5041 Siem Jobs - Page 15

What You Can Expect We are seeking a Security Information Event Manager (SIEM) Engineer to join our Security team. The Zoom Security Monitoring & Logging team implements, enhances and manages various tools and technologies used to identify and protect IT assets, detect security events and enable security incident response. About The Team As a Zoom SIEM Engineer, you will work in several security technology categories including Big Data Technologies, SIEM (Splunk), ETL/Data Pipelines (Cribl Logstream & Search), Cloud (AWS/GCP/OCI/Azure), Authentication (IAM/RBAC/SAML), Networking (WAF), Threat Monitoring(IPS/AV/DLP). Experience in physical, virtual and public cloud AND data center environments. Responsibilities Help coordinate and implement real-time data pipelines using a number of vendor provided or developed tools. (Linux OS, Regex, networking concepts and troubleshooting, SSL certificates, data routing and data handling through splunk or similar databricks. You’ll work alongside other internal teams, streamline the process of collecting, organizing, and transforming data through streaming pipeline ingestion, aggregation, and custom workflows. Develop and Maintains working relationships amongst project Managers and data owners that enhance the data onboarding experience. Utilize your talents developing data monitoring dashboards and custom alerting to automate the monitoring of data pipelines and SIEM posture. Documents platform and system features or changes to the environment. Perform system administration tasks necessary for security tool platform maintenance, typically on Linux based systems. Perform Platform monitoring and triage tasks to ensure uptime of the production environment. You are familiar with a task tracking system or project queue system such as Zoom Docs, ServiceNow, JIRA and able to follow an escalation process towards a path of resolution. Participate in Monthly on-call rotation for after hours support. What We Are Looking For Bachelor's degree in IT Security, Computer Science, or equivalent; or an additional 4 years of relevant IT experience. 5+ years experience in IT engineering or Technical Support; 3 or more years experience specifically in a Data engineering role; Project Management experience. 3+ years Splunk administration experience [on-boarding knowledge, fluent SPL,Certification. Linux OS, Regex, networking concepts and troubleshooting, SSL certificates, data routing and data handling through splunk or similar databricks Demonstrate advanced technical knowledge and experience in data, application, systems and network security concepts and the tools used to identify and protect IT assets, detect security events, and respond and recover from security incidents. Mid to advanced level Linux knowledge in physical, virtual AND cloud technologies. Developing data pipelines and terraform and ansible and automation scripts. Exceptional verbal and written communication skills necessary to effectively collaborate with peers, and to present and explain highly technical information to stakeholders who may have limited technical knowledge. #RemoteIndia #India #Remote Ways of Working Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting. Benefits As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information. About Us Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars. We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment. Our Commitment At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step. If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Skill : Cyberark , Conjur, Rest API Role :- Have a strong knowledge of CyberArk privileged Account Management solutions- CyberArk components like Vault, CPM, PSM, PSMP, PVWA, AAM, PTA Have worked on CyberArk Application upgrades/releases and patches Have worked on managing vault logs and monitoring of CyberArk privileged account security tool modules Creating Safe and updating Safe Permissions. Administration of user accounts & safes in cyber ark Onboarding accounts from various platforms (Windows, Linux, etc) Onboarding bulk accounts using Password Upload Utility (PUU) & Rest API methods Perform Cyber ark License clean up tasks. Perform a Health check of all the components in the CyberArk Strong knowledge of identity and access management (IAM) concepts, privileged account management, and least privilege principles Basic understanding of networking protocols, security principles, and user access management Excellent problem-solving skills and the ability to troubleshoot technical issues independently Strong knowledge of Windows Servers CDE certification is must Experience with the following technologies: IDM, SSO, SIEM, Application Servers,Authentication Products and Ticketing System (Advantage) Auto IT, PowerShell Scripting/Development experience (Advantage) Experience with Privilege Cloud and Conjur/Conjur Enterprise . Scripting skills (PowerShell, Python) and experience using REST APIs . Added Advantage CyberArk CDE (Certified Delivery Engineer) certification.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Profile Name: Senior Incident Response Analyst Job Profile Summary To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. Job Description Duties and Responsibilities: Operate as second level support to a 24x7 managed security operations centre. Alert clients regarding intrusions and potential intrusions that may compromise their network infrastructure. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Takes a proactive role in the resolution of incidents, even after they are escalated Work on assigned ticket queue Understanding and exceeding expectations on all tasked SLA commitments Track and report on closure of tickets as per SLAs Escalating issues to Level 2 or Level 3 and management when necessary Providing daily and weekly reports on security and vulnerability incidents Working in shift teams Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. Qualifications: Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience. 3-6 years related experience. CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. Knowledge of security concepts, theories, and best practices. Ability to analyze and demonstrate problem resolution skills. Demonstrated ability to work collaboratively as well as independently, with attention to detail. Demonstrated ability to be flexible and exercise good judgment. Demonstrated strong organization and time management skills. Strong verbal, written and interpersonal communication skills. Ability to deal effectively with various levels of business unit crew and management. Experience on SIEM, SOAR and EDR/XDR is must. Special Factors: Weekend availability/flexibility to work weekends is a MUST. Willing to support US shift (Night shift) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Title: SOC Consultant Location: Gurgaon / Bangalore Experience: 3+ Years Position Type: Full-time Immediate Joiners Preferred Job Description: We are seeking a skilled SOC (Security Operations Center) Consultant with 3+ years of experience in security operations, threat analysis, and incident response. The ideal candidate should have hands-on experience with SIEM tools and a strong understanding of cybersecurity principles and frameworks. Key Responsibilities: Monitor, analyze, and respond to security events and incidents Operate and manage SIEM platforms (e.g., Splunk, QRadar, ArcSight, etc.) Perform real-time threat analysis, detection, and triage of security incidents Support vulnerability management and threat intelligence integration Work closely with clients and internal teams to implement security best practices Document security incidents and contribute to knowledge base development Assist in the development of security playbooks and incident response plans Required Skills: 3+ years of experience in SOC operations or a similar cybersecurity role Proficiency in SIEM tools and log analysis Good understanding of TCP/IP, IDS/IPS, firewalls, and malware analysis Familiarity with threat hunting techniques and cybersecurity frameworks (NIST, MITRE ATT&CK) Strong analytical and problem-solving skills Excellent communication and documentation skills Certifications (Preferred): CEH / CompTIA Security+ / SSCP / Splunk Certified / Microsoft SC-200 or equivalent

Responsibilities- Configure, and maintain the SIEM platform ( ELK) Develop and fine-tune correlation rules, alerts, and dashboards to support SOC use cases. Onboard log sources from various platforms (Windows, Linux, cloud, network devices, applications). Perform health checks, upgrades, and patch management of SIEM components. Work closely with SOC analysts to improve detection capabilities and reduce false positives. Collaborate with threat intel and incident response teams to create advanced detection logic. Automate log ingestion and alert tuning using scripting (Python, PowerShell, etc.). Develop and maintain documentation, runbooks, and standard operating procedures (SOPs ). Beneficial: Good Documentation skills Good at Incident Management. Personal Characteristics: Strong communication skills, ability to work comfortably with different regions Actively participate within internal project community Good team player, ability to work on a local, regional and global basis and as part of joint cross location initiative. Self-motivated, able to work independently and with a team.

Job Description At Honeywell, we make a lot of incredible things. But most importantly, we make the future and are looking for people to join our global team of future shapers. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers and doers who are changing the future. Our people are committed to each other and to the realization of our vision through their unique job functions. Our businesses embrace the challenges of innovation so that we define the future. And our global opportunities are endless for you to grow and get recognized for your passion to perform. We are seeking a creative and forward-thinking cybersecurity engineer to develop and enhance cyber security solutions to address unique security challenges in critical infrastructure and industrial businesses. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified. Responsibilities Key Responsibilities: Assume the lead role in assigned projects, ensuring delivery on time, within budget, and to customer satisfaction. Stay technically current with cybersecurity solutions and expand knowledge in designated network disciplines. Maintain relevant cybersecurity certifications such as CCNA, CISSP, GICSP, or similar. Keep abreast of current industry security standards (e.g., IEC-62443, ISO 27000). Build strong relationships with internal and external customers by providing accurate and efficient technical/engineering support. Diagnose problems and provide timely, accurate technical solutions in response to customer inquiries, questions, and issues. Network (VLANs, STP, HSRP, Static routing) config and Troubleshooting, Firewall configuration i.e policies, communication troubleshooting, AD, NMS, SIEM, AV, WSUS, etc Installation, configuration and troubleshooting. Uphold industrial safety awareness through the completion of pertinent safety certifications. Qualifications Basic Qualifications: Bachelor's degree in computer-related fields (e.g., Computer Science, Computer Information Systems, Electronics) or equivalent experience. Cisco Certified Network/Design/Security Professional (at least one certification). GICSP/CISSP Certified Information Systems Security Professional or similar security certification. 5+ years of experience in Networking, endpoint security, and conducting audits/assessments in IT security. 3+ years of experience in Security Projects. 2+ years of experience in Cybersecurity Vulnerability or Risk assessment. 2+ years of experience with Microsoft Active Directory, DNS, WSUS, and Terminal Server. 2+ year of experience in vulnerability scanning and assessments using tools like Nessus and NMAP. Proven experience designing or deploying a minimum of 10 projects leveraging virtualization, preferably VMware. 3+ years of Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. 3+ years of experience with antivirus systems and backup & restore solutions. 3+ years of experience providing network services on customer sites. Excellent written and oral communication skills. Willingness to travel 30-65%. Preferred Qualifications and Experience 3 years’ experience in Operational Technology (OT). IEC-62443 Risk Assessment/Design/Maintenance Certification (at least one). Knowledge of networking protocols including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP, and SSH. Awareness of OT cybersecurity best practices and recommendations. Proficiency in preparing functional and detailed design specifications. Ability to work independently. Excellent troubleshooting skills to resolve complex network, application, or system integration issues. About Us Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Location: Mumbai - VPTS, Mumbai, Maharashtra, India

SOC L2 Engineer Location - Bangalore/Chandigarh Experience - 4+ years Hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms As this is an immediate need, candidates who can join within 30 days may apply. About the Role: We are seeking a highly skilled and motivated L2 SOC Engineer with 4-6 years of experience in implementing security solutions, maintenance and troubleshooting. The ideal candidate will have deep hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms. You will play a crucial role in integration, monitoring, and analyzing to security tools/incidents, and contributing to the continuous improvement of our security posture. Key Responsibilities: SIEM Administration & Optimization: Support the administration, maintenance, and health monitoring of the SIEM platform (QRadar or Microsoft Sentinel). Log source integration and parsing. Assist with log source onboarding, parser development, and data normalization within the SIEM. Contribute to the continuous improvement of SOC processes, playbooks, and standard operating procedures (SOPs). Security Monitoring & Incident Response: Conduct thorough investigations to determine the scope, root cause, and impact of security incidents (e.g., malware infections, phishing attempts, unauthorized access, denial-of-service attacks). Execute incident response procedures, including containment, eradication, and recovery, in accordance with established playbooks and industry best practices (e.g., NIST, MITRE ATT&CK). Document all incident details, analysis findings, and remediation steps accurately and comprehensively in the incident management system. Collaborate with cross-functional teams (IT operations, network, application development) to facilitate incident resolution and implement corrective actions. Participate in on-call rotation as required to ensure 24/7 security coverage. Required Skills and Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 4-6 years of hands-on experience in a Security Operations Center (SOC) environment. Strong expertise with either IBM QRadar and Microsoft Sentinel, including: In-depth knowledge of SIEM components and how it works. Good troubleshooting skills. In-depth knowledge of log source integration troubleshooting. Experience in developing and optimizing correlation rules, use cases, and dashboards. Familiarity with log source integration and data ingestion. (For QRadar): Experience with QRadar AQL (Ariel Query Language) and building blocks. (For Sentinel): Proficiency with KQL (Kusto Query Language) and Azure security services (Azure AD, Azure Security Center, Azure Log Analytics). Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SMTP, etc.) and network security concepts (firewalls, IDS/IPS, VPNs). Proficiency in analyzing logs from various sources (Windows Event Logs, Linux logs, firewall logs, web server logs, cloud logs). Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data analysis is a plus. Excellent analytical, problem-solving, and critical thinking skills. Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences. Ability to work effectively both independently and as part of a team in a fast-paced environment. Preferred Certifications (one or more highly desirable): Microsoft Certified: Azure Security Engineer Associate (for Sentinel focus) IBM Certified Analyst - Security QRadar SIEM

Job Title: Active Directory Consultant Location: 100% Remote Shift Timings: 4 PM - 2 AM Employment Type: Full-time/Contactor Job Overview: We are seeking a highly skilled and experienced Active Directory Consultant with 5–8 years of hands-on experience in enterprise-level Active Directory configuration , domain consolidation , PowerShell scripting , and One Identity Active Roles Server (ARS) . This is a fully remote opportunity ideal for a candidate who thrives in a fast-paced and secure IT infrastructure environment. Key Responsibilities: Configure and manage Active Directory (AD) environments, including domains, forests, and trust relationships. Lead Active Directory domain consolidation and integration projects. Administer and manage One Identity Active Roles including web interfaces and synchronization services. Develop and maintain PowerShell scripts for automation, reporting, and administrative tasks. Perform design reviews , mapping proposed solutions to client requirements. Conduct lab installations and perform system validation and integration testing. Monitor and control privileged access sessions for administrators, vendors, and high-risk users. Ensure systems meet uptime , security , and compliance requirements. Support integration with other enterprise applications and software. Collaborate with IT security, audit, and infrastructure teams to enforce identity governance policies. Mandatory Skills: Strong hands-on experience with Active Directory configuration and domain management Proficiency in PowerShell scripting (automation and troubleshooting use cases) Expertise in One Identity Active Roles Server (ARS) Familiarity with Authentication services (Kerberos, LDAP, NTLM, etc.) Experience with Quest Identity Management (IDM) Exposure to Privileged Access Management (PAM) tools and session monitoring Strong understanding of enterprise security, access control , and compliance frameworks Preferred Skills: Experience in hybrid environments (on-premises and cloud-based identity solutions) Exposure to Azure Active Directory / Entra ID Working knowledge of SIEM tools , GPO , and security baselines Certifications such as Microsoft Certified: Identity and Access Administrator , One Identity Certified , or CompTIA Security+ Soft Skills: Strong verbal and written communication skills Ability to work independently in a remote setup Excellent troubleshooting and problem-solving capabilities Team player with cross-functional collaboration skills Why Join Us? 100% remote opportunity Cutting-edge enterprise security projects Collaborative and flexible work culture Exposure to global clients and diverse identity infrastructure

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Delivery Specialist, you will apply security skills in device onboarding, log source integration, security threat analysis and investigation, and detection engineering, and be responsible for performing these tasks." You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities: Networking Fundamentals, device integration and troubleshooting, security threat analysis and EDR investigation skills, rule writing and playbook creation Work as part of a global security analysis team that works 24/7 on rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by a variety of device technologies Handling tunings, customer requests, escalations, reporting, trainings, etc. Incident analysis, deep dive threat hunting and investigation and root cause analysis Creation of detection rules, testing and implementation Evaluation of client detection requirements, gap analysis, fine tuning Playbook creation for automation and integration with SOAR requirements Document best practices and writing KB articles Identify opportunities for process improvements Work as part of the analysis team handling tunings, adding new detection, customer requests, handling escalations, reporting, training. Research new threats and provide recommendations to enhance detection capabilities Strong desire for continuous learning on new technologies and being on the trend Support incident management calls Professional & Technical Skills: Deep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscape Knowledge on networking, Linux and security concepts Knowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Hands-on experience in SIEM, SOAR and threat hunting tools Desirable knowledge in any scripting language and EDR products Strong threat hunting and investigation skills and root cause analysis Preferable certifications – GCIA, GCFA Passion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situations Consistently exhibit high levels of teamwork Ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Ability to train and mentor others Adaptability to accept change Additional Information: - The candidate should have minimum 5 years of experience in Accenture MxDR Ops Security Threat Analysis. - This position is based at our Chennai office. - A 15 years full time education is required.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : No Skill Speciality Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response activities, contributing to the overall security posture of the organization while staying updated on the latest security trends and technologies. Roles & Responsibilities: Work as part of the analysis team that works 24x7 on a rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologies Timely response to customer requests like detection capabilities, tuning, etc. Research new threats and provide recommendations to enhance detection capabilities Strong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilities Deep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscape Hands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platform Desirable knowledge in any scripting language and EDR products Preferable – GCIA, GCFA, CISSP Strong customer service and interpersonal skills Strong problem-solving skills Ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Adaptability to accept change Additional Information: - The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis. - This position is based at our Chennai office. - Minimum a bachelor’s or a master’s degree in addition to regular 15- year full-time education is required., 15 years full time education

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long-term strategy of creating a captive global processing centre for remotely handling banking and IT related operations of Mizuho Bank’s domestic and overseas offices and Mizuho’s group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS’s development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. About the Role: SOC analyst We are seeking a highly skilled and motivated Senior Security Operations Center (SOC) Analyst to join our dynamic team. You will play a critical role in safeguarding our organization's information assets by monitoring, detecting, and responding to security threats. Roles and Responsibilities: · Monitor security events and alerts generated by SIEM tools and other security systems. · Conduct in-depth investigations of security incidents to identify root causes and potential threats. · Respond to security incidents in a timely and effective manner, following established incident response procedures. · Develop and maintain SOC rules, playbooks, and procedures. · Analyze security trends and identify potential vulnerabilities. · Collaborate with other security teams to improve overall security posture. · Stay up-to-date on the latest security threats and trends. Relevant Skills and Experience: · 5-7 years of experience in security operations, incident response, or a related field. · Strong understanding of security concepts, principles, and best practices. · Proficiency in using SIEM tools (e.g., Splunk, QRadar, ArcSight). · Experience in developing and maintaining SOC rules, playbooks, and procedures. · Knowledge of common security threats, vulnerabilities, and attack vectors. · Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). · Experience with scripting languages (e.g., Python, PowerShell). · Experience with cloud security (e.g., AWS, Azure, GCP). Address : Address: Mizuho Global Services India Pvt. Ltd, 11th Floor, Q2 Building Aurum Q Park, Gen 4/1, Ttc, Thane Belapur Road, MIDC Industrial Area, Ghansoli, Navi Mumbai- 400710. Interested candidates send resume on mgs.rec@mizuho-cb.com along with the below details. Current CTC Expected CTC Notice period Experience in SOC Available for F2F ?

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Experienced and technically proficient Telecom Security Expert for our cybersecurity team. The ideal candidate will bring 7.5 years of hands-on experience in telecom risk and vulnerability assessment, network element hardening, and SOC use case development for telecom infrastructure. This role is critical in securing telecom nodes, ensuring compliance with industry standards, and reducing the risk landscape across telecom assets. Roles & Responsibilities: Conduct comprehensive telecom risk assessments on core and access network nodes (e.g., MSC, HSSvoice core, packet core, radio, backhaul IMS, 5G Core, fixed line etc.). Perform vulnerability risk assessments specific to telecom protocols and elementsservices, identifying and addressing weaknesses in both legacy and modern network infrastructures. Drive security hardening initiatives across telecom network elements by defining and implementing industry-aligned baselines (e.g., 3GPP, GSMA NESAS, NIST). Experience on Telecom SOC operation/ use cases for proactive threat detection and mitigation related to telecom-specific attack vectors. Collaborate with OEM vendors and internal network teams to ensure telecom infrastructure meets all security compliance and regulatory requirements. Provide expert-level guidance during security incident investigations related to telecom infrastructure, including root cause analysis and remediation planning. Stay abreast of emerging threats, vulnerabilities, and technologies relevant to telecom systems and propose strategic mitigations. Lead or support internal and third-party security audits, assessments, and penetration tests across telecom assets. Develop technical documentation, risk reports, and security architecture reviews tailored to the telecom domain. Required Skills and Qualifications: Bachelor’s or Master’s degree in Telecommunications, Information Security, Computer Science, or related field. 7.5 years of experience in telecom cybersecurity, with deep expertise in mobile and fixed network technologies (2G/3G/4G/5G, IMS, VoLTE, etc.). Proven experience in telecom-specific risk and vulnerability assessments. Strong knowledge of network element hardening techniques and standards (e.g., NE security configuration baselines, patching policies). Hands-on experience with telecom protocols such as Diameter, SIP, SS7, GTP, SCTP, etc. Solid understanding of SOC and SIEM tools, with a focus on use case development for telecom-specific threats. Familiarity with compliance frameworks and standards like 3GPP, GSMA NESAS, ISO 27001, NIST, and local telecom regulations. Ability to collaborate with cross-functional teams and articulate complex security issues to technical and non-technical stakeholders. Strong documentation and reporting skills. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing with experience in Telecom Security. - Strong understanding of cloud security principles and best practices. - Experience with threat modeling and risk assessment methodologies. - Familiarity with security tools and technologies for vulnerability scanning and penetration testing. - Knowledge of compliance frameworks such as ISO 27001, NIST, and GDPR. Preferred Certifications: Telecom Security relevant certification/rainings (preferred) Certified Information Systems Security Professional (CISSP) GIAC Global Industrial Cyber Security Professional (GICSP) or equivalent telecom-focused security credentials Additional Information: - The candidate should have minimum 7.5 years of experience in Security Penetration Testing. - This position is based at our Gurugram office. - A 15 years full time education is required.

Area(s) of responsibility About Us Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Location -Mumbai ,Pune ,Bangalore, Hyderabad , Noida Exp -8 yrs to 10 yrs About The Role We are seeking a skilled Network Security Engineer to design, implement, and maintain secure network infrastructures. The ideal candidate will possess strong expertise in network protocols, firewall and IDS/IPS configuration, VPN solutions, and security compliance standards. You will be instrumental in enhancing our network security posture through threat detection, risk assessment, and zero trust architecture implementation. Key Responsibilities Design, configure, and manage network security devices including firewalls (Palo Alto, Fortinet, Cisco ASA) and intrusion detection/prevention systems (Snort, Suricata). Implement and manage Network Access Control (NAC) systems utilizing 802.1X, RADIUS, and Cisco ISE for role-based access control. Configure and maintain secure VPN solutions including IPsec, SSL VPNs, and site-to-site tunnels. Conduct SIEM and log analysis using tools such as Splunk, QRadar, and ELK Stack to detect and respond to security threats. Design and enforce network segmentation and apply Zero Trust security principles. Ensure compliance with security standards such as ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. Perform threat modeling, vulnerability assessments, and risk analysis to mitigate security risks. Collaborate with cross-functional teams to develop and enforce security policies and procedures. Core Technical Competencies Deep understanding of network protocols including TCP/IP, UDP, ICMP, DNS, HTTP/S, FTP. Hands-on experience with firewall and IDS/IPS tools such as Palo Alto, Fortinet, Cisco ASA, Snort, and Suricata. Familiarity with Network Access Control frameworks (802.1X, RADIUS), especially Cisco ISE. Expertise in VPN technologies like IPsec and SSL VPNs. Proficiency in SIEM platforms and log correlation for threat detection and incident response. Knowledge of network segmentation strategies and Zero Trust architecture. Strong understanding of compliance requirements (ISO 27001, NIST, PCI-DSS, GDPR, HIPAA). Ability to conduct threat modeling and risk assessments. Required Certifications CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CEH (Certified Ethical Hacker) CompTIA Security+ CCNP Security (Cisco Certified Network Professional Security) Palo Alto PCNSA/PCNSE Qualifications Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Proven experience in network security engineering or a similar role. Why Join Us? Work with cutting-edge security technologies. Collaborate with a passionate and dynamic security team. Opportunities for professional growth and certification support.

We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients. Req Id : 109973 Job Title : Incident Response Analyst Business Unit sector : CPL-BECIO-CIO Department: BVCPL DIGITAL OFFICE Work Location : INPUNE Opportunity Type : Staff Full time/Part time : Full-Time Employment Status: [[employmentStatus]] Recruiter : Indranee Bindu Job Summary The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process. Key Responsibilities The Incident Response Analyst fulfills the following tasks: Responds to computer security incidents according to the computer security incident response policy and procedures. Provides technical guidance to first responders for handling cybersecurity incidents. Provides timely and relevant updates to appropriate stakeholders and decision makers. Communicates investigation findings to relevant business units to help improve the cybersecurity posture. Validates and maintains incident response plans and processes to address potential threats. Compiles and analyzes data for management reporting and metrics. Analyzes potential impact of new threats and communicates risks back to detection engineering functions. Performs root-cause analysis to document findings and participate in root-cause elimination activities as required. Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents. Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases. Management Responsibilities Individual Contributor Preferred Qualifications A successful Incident Response Analyst candidate will have the expertise and skills described below Education, Training And Past Experience Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. Bachelor's Degree (in Business, Technology, Computer Science or related field), preferred or equivalent experience. BE/BTech, BS or MA in computer science, information security or a related field Candidate must have 5 years of experience in incident response. Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK. Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial. Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial. Minimum Qualifications Knowledge and Skills Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Understands organizational mission, values, goals, and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to effectively influence others to modify their opinions, plans, or behaviors. A team-focused mentality, with the proven ability to work effectively with diverse stakeholders. Strong problem-solving and troubleshooting skills. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Certifications Contact Compensation Work Environment/Physical Demands Typical office environment Competencies Salary Plan ITS: Information Technology Service Job Grade 004 BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

We are looking for an experienced Information Security professional with certifications like CISSP or CISA, and a strong background in leading compliance initiatives for SOC 2 Type II, ISO 27001, PCI DSS, and IOCFR. Direct experience working with RBI regulations and auditors is mandatory . The ideal candidate should have hands-on knowledge of AWS cloud security, and familiarity with tools such as GuardDuty, Wiz/Orca, Splunk, Crowdstrike, and Vanta. Experience in fast-paced sectors like FinTech, E-commerce, or Payment Solutions is a strong plus. What You'll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What We’re Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work® certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : BeyondTrust Privileged Access Management Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are looking for a seasoned BeyondTrust Implementation Engineer with 5 to 10 years of experience in enterprise cybersecurity, particularly in Privileged Access Management (PAM) implementation. The ideal candidate will have hands-on expertise in designing, deploying, integrating, and optimizing BeyondTrust PAM solutions, with deep understanding of enterprise IT landscapes, security architecture, and regulatory compliance requirements. This is a technical, client-facing role requiring strong analytical, communication, and project management skills to drive PAM solution rollouts and ensure they align with the client’s security objectives and business processes. Roles & Responsibilities: Lead the full lifecycle of BeyondTrust deployments, including requirement gathering, environment assessment, design, deployment, testing, go-live, and support. Configure and customize BeyondTrust products such as: o Password Safe: secure credential storage, automated password rotation, credential injection. o Privilege Management for Windows/Mac/Unix: application control, policy-based least privilege. o Secure Remote Access / Remote Support: secure vendor and internal access. Develop and enforce custom policies and rules for privilege elevation, whitelisting, blacklisting, and session monitoring. Design scalable and secure PAM architectures tailored to enterprise environments (on-premise, hybrid, cloud). Integrate BeyondTrust with IT ecosystems: o Active Directory / LDAP / Azure AD o SIEM (e.g., Splunk, QRadar) o ITSM (e.g., ServiceNow, BMC Remedy) o MFA / SSO solutions (e.g., Okta, Duo, Ping) o Vaulting of SSH Keys, API Keys, and Cloud Secrets Automate BeyondTrust tasks and integrations using: o PowerShell, Bash, Python, or RESTful APIs Build custom connectors or plug-ins for third-party tools. Implement RBAC (Role-Based Access Control) for administrators, auditors, and users. Establish password rotation schedules, check-in/check-out rules, and approval workflows. Enable session recording, keystroke logging, and real-time session termination features. Conduct user acceptance testing (UAT) and performance tuning post-deployment. Produce high-quality deliverables: HLD, LLD, implementation runbooks, migration plans, SOPs, rollback procedures. Conduct hands-on training and knowledge transfer sessions for admins and security teams. Assist with creation of audit and compliance reports related to privileged access. Act as Level 3 escalation point for PAM-related incidents and service disruptions. Diagnose and resolve complex issues involving PAM platform, connectors, and integrations. Provide post-deployment support including system health checks, hotfixes, and version upgrades. Professional & Technical Skills: Minimum 5 years of experience in cybersecurity/IT infrastructure with 3+ years dedicated to BeyondTrust PAM products. In-depth experience in implementing BeyondTrust Password Safe, Privilege Management for Endpoints, and Secure Remote Access. Strong working knowledge of: o Authentication protocols (Kerberos, LDAP, RADIUS, SAML, OAuth) o Operating systems: Windows Server, Linux/Unix o Enterprise directories: AD, Azure AD o Networking basics and firewall concepts Proficiency in scripting: PowerShell, Python, Bash Familiarity with regulatory and security standards: ISO 27001, NIST, GDPR, HIPAA, SOX Hands-on experience with ITSM and ticketing platforms for automation and integration. Excellent verbal and written communication, interpersonal, and customer-facing skills. Additional Information: - 5 or more years’ experience implementing and performing integrations with BeyoundTrust. - This position is based at our Bengaluru, Chennai,Pune,Hyderabad, Gurugaon - A 15-year full time education is required

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities: 1. Develop and implement Splunk use cases to drive business value and improve security operations. 2. Design and configure Splunk solutions to meet business requirements and improve data analysis. 3. Collaborate with stakeholders to understand business needs and identify opportunities for Splunk adoption. 4. Analyze data and generate insights to inform business decisions and improve security operations. 5. Continuously improving Splunk solutions through data analysis, reporting, and process optimization 6. Develop and implement Splunk use cases for security, IT operations, and business analytics. 7. Design and configure Splunk solutions, including data ingestion, processing, and visualization. 8. Collaborate with stakeholders to understand business requirements and identify opportunities for Splunk adoption. 9. Analyze data and generate insights to inform business decisions and improve security operations. 10. Develop and maintain Splunk dashboards, reports, and alerts. 11. Troubleshoot and resolve technical issues with Splunk solutions. 12. Stay up to date with new Splunk features and best practices. # Requirements: - Strong technical background in Splunk, including data ingestion, processing, and visualization. - Experience with Splunk Enterprise, Splunk Cloud, or Splunk Security. - Excellent analytical and problem-solving skills. - Strong communication and collaboration skills. - Ability to work in a fast-paced environment and prioritize multiple projects. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) and Splunk. - Tool Proficiency- Splunk - Strong understanding of cloud security principles and best practices. - Experience with security incident response and threat intelligence. - Familiarity with regulatory requirements and compliance frameworks. - Knowledge of network security protocols and technologies. Additional Information: - The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Gurugram office. - A 15 years full time education is required.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As the SOC Manager, you will serve as the primary governance and client-facing leader for our Security Operations Center. You will be responsible for oversight of security monitoring, incident governance, SLA adherence, and ensuring the SOC delivers value in alignment with business and client expectations. The role demands strong leadership, strategic thinking, and a risk-oriented approach to managing SOC effectiveness, resource alignment, and continuous service improvement. You will mentor analysts, refine processes, and own the SOC roadmap—aligning day-to-day operations with business risk and compliance requirements Roles & Responsibilities: -Proven experience managing SOC governance, policies, and compliance frameworks -Working knowledge of KPIs, SLAs, and continuous improvement frameworks (e.g., ITIL) -Capability to assess risk posture and align SOC output to business risk appetite -Deep understanding of security operations and threat management lifecycles -Regulatory frameworks (ISO 27001, SOC 2, PCI-DSS, GDPR) -Strong client engagement and communication skills, including executive-level reporting -Understanding of security tooling landscape (SIEM, SOAR, EDR, TIP, etc.) -Project management expertise – planning, risk tracking, stakeholder coordination. -Ability to work with stakeholders from security operations, threat intel, and infrastructure teams Professional & Technical Skills: - Define and manage SOC governance structure, roles, and responsibilities -Drive alignment between operational activities and business risk priorities -Review and validate SOC deliverables, ensuring adherence to SLAs, SOPs, and compliance requirements -Lead control maturity assessments and define improvement roadmaps -Oversee audit readiness and documentation for internal and external reviews -Act as the primary point of contact for client escalations, reviews, and engagements -Conduct regular service reviews, security posture updates, and incident retrospectives with clients -Translate technical outcomes into business language for non-technical stakeholders -Own the delivery of client KPIs, operational metrics, and dashboards -Define and track SOC KPIs, KRIs, and maturity benchmarks -Identify and escalate capability gaps, resource needs, or process deviations -Collaborate with internal teams (Threat Intel, GRC, Cloud Security) to align services -Stay current on threat trends, security technologies, and evolving compliance landscapes -Support team leads and shift managers in performance evaluation and strategic alignment -Ensure that SOC personnel receive regular upskilling, playbook updates, and role clarity -Promote a culture of accountability, service excellence, and knowledge sharing -SOC Governance & Risk Management -Client Relationship Management -Compliance & Audit Readiness -SLA / KPI Management -Security Monitoring Concepts -Executive Communication -SOC Process Understanding and experience -This is a strategic yet hands-on role requiring a blend of security expertise and project execution. -The position involves working with multiple internal and external stakeholders, including auditors and technology teams. -Flexibility is available for remote, or hybrid work arrangements based on business needs. -Opportunities for career growth in cybersecurity leadership and program management are significant -Industry certifications strongly preferred: CISSP / CISM / CISM or other relevant cloud and security certifications. Additional Information: - The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Gurugram office. - A 15 years full time education is required.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response activities, contributing to the overall security posture of the organization while staying updated on the latest security trends and technologies. Roles & Responsibilities: Work as part of the analysis team that works 24x7 on a rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologies Timely response to customer requests like detection capabilities, tuning, etc. Research new threats and provide recommendations to enhance detection capabilities Strong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Researching, understanding, and developing responses to cyber threats Writing, editing, and publishing technical reports Developing and deploying network and endpoint detections to support a Security Operations Center analysis team Performing data analysis to optimize SOC procedures Coordinating analysis teams to best educate on and respond to developments in the Threat Landscape Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilities Deep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscape Hands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platform Desirable knowledge in any scripting language and EDR products Preferable – GCIA, GCFA, CISSP Strong customer service and interpersonal skills Strong problem-solving skills Ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Adaptability to accept change Additional Information: - The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis. - This position is based at our Chennai office. - Minimum a bachelor’s or a master’s degree in addition to regular 15- year full-time education is required., 15 years full time education