and interpersonal communication skills , especially the ability to break down complex technical information for non-technical stakeholders and articulate the impact of security design flaws, attack surfaces, and vulnerabilities. Qualifications: Preferable (Nice to have) skill: Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications.

About Position: As a SOC Level 2 Analyst, you will play a crucial role in monitoring, analyzing, and responding to security incidents and threats within our organization's environment. You will work closely with SOC Level 1 analysts, as well as other cybersecurity professionals, to ensure the integrity, confidentiality, and availability of our systems and data. Role: SOC L2/L3 Support Location: Pune Experience: 5-12Years Job Type: Full Time Employment What You'll Do: Security Monitoring and Analysis: Monitor security event alerts generated by various security systems, including Sumo logic, QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Analyze security events to identify potential security incidents or anomalies that may pose a risk to the organization. Incident Triage and Investigation: Triage incoming security alerts based on their severity and potential impact on the organization. Conduct preliminary investigations to determine the nature and scope of security incidents. Gather and analyze evidence, including logs, network traffic, and system artifacts, to identify indicators of compromise (IOCs). Incident Response and Mitigation: Assist in the containment, eradication, and recovery phases of security incidents. Follow established incident response procedures and workflows to ensure timely and effective response to security threats. Collaborate with other members of the SOC team and relevant stakeholders to coordinate incident response efforts. Threat Intelligence Analysis: Stay informed about the latest cyber threats, vulnerabilities, and attack techniques by analyzing threat intelligence feeds and reports. Use threat intelligence to enhance the organization's detection capabilities and proactively identify emerging threats. Documentation and Reporting: Maintain accurate and detailed records of security incidents, including timelines of events, actions taken, and findings. Prepare incident reports and post-mortems to document the outcomes of security incidents and lessons learned. Ensure that all documentation complies with internal policies and regulatory requirements. Continuous Improvement: Participate in ongoing training and professional development activities to enhance knowledge and skills in cybersecurity. Provide feedback and suggestions for improving SOC processes, procedures, and tools. Stay abreast of industry best practices and emerging technologies in cybersecurity. Expertise You'll Bring: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in a cybersecurity role, preferably in a SOC environment. Strong understanding of cybersecurity principles, concepts, and technologies. Experience with security monitoring tools such as QRadar, Palo Alto, Splunk, CrowdStrike, SentinelOne, SIEM, IDS/IPS, and endpoint detection platforms. Familiarity with incident response procedures and frameworks (e.g., NIST, SANS). Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Relevant certifications (e.g., CompTIA Security+, GIAC Security Essentials) are a plus. Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent "Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind."

Job Title: Senior Cyber Defense Operations Analyst Location: Bengaluru, India Experience: 8+ years Job Type: Full-time Department: Cybersecurity / Information Security / SOC Job Summary: We are seeking a highly skilled and experienced Senior Cyber Defense Operations Analyst to join our cybersecurity team in Bengaluru. The ideal candidate will lead and coordinate cyber defense activities, manage incident response efforts, monitor threats, and provide strategic guidance to strengthen our cyber defense posture. This is a hands-on technical and leadership role within a fast-paced, mission-critical environment. Key Responsibilities: Lead day-to-day operations of Cyber Defense including threat detection, response, and mitigation. Manage and mentor a team of SOC analysts and incident responders. Monitor SIEM and other security tools for indications of compromise, suspicious behavior, and known threats. Coordinate and manage high-severity incidents and support root cause analysis and post-incident reviews. Develop and implement advanced threat detection use cases and response playbooks. Work closely with IT, Infrastructure, and AppSec teams to address vulnerabilities and security gaps. Participate in threat hunting and proactive intelligence-driven defense activities. Collaborate with global security teams to align local and enterprise-wide defense strategies. Ensure compliance with internal security policies, industry standards, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR). Regularly review and improve security operations processes and toolsets. Provide executive-level reporting on threat landscape, incident metrics, and defense posture. Required Qualifications: 8+ years of experience in cybersecurity with a strong focus on Security Operations or Cyber Defense. Proven experience with SIEM (e.g., Splunk, QRadar, LogRhythm), EDR (e.g., CrowdStrike, SentinelOne), and SOAR platforms. Strong understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence frameworks. Expertise in incident response, digital forensics, malware analysis, and threat hunting. Familiarity with cloud security (AWS, Azure, or GCP), including monitoring and defending cloud-native environments. Experience with scripting (Python, PowerShell, etc.) for automation and analysis. Strong understanding of TCP/IP, network protocols, and security architectures. Certifications such as CISSP, GCIA, GCIH, CEH, or similar are highly desirable. Preferred Qualifications: Experience working in a global or large-scale enterprise security environment. Knowledge of DevSecOps and integration of security into CI/CD pipelines. Understanding of data privacy regulations relevant to cybersecurity (e.g., GDPR, HIPAA). Leadership experience in managing small-to-mid sized security teams. Benefits: Competitive salary and performance-based bonuses Health and wellness benefits Flexible work hours and hybrid work options Learning and development support (certifications, courses) Opportunity to work with cutting-edge cybersecurity technologies Please share your updated profiles to naseeruddin.khaja@infosharesystems.com

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose - the relentless pursuit of a world that works better for people - we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. Inviting applications for the role of Technical Associate - Security Analyst Responsibilities Cyber security analyst is responsible for ensuring the security of an organization%27s computer systems, networks, and data. Their job involves identifying potential security risks, analyzing security breaches, and implementing measures to prevent future incidents. Here are some key responsibilities of a cyber security analyst: . Monitoring SOC (Arctic Wolf, SentinelOne, Varonis, etc.) . Experience on Arctic Wolf Vulnerability Management, Barracuda Email Security, Varonis and Sentinel One Security tools . Candidate should have experience of Cyber Security Administration.? . Monitoring and analyzing security systems: They monitor networks, systems, and applications for any suspicious activity or vulnerabilities. They use various tools and technologies to identify and analyze potential security threats. . Incident response and investigation: When a security breach occurs, cyber security analysts respond quickly to contain and mitigate the impact. They investigate the incident to understand the cause, assess the damage, and develop strategies to prevent future occurrences. . Vulnerability assessment and penetration testing: They conduct regular assessments to identify weaknesses in systems or networks. They perform penetration testing to simulate attacks and identify vulnerabilities before malicious hackers exploit them. . Implementing security measures: Based on their analysis and findings, cyber security analysts develop and implement security measures, such as firewalls, encryption methods, access controls, and security policies. . Security awareness and training: They educate employees on security best practices, conduct training sessions, and create awareness campaigns to foster a security-conscious culture within the organization. . Keeping up with industry trends: Cyber security is a rapidly evolving field. Analysts need to stay up to date with the latest threats, vulnerabilities, and industry best practices to effectively protect organizations from emerging risks. . Compliance and risk management: They ensure compliance with relevant security standards and regulations. They assess risks associated with data breaches and provide recommendations to manage those risks effectively. . Review and Approve firewall rules mostly around Palo Alto firewall. . Review and approve local admin rights and other requests. . Triage and respond to end user queries and escalations related to phishing or suspicious emails. Qualifications we seek in you! Minimum Qualifications . Bachelor%27s Degree required. Preferred Qualifications/ Skills Rapid7 Vulnerability Management, Mimecase Email Security, Sumo Logic SIEM, Intrusion Prevention Competencies . Fluent English, oral and written. . Strong Analytical Thinking . Excellent organisational - multitasking skills . Flexibility, commitment, and ability to work under pressure, absolute integrity, and utmost discretion. . Attention to detail, well organized, and able to set priorities. . Ability to anticipate, identify and solve critical problems and conflicts. . Proven experience in a network administrator role . Hands on experience in Zscaler . Experience with firewalls, Internet VPN&rsquos remote implementation, troubleshooting, and problem resolution is desired. . Great at organising, prioritising, and multitasking . Juniper, Cisco, CWNA or BCNE training Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. For more information, visit www.genpact.com . Follow us on Twitter, Facebook, LinkedIn, and YouTube. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Role & responsibilities Preferred candidate profile