5150 Siem Jobs - Page 30

Summary Position Summary Job title: CrowdStrike NG SIEM & EDR - Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. Work you’ll do Roles & Responsibilities: Senior Consultant responsible for architecting, implementing, and optimizing CrowdStrike NG SIEM and EDR solutions, leading advanced detection and response initiatives, and advising clients on endpoint and log security strategies. Lead the design and deployment of CrowdStrike NG SIEM and EDR solutions for complex environments. Develop advanced detection rules, custom integrations, and automated response workflows. Integrate and validate new data sources, ensuring quality and enrichment. Advise clients on advanced endpoint detection, response, and automation strategies. Troubleshoot and optimize detection logic, integrations, and response workflows. Mentor junior consultants and analysts on CrowdStrike technologies. Collaborate with cross-functional teams on solution enhancements and threat intelligence integration. Produce technical documentation, runbooks, and training materials. Present technical findings and recommendations to stakeholders. Required Skills Bachelor’s degree in information security, Computer Science, IT, or related field. 4–6 years of experience in security operations, SIEM/EDR engineering, or incident response. Advanced hands-on experience with CrowdStrike Falcon, detection engineering, and automation. Strong troubleshooting, client advisory, and communication skills. Relevant certifications (e.g., CrowdStrike Certified Falcon Administrator, Security+, GCIH) are a plus. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 307475

Summary Position Summary Job title: Data Broker - Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. Work you’ll do Roles & Responsibilities: Senior Consultant responsible for architecting, implementing, and optimizing Cribl data pipelines, leading complex integrations, and advising clients on efficient and secure data management strategies. Lead the design and deployment of Cribl Stream, Edge, or Search pipelines for complex data sources. Develop advanced parsers, enrichment functions, and data routing logic. Integrate and validate new log sources, ensuring data quality and schema mapping. Advise clients on advanced data transformation, routing, and cost optimization strategies. Troubleshoot and optimize pipeline performance, reliability, and cost efficiency. Mentor junior consultants and analysts on Cribl best practices. Collaborate with cross-functional teams for solution enhancements and integration. Document technical solutions, runbooks, and provide client training. Present technical findings and recommendations to stakeholders. Required Skills Bachelor’s degree in information security, Computer Science, IT, or related field. 4–6 years of experience in data engineering, log management, or SIEM/SOAR integration. Advanced hands-on experience with Cribl Stream, Edge, or Search. Strong skills in pipeline design, data transformation, and integration. Excellent troubleshooting, client advisory, and communication abilities. Relevant certifications (e.g., Cribl Certified Admin, Security+) are a plus. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 307477

Summary Position Summary Job title: CrowdStrike NG SIEM & EDR - Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. Work you’ll do Roles & Responsibilities: Senior Consultant responsible for architecting, implementing, and optimizing CrowdStrike NG SIEM and EDR solutions, leading advanced detection and response initiatives, and advising clients on endpoint and log security strategies. Lead the design and deployment of CrowdStrike NG SIEM and EDR solutions for complex environments. Develop advanced detection rules, custom integrations, and automated response workflows. Integrate and validate new data sources, ensuring quality and enrichment. Advise clients on advanced endpoint detection, response, and automation strategies. Troubleshoot and optimize detection logic, integrations, and response workflows. Mentor junior consultants and analysts on CrowdStrike technologies. Collaborate with cross-functional teams on solution enhancements and threat intelligence integration. Produce technical documentation, runbooks, and training materials. Present technical findings and recommendations to stakeholders. Required Skills Bachelor’s degree in information security, Computer Science, IT, or related field. 4–6 years of experience in security operations, SIEM/EDR engineering, or incident response. Advanced hands-on experience with CrowdStrike Falcon, detection engineering, and automation. Strong troubleshooting, client advisory, and communication skills. Relevant certifications (e.g., CrowdStrike Certified Falcon Administrator, Security+, GCIH) are a plus. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 307285

📍 Remote | 🕒 Part-Time or Freelance | 💼 ThreatLens Cybersecurity Solutions Inc. About ThreatLens ThreatLens is a next-generation cybersecurity intelligence platform built to empower security teams with AI-powered insights, real-time threat detection, automated response, and deep contextual analysis. Our product suite includes advanced malware analysis, SOC automation, LLM-powered remediation, and cloud-native detection systems. Key Responsibilities: Craft and publish 3–5 high-impact LinkedIn posts per week showcasing ThreatLens' features, capabilities, and cybersecurity insights. Translate complex technical topics (e.g., SOC workflows, MITRE ATT&CK, AI-driven defense) into clear and engaging narratives. Build compelling use-case stories , carousel explainers, and infographics. Track and analyse post engagement; adapt strategy for better reach and impact. Stay in sync with the technical/product team to reflect the latest updates. Maintain a consistent brand tone : authoritative, insightful, and security-first. Skills & Experience Required: Proven experience in cybersecurity content creation, technical writing, or infosec marketing . Strong command of LinkedIn content strategy and engagement mechanics. Ability to turn security concepts into engaging micro-content . Basic proficiency in design tools (e.g., Canva, Figma) for visuals and carousels. Bonus points if you’ve worked with SIEM, EDR, threat intel platforms, or LLM-based tools. Why Work With Us? Contribute to a fast-growing cybersecurity platform with global ambitions. Collaborate with seasoned experts and an innovation-driven leadership team. Enjoy creative freedom, remote flexibility, and visible impact. Help shape how modern security teams discover and engage with ThreatLens. 📩 Interested? Send us 2–3 sample LinkedIn posts or a short portfolio. Bonus if you can outline your approach to growing a cybersecurity brand on LinkedIn. farheen@thethreatlens.com

Security Analyst Req number: R5734 Employment type: Full time Worksite flexibility: Onsite Who we are CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise. Job Summary We are looking for a motivated Security Analyst ready to take us to the next level! If you understand ISMS, Information Security, Vulnerability Management and are looking forward to your next career move, apply now. Job Description We are looking for a Security Analyst . This position will be full-time and Onsite Gurugram. What You’ll Do Ensure compliance with security standards and frameworks (e.g., ISO 27001). Assist in the development and enforcement of internal security policies and procedures. Conduct regular audits to ensure compliance with established security protocols and guidelines. Coordination with relevant stakeholders to identify, assess, and prioritize security vulnerabilities across systems and networks. Coordinate in performing vulnerability assessments and penetration testing to ensure system defense are robust. Collaborate with IT teams to recommend and implement patches, fixes, or configuration changes to address vulnerabilities. Continuously monitor network traffic, security logs, and systems for any signs of security breaches or irregularities. Maintain and manage security tools (e.g. Next gen AV, EDR, SIEM). Educate employees on information security best practices, including secure password policies and safe internet use. What You'll Need 3+ years of experience in a Security Analyst or related role. Hands-on experience with security monitoring, vulnerability management, and incident response. AV, EDR/XDR, SIEM, Network protocol. Incident Response. Vulnerability Assessment. Familiar with the Secure SDLC Framework. Strong analytical and problem-solving skills. Excellent understanding of network protocols (TCP/IP, DNS, HTTP, etc.). Experience with vulnerability management and penetration testing tools. Familiarity with risk management and compliance requirements. Windows/Linux administration. Conduct regular system scans, security checks, and updates to ensure the security tools are functioning optimally. Provide guidance on handling sensitive data and maintaining security hygiene. Document security incidents, investigations, and actions taken for compliance and future reference. Contribute to risk assessments and assist in the identification of key risk areas for the organization. Investigate security incidents, respond promptly, and report findings to the management team. Physical Demands Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc. Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor. Reasonable accommodation statement If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.

Role & responsibilities: Analyze and understand new log source formats (syslog, flat files, APIs, JSON etc.). Design and develop custom Flex Connectors, including support for JSON and non-standard log formats & deploy ArcSight Flex Connectors for custom log source integration. Lead parser creation and tuning for various log sources and security technologies. Collaborate with the SOC and threat intel teams to build detection use cases and correlation rules aligned with MITRE ATT&CK. Integrate ArcSight with SOAR platforms for automated response, leveraging Python scripting. Conduct feasibility analysis for new integrations and support parser deployment lifecycle. Review parser performance, log quality, EPS optimization, and correlation tuning. Document architecture, parser specifications, playbooks, and integration workflows. Lead implementation projects, including installation, configuration, and tuning of ArcSight ESM, Logger, and Smart Connectors. Work closely with security operations and infrastructure teams to integrate log sources and develop use cases. Perform infrastructure sizing, health checks, and system performance tuning. Develop and maintain documentation including solution design, implementation guides, and SOPs. Provide subject matter expertise during POCs, and implementation support. Preferred candidate profile: Bachelor in CS/IT or similar 8+ years of experience in cybersecurity with at least 4+ years in ArcSight solution design and deployment. Familiarity with regular expressions (regex) for parsing custom logs. Experience with log onboarding, parsing, and normalization processes. Log analysis (Analyst) Understanding of cloud environment (GCP) & Kubernetes & docker technologies Integration of different types of log sources Solid understanding of - CEF (Common Event Format) ,ArcSight Event Schema and Field Mapping, Device/Product Event Categorization Knowledge of Linux/Unix systems and basic scripting. Experience with ArcSight content development: rules, correlation, dashboards, reports. And familiarity with ArcSight upgrades and migration planning. Strong understanding of log management, threat detection, and SOC workflows. Knowledge of related tools and platforms such as SIEM, SOAR, firewalls, IDS/IPS, endpoint security. Scripting knowledge (e.g., Python, Shell) for automation and data parsing. Excellent communication and stakeholder management skills. Architect and implement end-to-end SIEM solutions using ArcSight 24* (ESM, SmartConnectors, Thub, Recon). Hands-on experience in leading parser development, customization, and tuning for various log sources and third-party security technologies. Integrate ArcSight with SOAR platforms for automated response, leveraging Python scripting. Skilled in performing feasibility analysis and POCs for new log source integrations and managing the complete parser deployment lifecycle.

We are seeking a highly skilled Cybersecurity Officer with a strong background in information security, cyber risk management, and technical infrastructure protection.As a global provider of financial and data clearing applications for mobile network operators, we understand the critical importance of robust cybersecurity measures.This role is specifically focused on the digital security of enterprise systems, cloud infrastructure, application environments, and customer data. Nextgen Clearing is the market leading provider of global roaming services. We operate internationally across 20 global locations, employing over 300 talented people. We offer Award-winning Data and Financial Clearing services, along with unique value-added features on a single flexible online platform. Nextgen Clearing serves more than 160 operators worldwide, giving them a 24/7 holistic overview of their full roaming business Key Responsibilities: Define and implement security policies and controls to protect the company's digital assets and ensure regulatory compliance. Continuously monitor the company's security posture and quickly respond to security incidents. Develop security strategies and plans for preventing and responding to security breaches. Provide expert guidance and support to software teams on implementing secure development practices, security requirements, and conducting security testing. Foster secure application deployment and configuration, ensuring the protection of data integrity and confidentiality. Conduct regular training and awareness sessions for the company's staff to promote security best practices. Assist in the response to security incidents, including the management of communications and recovery efforts. Work collaboratively with customer service teams to safeguard customer data, enhance data privacy, and ensure secure customer interactions. Contribute to the company's efforts to prevent fraud and manage security incident communications to maintain trust with customers. Stay up-to-date on the latest cybersecurity trends, threats, and security technologies to continuously improve the organization's security stance. Collaborate with IT and other departments to establish a security-focused culture across the company. Develop and maintain documentation related to security policies, procedures, and incident response plans. Stay up to date on emerging cybersecurity threats and vulnerabilities and proactively recommend and implement countermeasures to mitigate risks. Foster security awareness and monitor security policy implementation Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or cybersecurity certifications (e.g., CISSP, CISM, CEH, TOGAF) are a plus. A minimum of 5 years of experience in information security or cybersecurity. Strong understanding of information security principles, best practices, and industry standards. Experience with implementing and managing security protocols, cybersecurity tools, and technologies. Familiarity with compliance requirements and standards such as ISO 27001, GDPR, and PCI DSS. Ability to identify security vulnerabilities and risks, as well as implement preventive and corrective measures. Knowledge of secure software development life cycle (SDLC) practices. Excellent problem-solving skills and the ability to work in a fast-paced, high-pressure environment. Strong communication and interpersonal skills to collaborate with diverse teams and educate non-technical stakeholders on security-related matters. Incident response and crisis management experience. Working Conditions: The role may require availability outside of standard business hours to respond to security incidents and maintain critical security measures. Benefits A supportive, dynamic, and collaborative work environment. Exceptional opportunities for professional and career advancement. Engagement with the leading provider of roaming services, catering to global Mobile Network Operators as clients. For more information, please visit www.nextgenclearing.com. Private Health Insurance Training & Development

Job Title: Security Analyst L1 Job Description: The Area: The Information Security Team is a central function governing corporate and product security globally. We have built a strong team of high performing security experts and are creating a new team within Information Security here at Morningstar. As a member of our new Security Operations Center Team, you will get to be a part of a growing and well supported program protecting Morningstars Infrastructure, Data, and People. The Role: As an analyst on our Security Operations Center Team, you will monitor and analyze threats, provide security monitoring, and incident response services. Day to day you will work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting impact. You will analyze incidents to determine scope and impact and assist in recovery efforts. You will combine threat intelligence, event data, and assessments from recent events, to identify patterns to understand attackers' goals and stop them from succeeding. This position is based in our Mumbai office. Responsibilities: • Provide 24x7 monitoring operations for security alerts • Detect, analyze, report and respond to cyber security events and incidents using a combination of technology solutions and processes • Review and escalate alerts • Examine and operationalize new adversary detection methods to defend Morningstar • Assess the security impact of security alerts and traffic anomalies to identify malicious actions. • Generate reports for both technical and non-technical staff and stakeholders. Requirements + A bachelor’s degree and 2-3+ years’ experience in Information Security. + Excellent communication skills and an understanding of cyber security fundamentals. + Candidates should be interested in keeping up with the latest security trends. + Experience with security tools +Add-on Certification like Security+, CompTIA+, Splunk. Morningstar is an equal opportunity employer

Masai, in partnership with top academic institutions, is launching an advanced online program in Cyber Security. This program is designed to equip learners — including students, working professionals, and career changers — with practical, job-ready skills in information security, threat analysis, penetration testing, and governance frameworks. We are seeking experienced Cyber Security professionals to join as Industry Mentors who can bring real-world insights, guide learners through hands-on applications, and bridge the gap between theory and practice. Key Responsibilities Session Facilitation & Mentorship: Lead live online mentoring sessions focused on real-world applications, tools, and industry case studies. Help learners understand the practical challenges and solutions in Cyber Security domains such as network security, ethical hacking, cloud security, and incident response. Provide career guidance and professional insights to aspiring security professionals. Capstone & Project Review Guide learners in applying security principles in capstone or portfolio projects. Offer feedback and support to enhance project quality and job-readiness. Industry Integration Share industry updates, best practices, and emerging trends in Cyber Security. Facilitate Q&A, discussions, and interactive learning experiences. Candidate Requirements Minimum 5 years of hands-on experience in Cyber Security (e.g., Threat Intelligence, SOC, Security Audits, Pen Testing, Compliance, etc.) Current or former professionals from companies working in Cyber Security, Tech Consulting, Fintech, Government, or Defense are encouraged to apply. Strong communication and mentoring skills. Familiarity with tools and platforms like SIEM, IDS/IPS, Nmap, Burp Suite, Metasploit, Wireshark, and more. Passion for education, mentorship, and upskilling future professionals. Engagement Details Time Commitment: 2–4 hours per week Location: Remote (online) Compensation: ₹25K to ₹75K per month (based on experience and involvement) Why Join Us? Mentor aspiring Cyber Security professionals from diverse backgrounds Share your expertise while contributing to a mission-driven education platform Engage with a flexible, part-time schedule Collaborate with a network of academic and industry leaders Help shape the future of India's cybersecurity workforce Skills: ids/ips,nmap,network security,security,burp suite,incident response,pen testing,compliance,wireshark,security audits,cloud security,soc,threat intelligence,cyber security,siem,metasploit,mentoring,ethical hacking

Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Sr. Cyber Security Analyst Description Job Description We re looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you ll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organization s digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Skills Key Skills 3+ years of experience in cybersecurity or a related technical role. Bachelor s degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Responsibilities Roles and Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organization s security posture. Position: Sr. Cyber Security Analyst Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes • Roles and Responsibilities Technical Skills: • Industry Certifications and an educational background from Information Technology • Strong experience of security tools and techniques including o Firewall, IDS/IPS o multi-factor authentication o Network authentication o Zero Trust Network Access o WAF & DDoS Protection • Strong Knowledge and understanding on o Public Cloud o Cisco ASA, VPN and Network device o Hybervisor and virtual machine o Active Directory o SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis • Practical knowledge with Windows, Linux, and TCP/IP networking • Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage • Hands-on experience on security incident response Any Additional Requirements Personal Attributes •

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L1 Analyst has responsibility to closely track the incidents and support for closure. Escalate more complex incidents to L2 analysts for deeper analysis. Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Handle XDR alerts and followup with customer team for agent updates Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L2 Analyst has responsibility to closely track the incidents and support for closure. Working with logsource and usecase management in integrating log sources and developing & testing usecase Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Developing SOP / instruction manual for L1 team Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents Handle XDR alerts and followup with customer team for agent updates Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

Job Summary JD: Education must be BE/BTech/MCA & 4+ Years Hands on exp. ¿ Complete understanding of the organization's technology and information security framework. ¿ Designing and implementing infra and network security solutions. ¿ Providing L2 support in all Network related activities. ¿ Install, configure, manage, customize and troubleshoot network related activities. ¿ Monitoring and administration of LB, WAF and DDoS. ¿ Preparing weekly/monthly reports. ¿ Deploying and managing SSL certificates in Radware LB¿s. ¿ Raising Firewall requests as per requirements and coordinating with different departments to get Firewall Requests implemented. ¿ Managing the inventory i.e. hardware, software, IP¿s (public, private), DNS etc. ¿ Coordinating with hardware vendors in configuration and troubleshooting ¿ Daily reporting of LB resource utilization ¿ IOS upgrade of all devices as and when required. ¿ Implementing Audit recommendations pertaining to Network ¿ Guide/Mentor the team members on technical problems which cannot be resolved at their level ¿ Ensure that Systems, Organization processes, & Unit practices adhere to Organization policies ¿ Experience in leading the team ¿ Experience of working on ITIL processes ¿ Leading the major incidents, fixing the problems, and submitting RCA ¿ Perform in depth packet capture analysis using Wireshark to diagnose network performance issues, incidents, and other anomalies and detailed reports on findings from PCAP analysis. WAF (Web Application Firewall)F5 ¿ Monitoring security alerts ¿ Provide Remedial actions ¿ Prepare Analysis Reports ¿ Analysis of application logs ¿ Coordinate with Application team and get input ¿ Fine tuning as per the recommendation by App team ¿ Report generation LOAD BALANCER (Radware & AVI) ¿ Capacity Planning ¿ SSL Off loader Configuration ¿ Configuration and Troubleshooting issues ¿ IPv4 and IPv6 enablement ¿ Integration with SOC, SIEM and Other tools ¿ Co ordination with Vendor for support. ¿ Preventive Maintenance. ¿ Firmware Upgradation

Who We Are We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them. We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity. Job Summary The Cyber Security Team Lead will support the Head of Information Security in the development, implementation, and management of the organisation’s information security strategy. This role involves overseeing daily operations, ensuring the security of information assets, managing security incidents, and fostering a security-conscious culture within the organisation. Key Responsibilities Strategic Support: Assist in the development and execution of the organisation's information security strategy and policies. Provide strategic guidance and leadership in all areas of information security. Operational Management: Oversee day-to-day security operations, including monitoring, threat management, and incident response. Ensure effective 24/7 monitoring and incident handling. Risk Management: Identify and assess security risks, and develop mitigation strategies. Conduct regular security audits and vulnerability assessments. Incident Response: Lead the response to security incidents and breaches, ensuring timely and effective resolution. Develop and maintain the incident response plan, including conducting regular drills. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Maintain up-to-date documentation of security policies, procedures, and incidents. Team Leadership: Supervise and mentor the information security team, providing guidance and support. Foster a collaborative and high-performance team environment. Training and Awareness: Develop and deliver security training and awareness programs for employees. Promote a culture of security awareness throughout the organisation. Stakeholder Collaboration: Collaborate with IT, legal, HR, and other departments to ensure cohesive security practices. Serve as a key point of contact for security-related matters with external partners and vendors. Qualifications Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree is a plus. Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Experience: Minimum of 10 -15 years of experience in information security, with at least 3 - 5 years in a leadership role. Proven experience in managing security operations, incident response, and risk management. Skills And Competencies Technical Expertise: Strong knowledge of information security principles, technologies, and best practices. Experience with security tools and technologies such as SIEM, firewalls, IDS/IPS, and endpoint protection. Analytical Skills: Ability to analyse complex security issues and develop effective solutions. Strong risk assessment and management skills. Leadership and Communication: Excellent leadership and team management skills. Strong verbal and written communication skills, with the ability to convey complex security concepts to non-technical stakeholders. Problem-Solving: Strong critical thinking and problem-solving abilities. Ability to remain calm and effective in high-pressure situations. Additional Requirements Availability for on-call duties and to respond to security incidents outside regular working hours. Willingness to travel as needed. Hybrid Policy - 2 to 3 days in a month work from Office* Benefits What we offer We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered. Our Values Our values are a collective set of beliefs and behaviours that strengthen The Economist Group's purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world. Independence We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world. Integrity We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency. Excellence We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation. Inclusivity We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully. Openness We foster a collaborative and empathetic culture conducive to the interests, wit and initiative of our colleagues. New ideas are our lifeblood. The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our colleagues and potential colleagues regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation, age, marital status or any other status.

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624