At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Development, implementation, monitoring, maintenance, and management of threats, security controls, processes, procedures and systems. Provides trusted advisor overview and management for information security projects and technical requirements. Provides threat management support for firewalls, intrusion detection systems, enterprise anti-virus, web application firewalls, and log monitoring tools. Manages internal/external vulnerability management program and oversight for code reviews or application security scan reviews as part of the Application Security management program. Manages the company’s Incident Response process in coordination with managed SOC vendor to monitor and respond to security alerts from all assets storing, processing, transmitting company confidential/sensitive data including PCI and PII data assets. Provides technical expertise in support of information technology assessments, penetration tests, and/or audits (PCI/SOX/HIPAA/other) of organizational automated systems and processes and will play a critical role in designing, maintaining and enhancing our organization's cybersecurity posture. Works closely with cross-functional teams to identify and implement robust security measures, detect, and respond to security incidents, and ensure the overall integrity and confidentiality of our systems and data. Essential Duties and Responsibilities Other duties may be assigned. In the event of absence, duties for this position will be overseen by the position to which it reports. Conducts analysis, develops technical and programmatic assessments, evaluates security engineering and integration initiatives and provides technical support to facilitate compliance with security policies, procedures, standards and guidelines. Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Analyze and review recent industry breaches for preventive cyber breach strategies. Provide threat intelligence research related to malware/virus identification. Responsible for reviewing and approving corporate, PCI In-scope firewall requests and WAF changes; perform WAF tuning as necessary. Monitor, report, and aid in the resolution of all security-related problems and discrepancies by monitoring assigned systems, maintaining documentation and provide management and any other appropriate areas with reporting as requested. Manage WAF, intrusion detection systems and in coordination with vendor SOC, ensure sufficient coverage to monitor PCI, PII, and all other assets storing, processing, transmitting company confidential/sensitive data. Ensure alerts from current and future systems are properly designed and monitored. Manage internal/external vulnerability management program and as appropriate expand scope of vulnerability scans, application/network penetration tests to cover enterprise and all systems/environments storing, processing, transmitting company confidential/sensitive data. Monitor intelligence sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization's information and systems, and advise management of appropriate measures to eliminate or reduce the organization's risk or exposure to such vulnerabilities. Performs both internal/external vulnerability scanning and penetration testing. Analyzes information from those scans, as well as penetration tests, to mitigate and help IT stakeholders address system vulnerabilities. Provide technical support/oversight for code reviews or App scan reviews as part of Application Security management program. Provide technical support/oversight for security exception request process. Provide technical support for incident management and forensics. Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization's ability to protect its information and infrastructure. Assist in the development of appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization. Provide expertise to support timely resolution of findings from information technology assessments, penetration tests, and/or audits of organizational automated systems and processes; as appropriate, develop and communicate recommendations for improvement to management. Provide reporting metrics/create and maintain dashboards for department functions. Proficient in the use of Word, Excel. Assist manager/director in planning, time budgeting and scheduling work for completion. Participate in opportunities that enhance personal and professional growth and the accomplishment of career objectives through continuing education, seminars and participation in field-related professional organizations. Accountable for execution of assigned tasks from start to finish, while fully leveraging the disciplines expected of a cybersecurity engineer according to department standards, procedures and processes. Stay current with emerging issues affecting the Cybersecurity profession. Qualifications (Include Education and Specific Experience) Strong understanding of data network configuration and infrastructure concepts, including TCP/IP, DNS, routers, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes. Knowledge of cloud security concepts (Azure/AWS). Strong experience with IT security standards and best practice frameworks. (like ISO 27001/27002, NIST/NIST CSF, ITIL, PCI, SOX) In depth experience working with internet and web application security frameworks like SANS, OWASP. Detailed technical knowledge of hardening concepts and audit for Unix, Linux, Windows servers and desktop systems, AWS EC2 instances. Excellent understanding of common application, network, and operating system vulnerabilities, current threat vectors and mitigations. Strong working knowledge of networking, routing, protocols, ports and services. Working knowledge of System Information Event Monitoring (SIEM), Intrusion Detection and Prevention System (IDS/IPS), web application firewalls, vulnerability scanning tools, encryption capabilities, Network Access Controls (NAC), Data Loss Prevention (DLP), NMAP, Vulnerability scanners, Wireshark, and other security related tools Experience working with leading security WAF like Akamai, Cloudflare. Experience working with logging and file integrity monitoring tools like LogRhythm, NXLog, Splunk. Demonstrated experience in conducting security assessments. Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet, and other mobile device security issues; OS patching, hardening and anti-virus. Ability to work with subject matter experts and 3rd party MSSP to coordinate activities to complete security related projects or tasks in a timely manner. Proficient with programming logic concepts, scripting experience (like Python, JavaScript, PowerShell) Strong communication and teamwork skills to collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders. Security certifications like CEH or CISSP are desired. • Bachelor’s degree in Computer Science, Information Security Management, Engineering or equivalent is required. • 3-5 years of experience in network and application security in a multiple operating system environment. Job Type: Full-time Pay: ₹7,000.00 - ₹20,000.00 per month Schedule: Monday to Friday Night shift US shift Work Location: In person

Lead and manage the IT infrastructure with a focus on secure network design and maintenance. Design, deploy, and manage internet and intranet-based hosting environments with strict data privacy controls. Architect and maintain servers optimized for AI model hosting and high-performance computing. Ensure end-to-end cybersecurity for networks, servers, and intranet operations, following best practices. Implement and oversee restricted physical access protocols for critical hardware and server rooms. Monitor, update, and harden all systems to defend against cyber threats and vulnerabilities. Configure and manage secure web-socket communications within intranet and internal network applications. Plan and execute scalable network architecture to support AI workloads, including bandwidth and latency requirements. Collaborate with AI development teams to forecast and fulfil evolving hardware and networking needs. Maintain robust backup, disaster recovery, and failover systems for all critical infrastructure. Document system architecture, security protocols, and operational guidelines for audit and compliance purposes. Continuously assess and upgrade security measures, ensuring alignment with industry standards and project goals. Support secure deployment of internal applications and manage internal DNS, firewalls, and access controls. CCNA certification preferred; strong grasp of enterprise networking principles, VLANs, VPNs, and secure routing. Qualifications: Candidate must have Bachelor's/Master’s degree in Computer Science Engineering, Information technology Engineering or a related field; Proven professional experience (3-5 years) in Network management and Server Design. Certifications such as CCNA, CISSP, etc. Technical and Inter-personal skills: Network design, configuration, and security (LAN, VLANs, VPNs, firewalls) Server architecture and management (physical and virtual servers) Securing physical and logical access to critical hardware Hosting and managing applications over secure intranet spaces Cybersecurity frameworks (hardening servers, IDS/IPS, encryption, access control) WebSocket communication setup and secure management AI infrastructure requirements (GPU clusters, data handling, scalable storage) Backup, recovery, and disaster recovery planning Experience with private cloud or hybrid network models Knowledge of SSL/TLS, certificates, and secure communications protocols Familiarity with Linux and Windows Server environments Proficiency in setting up and managing databases securely (SQL/NoSQL) CCNA-level networking proficiency (even if not certified) Experience with monitoring tools (e.g., Nagios, Zabbix) and SIEM solutions Job Types: Full-time, Permanent Pay: ₹900,000.00 - ₹1,200,000.00 per year Benefits: Flexible schedule Paid sick time Paid time off Provident Fund Work from home Schedule: Day shift Monday to Friday Work Location: In person Application Deadline: 12/06/2025 Expected Start Date: 23/06/2025

Job Description The role of Senior Network Security Engineer is to design, implement, maintain and improve security compliance protecting our organization's network infrastructure from Cyber Threats, vulnerabilities, and unauthorized access. This role is primarily responsible for rolling our network security monitoring and visibility tools like Arista, Gigamon, Viavi, Plixer and NDR. This focuses on ensuring that security technologies are optimized for detecting, preventing, and responding to security threats in real-time. This also involves collaboration with Network engineers, IT, and security operations to deploy and support enterprise-level Cyber security platforms and solutions. Responsibilities Define and enforce network security policies, standards, and best practices. Setup network port, IP, rack and stack the hardware for the network visibility tools like Arista, Gigamon & Viavi. Design, deploy, and manage security solutions such as firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and endpoint protections. Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate risks. Monitor network activity, analyse traffic logs, and investigate security incidents or breaches. Perform root cause analysis on incidents and coordinate incident response and remediation efforts to improve security posture and prevent security breaches. Maintain and update security documentation, including policies, incident reports, and network diagrams. Build observability dashboard on the health of the network monitoring tools and the traffic visibility on various network infrastructure and tools. Collaborate with stakeholders, network and cross-functional teams to align security with organizational goals and compliance requirements. Lead or participate in security projects, disaster recovery planning, and business continuity initiatives. Stay updated on emerging threats, vulnerabilities, and security technologies, and recommend improvements. Optimize network security tools and platforms for performance and effectiveness, ensuring they meet compliance and organizational requirements. Maintain comprehensive documentation for network configurations, troubleshooting guides, and operational procedures. Qualifications Technical Skills: Experience with IDS/IPS, and security frameworks (e.g., NIST, ISO 27001). Strong scripting skills in Python, PowerShell, or Bash for automation and tool integration. Experience in Cloud security tools and platforms (GCP, AWS, Azure) and DevOps. Experience in Observability tools (Dynatrace, Splunk, Prometheus Grafana). Understanding of the SIEM tools (e.g., Splunk, QRadar, SecOps or equivalent) Familiarity with ITSM processes, Agile practices, ServiceNow, JIRA. Proficiency with network monitoring tools such as Gigamon, Viavi, Arista or equivalent, NDR tools like Arista, Cisco or equivalent, NetOps like Plixer and SIEM tools like (e.g., Splunk, QRadar, SecOps or equivalent). Strong experience in rack & stack and rolling out network security tools and architecting various tools to build an optimized solution. Strong knowledge of network architectures, protocols (TCP/IP, UDP), routing, switching, and load balancing. Expertise in firewall technologies (e.g., Check Point, Cisco, Fortinet), VPNs (SSL, IPSec), authentication protocols (LDAP, RADIUS), load balancers and cloud security. Experience: Bachelor's or Master’s degree in Computer Science, Information Security, or related field, or equivalent practical experience. Minimum 5-10 years of experience in network engineering and security management. Proven experience in managing security platforms and tools in a large, complex environment. Experience with Network security, analysis, and response, including knowledge of common attack vectors. Certifications: Relevant certifications such as CISSP, CEH, CCNA/CCNP Security, NSE (Fortinet), or equivalent. Cybersecurity certificates (preferred) Show more Show less

Overview Hyland Software is widely known as a great company to work for and a great company to do business with. Being a leader in providing software solution for managing content, processes and cases for organizations across the globe we enabled more than 20,000 organizations to digitalize their workplaces and transform their operations. Currently we are looking for a Senior D evSecOps Engineer is responsible for integrating security practices within the DevOps lifecycle implementing automated tools and methodologies to monitor detect and minimize vulnerabilities. What you will be doing Working within the security architecture and engineering team you will plan, implement and optimize security controls in the AWS cloud. Integrate security, compliance, and monitoring tooling. Work with Firewalls, WAFs, vulnerability scanners, code scanners, compliance scanners, SIEM, and secret management tools. Implement tooling in CI/CD pipelines and GitHub Actions. Write code to automate processes and utilize IaC to embed compliance in the infrastructure. Monitor computer networks for security issues. Testing and identifying network and system vulnerabilities. Monitor network and application performance to identify irregular activity. Set up patch management systems to update applications automatically. Install software that monitors systems and networks for security breaches and intrusions. Identify, analyze, and address security and compliance gaps in the cloud environment. Collaborating with engineering, CloudOps, and DevOps teams is essential. Provide guidance on hardening endpoints, and containers. APIs, applications, OS, and AWS cloud environment. Assist in the development and design of security policies ranging from access management, and password/key management to vulnerability/threat assessment. What will make you successful Bachelor's degree or equivalent experience 4 – 8 years of relevant experience . Experience as an IT Security Administrator within private public and hybrid cloud environments Experience with running Production systems on AWS and applying security best practices in the cloud. Ability to work with security tooling to find vulnerabilities in the network. CISSP GIAC, COMP TIA security certificate or other security certifications Understanding of security fundamentals, including operating systems, networking, virtualization, identity and access management, and security countermeasures. Experience with automation tools and security tools. Experience with anti-malware file integrity monitoring and data loss prevention tools. This position requires On-call, shift work and collaborate with US tea Strong organizational, multi-tasking, and time management skills Knowledge of virtual and cloud computing (AWS) provisioning, configuration management, monitoring, and maintenance. Programming and scripting skills include Python, Shell, YAML, and other languages. Strong communication skills. Good analytical skills. Ability to work in a team. Showed success as an individual contributor and ability to communicate in great detail. Ability to work on a 24X7 security operations environment. Keywords : AWS, Cloud security, Cyber Security, DevOps, Vulnerability management, Operations, Python, and shell scripting, DevSecOps skills, Okta, DataDog, Splunk, Prisma Cloud, Rapid7, Threat Stack, Docker, EKS, etc., Hyland’s Offering We’re proud of our culture and take employee engagement seriously. By listening to employees’ feedback, we’re able to provide meaningful benefits and programs to our workforce. Learning & Development - development budget (used for certifications, conferences ect.), tuition assistance program, 4,000+ self-paced online courses, instructor-led webinars, mentorship programs, structured on-boarding experience full of trainings, dedicated Learning & Development department supporting our employees R&D focus – cutting edge technologies, constant modernization efforts, dynamic and innovative environment, dedicated R&D Education Services department to help you grow Work-life balance culture – flexible work environment and working hours (we are working in task-based system!), possibility to work from home, we value trust and we believe efficiency does not depend on your actual location, however we would like to spend time together in the office! Well-being - private medical healthcare, life insurance, gym reimbursement, psychologist & dietician consultation, wellness manager care, constant wellbeing programs Community Engagement – Volunteer time off (12h/year), Hylanders for Hylanders relief found, Mission fit giving, Dolars-for-doers matching gift programs Diversity & Inclusion – employee resource groups, inclusion benefits and policies Niceties & Events – quarterly profit sharing, culture & outings budgets, snacks and beverages, employee referral program, Christmas, birthday, baby gifts, constant incentives and employee programs If you would like to join the company where honesty, integrity and fairness lie in the bottom of values, where people are truly passionate about technology and dedicated to their work – connect with us! We are committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, marital status, or any other legally recognized protected basis under federal, state or local laws, regulations or ordinances. The information collected by this application is solely to determine suitability for employment, verify identity and maintain employment statistics on applicants.

Overview Hyland Software is widely known as a great company to work for and a great company to do business with. Being a leader in providing software solution for managing content, processes and cases for organizations across the globe we enabled more than 20,000 organizations to digitalize their workplaces and transform their operations. Currently we are looking for a Senior D evSecOps Engineer is responsible for integrating security practices within the DevOps lifecycle implementing automated tools and methodologies to monitor detect and minimize vulnerabilities. What You Will Be Doing Working within the security architecture and engineering team you will plan, implement and optimize security controls in the AWS cloud. Integrate security, compliance, and monitoring tooling. Work with Firewalls, WAFs, vulnerability scanners, code scanners, compliance scanners, SIEM, and secret management tools. Implement tooling in CI/CD pipelines and GitHub Actions. Write code to automate processes and utilize IaC to embed compliance in the infrastructure. Monitor computer networks for security issues. Testing and identifying network and system vulnerabilities. Monitor network and application performance to identify irregular activity. Set up patch management systems to update applications automatically. Install software that monitors systems and networks for security breaches and intrusions. Identify, analyze, and address security and compliance gaps in the cloud environment. Collaborating with engineering, CloudOps, and DevOps teams is essential. Provide guidance on hardening endpoints, and containers. APIs, applications, OS, and AWS cloud environment. Assist in the development and design of security policies ranging from access management, and password/key management to vulnerability/threat assessment. What Will Make You Successful Bachelor's degree or equivalent experience 4 – 8 years of relevant experience. Experience as an IT Security Administrator within private public and hybrid cloud environments Experience with running Production systems on AWS and applying security best practices in the cloud. Ability to work with security tooling to find vulnerabilities in the network. CISSP GIAC, COMP TIA security certificate or other security certifications Understanding of security fundamentals, including operating systems, networking, virtualization, identity and access management, and security countermeasures. Experience with automation tools and security tools. Experience with anti-malware file integrity monitoring and data loss prevention tools. This position requires On-call, shift work and collaborate with US tea Strong organizational, multi-tasking, and time management skills Knowledge of virtual and cloud computing (AWS) provisioning, configuration management, monitoring, and maintenance. Programming and scripting skills include Python, Shell, YAML, and other languages. Strong communication skills. Good analytical skills. Ability to work in a team. Showed success as an individual contributor and ability to communicate in great detail. Ability to work on a 24X7 security operations environment. Keywords : AWS, Cloud security, Cyber Security, DevOps, Vulnerability management, Operations, Python, and shell scripting, DevSecOps skills, Okta, DataDog, Splunk, Prisma Cloud, Rapid7, Threat Stack, Docker, EKS, etc., Hyland’s Offering We’re proud of our culture and take employee engagement seriously. By listening to employees’ feedback, we’re able to provide meaningful benefits and programs to our workforce. Learning & Development - development budget (used for certifications, conferences ect.), tuition assistance program, 4,000+ self-paced online courses, instructor-led webinars, mentorship programs, structured on-boarding experience full of trainings, dedicated Learning & Development department supporting our employees R&D focus – cutting edge technologies, constant modernization efforts, dynamic and innovative environment, dedicated R&D Education Services department to help you grow Work-life balance culture – flexible work environment and working hours (we are working in task-based system!), possibility to work from home, we value trust and we believe efficiency does not depend on your actual location, however we would like to spend time together in the office! Well-being - private medical healthcare, life insurance, gym reimbursement, psychologist & dietician consultation, wellness manager care, constant wellbeing programs Community Engagement – Volunteer time off (12h/year), Hylanders for Hylanders relief found, Mission fit giving, Dolars-for-doers matching gift programs Diversity & Inclusion – employee resource groups, inclusion benefits and policies Niceties & Events – quarterly profit sharing, culture & outings budgets, snacks and beverages, employee referral program, Christmas, birthday, baby gifts, constant incentives and employee programs If you would like to join the company where honesty, integrity and fairness lie in the bottom of values, where people are truly passionate about technology and dedicated to their work – connect with us! We are committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, marital status, or any other legally recognized protected basis under federal, state or local laws, regulations or ordinances. The information collected by this application is solely to determine suitability for employment, verify identity and maintain employment statistics on applicants. Show more Show less

Our Company Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape — particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. What we are looking from an ideal candidate? Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Preferred Skills What skills do you need? Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate Show more Show less

JOB PURPOSE: The Head of mXDR Operations is responsible for leading and managing the operational aspects of cybersecurity at the airport, including oversight of the Managed Security Services Provider (MSSP) delivering SOC operations, Threat Hunting, Detection & Prevention, and Incident Response. The role also encompasses direct accountability for Information Security Operations covering both IT and OT (Operational Technology) domains, ensuring a unified and effective defense posture against cyber threats in a critical infrastructure environment. PRINCIPAL ACCOUNTABILITIES: SOC & mXDR Oversight Lead daily operations and governance of MSSP-managed Security Operations Center (SOC) and mXDR services. Review and validate alerts, use cases, playbooks, and tuning recommendations submitted by MSSP. Define and track service level agreements (SLAs), mean time to detect/respond (MTTD/MTTR), and other performance KPIs. Ensure continuous coverage across IT, cloud, and OT assets within the SOC’s visibility and telemetry scope. Collaborate with MSSP to plan capability upgrades (e.g., EDR, NDR, cloud telemetry integration). Optimize the performance of managed XDR solutions to proactively identify and mitigate risks. Monitor and evaluate partner performance, addressing any issues related to quality, cost, or delivery. Threat Hunting & Detection Engineering Guide the proactive hunting of threats across endpoints, networks, OT environments, and cloud workloads. Review hunting hypotheses and analytics built on threat intelligence, behavior analytics, and anomaly detection. Oversee development and refinement of detection rules, correlation logic, and behavioral models. Drive periodic reviews of MITRE ATT&CK coverage and detection effectiveness. Support threat simulation and emulation exercises (e.g., purple teaming) to enhance detection posture. Incident Response & Management Ensure a well-defined incident response plan is in place and regularly tested through simulations. Continuously improve detection and response capabilities based on threat intelligence and industry trends. Conduct post-incident reviews to identify lessons learned and improve processes. Act as the lead coordinator for high-severity and regulatory-reportable cyber incidents. Ensure MSSP follows incident response procedures and escalates as per predefined thresholds. Maintain and test incident response playbooks, RACI charts, and communication protocols. Coordinate evidence collection, forensic analysis, and root cause investigations. Oversee the implementation and verification of post-incident recovery and lessons learned. OT Cybersecurity Operations Work with the ICS Security SME to oversee deployment and operations of OT-specific security controls (e.g., ICS firewalls, passive monitoring). Support ICS Security SME in working with OT vendors and facilities teams to ensure security of SCADA, BMS, and other critical systems. Track vulnerabilities in OT assets and coordinate with ICS Security SME and stakeholders for safe remediation. Monitor lateral movement risks between IT and OT environments and enforce network segmentation. Ensure OT environments are covered in threat detection, logging, and alerting workflows. Information Security Operations Manage day-to-day internal security operations including DLP, endpoint protection, and access monitoring. Review all Change Requests and provide insight & recommendations ensuring CRs/amendments are fit for purpose, negotiated and executed by working with all stakeholders. Ensure critical patches, vulnerabilities, and security misconfigurations are tracked and remediated. Maintain visibility of high-value assets and enforce control compliance (e.g., logging, backup, access). Investigate user behavior anomalies and enforce insider threat detection measures. Coordinate identity and access management reviews for privileged and third-party access. Governance, Reporting & Compliance Generate monthly and quarterly dashboards covering alerts, incidents, SLAs, and threat trends. Report on MSSP adherence to contract deliverables, including risk exposure and gap analysis. Manage escalations as per contracted frameworks. Ensure unresolved escalations are tabled in governance forums and taken up for resolution. Drive the resolution of such escalations by working with all concerned stakeholders Coordinate with compliance teams for audits and regulatory inspections related to cybersecurity. Contribute to cyber risk assessments for critical airport systems and digital services. Ensure alignment with international frameworks (e.g., NIST CSF, ISO 27001, NIS2) and aviation-specific mandates. Strategic Leadership Provide strategic direction and leadership to the MSSP, fostering a culture of excellence and continuous improvement. Drive innovation in information security solutions and practices, ensuring the organization remains competitive and forward-looking. Act as a key advisor on Information Security matters, contributing to strategic decision-making. DIMENSIONS: Financial Optimize operational expenses while delivering high-value outcomes through effective vendor negotiations. Support financial risk mitigation by safeguarding against data breaches, penalties, and other cyber-related losses. Non-Financial Manage the MSSP (both remote and no-premises resources) with day-to-day tasks, review, and guidance on in-scope activities. Assess the skills, capabilities & expectations of the MSSP from time to time and work with MSSP management for right sourcing in BIAL account. Provide inputs on team capacity planning & hiring plans if any Lead and mentor MSSP team, fostering a high-performing team culture. Enhance the organization's ability to respond to and recover from cyber incidents effectively. Competency - Proficiency Level - Description: Cybersecurity Operations - Expert - Deep knowledge in SOC, SIEM, XDR, endpoint, network, and cloud security Threat Detection & Threat Hunting - Advanced - Experience in proactively identifying advanced threats and anomalies Incident Response & Forensics - Advanced - Skilled in leading structured incident response and root cause analysis OT Security - Intermediate - Understanding of OT systems and securing industrial environments Vendor & MSSP Management - Advanced - Strong experience in managing MSSP contracts and delivery governance Information Security Frameworks - Advanced - ISO 27001, NIST, MITRE ATT&CK, CIS Controls Communication & Reporting - Advanced - Capable of translating technical issues into business impact for leadership Risk Management & Compliance - Intermediate - Knowledge of regulatory and critical infrastructure compliance requirements Team Leadership & Collaboration - Advanced - Experience in leading internal security teams and cross-functional teams JOB SPECIFICATION: Knowledge and work skills: Comprehensive understanding of cybersecurity frameworks, technologies, and methodologies (e.g., NIST CSF, ISO 27001, MITRE ATT&CK, ITIL v3, PMP, TOGAF, ISO 20k & 27k and COBIT). Expertise in managed XDR operations, incident response, threat intelligence, and identity management. Familiarity with security architecture principles, ICS/OT security frameworks, and industrial protocols. Adequate knowledge of regulatory standards applicable to the industry. Proficient in process improvement and development practices Strong knowledge of SLA & service management, and operations management. Knowledge with InfoSec tools like: AV/EDR, Data Leakage Prevention, Metasploit, TripWire, Rapid7, Tenable, Snort, Nessus, Burp Suite, Appscan, Nmap, Wireshark, Firewalls, SIEM, SOAR, , SSE, CASB, PIM/PAM, WAF, O365 suite (Intune, Conditional access, Data classification and protection). Skills Minimum 10–12 years of experience in cybersecurity operations, with at least 5 years in a leadership or MSSP governance role. Experience in driving initiatives centered on continuous improvement, innovation, execution excellence, customer centricity and automation Analytical and problem-solving skills for assessing threats, vulnerabilities, and risks in complex environments. Exceptional communication and stakeholder management skills to influence decision-making and secure buy-in. Proven ability to lead cross-functional teams. Ability to build and maintain relationships with internal teams, partners, and external vendors. Qualifications Bachelor’s degree in computer science, Information Security, or a related field (Master’s degree preferred). Certifications such as CISSP, CISM, CISA, CEH, or equivalent are highly desirable. **Please note that this position requires 5 days work from Office. Show more Show less

Job Title: Senior SOC Analyst Department: IT Infrastructure Location: Bangalore / Coimbatore Job Type: Full-Time Experience: 7+ years Immediate joiners or notice period of less than 30days are needed. Job Role: A Senior SOC Analyst is a cybersecurity professional responsible for proactively monitoring, analyzing, and responding to security threats within Logixhealth network and systems. They play a crucial role in detecting, investigating, and containing security incidents, as well as developing and improving security solutions. SOC 24/7, SOC monitoring Role Description: The analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices (IPS IDS) which requires demonstrable security incident response experience. Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability and Threat Management process. Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors, Antivirus Cloud MS O365 Defender, Application monitor control, Mobile management (Intune), Vulnerability scanners Nessus professional ,Qualys PCI DSS scanners or other vulnerability Management tools. Patch management & MS O365 Defender Console monitoring. Participate in daily and ad-hoc conference calls as well as compliance and controls, self-assessment processes and documentation related tasks. Log and event management log monitoring and share the daily report. Exposure to User behavior analytics tools. MS Azure sentinel Vulnerability Management. Compliant / Non-Compliant (Devices) Management using Intune. Application control using MS Cloud App security. Working Knowledge of Taegis Secure works or any XDR/EDR/MDR Products Working Knowledge of Password management tools similar tool Bit warden Microsoft Purview and Entra (Azure AD Identity Management) working knowledge. Key Deliverables: Being Proactive and handling SOC Alerts Provide analysis and trending of security log data from a large number of heterogeneous security devices. Analyze and respond to previously undisclosed software and hardware vulnerabilities Zero Day Exploits Coordinate with Intel analysts on open source activities impacting SLTT governments. Integrate and share information with other analysts and other teams Compliance ISO 27001-2022 ,SOC 2 type 2,HIPAA,Hi-Trust Flexible, quick learning, willing to work 24/7 and rotational shifts. Senior Security analysts are expected to be on-call to respond to incidents that arise outside of business hours Monitor, Manage, Remediate (Vulnerability Management) Advise based Vulnerability advisories (CISA, MS-ISAC,USCERT) and escalate to respective teams. Other duties as assigned Independent worker Able to read and Analyze Counter Threat Intelligence Reports and suggest appropriate actions. Manage SIEM and On board devices and respond to Alerts and Analyze and remediate. Skills: Incident response, Security posture management vulnerability Management in Hybrid environment (Cloud and Onsite) Creating and managing security tools and policies in tools such as SIEM, EDR, and DLP, Exposure to Application vulnerability management, API security. Strong understanding of networking, operating systems, and security technologies. Ability to analyze data, identify patterns, and draw conclusions. Ability to investigate and resolve security incidents effectively. Ability to communicate technical information clearly and concisely with all stakeholders and advise appropriate action. Significant experience in security operations, incident response, and threat analysis. Identifying areas for improvement in security processes and tools. Developing and implementing new security solutions Using threat intelligence to identify and mitigate potential risks. Staying up-to-date on the latest cyber threats and attack vectors. Ability to lead Security Projects and Programs and drive towards closure and stakeholder satisfaction. Other skills: Excellent knowledge of Intrusion Detection (TCP/IP knowledge, and Cyber security), various operating systems (Windows, and web technologies (focusing on Internet security) Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, XDR,EDR) Knowledge of threats and technologies effecting Web Application vulnerabilities and recent internet threats Exposure on Vulnerability assessment as well as penetration testing Preferred Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, CEH, GCIA, CCNA-Security] Good knowledge of forensics and Log analysis. Incident response and remediation Knowledge of Playbooks. Qualification: Any degree/BE/B. Tech (computer science, Cybersecurity) with technical certification from EC-Council, GIAC, (ISC)² [CISSP, CEH, GCIA, CCSP, CCNA-Security] Show more Show less

We are seeking a highly skilled and motivated Cyber Security Engineer to join our dynamic team. In this role, you will be responsible for developing, implementing, and managing security measures to protect our clients’ sensitive data and ensure compliance with regulatory requirements, including HIPAA and NIST frameworks. The ideal candidate will have a strong background in cybersecurity, with deep expertise in HIPAA compliance , NIST standards , and relevant industry best practices. Key Responsibilities: Security Design & Implementation: Design, implement, and maintain secure network systems, applications, and infrastructure for client environments, ensuring compliance with HIPAA and NIST standards. Risk Assessment & Vulnerability Management: Perform regular risk assessments and vulnerability testing to identify potential threats to systems and data. Develop and implement remediation strategies. Compliance & Documentation: Ensure all security processes and activities are aligned with HIPAA, NIST, and other relevant industry standards. Maintain comprehensive documentation related to security policies, incidents, and procedures. Incident Response & Monitoring: Monitor systems for security breaches and respond to security incidents swiftly, following best practices for remediation. Lead the investigation and analysis of security incidents, including forensic analysis. Policy & Process Development: Develop and implement security policies, procedures, and practices that align with HIPAA and NIST guidelines. Collaborate with other teams to ensure that security is integrated across all operations. Security Audits & Reporting: Perform periodic security audits and assessments to evaluate the effectiveness of security controls. Prepare reports for internal stakeholders and regulatory bodies as needed. Collaboration & Training: Work closely with IT, operations, and management teams to ensure cybersecurity best practices are followed across the organization. Provide training and awareness programs on security protocols and compliance. Required Skills & Experience: Proven experience in cybersecurity roles with a focus on HIPAA compliance and NIST cybersecurity frameworks . In-depth knowledge of industry regulations, including HIPAA, NIST, PCI DSS, and other security standards . Strong experience with security technologies (firewalls, intrusion detection/prevention systems, VPNs, etc.). Familiarity with cloud security platforms and services (AWS, Azure, Google Cloud). Hands-on experience with security monitoring tools and SIEM solutions (Splunk, Sentinel, etc.). Expertise in encryption technologies, vulnerability management, and identity access management. Proficiency in security best practices and disaster recovery planning. Strong analytical and problem-solving skills with attention to detail. Ability to work under pressure, manage multiple tasks, and meet deadlines. Preferred Qualifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified HIPAA Professional (CHP) Experience with incident management and recovery procedures. Familiarity with security automation and orchestration tools. Show more Show less

Job Description Experience - Minimum 4+ years min in IAM only. Total IT Experience will be min 5+ Years. Main Responsibilities Provision access for New Hires by creating AD accounts, application accounts, and Network Access. Process all off-boarding activities to ensure all accounts and Network access are disabled. Provide Network shared drive and folder access, ensuring the practice of least privilege. Create Mailboxes, Distribution Groups, Shared Mailboxes, and Resources in the Exchange Admin Console. Process access requests via the Service Now Access Management queue Troubleshoot and resolve any incidents pertaining to access requests / IAM tickets promptly Consultant/Contractor/Temp AD account extensions Ensure the confidentiality of sensitive information. Document and follow established IAM processes Educate Users on IAM processes. Assist with audit-related requests. Review, document, and adapt the IAM policies, procedures, standards, and guidelines as and when needed. Continuously find means and ways to improve operations, streamline work processes, and work cooperatively and jointly with various teams to provide quality service. Knowledge & Skills Mandatory Experience with Active Directory required Experience with Exchange 2013 Administration Console preferred Experience with Azure Active Directory and O365 consoles Experience and strong understanding of Identity and Access controls principals Hands on Experience with Ticketing systems – Service Now experience a plus Strong attention to detail required, identifying gaps to established processes and follow ups Ability to use critical thinking skills to resolve processing issues Excellent written and verbal communication. Ability to organize and prioritize in a fast-paced environment and take decisions on behalf of team Strong cognitive, problem solving and customer service skills Experience with troubleshooting VPN access issues Experience with basic SIEM technology to identify basic level issues like account lock out, password resets etc. Administration of Trimble Accubid, SAP systems for User access. Experience with DUO 2-factor authentication or other application a plus Experience with basic Security & Compliance concepts, with an understanding of Best Practice, Least Privilege, and adherence to IT Policies. A Self-starter, Ability to be self-driven and be motivated to complete tasks Ability to work well both with a Team, and individually, good written and oral communication. Self-starter and self – driven attributes. Education/Experience Requirements BE (Bachelor of Engineering) / B Tech (Bachelor of Technology) or Graduation in Computer Science or related field. At least 4 years of prior experience in administering systems Identity access strongly preferred. Show more Show less

Job Summary: We seek an experienced Cyber Security Manager to lead our cybersecurity team and protect our organization's information systems. The ideal candidate will have a strong cybersecurity, risk management, and team leadership background. Key Responsibilities: Develop and implement cybersecurity policies and procedures. Manage and oversee the cybersecurity team. Conduct risk assessments and vulnerability analyses. Ensure compliance with regulatory requirements and industry standards. Monitor and respond to security incidents and breaches. Collaborate with IT and other departments to enhance security measures. Provide training and support to staff on cybersecurity best practices. Prepare reports and documentation on security strategies and risks for upper management. Qualifications: Bachelor’s degree in Computer Science or equivalent, Information Technology, or a related field. Proven experience as a Cyber Security Manager or similar role. Proficiency in security technologies such as firewalls, VPNs, IDS/IPS, and SIEM, Cloud Security, Vulnerability management Strong understanding of network protocols, encryption, and authentication methods. Excellent problem-solving and analytical skills. Strong communication and leadership abilities. Preferred Qualifications: Master’s degree in Cybersecurity or a related field. Certifications such as CISSP, CISM, or CEH. Experience with cloud security and DevOps practices. Knowledge of ethical hacking and penetration testing. Show more Show less

Role Description L3 SOC Analyst - Sentinel and Defender Experience : 7 to 9 years Location : Bangalore/Hyderabad/Chennai/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. Must-Have Skills Experience with SIEM tool Sentinel and EDR tool Defender Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Show more Show less

Role Description L1 SOC Lead Experience : 7 to 9 years Location : Hyderabad/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Job Description SOC Lead Position Overview: We are seeking an experienced and technically proficient SOC Lead to manage a medium-sized SOC team. The ideal candidate will provide technical mentorship, effectively manage security incidents, and ensure efficient project management within the SOC environment. This role requires a strategic leader with strong technical expertise and excellent management skills to oversee daily SOC operations and support team development. Under leadership's guidance, responsibilities include P&L, delivery, compliance, and other operational goals. Key Responsibilities Effectively lead a medium-sized cybersecurity SOC team accountable for delivering cybersecurity services to global customers. Effectively manage the deliverables for SOC for an MSSP team Manage resources, headcount, and profitability objectives under leadership guidance. Ensure the team's quality of deliverables aligns with organizational standards. Manage stakeholder relationships and ensure effective communication. Drive initiatives to promote continuous improvement, innovation, and customer satisfaction under leadership's guidance. Job Requirements Required Skills: Previous operational experience in cybersecurity incident management and response teams like CSIRT, CIRT, SOC, or CERT. Experience with MSSP teams. Proven experience in leading/managing a team size of 10 or more. Proficiency with SIEM tools such as ArcSight, Splunk, QRadar, etc. Strong ability to write technical documentation and present technical briefings to varying audiences. Desired Skills Cybersecurity Fundamentals: In-depth understanding of cybersecurity concepts, threats, vulnerabilities, and attack vectors. Knowledge of security technologies, including SIEM, EDR, firewalls, IDS/IPS, and vulnerability scanners. o Familiarity with network protocols, operating systems, and cloud environments. Incident Response Expertise in incident handling, investigation, and remediation. Knowledge of forensic analysis techniques. Ability to develop and implement incident response plans. Experience Atleast 3 years of experience managing a team of SOC Analysts 5+ years of information security experience is required. At least 3 years of experience in security monitoring, digital forensic analysis, or incident response is preferred. Show more Show less

Role Description Cyber Threat Hunter Experience : 9 to 12 years Location : Bangalore/Hyderabad/Chennai/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence We are looking for a highly skilled and analytical Threat Hunter to proactively detect and mitigate advanced cyber threats. This role involves deep investigation into potential threats, identifying patterns of malicious activity, and developing detection strategies to enhance our security posture. Key Responsibilities Threat Hunting: Conduct proactive threat hunts using SIEM, EDR, and threat intelligence tools. Identify anomalies, suspicious behaviors, and indicators of compromise (IOCs) across endpoints, networks, and cloud environments. Detection Engineering Develop and refine detection rules, queries, and scripts to identify malicious activity. Collaborate with SOC and incident response teams to validate and operationalize findings. Threat Intelligence Integration Leverage internal and external threat intelligence to inform hunting hypotheses. Map findings to frameworks like MITRE ATT&CK and cyber kill chain. Incident Investigation Assist in deep-dive investigations of security incidents and root cause analysis. Provide detailed reports and recommendations for remediation and prevention. Collaboration & Reporting Work closely with blue and red teams to improve detection capabilities. Document hunting methodologies, findings, and lessons learned. Required Skills & Qualifications Bachelor’s degree in Cybersecurity, Computer Science, or related field. 3+ years of experience in threat hunting, incident response, or SOC operations. Proficiency with tools such as Defender, Sentinel, SentinelOne. Strong understanding of attacker TTPs, malware behavior, and network protocols. Experience with scripting (Python, PowerShell, etc.) for automation and analysis. Familiarity with MITRE ATT&CK, threat modeling, and behavioral analytics. Preferrd Certifications GIAC Cyber Threat Intelligence (GCTI) GIAC Threat Hunting (GCTH) Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills And Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

Role Description L2 SOC Analyst - Sentinel and Defender Experience : 5 to 7 years Location : Bangalore/Hyderabad/Chennai/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Key Roles & Responsibilities Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues Develop and maintain documentation for security systems and procedures Recommend, schedule, and apply fixes, security patches, and any other measures required, in the event of a security breach Experience & Qualifications Required Minimum 3+ years of experience as an Analyst working as part of a SOC team Experience with SIEM (Sentinel) and EDR tool (Defender) and have Nozomi experience in the OT side. Experience in incident response, and in writing procedures runbooks and playbooks Ability to work with customer’s IT and security teams Skills SOC Monitoring,Communication,Cyber Security,Nozomi Show more Show less

Role Description L1 SOC Analyst - Sentinel Experience : 2 to 3 years Location : Bangalore/Hyderabad/Chennai/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. Main Tasks And Accountabilities Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents. Be an escalation point for investigations of clients and suggest optimization activities to improve their performance. Proactively monitor and review threats and suspicious events from customers participating in the service. Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues. Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions. Collate security incident and event data to produce monthly exception and management reports. Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes. Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues. Develop and maintain documentation for security systems and procedures. Maintain excellent customer satisfaction through professional, proactive and personal service What do we expect from you? University Degree in Cyber Security / Bachelor’s in Science or Engineering with training in cyber security Experience in SIEM tool (Sentinel) and EDR tool (Defender) Having worked in a SOC before would be an advantage. Up to date in cyber security s and incidents. Intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001) Desirable – Training / Certification in Ethical Hacking SIEM Tool etc. Show more Show less

Role Description L2 SOC Lead Experience : 7 to 9 years Location : Bangalore/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Cyberproof is looking to hire a L2 team Lead for managing the existing shared services team. Role Proficiency SOC Analyst L2 is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA. The lead will be responsible for quality and ensuring processes are defined globally across all customers in Cyberproof. Responsibilities SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time. When L1 escalates an incident to L2, need to conduct more analysis and, if needed, escalate to the customer/L3 team, or L2 analyst must advise L1 team members until the incident is resolved. Perform deep analysis to security incidents to identify the full kill chain Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA. Identify the security gaps and need to recommend new rules/solution to L3/Customer Need to suggest finetuning for existing rules based on the high count/wherever required Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed Respond to clients’ requests, concerns, and suggestions Proactively support L1 team during an incident. Performs and reviews tasks as identified in a daily task list. Ready to work in 24x7 rotational shift model including night shift Incident detection, triage, analysis and response. Coordinating with customers for their security related problems and providing solutions. Share knowledge to other analysts in their role and responsibilities Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc Knowledge Experience Experience of Managing L2 resources in a multi-location basis. Minimum of 3 years of experience in Cyber security, SOC At least 2 years of working in the SOC Proficient in Incident Management and Response Experience in leading a team of more than 9 analysts Experience in searching and log analysis in at least 2 of the below SIEM tools or more than 3 SIEM in total: Sentinel, QRadar, Splunk, LogRhythm, Google Chronicle Experience in analysis and response in at least 2 of the below EDR tools or more than 3 EDR in total:Crowd strike, MS Defender, Carbon Black, Cybereason, Sentinel One In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Up to date in cyber security and incidents; intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001) Desirable – Training / Certification in Ethical Hacking/SIEM Tool etc. Additional Desired Skills Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Responsible for working in a 24x7 Security Operation centre (SOC) environment. Essential Skills Knowledge and hands-on experience with Azure Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud Apps & Identity Protection. Continuous Learning Innovation And Optimization Ensure completion of learning programs as suggested by Managers Suggest ideas that will help innovation and optimization of processes. Help develop the ideas into proposals. Provide suggestions to reduce the manual work Teamwork Assist L1 team members where possible. Show more Show less

Job Title: Security Operations Center (SOC) L3 . LinkedIn IDs must . Mode of hire : C2H mode only Experience – 6 to 10 Years Notice period : Immediate. Location: Bangalore/Chandigarh Work Mode - Hybrid Job description ACCOUNTABILITIES • Develop, enhance, and operationalize IT Security processes. • Lead, coach, and mentor a high-performing, highly engaged team, supporting initiatives covering Information Security, Incident Management, and Vulnerability Management. • Develop, measure, analyze, and maintain the internal and external service metrics for Security Service Operations, providing timely reports to leadership teams. • Lead, coordinate, and train others on effective management of security incidents and operational responses • Collaborate across various business units to deliver the most Resource work in shifts - 2:30AM till 10:3AM or 10:30AM to 7:30PM IST comprehensive security response • Implement security and risk programs to ensure operational efficiency and auditability. • Understand business needs and intuitively recommend secure solutions. • Lead and manage IR issues and provide timely feedback to management and supervisor • Provide guidance to the IT security team members. • Assign tasks and projects to team members based on their skills and expertise. • Assess and prioritize security risks and vulnerabilities and develop mitigation strategies. • Lead the response to security incidents, including breaches, attacks, and data breaches. • Conduct post-incident reviews to identify lessons learned and improve incident response processes. • Monitor security alerts and events, and coordinate appropriate responses • Collaborate with other IT teams, departments, and business units to integrate security measures and requirements • Provide regular reports to Leadership on the productivity, Team performance • Maintain comprehensive documentation of security procedures, incident responses, and configurations • Develops and maintains a productive work teams by hiring qualified personnel, training, and managing performance. • Manages teams with integrity, ethical business practices, and in accordance with Mouser policies, procedures, and practices. • Customarily and regularly directs the work of two or more full-time employees or their equivalent. Makes suggestions and recommendation for these employees regarding performance, including hiring, transfer, advancement, and termination. • Manages daily operations to meet department and company objectives. • Works with minimum supervision and makes independent judgments. • Flexible to meet the changing needs of the business and willingness to take on new responsibilities and assignments. • Initiates, establishes and maintains highly effective relationships with internal and external business contacts of various cultures, and at all levels. • Extremely confidential and trustworthy. • Demonstrates knowledge, experience and understanding of critical job functions of the team. • Assists management with development of results oriented strategies. • Regular attendance at work is an essential part of the job. SKILLS & CERTIFICATIONS • Extensive knowledge of key IT Security Technologies • Preferred to have an Industry respected Certification (CISSP, CISM, CRISC, CISA) • Maintain current and extensive knowledge of emerging security threats • Possess excellent verbal, interpersonal and written technical and non-technical communication skills. EDUCATION & EXPERIENCE • Bachelor’s Degree in any field, or minimum of 3 years prior work experience that is relevant to the team you will supervise. Including: • 6+ years of experience working with SIEM, EDR, Email Security Gateways, Vulnerability Management Software, Firewalls, etc. • 6+ years of experience working with security systems, user authentication and management Show more Show less

Role Description L2 SOC Analyst Experience : 5 to 7 years Location : Mumbai Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence "5 Years or SOC experience Certifications – CEH or CCNA or CCNP or QRadar relevant certification " "SOC Analyst L2 SOC Analyst L2 is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA. Responsibilities SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time. When L1 escalates an incident to L2, need to conduct more analysis and, if needed, escalate to the L3 team, or L2 analyst must advise L1 team members until the incident is resolved. Perform deep analysis to security incidents to identify the full kill chain Perform remediation steps according to the findings or initiate steps for remediation Prepare RCA for major incidents Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA. Identify the security gaps and need to recommend new rules/solution to L3/Customer Need to suggest finetuning for existing rules based on the high count/wherever required Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed Recommend finetuning for s with logic and threshold, and possibly the query as well for the SIEM Recommend new usecases with logic and threshold, and possibly the query as well for the SIEM Respond to clients’ requests, concerns, and suggestions Proactively support L1 team during an incident. Performs and reviews tasks as identified in a daily task list. Ready to work in 24x7 rotational shift model including night shift Incident detection, triage, analysis and response. Coordinating with customers for their security related problems and providing solutions. Share knowledge to other analysts in their role and responsibilities Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc Knowledge Experience Minimum 5 Years of experience in Security Operations Security event monitoring, triage, and thorough incident investigation. Research and understand log sources for effective security monitoring. Isolate issues, respond to incidents, and mitigate threats swiftly. Adjust SIEM rules for better and incident specifications. Optimize SIEM capabilities, aid in audit/logging, and generate timely reports. Conduct vulnerability scans, prioritize, and plan remediation. Proactively search for suspicious activities through Threat Hunts. Offer valuable Threat Intelligence to verify security concerns. Identify endpoint threats using EDR/AV analysis and Cybereason scans. Develop and maintain security operation standards, procedures, and playbooks. Essential Skills Knowledge and hands-on experience with SIEM Platofrms- Splunk & Qradar. Knowledge and hands-on experience with EDR Platforms- Crowdstrike & CyberReason. Continuous Learning innovation and optimization Ensure completion of learning programs as suggested by Managers Suggest ideas that will help innovation and optimization of processes and help develop the ideas into proposals. Provide suggestions to reduce the manual work Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Available to work in a 24x7 Security Operation centre (SOC) environment- shared MSSP. Show more Show less

Role Description The Cybersecurity Incident Management and Response Team is responsible for effectively and efficiently managing all information and cybersecurity incidents across the Group on a 24x7 basis. This function is structured into two primary missions: Incident Management: Coordinating and orchestrating the global technical response to cybersecurity incidents, and ensuring timely, effective communication to Global Business and Functional stakeholders, Senior Executive Leadership, and relevant regulatory bodies. Incident Response: Conducting technical and forensic investigations arising from threat intelligence, security testing, and user-reported incidents. The goal is to effectively contain, mitigate, and remediate both active and potential attacks. Key Responsibilities Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. Define and refine detailed processes and procedures for managing cybersecurity events. Enhance technical capabilities of security platforms and incident response tools. Support the development of the team’s capabilities, including training and mentoring junior team members. Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. Drive self-improvement and maintain subject matter expertise in cybersecurity. Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies Strong understanding of cybersecurity incident management and investigation techniques. Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. Ability to independently analyze complex problems and determine root causes. Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. Strong collaboration and stakeholder engagement skills across diverse teams. High level of integrity, urgency, and personal accountability. Demonstrated ethical conduct and commitment to organizational values. Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills Cybersecurity Incident Management Intrusion Detection/Prevention Systems (IDS/IPS) TCP/IP Protocols and Network Analysis Forensics Tools and Techniques Security Automation & Orchestration Platforms Threat Intelligence Integration SIEM Tools (e.g., Splunk, QRadar, etc.) Skills Incident response,Forensic Show more Show less

Job Summary As an Infra. Technology Specialist you will play a crucial role in enhancing our organizations security posture by implementing and managing advanced Microsoft security solutions. You will work in a hybrid model ensuring the protection of our digital assets and compliance with industry standards. Your expertise will contribute to safeguarding our infrastructure enabling us to deliver secure and reliable services to our clients. Responsibilities Implement and manage Microsoft Information Protection to safeguard sensitive data across the organization. Oversee the deployment and configuration of Microsoft Defender for Identity to detect and respond to identity-based threats. Provide expertise in Microsoft Defender for Endpoint to ensure comprehensive endpoint security and threat protection. Administer Microsoft MFA to enhance authentication security and protect user identities. Utilize Microsoft Defender Antivirus to protect systems from malware and other security threats. Manage Microsoft Purview to ensure data governance and compliance with regulatory requirements. Implement Microsoft Priva to protect personal data and ensure privacy compliance. Utilize Microsoft Defender Suite to provide a unified security management experience. Conduct Defender Vulnerability Management to identify and remediate vulnerabilities in the infrastructure. Configure Always on VPN to ensure secure remote access for users. Implement App Locker to control application execution and enhance security. Monitor Microsoft Secure Score to assess and improve the organizations security posture. Evaluate Microsoft Compliance Score to ensure adherence to compliance standards. Manage Microsoft Entra ID to streamline identity and access management. Utilize Microsoft 365 Security to protect cloud-based assets and ensure data security. Qualifications Possess extensive experience in implementing Microsoft security solutions. Demonstrate expertise in managing Microsoft Defender Suite and related technologies. Have a strong understanding of data protection and compliance requirements. Exhibit proficiency in configuring and managing Microsoft Entra ID. Show capability in conducting vulnerability assessments and remediation. Demonstrate ability to enhance security posture using Microsoft Secure Score. Possess excellent problem-solving and analytical skills. Certifications Required Microsoft Certified: Security Compliance and Identity Fundamentals

Key responsibilities The installation, configuration, and maintenance of operating systems and platform software Development and administration of Mobile Device Management and desktop management systems Routine troubleshooting, environment capacity management and change control Processing assigned requests, interacting with the ticketing system Monitoring support systems: network monitoring, SIEM, Syslog, MDM, vulnerability management, to ensure environments are properly supported Keeping up to date with industry changes, security, bug reports Analysis and diagnosis of outages and raised issues. Documentation: Maintain comprehensive documentation of systems, processes, and procedures. Security: Ensure the security of systems and data through regular updates, patches, and security best practices. Provide out of hours support when required Adhere to Idox Information Security & Management System Policies. To be successful, you will need to bring : Hands on experience of administering Microsoft 365 Experience of Windows Server administration within a mission critical environment Experience of VMware ESX or other virtualisation technology Experience with cloud platforms such as AWS, Azure, or Oracle Cloud A good understanding of computer and network security systems (SIEM, Anti-Malware, Vulnerability Management) Experience of Linux OS administration An understanding of basic networking principles, protocols and utilities A self-starter, able to see the bigger picture, and identify solutions to problems Comfortable working alongside a geographically diverse, multi skilled team, and supporting a 24/7 environment Additional desirable qualities: Experience with monitoring and logging tools (e.g. Grafana) Knowledge of networking concepts and protocols Show more Show less

Key Responsibilities: Assist in developing, implementing, and maintaining information security policies, standards, and procedures in line with industry best practices and regulatory requirements. Conduct regular risk assessments and vulnerability scans to identify potential security risks and recommend appropriate mitigation strategies. Monitor security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) tools to detect and respond to security incidents. Support incident response activities by investigating security breaches and coordinating with relevant teams to remediate vulnerabilities. Conduct security awareness training and promote best practices across the organization to foster a security-conscious culture. Collaborate with IT and business teams to ensure security controls are integrated into system development and operational processes. Maintain documentation related to security policies, incident reports, and audit trails. Assist in internal and external security audits and compliance assessments (e.g., ISO 27001, GDPR, HIPAA). Stay updated with the latest cybersecurity trends, threats, and technologies to proactively enhance security measures.