5041 Siem Jobs - Page 26

Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Sr. Cyber Security Analyst Description Job Description We re looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you ll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organization s digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Skills Key Skills 3+ years of experience in cybersecurity or a related technical role. Bachelor s degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Responsibilities Roles and Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organization s security posture. Position: Sr. Cyber Security Analyst Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes • Roles and Responsibilities Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes •

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L1 Analyst has responsibility to closely track the incidents and support for closure. Escalate more complex incidents to L2 analysts for deeper analysis. Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Handle XDR alerts and followup with customer team for agent updates Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L2 Analyst has responsibility to closely track the incidents and support for closure. Working with logsource and usecase management in integrating log sources and developing & testing usecase Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Developing SOP / instruction manual for L1 team Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents Handle XDR alerts and followup with customer team for agent updates Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

Job Summary JD: Education must be BE/BTech/MCA & 4+ Years Hands on exp. ¿ Complete understanding of the organization's technology and information security framework. ¿ Designing and implementing infra and network security solutions. ¿ Providing L2 support in all Network related activities. ¿ Install, configure, manage, customize and troubleshoot network related activities. ¿ Monitoring and administration of LB, WAF and DDoS. ¿ Preparing weekly/monthly reports. ¿ Deploying and managing SSL certificates in Radware LB¿s. ¿ Raising Firewall requests as per requirements and coordinating with different departments to get Firewall Requests implemented. ¿ Managing the inventory i.e. hardware, software, IP¿s (public, private), DNS etc. ¿ Coordinating with hardware vendors in configuration and troubleshooting ¿ Daily reporting of LB resource utilization ¿ IOS upgrade of all devices as and when required. ¿ Implementing Audit recommendations pertaining to Network ¿ Guide/Mentor the team members on technical problems which cannot be resolved at their level ¿ Ensure that Systems, Organization processes, & Unit practices adhere to Organization policies ¿ Experience in leading the team ¿ Experience of working on ITIL processes ¿ Leading the major incidents, fixing the problems, and submitting RCA ¿ Perform in depth packet capture analysis using Wireshark to diagnose network performance issues, incidents, and other anomalies and detailed reports on findings from PCAP analysis. WAF (Web Application Firewall)F5 ¿ Monitoring security alerts ¿ Provide Remedial actions ¿ Prepare Analysis Reports ¿ Analysis of application logs ¿ Coordinate with Application team and get input ¿ Fine tuning as per the recommendation by App team ¿ Report generation LOAD BALANCER (Radware & AVI) ¿ Capacity Planning ¿ SSL Off loader Configuration ¿ Configuration and Troubleshooting issues ¿ IPv4 and IPv6 enablement ¿ Integration with SOC, SIEM and Other tools ¿ Co ordination with Vendor for support. ¿ Preventive Maintenance. ¿ Firmware Upgradation

Who We Are We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them. We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity. Job Summary The Cyber Security Team Lead will support the Head of Information Security in the development, implementation, and management of the organisation’s information security strategy. This role involves overseeing daily operations, ensuring the security of information assets, managing security incidents, and fostering a security-conscious culture within the organisation. Key Responsibilities Strategic Support: Assist in the development and execution of the organisation's information security strategy and policies. Provide strategic guidance and leadership in all areas of information security. Operational Management: Oversee day-to-day security operations, including monitoring, threat management, and incident response. Ensure effective 24/7 monitoring and incident handling. Risk Management: Identify and assess security risks, and develop mitigation strategies. Conduct regular security audits and vulnerability assessments. Incident Response: Lead the response to security incidents and breaches, ensuring timely and effective resolution. Develop and maintain the incident response plan, including conducting regular drills. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Maintain up-to-date documentation of security policies, procedures, and incidents. Team Leadership: Supervise and mentor the information security team, providing guidance and support. Foster a collaborative and high-performance team environment. Training and Awareness: Develop and deliver security training and awareness programs for employees. Promote a culture of security awareness throughout the organisation. Stakeholder Collaboration: Collaborate with IT, legal, HR, and other departments to ensure cohesive security practices. Serve as a key point of contact for security-related matters with external partners and vendors. Qualifications Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree is a plus. Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Experience: Minimum of 10 -15 years of experience in information security, with at least 3 - 5 years in a leadership role. Proven experience in managing security operations, incident response, and risk management. Skills And Competencies Technical Expertise: Strong knowledge of information security principles, technologies, and best practices. Experience with security tools and technologies such as SIEM, firewalls, IDS/IPS, and endpoint protection. Analytical Skills: Ability to analyse complex security issues and develop effective solutions. Strong risk assessment and management skills. Leadership and Communication: Excellent leadership and team management skills. Strong verbal and written communication skills, with the ability to convey complex security concepts to non-technical stakeholders. Problem-Solving: Strong critical thinking and problem-solving abilities. Ability to remain calm and effective in high-pressure situations. Additional Requirements Availability for on-call duties and to respond to security incidents outside regular working hours. Willingness to travel as needed. Hybrid Policy - 2 to 3 days in a month work from Office* Benefits What we offer We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered. Our Values Our values are a collective set of beliefs and behaviours that strengthen The Economist Group's purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world. Independence We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world. Integrity We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency. Excellence We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation. Inclusivity We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully. Openness We foster a collaborative and empathetic culture conducive to the interests, wit and initiative of our colleagues. New ideas are our lifeblood. The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our colleagues and potential colleagues regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation, age, marital status or any other status.

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Security Tower Head This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do Security Tower Head role at HPE's critical large customer is a strategic role that needs deep experience in a similar capacity of CISO and as Lead Cybersecurity Architect for at least 10 years and has a total experience in the security domain for a minimum of 15 years. This role shall also demand for a strong stakeholder management. The experience of leading a large team of cybersecurity specialists from various domains such as VAPT, DLP, Edge Security/EDR, WAF, LB, SIEM SOAR UEBA, ITSM, GRC, SAST DAST, Cloud Security, DevSECOps, and related scripting/coding experience in the above domains including AI/ML based Cybersecurity modelling is mandatory. Responsible for IS operations Oversee formal risk assessment and self-assessments program for various Information Services systems and processes Manage and Monitor, organization technology security policy, ISO 27001, Data privacy and regulatory requirement to remediate new and outstanding issues; track & resolve security-related issues Carry out audits for ensuring enforcement of information security policies Promote and monitor our corporate wide IS Security awareness for ISO 27001 program Responsible for design, develop and update the policies regarding Information Security, data governance and privacy Responsible for application security, Governance and Compliance Responsible for Initiating and advocating safe practices and Industry standards Advises the CISO office on the emerging information security risks and their mitigation strategies Responsible for performing all Security audits & IT risk assessment activities Responsible for initiating and managing required information security Compliance certification processes Responsible for integration and gap analysis of the Information security of any company that company acquires Strong knowledge of the requirement of Computer Applications and Network security technologies and principles Develop, promulgate, and maintain policies, standards and practices of Information Security by establishing and maintaining efficient processes to monitor compliance of defined policies, standards and practices. Implement policies through digital workflows. Ensure activities related to BCP-DR and Emergency operations are performed in timely manner Assist in planning for information security risk monitoring, risk analysis, incident management, Change Management and overall information security requirements needed to support strategic IT and business needs What you need to bring: Qualifications BE/ B.Tech/ M.Tech/ MSc/ MCA qualification or equivalent Certifications: LA ISO 27001 (mandatory requirement) and any one of the IT risk management or Information security certificates such as CISA, CISSP, CISM, CRISC, ISO31000 Experience Experience of 10 years and minimum IT Audit experience of 3 Years Experience in driving key meetings for closing identified IS issues or gaps across different teams and vendors and achieve the outcomes within the define deadlines Strong understanding of ISO 27001 as well as industry security frameworks Strong knowledge of risk assessment and mitigation Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_05 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Designation: Manager Department: Digital Forensic Location: Gurugram Certification: Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred. ROLE & RESPONSIBILITIES: Lead and manage digital forensics investigations involving endpoints, servers, mobile devices, cloud environments, and network log analysis. Oversee forensic imaging, evidence acquisition, chain-of-custody protocols, and in-depth artifact analysis using tools such as EnCase, FTK, Intella, Autopsy, Cellebrite, Magnet AXIOM, Macquisition, and Falcon NEO. Support investigations involving data exfiltration, IP theft, malware, insider threats, and other cyber incidents. Manage and mentor a team of forensic analysts to ensure consistent quality, adherence to process, and timely delivery. Act as the client-facing lead, effectively managing communications with legal teams, compliance, and law enforcement during sensitive engagements. Review, refine, and finalize high-quality forensic reports, timelines, and findings tailored for legal, regulatory, and business audiences. Perform root cause analysis and post-incident reviews across security incidents such as ransomware, phishing, and unauthorized access. Coordinate across internal departments to ensure seamless and efficient delivery of DFIR services. Contribute to business development by supporting proposal creation, client discussions, and case study preparation. Stay current on emerging cyber threats, forensic methodologies, legal standards, and regulatory expectations. Required Skills Excellent communication and interpersonal skills; must be confident in dealing directly with clients, including CXOs and legal teams. Strong forensic report-writing abilities, capable of translating technical findings into clear, concise narratives for non-technical audiences. Ability to handle high-pressure investigations with maturity, discretion, and a solution-oriented mindset. Proven leadership in managing forensic engagements and handling multiple investigations simultaneously. High level of professional integrity, discretion, and attention to detail, especially when dealing with sensitive data. Willingness to travel for client engagements or investigations as required. Availability to support high-priority incidents during off-hours or weekends, if necessary. Experience: Graduate/Postgraduate in Computer Science, Cybersecurity, Forensic Science, or a related field. Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred. Minimum 8 years of experience in digital forensics and incident response, with at least 4 years in a leadership/managerial role. Proficient in industry-standard forensic tools including FTK, EnCase, Intella, Magnet AXIOM, Autopsy, Cellebrite, and Mac acquisition tools like Falcon NEO and Macquisition. Familiarity with EDR/SIEM platforms such as Splunk, CrowdStrike, or SentinelOne is an added advantage. Deep understanding of file systems (NTFS, HFS, APFS), Windows/Mac artifacts, log analysis, and chain-of-custody protocols. Experience in supporting legal processes, audits, or regulatory investigations related to cybercrime or data breaches. Job Description: As a Manager – Digital Forensics, you will lead and manage complex digital forensic and cyber investigations, with a strong focus on client communication, high-quality reporting, and team supervision. This role demands a balanced mix of forensic expertise, leadership, and exceptional communication skills. You will oversee engagements involving data breaches, IP theft, cyber fraud, insider threats, and more across varied digital environments. Academic Qualification: Graduate/Postgraduate in Computer Science, Cybersecurity, Forensic Science, or a related field. Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred.

We Are Hiring: Network Support Engineer Experience Required: 1–10 Years Location: Delhi, Bengaluru Employment Type: Full-time We are seeking talented Network Support Engineers, SOC, NOC, Network Engineer, across experience levels to join our growing security and infrastructure team. The ideal candidates will be responsible for ensuring the security, integrity, and performance of our network infrastructure across cloud and on-prem environments. Key Responsibilities: Monitor and manage network security systems including firewalls, IDS/IPS, VPNs, and proxies Analyze and respond to security incidents and vulnerabilities Implement and enforce security policies, standards, and best practices Conduct regular audits of network architecture and access controls Collaborate with IT and DevOps teams to secure networks, applications, and endpoints Perform vulnerability scanning and penetration testing Assist in incident response planning and disaster recovery testing Required Skills: Strong understanding of network protocols, TCP/IP, firewalls, and intrusion detection/prevention systems Hands-on experience with tools such as Palo Alto, Fortinet, Cisco ASA, or similar Familiarity with SIEM tools and log analysis Understanding of secure network design, segmentation, and access controls Experience with VPN configuration, DNS security, and endpoint protection Certifications like CCNA Security, CEH, CompTIA Security+, or CISSP (preferred but not mandatory) Why Join Us? Work on high-impact security infrastructure projects Grow your career in a fast-paced, learning-driven environment Competitive compensation and flexible working options

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

Must Have · Bachelor’s degree in Security Engineering, Computer Engineering, Computer Science, Data Science, or similar technical discipline · Familiarity with a broad range of security technologies: SIEM, CASB, SOAR, DLP, and EDR. · Technical proficiency with one or more of the major cloud computing environments. · Several years of experience with the Python programming language. · Excellent software design, problem-solving, and debugging skills. · Energetic, passionate about security, and professionally curious about the cybersecurity threat landscape Job Type: Full-time Pay: ₹2,560,609.46 - ₹4,000,000.00 per year Experience: SIEM: 4 years (Required) SOAR: 4 years (Required) Python: 5 years (Required) Security Engineer: 5 years (Required)

Description At Vitech, we believe in the power of technology to simplify complex business processes. Our mission is to bring better software solutions to market, addressing the intricacies of the insurance and retirement industries. We combine deep domain expertise with the latest technological advancements to deliver innovative, user-centric solutions that future-proof and empower our clients to thrive in an ever-changing landscape. With over 1,600 talented professionals on our team, our innovative solutions are recognized by industry leaders like Gartner, Celent, Aite-Novarica, and ISG. We offer a competitive compensation package along with comprehensive benefits that support your health, well-being, and financial security. Location: Hyderabad Reports To: Security Operations Manager Full-time | Hybrid/Remote flexibility based on business needs Full-time position with on-call responsibilities during critical incidents. What you will do: You’ll play a pivotal role in managing and optimizing our Sumo Logic SIEM environment while supporting critical day-to-day security operations. This is a hands-on technical role where your insights will directly enhance our threat detection and incident response capabilities. Note: Experience with Splunk is a strong plus, as we are currently transitioning to Sumo Logic and operating across multiple security platforms. Lead the administration of Sumo Logic SIEM Deploy, configure, and manage the platform Build and maintain dashboards, parsers, alerts, and queries Ingest and normalize logs from infrastructure, cloud, and identity sources Tune alerts to reduce noise and increase detection accuracy Monitor platform health, performance, and SLA compliance Strengthen security operations Investigate and triage alerts from Sumo Logic and other tools Support incident response activities and threat investigations Contribute to threat hunting, malware analysis, and vulnerability reviews Maintain security process documentation and runbooks Collaborate for continuous improvement Onboard new log sources in collaboration with application, cloud, and IT teams Work closely with InfoSec peers to evolve detection capabilities Support audit and compliance reporting requirements related to monitoring What We're Looking For: 3+ years of experience with Sumo Logic or another enterprise SIEM platform Strong understanding of log ingestion, threat detection, and SIEM alerting Hands-on experience writing and optimizing queries in Sumo Logic Familiarity with AWS, firewall, endpoint, and identity logs Working knowledge of frameworks such as MITRE ATT&CK and NIST Strong analytical, troubleshooting, and communication skills Bonus Points For: Deep experience with Sumo Logic administration and dashboards Exposure to cloud security, SOAR platforms, EDR, IDS/IPS Security certifications such as Security+, or equivalent Extra Credit: Experience transitioning from Splunk to Sumo Logic or working in hybrid environments Scripting knowledge (Python, Bash, PowerShell) for automation Understanding of compliance requirements (SOC 2, ISO 27001, HIPAA) Join Us at Vitech! Help shape our SIEM roadmap and elevate our security operations Work with a collaborative global InfoSec team and modern tech stack Access ongoing training, certifications, and professional growth Be part of a mission-driven company focused on innovation and excellence About Vitech At Vitech, Your Expertise Drives Transformative Change in Fintech For over 30 years, Vitech has empowered leading players in insurance, pensions, and retirement with cutting-edge, cloud-native solutions and implementation services. Our mission is clear: harness technology to simplify complex business processes and deliver intuitive, user-centric software that propels our clients' success. At Vitech, you won’t just fill a position; you’ll join a purpose-driven team on a mission that truly matters. Innovation is at our core, and we empower you to push boundaries, unleash creativity, and contribute to projects that make a real difference in the financial sector. Though our name may be new to you, our impact is recognized by industry leaders like Gartner, Celent, Aite-Novarica, ISG, and Everest Group. Why Choose Us? With Vitech, you won’t just fill a position; you’ll be part of a purpose-driven mission that truly matters. We pursue innovation relentlessly, empowering you to unleash your creativity and push boundaries. Here, you’ll work on cutting-edge projects that allow you to make a real difference—driving change and improving lives. We value strong partnerships that foster mutual growth. You will collaborate with talented colleagues and industry leaders, building trust and forming relationships that drive success. Your insights and expertise will be essential as you become an integral part of our collaborative community, amplifying not just your career but the impact we have on our clients. We are committed to a focus on solutions that makes a tangible difference. In your role, you will embrace the challenge of understanding the unique pain points faced by our clients. Your analytical skills and proactive mindset will enable you to develop innovative solutions that not only meet immediate needs but also create lasting value. Here, your contributions will directly influence our success and propel your professional growth. At Vitech, we foster an actively collaborative culture where open communication and teamwork are paramount. With our “yes and” philosophy, your ideas will be welcomed and nurtured, allowing you to contribute your unique insights and perspectives. This environment will enhance your ability to work effectively within diverse teams, empowering you to lead initiatives that result in exceptional outcomes. We believe in remaining curious and promoting continuous learning. You will have access to extensive resources and professional development opportunities that will expand your knowledge and keep you at the forefront of the industry. Your curiosity will fuel innovation, and we are committed to supporting your growth every step of the way. In addition to a rewarding work environment, we offer a competitive compensation package with comprehensive benefits designed to support your health, well-being, and financial security. At Vitech, you’ll find a workplace that challenges and empowers you to make meaningful contributions, develop your skills, and grow with a team that’s dedicated to excellence. If you’re ready to make a real impact in fintech and join a forward-thinking organization, explore the incredible opportunities that await at Vitech. Apply today and be part of our journey to drive transformative change!

Job Title: Network Security Engineer Location: Hyderabad-IN Job Type: Full-Time No.of Positions : 2 Exp: 2-3yrs Budget : 12-18LPA + Key Responsibilities: Design, implement, and manage secure network architecture (firewalls, VPNs, IDS/IPS, NAC) Monitor networks for security breaches and investigate incidents Configure and manage firewalls, security appliances, and intrusion detection/prevention systems Conduct vulnerability assessments and penetration testing; remediate findings Develop and enforce security policies, standards, and procedures Manage secure access controls (e.g., AAA, RBAC, 802.1x) Analyze security alerts and provide appropriate responses and escalations Maintain and update security infrastructure (patches, firmware, rule sets) Perform risk analysis and provide recommendations for improvements Support compliance efforts (ISO 27001, NIST, GDPR, SOC 2, etc.) Collaborate with IT teams on secure deployment of new infrastructure or services Document all configurations, incidents, and procedures for auditing and knowledge sharing Required Skills & Qualifications: Bachelor’s degree in Computer Science, Infra Security, or related field 3+ years of experience in network and/or security engineering roles Strong understanding of network protocols and security technologies (TCP/IP, SSL, IPSec, DNS, etc.) Experience with firewalls and security platforms (e.g., Palo Alto, Fortinet, Cisco ASA, Check Point) Proficiency in intrusion detection/prevention systems, VPNs, and endpoint security Familiarity with SIEM tools (Splunk, QRadar, LogRhythm, etc.) Knowledge of authentication mechanisms (LDAP, RADIUS, SAML, MFA) Security certifications such as CEH, CCNP Security, Palo Alto PCNSA/PCNSE , or CompTIA Security+ Preferred Qualifications: Experience in cloud security (AWS, Azure, GCP) Scripting skills (Python, PowerShell, Bash) for automation Exposure to Zero Trust Network Architecture (ZTNA) and SASE frameworks Understanding of threat modeling and advanced persistent threats (APT) Familiarity with regulatory standards (HIPAA, PCI-DSS, etc.) Job Type: Full-time Pay: ₹1,200,000.00 - ₹1,800,000.00 per year Work Location: In person

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.