4942 Siem Jobs

Location: Noida Experience: 2 - 3 Years Notice Period: Immediate to 15 Days About the Role As a SOC Analyst at NCG , you will play a pivotal role in safeguarding our digital assets and ensuring the integrity of our information systems. Your expertise will directly contribute to the success of our organization by proactively identifying, analyzing, and responding to security incidents. You will be part of a collaborative team of 15 dedicated professionals, reporting directly to the SOC Manager. You will also provide guidance and training to junior SOC analysts, fostering a culture of learning and professional growth within the team. Key Responsibilities Continuously analyze security events and alerts from various sources, including SIEM tools, to identify potential threats and vulnerabilities. Lead the investigation and response to security incidents, coordinating with cross-functional teams to ensure timely resolution and documentation. Conduct in-depth analysis of security incidents and trends, providing actionable insights to improve our security strategies and defenses. Collaborate with the security team to develop and refine security policies, procedures, and best practices to enhance organizational security. Provide guidance and training to junior SOC analysts, fostering a culture of learning and professional growth within the team. Work closely with IT, compliance, and risk management teams to ensure alignment on security initiatives and incident response protocols. You Might Be Our Ideal Match If You: Hold a Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field . Have 23 years of experience in a Security Operations Center (SOC) or similar role. Possess proficiency in SIEM tools (e.g., Splunk, ArcSight) and incident response platforms. Demonstrate strong written and verbal communication skills , with the ability to present complex information clearly and concisely. Have proven leadership abilities , with experience in mentoring and developing team members. Exhibit excellent problem-solving and analytical thinking skills , with a keen attention to detail. Education Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Why You'll Love Working With Us NCG (NetConnect Global) is a leading digital transformation, engineering, and professional services company that partners with global enterprises and technology global companies to deliver cutting-edge, future-ready solutions. Since 1997, NCG has been enabling organizations to reimagine their business models and operations through innovative digitalization strategies. NCG specializes in: Cloud and Infrastructure Solutions : Scalable, secure, and resilient IT environments tailored to modern enterprise needs. Cybersecurity : End-to-end protection across networks, data, and applications, guided by global compliance and risk frameworks. Artificial Intelligence & Machine Learning (AI/ML) : Custom AI models, automation, and intelligent systems to drive smarter decision-making. Advanced Data Analytics : Data-driven insights through modern analytics, visualization, and data engineering platforms. The company is Great Place to Work Certified , backed by a strong workforce of over 2,000+ full-time employees and a global alumni network exceeding 22,000 professionals . NCG is committed to operational excellence and ethical standards, demonstrated through its: ISO Certification for quality management and service delivery RBA Certification aligning with the Responsible Business Alliance code of conduct CyberVadis Rating validating its strong posture in cybersecurity and data governance By blending deep domain expertise with a people-centric and innovation-driven approach, NCG continues to shape the future of digital enterprises worldwide. Benefits At NCG, we believe that taking care of our people is the foundation of everything we do. That's why we've built a comprehensive benefits package designed to support you and your family through every stage of life. Family First Benefits Growing Your Family We've got you covered! New mothers receive a generous 6 months of fully paid maternity leave to bond with their little ones. And for new dads, we provide 5 days of paid paternity leave because those early moments matter. Health & Wellness Protection Your Health is Our Priority. We provide robust medical coverage starting from your very first day: Group Medical Insurance : Eligible employees receive comprehensive medical insurance coverage Family Coverage : Add your spouse, up to 2 children, and parents to your policy. Choose from multiple coverage options based on your family's needs Flexible Treatment Options : Get cashless treatment at network hospitals or claim reimbursements for treatment anywhere else ESIC Benefits : We provide comprehensive social security coverage including medical benefits, disability support, and more

Job Role: Sr. Cyber Security Engineer(L3) Type: Full Time Location: Remote Intraedge is seeking a seasoned Cybersecurity Engineer on behalf of its financial domain client to support advanced threat detection, data-driven defense, and automation within a cloud-first, consumer-centric environment. This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the enterprise. Key Responsibilities * Design, implement, and manage enterprise SIEM (Splunk) solutions for centralized log analysis and real-time event monitoring. * Develop and fine-tune correlation rules, alerts, dashboards , and use cases to detect anomalous and malicious activity. * Lead data ingestion and normalization from varied enterprise systems (e.g., cloud workloads, endpoints, network devices). * Develop and maintain SOAR playbooks to automate incident detection, triage, response, and recovery. * Optimize SOAR workflows and integrations with security infrastructure to reduce MTTD/MTTR. * Build and apply machine learning models to identify security anomalies, enrich event context, and predict threats. * Collaborate with Security Operations Center (SOC) , DevOps , IT , and business units to align security automation with business goals. * Analyze incident data to uncover trends and provide recommendations for improving controls and detection. * Maintain detailed documentation for playbooks, integrations, automation processes, and incident response protocols. * Stay abreast of industry trends and emerging tools to continually advance detection and automation strategies. * Mentor junior engineers and assist in promoting SOAR and SIEM best practices across the team. Required Qualifications * 4+ years of experience in cybersecurity engineering , including SIEM (Splunk), SOAR, and machine learning-based threat detection. * 3+ years of experience in security automation using platforms such as Splunk SOAR, XSOAR, Swimlane , or similar. * 3+ years in cyber data engineering or analytics: log processing, enrichment, and telemetry pipelines. * Expertise in scripting languages like Python and PowerShell , and using REST APIs for integrations. * Proven experience designing and deploying security automation workflows in enterprise environments. * Bachelor's degree in Computer Science , Information Security , Engineering , or related field-or equivalent experience. * Ability to troubleshoot complex security issues and integrate with diverse platforms. * Strong communication and collaboration skills to work with technical and non-technical stakeholders. Preferred Qualifications * Hands-on experience with cloud platforms such as AWS , Azure , or Google Cloud Platform . * Familiarity with cloud-native security tooling , telemetry pipelines, and serverless security design patterns. * Experience working within Agile environments and cross-functional DevSecOps teams. * Knowledge of change management processes , compliance frameworks (e.g., NIST, ISO), and regulatory constraints in financial services.

Threat Hunter 2 Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1854813 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Graduate degree in engineering or equivalent discipline. 3–7 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Proficiency in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Job requisition ID :: 86003 Date: Jul 31, 2025 Location: Hyderabad Designation: Deputy Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile We are looking for an experienced Security Operations L3 Engineer to provide advanced-level support in monitoring, detecting, and responding to cybersecurity incidents. The L3 engineer will act as a senior escalation point, performing detailed threat analysis, handling complex incidents, and providing guidance to junior SOC team members. The ideal candidate will have deep expertise in incident response, threat hunting, and security monitoring tools, along with the ability to lead investigations and contribute to process improvements. Key Responsibilities: Incident Response (IR): Lead investigations and respond to advanced security incidents, providing root cause analysis, containment, eradication, and recovery recommendations. Threat Hunting: Proactively hunt for and analyze potential threats within the organization’s environment using SIEM tools, EDR, and threat intelligence feeds. Triage & Escalation: Act as the final escalation point for unresolved security incidents, assisting L1 and L2 teams with incident analysis and decision-making. Security Monitoring: Continuously monitor security tools (SIEM, EDR, IDS/IPS, etc.) to identify malicious activities, patterns, and anomalies. Forensic Analysis: Perform digital forensics and malware analysis on compromised systems to identify the nature of attacks and minimize future risks. SIEM Management: Tune and enhance SIEM rules, alerts, and dashboards to optimize detection capabilities and reduce false positives. Threat Intelligence Integration: Integrate and apply threat intelligence data to enrich detection capabilities and provide context to ongoing threats and incidents. Vulnerability Management: Collaborate with IT and security teams to assess and address vulnerabilities, ensuring timely patching and remediation. Process Improvement: Contribute to the development of incident response playbooks, procedures, and best practices to streamline SOC operations and improve response times. Mentorship & Training: Provide guidance and mentorship to L1 and L2 SOC analysts, conducting regular training sessions to enhance team capabilities. Reporting & Documentation: Produce detailed reports and metrics on incidents, threat activity, and overall SOC performance for both technical and executive audiences. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in security operations, with at least 2 years in an L3 or senior-level role. Strong hands-on experience in security monitoring, incident response, and threat hunting. Proficiency with SIEM tools (QRadar, Splunk, ArcSight, etc.), EDR solutions, and other security monitoring tools. Expertise in network security, malware analysis, intrusion detection, and digital forensics. Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response. Preferred Certifications: CISSP, CISM, GCIH, GCFA, or other relevant cybersecurity certifications. Certification in specific SIEM platforms (e.g., IBM QRadar, Splunk). How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 3+ years relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated experience in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as an understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Job Title: SOC L2 Analyst Location: Kochi, Kerala Department: Information Security / Cybersecurity Operations Employment Type: Full-time Job Summary We are seeking a skilled and proactive SOC Level 2 Analyst to join our Cybersecurity Operations team in Kochi. The ideal candidate will have a strong background in Threat Intelligence and Log Analysis , with the ability to detect, investigate, and respond to advanced security threats. You will work closely with L1 SOC Analysts, Incident Response, and Threat Hunting teams to ensure rapid detection and mitigation of security incidents. Key Responsibilities Monitor and analyze security events from SIEM platforms, IDS/IPS, firewalls, and other security tools. Perform detailed log analysis to identify indicators of compromise (IoCs) and suspicious activity. Utilize threat intelligence feeds to correlate, enrich, and prioritize alerts. Investigate escalated incidents from L1 SOC analysts, determine root cause, and recommend remediation. Conduct proactive threat hunting based on emerging threats and attacker tactics. Support incident response activities, including containment, eradication, and recovery. Maintain accurate documentation of incidents, investigations, and findings. Contribute to the continuous improvement of SOC processes and detection use cases. Collaborate with cross-functional security teams to strengthen the organization’s cyber defense posture. Key Skills & Requirements Technical Skills: Proficiency in Threat Intelligence analysis and application in SOC workflows. Expertise in Log Analysis and interpretation from multiple security devices and platforms. Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel). Familiarity with MITRE ATT&CK framework and common attacker techniques. Understanding of TCP/IP, network protocols, and cybersecurity fundamentals. Experience & Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 2–4 years of experience in a SOC environment, preferably as an L2 Analyst. Industry certifications such as CEH, GCIA, GCIH, Security+, CySA+ or equivalent are a plus. Soft Skills: Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced, 24/7 SOC environment. Excellent communication and documentation skills. Job Types: Full-time, Permanent Pay: Up to ₹700,000.00 per year Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): What is your current CTC in INR? What is your current notice period? What is your current company name and location? How many years of experience as Soc Analyst L2? Experience: minimum: 4 years (Required) Work Location: In person

Job requisition ID :: 86651 Date: Jul 31, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As a AM/DM in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities Proactively hunt for threats using SIEM, EDR, and other telemetry data (e.g., Splunk, Microsoft Sentinel, CrowdStrike, etc.). Perform advanced threat analysis and identify Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) based on frameworks like MITRE ATT&CK. Develop and fine-tune detection use cases, custom rules, and analytics to identify malicious behaviors. Collaborate with SOC, Threat Intelligence, IR, and Red Team teams to enhance detection capabilities. Analyze threat actor campaigns and exploit techniques to determine potential impact and mitigations. Perform root cause analysis of security incidents and recommend preventive measures. Prepare threat hunting reports and executive summaries for technical and non-technical stakeholders. Continuously improve the threat hunting process through automation and data enrichment. Stay updated on the latest cyber threats, vulnerabilities, and threat actor trends. Your role as AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s). Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Description Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What you’ll do: The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between the Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisation’s overall cyber resilience. What you’ll need: Experience as L2 Analyst - as least 3 years Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Experience with the following tooling: Sentinel, Defender Why you’ll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders helps bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives, to spark originality, imagination and creativity in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process. Please contact us to request any such accommodation.

Synax seeks an experienced SOC Leader (10+ years) to address global customers' cybersecurity needs and empower our partner network to achieve next-level service cyber-Security excellence. Why Join Synax Technologies Lead and pioneer a strategic cybersecurity initiative from inception. Thrive in a collaborative, innovative environment with ambitious growth objectives. Gain exposure and influence at a global, enterprise scale. Enjoy competitive compensation, career advancement, and executive visibility. What You'll Own: Design the Blueprint. Architect and scale a global SOC from the ground up—set the strategy, define the roadmap, and own the outcome. Build the Dream Team. Recruit, lead, and inspire top-tier cybersecurity pros—from threat hunters to incident responders. Set the Standard. Create world-class frameworks, playbooks, and metrics aligned with global best practices. Outsmart Threats. Lead the charge on cutting-edge detection and response using the full tech arsenal: SIEM, SOAR, EDR, XDR, UEBA, threat intel, and automation. Innovate Relentlessly. Drive a culture of continuous evolution, powered by AI, machine learning driven automation. You're the Perfect Fit If You Have: Deep Roots in Cybersecurity: Minimum 10 years of experience navigating the world of security products and solutions, including 6 years in leading SOC/CSOC teams on a global scale. A Track Record of Building Greatness: You've successfully built and rapidly scaled SOC/CSOC teams from scratch, turning vision into reality—and you're eager to do it again. Technical Mastery: Your expertise runs deep in cybersecurity operations, threat intelligence, incident response, and cutting-edge endpoint security technologies. Certifications That Count: Industry-recognized credentials like CISSP, CISM, or CISA showcase your professional commitment and credibility. Industry Savvy: Bonus points if you have experience working in highly regulated sectors—like BFSI, Healthcare, Government, or Telecom—where cybersecurity truly matters. Solid Academic Grounding: You hold a Bachelor’s degree in Information Security, Cybersecurity, Computer Science Engineering, or related fields (a Master’s degree makes you shine even brighter). Note: Preference will be given to candidates with current experience at Tier-1 SOC providers, who are locally available and can join immediately. This role requires international travel as and when needed.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Supervising Security Analyst - Cyber Triage and Forensics Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Senior Security Analyst in Cyber Defense CTF (Cyber Triage and Forensics) plays a pivotal role in enhancing EY’s security posture by vigilantly monitoring, assessing, and managing incidents effectively. In collaboration with the team and leadership, to ensure strong security oversight and contribute to joint security monitoring and incident response initiatives. Key duties include triage, detailed investigations, clear communication, and comprehensive reporting, all contributing to the integrity and resilience of the EY’s cyber defenses. Essential Functions of the Job : You will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. Engage in proactive threat hunting and provide expert security assessments, utilizing EDR, SIEM, and other tools to understand and counteract the cybercrime landscape Communicate with IT stakeholders during incident response activities, ensuring effective containment, remediation, and accurate identification of compromise indicators Report on incident metrics, analyse findings, and develop reports to ensure comprehensive resolution and understanding of security events Act as an escalation point for incident response, shift lead, mentor junior team members, and contribute to team skill enhancement Analyse security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture Maintain and improve security incident processes, protocols, and standard operating procedures to reflect best practices in security incident response Skills And Attributes For Success Proficient in Cyber investigation including evidence management in line with best practices and using advanced tools for threat detection and incident management including advanced querying with KQL Proficient in analyzing varied data sets, identifying malware, and conducting comprehensive security event analysis from network traffic attributes and host-based attributes to detect information security incidents and latent threats. Proficient in conducting detailed forensic investigations across various operating systems, with a keen eye for obfuscation and the ability to clearly communicate findings In-depth understanding of Active Directory security, with strong scripting abilities to automate response measures and improve operational effectiveness To qualify for the role, you must have Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT) At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and Security Operations. Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations Demonstrated experience in investigating security events, threats, and vulnerabilities Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response Ideally, you’ll also Desired certifications such as SSCP, CEH, GCIH, GCFA, GCIA, GSEC, GIAC, Security+. Experience with security incident response in cloud environments, including Azure. Knowledge of legal considerations in electronic discovery and analysis Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python) Solid understanding of security best practices for network architecture and server configuration What We Look For Demonstrates integrity in a professional environment Strong ethical behavior Ability to work independently Possesses a global mindset for working with diverse cultures and backgrounds Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle Positive attitude and Excellent teaming skills Excellent social, communication, and writing skills Good presentation skills Excellent investigative, analytical, and problem-solving skills Supervising Responsibilities: Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance Other Requirements: Should be willing to work in shifts What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodation. EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Make your mark. Apply now EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Summary Position Summary Job title: Azure Cloud Security Engineer (Senior Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 4+ years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2023. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306470

Summary Position Summary Job title: Oracle PaaS Cloud Security – Consultant (ASA/SA) Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Work you will do As a Consultant in our Cyber Application Security team, you will be part of our Oracle practice and will be responsible for delivering Oracle security and controls implementations services across a varied format of architectures. Responsibilities will include assessment, design and implementation of security and controls on cloud-based Oracle environment to secure this environment. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure. Vigilant. Resilient. Cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Work you’ll do The key job responsibilities will be to: Design, and implement customized, scalable and SOX compliant security solutions Lead requirements gathering, design documentation by conducting client workshops in onsite/offshore delivery model for projects Advanced debugging and troubleshoot issues, including interacting with technology vendors Architect, design and implement the SSO solutions for various Oracle SaaS/PaaS services Configure security for Oracle PaaS services (OIC, VBCS, FAW) Implement security in Oracle Cloud Infrastructure by designing groups using the security principle of least privilege Design, customize and implement Oracle Cloud Guard and Data Safe as part of Governance, Risk and Compliance solution Support security and compliance activities by identifying and driving initiatives that are relevant for the project delivery and help factor reusability and related benefits. Required Skills 2 to 5 years of experience delivering full cycle of Oracle Cloud IaaS and PaaS security assessments, design, and implementations as well as understanding of leading practices relates to IaaS and PaaS security Understanding of Identity and Access Management concepts, Single Sign-On and API authentication mechanisms, cloud security posture management Working Experience in any IAM tools (Oracle IDCS/SailPoint/Saviynt preferable) Experience in Oracle Identity Domains (OCI-IAM), like building custom user groups and IAM policies as per the business requirement and User administration activities like add/modify user accounts, add/remove user groups mappings, system for cross domain identity management (SCIM) provisioning etc. Experience in configuring Cloud Guard, Data Safe, Key Vaults, ATB Database authentication, SFTP security, VBCS Identity propagation etc. Experience in implementing streaming OCI logs to SIEM solution (like Splunk) audit end user accounts, permissions, and access rights, performing segregation of duties (SOD) and mitigating risks Experience in coordinating with development teams, functional teams, business leads, information security & risk management teams Excellent written and verbal communication skills Good project management and organizational skills Preferred Skills Experience in Oracle IaaS and PaaS security Experience in Oracle Identity Domains Previous Consulting or Big 4 experience preferred Security Certifications such as: CISSP, CCSP, Oracle Cloud Infrastructure Foundations Certification is a plus Automation using Terraform, Python, or VBA Troubleshooting and analytical skills using PL-SQL queries Qualification B.Tech/M.Tech/MS/MBA #CA-VKS Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 305059

Posted: 01/08/2025 Closing Date: 29/08/2025 Job Type: Permanent - Full Time Location: The Lines Company - Head Office Job Category: Energy and Utilities Mō m ātou | About Us At The Lines Company (TLC), we’ve been powering the King Country for nearly 100 years. As a community-owned business, we’re all about people—our customers, our team, and our region. Whether it’s supporting local homes, farms, or schools, we work around the clock to keep the lights on and the region running. We offer job stability, competitive pay, and a workplace that values balance, development, and community. Job Description Mō te t ūranga | About the Role This is the perfect role for someone with a solid foundation in IT or cyber who’s looking to build deeper, real-world experience in a supportive team environment. As our IT Operations Analyst , you’ll be part of a small, tight-knit Digital team helping to monitor, secure, and support the critical systems that keep our electricity network running. You’ll get exposure to a range of technologies, tools, and security practices—plus the opportunity to develop across both IT and OT (Operational Technology). ✅ Confident working with digital systems and tools ✅ Interested in cybersecurity, incident response, and secure infrastructure ✅ Enjoy solving problems and learning new systems ✅ Calm under pressure and clear in your communication ✅ Ready to grow your knowledge across a broad IT environment Desired Skills And Experience Nā tāu rourou | What you’ll bring You’ve got a strong start to your IT journey, and now you’re ready for more hands-on experience: 1–2 years of experience in IT operations, infrastructure, or cybersecurity A qualification in Cyber Security, Information Technology, or a related field Familiarity with tools such as antivirus software, firewalls, SIEM, or backup systems A basic understanding of cybersecurity frameworks or compliance (like ISO27001 or the Privacy Act) Good documentation skills and attention to detail A proactive mindset and a collaborative, can-do attitude Bonus If You Have Experience or interest in the utilities or energy sectors Exposure to disaster recovery planning or incident response A curiosity about working in both IT and OT environments He aha tā mātou | What we offer We’re here to support your next step. You’ll gain exposure to cybersecurity, infrastructure, and business continuity in a real-world setting—plus the guidance and mentorship to help you succeed. We Offer Competitive salary and strong employee benefits Career growth and development opportunities across digital and cyber functions Wellbeing incentives to support your physical and mental health Medical and life insurance Extra leave days to help you recharge Flexible working options, plus a friendly, future-focused team culture If you’re looking for a role where you’ll learn by doing and make a meaningful contribution—this could be your next big move. Me pēhea te tono | How to apply 📅 Applications close 29/08/2025 but we’re reviewing as we go and may close early if we find the right person—so don’t wait! Please Note Applicants must be a New Zealand Citizen, Resident, or hold a valid NZ Work Visa. As part of our recruitment process, we conduct Ministry of Justice background checks and pre-employment medical and drug/alcohol screening. ⚡💻 Ready to take the next step in your IT career and support critical systems in your community? Apply now and grow with us. 🛡️🖥️

Summary Position Summary Job title: Azure Cloud Security Engineer (Senior Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 4+ years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2023. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306468

Functional Description (FD) – Network Security Engineer (Level II) Function Title: Network Security Engineer – Level II Function Category: Network & Security Operations Experience Level: Intermediate Function Purpose: To ensure the integrity, confidentiality, and availability of enterprise networks by managing and securing firewall and intrusion prevention infrastructure. This includes deployment, configuration, monitoring, and optimization of network security appliances such as Palo Alto Networks NGFW, Cisco ASA, and IPS/IDS platforms. Key Functional Responsibilities: 1. Firewall Management: o Configure and manage Palo Alto Networks Next-Gen Firewalls via Panorama. o Administer Cisco ASA firewalls, including rule base updates, NAT configuration, and VPN setup (IPSec/SSL). o Apply firewall best practices to enforce segmentation and threat prevention. 2. Intrusion Prevention: o Operate and fine-tune IPS/IDS systems to detect and block malicious activity. o Analyze IPS logs and correlate with threat intelligence sources. o Work with SOC teams on incident triage and escalation. 3. Security Policy Enforcement: o Maintain and optimize security policies across platforms. o Review firewall and IPS rules regularly for cleanup and compliance. o Participate in change control processes for security configurations. 4. Troubleshooting & Support: o Act as L2 escalation point for network security issues. o Conduct root cause analysis of incidents related to firewall, VPN, or IPS systems. o Support after-hours maintenance or on-call duties as needed. 5. Documentation & Compliance: o Maintain configuration baselines, change logs, and security documentation. o Ensure adherence to NIST, ISO 27001, or internal audit requirements. Required Technical Skills: • Hands-on expertise in Palo Alto NGFWs (Pan-OS, Panorama). • Strong knowledge of Cisco ASA firewall CLI and ASDM. • Experience configuring and supporting VPNs (site-to-site, remote access). • Exposure to IPS technologies (e.g., Snort, Cisco Firepower, Palo Alto Threat Prevention). • Familiarity with networking protocols and troubleshooting (TCP/IP, DNS, HTTP/S, routing protocols). • Comfort with tools like Wireshark, Syslog servers, and firewall rule management tools. Preferred Skills / Good to Have: • Working knowledge of Cisco Firepower/FTD. • Understanding of cloud firewalls (Azure NSG, AWS Security Groups, Palo Alto Prisma). • Scripting or automation skills (Python, Bash). • Knowledge of Zero Trust models and microsegmentation. • Exposure to log management/SIEM tools like Splunk or Elastic

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 2 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Level 1.5 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sentinal One and Splunk SIEM, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance. Roles & Responsibilities: - Investigate alerts escalated by L1 to determine scope, impact, and root cause - Perform in-depth endpoint and network triage using Sentinel One - Use Sentinel One to perform endpoint analysis and threat validation - Correlate multiple log sources in Splunk to trace attacker activity - Enrich events with asset, identity, and threat intelligence context - Document investigation workflows, evidence, and final conclusions - Support L2 during major incidents by performing log or memory triage - Suggest improvements in alert logic & fine tunning. - Conduct threat research aligned to alert patterns and business context - Enhance alert fidelity with threat intel and historical context - Document investigation findings and communicate with stakeholders Professional & Technical Skills: - Alert Triage & Monitoring: Experience investigating escalated alerts using SIEM or EDR - Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents. - Identify opportunities for automation and work with SIEM Platform Support team for implementing it. - EDR Deep Dive: Using Real Time Response (RTR), Threat Graph, custom IOA rules - Proficiency in writing SPL queries, dashboards and providing fine tuning opportunities - Threat Hunting: Behavior-based detection using TTPs - Good understanding of malware, lateral movement, privilege escalation, and exfiltration patterns - Threat Intel Integration: Automation of IOC lookups and enrichment flows - Forensic Skills: Live host forensics, log correlation, malware behavioral analysis - Good experience in advanced threat detection and incident response - Proficiency in Sentinal One forensic and incident response capabilities - Playbook Development/Updation: Able to define, update, and optimize IR playbooks and workflows - Forensic analysis (memory, file systems, logs) - Cloud incident handling (AWS, Azure) - Dashboarding: Advanced visualizations and business-focused metrics in Splunk - Certifications: Splunk Certified Admin/ES Admin, SC-200, Sentinal One EDR vendor training - Sentinal One: Custom detections, forensic triage, threat graphs - Splunk SIEM (core + ES module): Searching Logs, Monitoring and investigating alerts. Additional Information: - The candidate should have minimum 2+ years in SOC/IR . - Experience in 24x7 environments, shift-based operations, or critical infrastructure response - This position is based at our Hyderabad office. - A 15 years full time education is required. - Bachelors in IT/Cybersecurity + advanced certifications (CISSP), Splunk Certified Admin/ES admin, EDR Certification (like Sentinal One) etc.

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done. There’s another option. Freshworks. With a fresh vision for how the world works. At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world. Fresh vision. Real impact. Come build it with us. Job Description We are seeking an experienced and proactive Lead SOC Analyst to join our Security Operations Center team. The ideal candidate will bring deep expertise in SIEM and EDR technologies, strong incident analysis capabilities, and hands-on experience in automating incident response using SOAR platforms, particularly Palo Alto Cortex XSOAR. This role involves leading investigations, refining detection and response processes, and mentoring junior analysts. Key Responsibilities: Lead and manage security incident investigations, ensuring timely containment, eradication, and recovery. Administer and fine-tune SIEM (e.g., Splunk, QRadar, Sentinel) and EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black). Analyze and triage alerts from multiple sources, correlating events to detect threats and breaches. Design, develop, and maintain automated playbooks using Cortex XSOAR (Demisto) to streamline response workflows. Create and update runbooks, documentation, and reporting metrics for incident response activities. Provide technical guidance and mentorship to SOC analysts. Conduct regular threat hunting to proactively identify potential compromises. ​Recommend improvements in security posture based on incident patterns and root cause analysis.Qualif ications5-7 ye ars of hands-on experience in a Security Operations Center environment.1-2 ye ars of experience in Cortex XSOAR (or equivalent) playbook development and SOAR automation.Strong knowledge of SIEM and EDR platforms, their configuration, log ingestion, tuning, and administration.Profic iency in analyzing Windows/Linux/Mac/Cloud logs, network traffic, and endpoint telemetry.Solid understanding of attack vectors, malware behavior, threat actors, and MITRE ATT&CK framework.Experi ence with scripting languages (e.g., Python, Bash) for automation and enrichment tasks. Pref er red Qualifications:Certif ications such as GCIA, GCIH, CEH, CISSP, CySA+, or equivalent.Experi ence with threat hunting tools and methodologies.Knowle dge of cloud-native security monitoring (AWS, Azure, GCP). Soft S kills:Excell ent communication and documentation skills.Strong analytical thinking and problem-solving abilities.Abilit y to prioritize tasks under pressure and handle escalations effectively.Leader ship and mentoring capability in a fast-paced SOC environment. Addi ti onal InformationAt Fre shworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.

Our technology services client is seeking multiple System Administrator to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: System Administrator Experience: 1.5 - 3 Years Location: Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: VMware , Onpremise, Windows, VMare Configuration Job Description: Maintenance, Administration, Configuration, Monitoring and Troubleshooting of Windows 2012 / 2016 / 2019 / 2025 Servers. VMware vSphere Infrastructure - Installation, configuration, troubleshooting of VMware ESXi servers, Virtual appliance, vCenter, ESXI host upgrade and patching. Creating and managing VMware cluster, Enabling HA, and DRS features in a cluster. Configuration of Virtual switches, port groups and network connections Creating and managing standard templates and keeping them update. Deploying VMs from template and allocates resources as per client requirements. Security hardening of VMs and Esxi servers for security compliance. Performing snapshots, cloning, migrations of VMs Vulnerability Management - Assist in providing support and resolution for the Critical/High open vulnerabilities on Windows/ VMware Servers. Providing support to mitigate external Vulnerabilities reported by KPMG team. Coordinate with Server Owners to fix Application related vulnerabilities with the defined SLA. Providing support to raise a risk on insight360 portal for servers which have surpassed the SLA. Data Centre Operations - Installation, Configuration, Monitoring and Troubleshooting of physical servers like DELL PowerEdge, HP ProLiant, Cisco UCS servers. Coordination with OEM/Partners Technical Support Team to resolve problems. Support for Windows Defender, SOC SIEM, BigFix, Qualys, CIS CAT, SolarWinds team for installation, configuration, upgradation and troubleshooting of applications. Coordination with Backup team, Database and Network team to resolve problems. Incident and RITM Management - Work on Incidents, RITM raised for Server OS issue, backup failure, access management, performance alerts etc. Change Management – Work on Change Requests for Commission of new servers, Decommission, Operating system upgradation, IP change Activity, virtual machine CPU/Memory/Disk upgradation and others. Installation of monthly windows security updates for the on-prem windows servers. If you are interested, share the updated resume to rajesh.s@s3staff.com

We are seeking a highly motivated and detail-oriented Cyber Security Analyst to join our security team. The successful candidate will be responsible for monitoring, analyzing, and responding to security incidents and threats, as well as implementing measures to protect the organization’s systems, networks, and data from cyber-attacks. Key Responsibilities: Monitor network traffic and systems for security breaches, intrusions, or anomalies. Investigate and respond to security alerts and incidents in a timely manner. Analyze malware, phishing, and threat intelligence reports. Conduct vulnerability assessments and penetration testing. Maintain and improve endpoint protection, firewalls, SIEM, IDS/IPS, and other security tools. Assist in the development and enforcement of security policies and procedures. Collaborate with IT and DevOps teams to ensure secure configurations and compliance. Stay updated with the latest cyber security trends, threats, and technology. Prepare incident reports, documentation, and regular security status updates. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. Proven experience in a cyber security or IT security role. Strong understanding of network protocols, operating systems, and firewalls. Hands-on experience with SIEM tools, vulnerability scanners, and endpoint protection platforms. Knowledge of cybersecurity frameworks like NIST, ISO 27001, or CIS Controls. Familiarity with scripting languages (e.g., Python, Bash) is a plus. Excellent problem-solving and analytical skills. Strong communication and documentation abilities. Preferred Certifications (Not Mandatory): CompTIA Security+ CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) OSCP (Offensive Security Certified Professional) Why Join Us? Work with a passionate and growing cybersecurity team. Exposure to cutting-edge tools and real-world threat scenarios. Opportunities for professional development and certification support. Flexible work environment and competitive benefits.

About company : Netenrich boosts the effectiveness of organizations’ security and digital operations so they can avoid disruption and manage risk. Resolution Intelligence CloudTM is our native-cloud data analytics platform for enterprises and services providers that need highly scalable, multitenant security operations and/or digital operations management. Resolution Intelligence Cloud transforms security and operations data into intelligence that organizations can act on before critical issues occur. More than 3,000 customers and managed service providers rely on Netenrich to deliver secure operations at scale. Job Title: Implementation Engineer Years of Experience: Relevant 3+ Years Work Location: Hyderabad Job Summary: We are seeking a skilled and experienced Cybersecurity Implementation Engineer with expertise in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques. This role presents an exciting opportunity to contribute to the design and implementation of cutting-edge cybersecurity solutions while collaborating with a talented team of professionals. Responsibilities: · Develop custom parsers to extract and normalize data from diverse sources, including logs, network traffic, and endpoint data. · Design, develop, and maintain Yara rules for threat detection and malware analysis, ensuring high accuracy and effectiveness. · Create and implement playbook automation to streamline incident response processes and improve operational efficiency. · Design and implement data ingestion pipelines to collect, process, and analyze large volumes of security data from various sources. · Collaborate with cross-functional teams to understand customer requirements and customize cybersecurity solutions to meet their needs. · Conduct research and analysis to identify emerging threats and vulnerabilities, and develop proactive detection mechanisms. · Participate in security incident response activities, providing technical expertise and support as needed. · Stay abreast of the latest cybersecurity trends, technologies, and best practices, and share knowledge with the team. · Work closely with customers to understand their security challenges and requirements, and provide expert guidance and support. Qualifications: · Bachelor’s degree in Computer Science, Information Security, or related field. · 3 years of experience in cybersecurity, with a focus on implementation. · Strong expertise in developing custom parsers for log and data normalization. · Proficiency in creating and maintaining Yara rules for threat detection and malware analysis. · Experience in designing and implementing playbook automation using tools such as Demisto, Phantom, or similar platforms. · Solid understanding of data ingestion techniques and technologies, including log management systems and data lakes. · Hands-on experience with SIEM (Security Information and Event Management) solutions such as Splunk, ELK, or QRadar. · Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. · Strong communication and interpersonal skills, with the ability to effectively collaborate with internal teams and customers. · Relevant cybersecurity certifications (e.g., CISSP, CEH, GIAC) are a plus. If you are a passionate and driven cybersecurity professional with expertise in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques, we want to hear from you. Join us in our mission to protect our organization and our customers from cyber threats.

Job Title: SOC L2 Analyst Location: Kochi, Kerala Department: Information Security / Cybersecurity Operations Employment Type: Full-time Job Summary We are seeking a skilled and proactive SOC Level 2 Analyst to join our Cybersecurity Operations team in Kochi. The ideal candidate will have a strong background in Threat Intelligence and Log Analysis , with the ability to detect, investigate, and respond to advanced security threats. You will work closely with L1 SOC Analysts, Incident Response, and Threat Hunting teams to ensure rapid detection and mitigation of security incidents. Key Responsibilities Monitor and analyze security events from SIEM platforms, IDS/IPS, firewalls, and other security tools. Perform detailed log analysis to identify indicators of compromise (IoCs) and suspicious activity. Utilize threat intelligence feeds to correlate, enrich, and prioritize alerts. Investigate escalated incidents from L1 SOC analysts, determine root cause, and recommend remediation. Conduct proactive threat hunting based on emerging threats and attacker tactics. Support incident response activities, including containment, eradication, and recovery. Maintain accurate documentation of incidents, investigations, and findings. Contribute to the continuous improvement of SOC processes and detection use cases. Collaborate with cross-functional security teams to strengthen the organization’s cyber defense posture. Key Skills & Requirements Technical Skills: Proficiency in Threat Intelligence analysis and application in SOC workflows. Expertise in Log Analysis and interpretation from multiple security devices and platforms. Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel). Familiarity with MITRE ATT&CK framework and common attacker techniques. Understanding of TCP/IP, network protocols, and cybersecurity fundamentals. Experience & Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 2–4 years of experience in a SOC environment, preferably as an L2 Analyst. Industry certifications such as CEH, GCIA, GCIH, Security+, CySA+ or equivalent are a plus. Soft Skills: Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced, 24/7 SOC environment. Excellent communication and documentation skills. Job Types: Full-time, Permanent Pay: Up to ₹700,000.00 per year Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): What is your current CTC in INR? What is your current notice period? What is your current company name and location? How many years of experience as Soc Analyst L2? Experience: minimum: 4 years (Required) Work Location: In person

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities Include Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities Include Execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 3+ years relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated experience in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as an understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Qualifications Graduate degree in engineering or equivalent discipline. 3–7 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Proficiency in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.