5156 Siem Jobs - Page 35

We’re on an exciting journey with our client and we want you to join us. With our client, you will be exposed to the latest technologies and work with some of the brightest minds in the industry. Our client is Big Investment Banking company so you will be playing a key role as a Vice President - Data Security who can assist with the below: Global CISO (Chief Information Security Office) is looking for a seasoned Data Protection Operations Lead to oversee the day-to-day execution, governance, and enhancement of our enterprise data protection technologies. This role is critical in safeguarding sensitive and regulated data across the organization using platforms such as BigID, Microsoft Information Protection (MIP), Truffle Hog for secrets discovery, Data Loss Prevention (DLP) tools (e.g., Symantec, Forcepoint, MIP), and Thales for data obfuscation and encryption. The ideal candidate will have 13–15+ years of information security experience, with at least 8 years specifically focused on data protection and governance, preferably in large, regulated environments (e.g., BFSI, Healthcare, or Tech). Responsibilities: Lead operational execution of enterprise data protection tools including BigID, MIP, DLP, Thales, Truffle Hog, etc. Manage end-to-end incident response workflows related to data leakage, sensitive data discovery, and misconfiguration. Ensure operational efficiency of data discovery, classification, and protection capabilities across endpoints, cloud, and on-prem environments. Collaborate with engineering, compliance, legal, and business teams to define and implement data protection policies. Oversee and optimize data classification strategies (manual, suggestive, and automated). Track and report key metrics including incident trends, false positives, and SLA adherence. Drive adoption and user training programs related to data classification and labeling. Participate in and lead audits, risk assessments, and regulatory readiness reviews. Own tool lifecycle—from onboarding, configuration, integration to tuning and decommissioning. Serve as escalation point for high-priority incidents, executive reporting, and stakeholder briefings. Knowledge, Skill, Experience Required: 13–15+ years of overall experience in Information Security. 8+ years of direct experience in data protection, DLP, or data privacy. Proven experience managing enterprise-grade tools like BigID, MIP, Symantec/Forcepoint DLP, Thales Cipher Trust, Truffle Hog, and/or others. Strong understanding of data discovery, classification, encryption, rights management, and related regulatory standards (e.g., GDPR, HIPAA, DPDP, CCPA). Solid background in cloud security controls (M365, AWS, Azure, GCP) and hybrid deployments. Expertise in SIEM and SOAR integrations, incident response, and threat modeling. Experience with scripting or automation (e.g., Python, PowerShell) a plus. Familiarity with compliance frameworks such as ISO 27001, NIST, RBI, etc. Beneficial: Symantec and Forcepoint DLP Certification Microsoft Certified: Information Protection Administrator Associate (SC-400) Certifications such as CIPT, CIPP, CISSP, CISM, or equivalent preferred. Azure Security / Microsoft 365 Security certifications Personal Characteristics: Strategic thinker with hands-on execution capability. Excellent communication and stakeholder management skills across technical and non-technical audiences. Strong problem-solving and analytical skills. High degree of professional integrity, ownership, and accountability. Proactive and collaborative team leader, able to operate in cross-functional and matrixed environments. Adept at working under pressure with strong prioritization and decision-making skills.

This role is for one of Weekday's clients Salary range: Rs 1200000 - Rs 2200000 (ie INR 12-22 LPA) Min Experience: 7 years Location: Hyderabad, Telangana JobType: full-time Requirements About the role A minimum of 08-10 years of experience in Information Security, with at least 05-06 years in a senior Offensive Security role, preferably within the financial or banking sector Hands-on experience in conducting covert security assessments, including physical, network, application, and social engineering scenarios Proficiency in exploiting vulnerabilities, bypassing security controls, lateral movement, privilege escalation, and exfiltration techniques Strong understanding of operating systems, networking protocols, cloud platforms, and web applications. Analytical thinking, creativity, and adaptability in dynamic attack scenarios Excellent communication skills to explain technical findings to non-technical audiences and work effectively within multi-disciplinary teams Should have experience to performed Web Application, API (Rest & GraphQL), Infrastructure, Mobile Application (Android & iOS) Security Assessments Regular Risk assessment Identifying and prioritizing protection resources for key assets in danger of exploitation Strengthening techniques making organization security stronger by knowing how to fix vulnerability weaknesses Experience in monitoring and detection systems by using packet sniffing devices, SIEM systems, IDS, and IPS etc. Threat Detection and Threat Hunting : Monitoring of indicators of compromise (IOCs) using SIEMs or EDRs and active threat search with SIEMs or EDRs Forensic analysis investigating and evaluating the impact and scale of a security incident Early threat detection to analyzing CVEs and 0-day vulnerabilities, the team will deploy decoys (deception)Excellent written, oral communication and presentation skills Advanced Attack Simulations: Develop complex and realistic attack scenarios that mimic Advanced Persistent Threats (APTs) and other sophisticated tactics to test the resilience of security measures Comprehensive Penetration Testing: Implement in-depth penetration testing modules that allow users to practice finding and exploiting vulnerabilities within a controlled environment Operational Security (OpSec) Training: Create training modules focused on OpSec, teaching users how to avoid detection and maintain stealth during Red Team operations Custom Exploits and Payloads: Develop and deploy custom exploits and payloads that can be used to test specific system vulnerabilities Incident Response Testing: Simulate breaches to test and improve the incident response procedures of organizations, ensuring they can swiftly and effectively handle real-world attacks Adversary Emulation Plans: Develop detailed adversary emulation plans that mirror the techniques, tactics, and procedures (TTPs) of known threat actors to provide a realistic training experience Continuous Learning and Adaptation: Implement a system for continuously updating the platform with new tactics and vulnerabilities as they emerge, ensuring Red Team exercises remain relevant and challenging. Core Deliverables Advanced Penetration Testing: Conduct thorough penetration tests on simulated environments to identify and exploit vulnerabilities Red Team Operations: Design, plan, and execute sophisticated red team exercises to assess organizational readiness against cyber threats Threat Emulation: Develop and deploy threat emulation scenarios that mimic real-world adversaries' tactics, techniques, and procedures (TTPs) Incident Response Simulation: Create and execute realistic incident response scenarios to test and enhance the response capabilities of blue teams Continuous Red Team Training: Train and mentor junior red team members and other IT staff on the latest security threats and tactics Oversee the execution of automated vulnerability assessments Responsible and actively participate in Meetings to discuss assessment scope, requirements, deliverables, and client expectations Responsible to authoring and presenting assessment reports to clients to discuss security findings and recommendations Conduct simulated attacks on the organization's computer systems or physical locations Identify and exploit vulnerabilities, weaknesses, and gaps in the security systems and policies Report findings and recommendations to the organization Provide feedback and training to the blue team Stay updated on the latest trends and developments in the security field Plan and initiate Red Team activities based on realistic threats, by creating attack techniques and utilizing custom tooling to generate exploits. Platform-Specific Deliverables: Scenario Development: Design dynamic and scalable training scenarios tailored to the organization's needs, leveraging the capabilities of next-generation cyber range platforms like CYBER RANGES and others2 Automation and Scripting: Develop scripts and automation tools to enhance the efficiency and scalability of cyber range operations Integration with Existing Tools: Ensure seamless integration of the cyber range platform with existing security tools and infrastructure Comprehensive Reporting and Analysis: Deliver detailed reports on the findings from red team exercises, including risk assessments, detailed debriefs, and actionable recommendations Data Analysis: Use data collected from exercises to provide insights into potential security improvements and adjustments Continuous Improvement: Stay updated with the latest developments in cybersecurity and continuously improve the cyber range platforms and training scenarios Emerging Threat Awareness: Identify and incorporate emerging threats into the training scenarios to keep defences robust and current. Certifications: Certified Red Team Professional (CRTP) - Mandatory CISA / CISM / CISSP / CEH / CRISC - Mandatory (atleast one certification) Offensive Security Certified Professional (OSCP) - Mandatory Offensive Security Certified Expert (OSCE) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)CompTia Security+

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. Role Summary MDR Sales Lead is an overlay Sales function. The person would be a second layer of specialised engagement with the existing Enterprise customers, prospects and is expected to have an in-depth understanding of the managed security services and market opportunity available. Person should be able to position the MDR services effectively and appropriately with the customers and build the business opportunity for Sophos India working closely with all the stakeholders across the Globe. What you will do As the Sales Leader for MDR Services, you would be the lead for Services Sales for the country. You will be a part of defining the strategy for MDR Services growth in India, strengthen key relationships with C-level executives, build visibility for and expand business for Sophos India‚ MDR Services. You will work closely with Regional Heads and Sales Leaders for the Account/partner management teams, Presales and Solution Leaders and drive the right engagement with customers to showcase the strength of the Sophos MDR services You will also partner with other functional teams across Product, Compliance, Operations and Enablement to remove barriers and ensure flawless execution and success of the customer engagement. The ideal candidate will possess Sales and Technical knowledge with exposure to sales and delivery of Security Services that enables him or her to develop and execute the plan, to meet Order and Revenue objectives. The person is also expected to be a self-starter who will elevate the conversation with customers to strategic levels and build long standing relationships for Sophos India Develop and execute the plan to meet and exceed book of orders & Revenue targets Effectively position Sophos MDR Services You should possess excellent inter-personal skills to seamlessly collaborate with the entire Sales team Manage all the moving parts of the business with the relevant stakeholders Opportunity ownership and qualification / creation of funnel, forecast deal closures Provide Market insights and competition updates to stakeholders Maintain operational discipline in all execution parameters; respond to all weekly, monthly, quarterly updates in time as may be expected on an on-going basis Support Sales team effectively through regular conversations and support them in handling their respective customer patches effectively to enable them to meet their targets and objectives Handle training activities with the sales teams as may be required What you will bring Min 5-10 years of Cyber security industry experience with minimum 5 years in security services selling Any Security certifications will be an advantage, but not a must Must show demonstrable experience in having developed C-level relationships Demonstrate business acumen in presenting solutions on an ROI basis, strategies, successful penetration of territories for services business growth and across an entire spectrum of buyers, influencers and C-Level decision makers Relationship with Enterprise level of customer, >5000 users Prior CRM experience (preferable Salesforce) #B2 Ready to Join Us? At Sophos, we believe in the power of diverse perspectives to fuel innovation. Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply. What's Great About Sophos? · Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach. Please refer to the location details in our job postings for further information. · Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit · Employee-led diversity and inclusion networks that build community and provide education and advocacy · Annual charity and fundraising initiatives and volunteer days for employees to support local communities · Global employee sustainability initiatives to reduce our environmental footprint · Global fitness and trivia competitions to keep our bodies and minds sharp · Global wellbeing days for employees to relax and recharge · Monthly wellbeing webinars and training to support employee health and wellbeing Our Commitment To You We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know. Data Protection If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. For more information on Sophos’ data protection practices, please consult our Privacy Policy Cybersecurity as a Service Delivered | Sophos

About the Opportunity Step into the forefront of the cybersecurity industry in a rapidly evolving environment where innovation in threat detection and endpoint protection is paramount. This role is tailored for high-performing professionals in the security engineering sector who thrive on managing advanced security solutions and ensuring resilient protection across critical infrastructures. Operating within a dynamic, on-site work culture in India, you will be challenged to refine and enhance security procedures using advanced SentinelOne EDR strategies. Role & Responsibilities Lead the deployment, configuration, and optimization of SentinelOne EDR solutions to secure endpoints across diverse environments. Monitor, analyze, and respond to security incidents, leveraging threat intelligence to rapidly mitigate risks and vulnerabilities. Collaborate with cross-functional teams to integrate EDR solutions with broader security infrastructure (including SIEM systems) and refine incident response protocols. Develop and implement security architecture strategies to ensure best practices and regulatory compliance across services. Mentor and guide junior team members by sharing expert knowledge on endpoint protection and evolving threat landscapes. Continuously assess and enhance security measures, participating in post-incident reviews and process improvements. Skills & Qualifications Must-Have: Strong hands-on experience with SentinelOne EDR administration, configuration, and troubleshooting in high-security environments. Must-Have: Proven expertise in endpoint security, incident response, and threat mitigation using advanced security tools. Must-Have: In-depth understanding of security best practices across Windows, Linux, and other operating systems. Preferred: Experience integrating EDR solutions with SIEM platforms and automating security incident workflows. Preferred: Familiarity with cybersecurity compliance frameworks such as NIST and ISO 27001. Preferred: Excellent analytical, communication, and leadership skills with a collaborative working style. Benefits & Culture Highlights Work on-site in a dynamic and innovative cybersecurity environment where vigilance and excellence are rewarded. Engage with cutting-edge security technologies and contribute to strengthening organizational cybersecurity frameworks. Collaborative, growth-oriented culture that values mentorship, continuous learning, and proactive problem solving. If you are an experienced security engineering professional passionate about leveraging SentinelOne EDR to transform endpoint security, we invite you to apply and become an integral part of our fast-paced, mission-driven team.

The Manager will lead and manage 24x7 cybersecurity and SOC operations, ensuring round-the-clock protection of the organization's critical infrastructure. This role demands deep expertise in network security, threat detection, and incident response , while also managing a team working in rotational shifts. Shift: 24x7 Rotational Previous exp in Team management important Requirements: 8+ years in cybersecurity, with 3+ years in a leadership role. Experience running or managing a 24x7 SOC . Strong expertise in SIEM tools , threat detection, and mitigation strategies. Relevant certifications: CISSP, CISM, CEH , or equivalent. Excellent leadership and communication skills.

3 - 5 Years 1 Opening Trivandrum Role description Identity Architecture & Engineering Design and deploy scalable IAM solutions (SSO, MFA, RBAC). Manage identity lifecycle: onboarding, offboarding, access reviews, and certification. Integrate IAM with enterprise apps, cloud platforms (Azure AD, AWS IAM), and third-party services. Security Operations & Automation Develop automation for identity provisioning, de-provisioning, and access governance. Implement and manage Privileged Access Management (PAM) tools. Enforce least-privilege access as part of Zero Trust Architecture. Monitoring, Detection & Incident Response Monitor identity events via SIEM and analytics tools. Investigate incidents and access violations; lead remediation efforts. Perform root cause analysis and apply corrective measures. Compliance & Governance Ensure compliance with GDPR, PCI-DSS, ISO 27001, and other standards. Maintain audit trails, access logs, and documentation for audits. Support risk assessments, policy development, and security training. Collaboration & Continuous Improvement Collaborate with DevOps, IT, and Security to embed IAM in CI/CD pipelines. Mentor junior staff and promote security best practices. Stay updated on emerging identity security trends and threats. Required Qualifications Handson experience in IAM, cybersecurity, or related engineering roles. Expertise in IAM protocols: SAML, OAuth2, OpenID Connect, LDAP, SCIM. Hands-on with Azure AD, Active Directory, AWS IAM, or GCP IAM. Experience with PAM tools like CyberArk, BeyondTrust, or HashiCorp Vault. Proficient in scripting/automation (PowerShell, Python, etc.). Strong knowledge of Zero Trust principles and identity governance. Skills IAM About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

We are looking to hire a new team member with at least 1 year of hands-on experience in cybersecurity, and a basic understanding of networking and firewalls. Bachelor’s degree in Computer Science, IT, or a related field,CEH (Certified Ethical Hacker) certification Minimum 1 year of cybersecurity experience, CEH certified, with basic networking and firewall skills. Familiar with antivirus, log monitoring, and incident response. Strong problem-solving skills and ability to work independently and in a team. Experience with SIEM tools, vulnerability scanners, and firewall platforms like FortiGate or Sophos. Knowledge of Linux, scripting Monitor security alerts, respond to incidents, manage firewall rules, and perform regular system checks. Assist in vulnerability assessments, update security tools, and support IT team in maintaining network and data protection. Job Type: Full-time Pay: From ₹15,000.00 per month Work Location: In person

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. Role Summary MDR Sales Lead is an overlay Sales function. The person would be a second layer of specialised engagement with the existing Enterprise customers, prospects and is expected to have an in-depth understanding of the managed security services and market opportunity available. Person should be able to position the MDR services effectively and appropriately with the customers and build the business opportunity for Sophos India working closely with all the stakeholders across the Globe. What you will do As the Sales Leader for MDR Services, you would be the lead for Services Sales for the country. You will be a part of defining the strategy for MDR Services growth in India, strengthen key relationships with C-level executives, build visibility for and expand business for Sophos India‚ MDR Services. You will work closely with Regional Heads and Sales Leaders for the Account/partner management teams, Presales and Solution Leaders and drive the right engagement with customers to showcase the strength of the Sophos MDR services You will also partner with other functional teams across Product, Compliance, Operations and Enablement to remove barriers and ensure flawless execution and success of the customer engagement. The ideal candidate will possess Sales and Technical knowledge with exposure to sales and delivery of Security Services that enables him or her to develop and execute the plan, to meet Order and Revenue objectives. The person is also expected to be a self-starter who will elevate the conversation with customers to strategic levels and build long standing relationships for Sophos India Develop and execute the plan to meet and exceed book of orders & Revenue targets Effectively position Sophos MDR Services You should possess excellent inter-personal skills to seamlessly collaborate with the entire Sales team Manage all the moving parts of the business with the relevant stakeholders Opportunity ownership and qualification / creation of funnel, forecast deal closures Provide Market insights and competition updates to stakeholders Maintain operational discipline in all execution parameters; respond to all weekly, monthly, quarterly updates in time as may be expected on an on-going basis Support Sales team effectively through regular conversations and support them in handling their respective customer patches effectively to enable them to meet their targets and objectives Handle training activities with the sales teams as may be required What you will bring Min 5-10 years of Cyber security industry experience with minimum 5 years in security services selling Any Security certifications will be an advantage, but not a must Must show demonstrable experience in having developed C-level relationships Demonstrate business acumen in presenting solutions on an ROI basis, strategies, successful penetration of territories for services business growth and across an entire spectrum of buyers, influencers and C-Level decision makers Relationship with Enterprise level of customer, >5000 users Prior CRM experience (preferable Salesforce) #B2 Ready to Join Us? At Sophos, we believe in the power of diverse perspectives to fuel innovation. Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply. What's Great About Sophos? · Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach. Please refer to the location details in our job postings for further information. · Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit · Employee-led diversity and inclusion networks that build community and provide education and advocacy · Annual charity and fundraising initiatives and volunteer days for employees to support local communities · Global employee sustainability initiatives to reduce our environmental footprint · Global fitness and trivia competitions to keep our bodies and minds sharp · Global wellbeing days for employees to relax and recharge · Monthly wellbeing webinars and training to support employee health and wellbeing Our Commitment To You We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know. Data Protection If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. For more information on Sophos’ data protection practices, please consult our Privacy Policy Cybersecurity as a Service Delivered | Sophos

In our ‘always on’ world, we believe it’s essential to have a genuine connection with the work you do. Work Location: Hyderabad General Summary The Windows Administrator / Analyst is responsible for developing, supporting, and optimising CommScope’s Windows-based and hybrid cloud infrastructure. This role will support both on-premises data centers and cloud (Azure/AWS) environments, ensuring high system performance, availability, and reliability. In addition to traditional Windows Server and VMware support, the role includes Azure cloud infrastructure management, Infrastructure as Code (IaC) using Bicep/Terraform, and automation through DevOps pipelines. How You’ll Help Us Connect The World Design, implement, and manage Windows server infrastructure (2012, 2016, 2019) across on-premise and Azure cloud environments. Support data centers and hyper-converged infrastructure (Cisco UCS, HPE, Dell, Nutanix) with high-availability configurations. Administer and automate VMware vSphere/ESXi environments, ensuring performance and failover readiness. Administer Azure IaaS workloads, storage accounts, VNets, NSGs, hybrid identities, and security groups. Create and manage Infrastructure as Code (IaC) using Terraform or Bicep for provisioning and change control. Automate deployments and server configurations using Azure DevOps Pipelines and PowerShell scripting. Monitor and troubleshoot system performance, network connectivity, and cloud-native resources. Perform regular system upgrades, patching, and vulnerability remediations in coordination with InfoSec. Lead implementation of backup and disaster recovery solutions using Veeam, Commvault, or NetBackup. Maintain clear and detailed documentation, including Visio diagrams, system inventories, SOPs, and cloud architecture diagrams. Collaborate cross-functionally to plan and execute new infrastructure projects and cloud migrations. Related Education & Experience Bachelor’s degree in information technology, Computer Science, or a related field. 7 to 9 years of total experience with a minimum of 5+ years in Windows Systems Administration, 3+ years in VMware, and recent hands-on Azure administration experience. Strong scripting background (PowerShell or Bash) for configuration and automation. Experience managing hybrid infrastructure and data center operations. You Will Excite Us If You Have Core Technical Skills Proven experience administering Windows 2012/2016/2019 (AD, DNS, DHCP). Certified Azure Administrator Associate (AZ-104) or higher preferred. Experience with Terraform or Bicep to manage Azure infrastructure as code. Hands-on experience with Azure DevOps pipelines, ARM templates, and automation workflows. Good understanding of cloud networking (VNet, NSG, VPN, ExpressRoute) and cloud storage (Blob/File/Managed Disks). VMware vSphere, ESXi administration and troubleshooting. Familiarity with Zerto, Veeam, Commvault, or other enterprise backup solutions. Experience supporting Cisco UCS, Dell EMC, or HPE physical infrastructure. Strong understanding of identity and access management – AD, Azure AD, LDAP integration. Bonus Skills Experience in AWS or GCP cloud operations is a plus. Experience with Red Hat Satellite or Linux systems (helpful in hybrid environments). Exposure to ITIL-based ticketing systems like ServiceNow. Understanding of SIEM tools, patch management, and system health monitoring. Why CommScope: CommScope is on a quest to deliver connectivity that empowers how we live, work, and learn. Our employees push the boundaries of communications technology that enables game-changing discoveries like 5G, the Internet of Things, and gigabit speeds for everyone, everywhere. With our unmatched expertise in copper, fiber, and wireless infrastructure, our global clients rely on us to outperform today and be ready for the needs of tomorrow. If you want to grow your career alongside bright, passionate, and caring people who strive to create what's next…..come connect to your future at CommScope. CommScope is an Equal Opportunity Employer (EEO), including people with disabilities and veterans. If you are seeking an accommodation for the application or interview process, please contact us to submit your request at talentacquisition@commscope.com. You can also learn more about CommScope’s accommodation process and EEO policy at https://jobs.commscope.com/eeo

Job requisition ID :: 86399 Date: Jul 22, 2025 Location: Delhi Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Overview: The SOC Operations Manager for an MSSP (Managed Security Service Provider) is responsible for overseeing the day-to-day operations of the Security Operations Center, ensuring the delivery of high-quality security monitoring, incident detection, and response services to multiple clients. This role involves managing a team of security analysts, engineers, and incident responders to protect client environments. The SOC Operations Manager will focus on optimizing service delivery, ensuring SLAs are met, managing customer relationships, and driving continuous improvement in the SOC's performance. Key Responsibilities SOC Operations Management : Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments. Manage and support a team of SOC analysts (Tier 1, Tier 2, Tier 3), incident responders, and engineers in handling security incidents for clients. Ensure that SLAs (Service Level Agreements) with clients are met, including response times, reporting, and incident resolution. Oversee shift management and ensure that the SOC is properly staffed to meet operational requirements. Incident Detection, Response, and Escalation : Oversee the detection, investigation, and response to security incidents within client environments. Ensure proper escalation of incidents to client contacts based on the severity and impact of the incident. Lead incident management processes, ensuring clear communication and effective coordination between SOC teams and clients during incidents. Conduct post-incident reviews, ensuring that root causes are identified and that lessons learned are incorporated into operational procedures. Customer Relationship Management : Serve as the primary point of contact for key client accounts, ensuring effective communication and alignment of security services with client expectations. Conduct regular client meetings to discuss SOC performance, incidents, and overall security posture. Provide reporting and metrics to clients on security operations, incident handling, and threat landscape updates. Address client concerns and feedback, ensuring a high level of customer satisfaction. Service Delivery Optimization : Continuously review and optimize SOC processes, workflows, and tools to improve efficiency and effectiveness. Implement automation and orchestration (SOAR) to streamline repetitive tasks and improve response times. Collaborate with security engineering teams to maintain, update, and fine-tune detection systems (SIEM, IDS/IPS, EDR) and ensure the SOC’s capabilities remain state-of-the-art. Implement proactive threat hunting and use case tuning to reduce false positives and increase detection accuracy. SOC Technology Management : Oversee the use and management of SOC tools such as SIEM, SOAR, EDR, threat intelligence platforms, and log management solutions. Ensure that log sources, alerts, and security data from client environments are properly ingested and monitored. Work with the engineering team to ensure that tools and technologies are up-to-date and meet the operational needs of the SOC and its clients. Team Leadership and Development : Lead, coach, and mentor the SOC team, providing training and professional development opportunities to enhance their skills and knowledge. Conduct performance evaluations, set goals, and provide feedback to SOC team members. Foster a culture of collaboration, knowledge sharing, and continuous improvement within the SOC team. Ensure team members are cross trained on various tools and security technologies used within the MSSP SOC. Compliance and Reporting : Ensure SOC operations comply with industry standards and regulations (e.g., ISO 27001, PCI-DSS, GDPR) and client-specific security requirements. Provide regular and ad-hoc reports to clients, demonstrating SOC performance, incident details, threat trends, and service improvements. Manage audits and assessments of SOC processes and ensure that the SOC meets internal and external compliance requirements. Threat Intelligence and Continuous Improvement : Collaborate with the threat intelligence team to stay updated on the latest threats, vulnerabilities, and attack techniques. Incorporate threat intelligence into SOC workflows and detection use cases to improve threat detection capabilities. Lead efforts to refine and develop new use cases, alerts, and detection logic to ensure the SOC can effectively respond to emerging threats. Collaboration and Communication : Act as the bridge between the SOC team, other departments, and external partners, ensuring smooth communication and collaboration across the organization. Collaborate with the incident response, security engineering, and risk management teams to improve overall security posture. Engage with vendors and technology providers to optimize the SOC’s toolset and capabilities. Qualifications: Education : Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree in Cybersecurity or Business Management is preferred. Experience : 7+ years of experience in cybersecurity, with at least 3+ years in SOC management or an equivalent leadership role. Experience working in an MSSP or managing security operations for multiple clients is preferred. Strong experience with security tools (SIEM, EDR, IDS/IPS), threat intelligence, and incident response. Proven track record of leading teams in a 24/7 SOC environment. Certifications : One or more of the following (or similar): CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) GIAC (GCIH, GCIA, GSOC) CompTIA Security+ CEH (Certified Ethical Hacker) How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Key Responsibilities Monitor, identify, and respond to security incidents across systems and networks. Implement and maintain security measures such as firewalls, intrusion detection systems (IDS), and endpoint protection. Conduct regular vulnerability assessments and penetration tests on systems and applications. Collaborate with DevOps and Engineering teams to integrate security best practices into CI/CD pipelines. Manage and review access controls, identity management, and secure configurations. Investigate and remediate security breaches, threats, and anomalies. Stay current with the latest security trends, vulnerabilities, and threat intelligence. Document security processes, policies, incident response plans, and risk assessments. Assist in compliance efforts (e.g., ISO 27001, SOC 2, GDPR) as applicable. Required Skills and Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Proven experience in system/network/application security. Strong knowledge of cybersecurity frameworks and standards (OWASP, NIST, CIS). Familiarity with tools such as Wireshark, Nessus, Burp Suite, Metasploit, or similar. Hands-on experience with cloud platforms (AWS, Azure, or GCP) and securing cloud infrastructure. Understanding of secure coding practices and code review for security flaws. Scripting knowledge (e.g., Python, Bash, PowerShell) is a plus. Nice to Have Security certifications like CEH, CISSP, OSCP, or CompTIA Security+. Experience in automating security tasks or using SIEM tools. Knowledge of container security (e.g., Docker, Kubernetes). Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Flexible schedule Paid sick time Paid time off Provident Fund Ability to commute/relocate: Gandhinagar, Gujarat: Reliably commute or planning to relocate before starting work (Required) Experience: Security Engineer: 2 years (Required) Work Location: In person

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. Role Summary We’re looking for a motivated and detail-oriented individual to join our hardware development team. This role is ideal for candidates with a strong academic foundation in computer engineering or related fields, as well as candidates with practical experience in embedded systems, hardware design, or system-level programming. What you will do Help develop, validate and maintain Sophos Hardware/Cybersecurity products throughout the lifecycle Manage and maintain automation systems and enhance testing capabilities using python Debug and troubleshoot any software and hardware issues Collaborate with hardware engineers to ensure smooth integration Document code and automation process clearly and accurately Support Test and Validation Efforts Be present in person at the Sophos office every day What you will bring Bachelor’s degree in computer engineering, computer science or a related field. Strong understanding of computer architecture, microprocessors and embedded systems. Proficiency in Python syntax, data structures, object-oriented programming and common libraries Familiarity with operating systems, such as Linux and Windows. Understanding of CI/CD deployment practices and tools like Jenkins Knowledge of version control systems, primarily Git, for managing code changes and collaborating with others. Ability to automate testing of APIs is plus Understanding of networking concepts, e.g., DNS, DHCP, PXE/iPXE, and how they affect automation tasks. Excellent problem-solving and analytical skills, with the ability to troubleshoot and resolve technical issues. Strong communication and collaboration skills, with the ability to work effectively in a team environment. #LI-Hybrid #B1 Ready to Join Us? At Sophos, we believe in the power of diverse perspectives to fuel innovation. Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply. What's Great About Sophos? Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach. Please refer to the location details in our job postings for further information. Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit Employee-led diversity and inclusion networks that build community and provide education and advocacy Annual charity and fundraising initiatives and volunteer days for employees to support local communities Global employee sustainability initiatives to reduce our environmental footprint Global fitness and trivia competitions to keep our bodies and minds sharp Global wellbeing days for employees to relax and recharge Monthly wellbeing webinars and training to support employee health and wellbeing Our Commitment To You We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know. Data Protection If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. For more information on Sophos’ data protection practices, please consult our Privacy Policy Cybersecurity as a Service Delivered | Sophos

Join our Team About this opportunity: We are looking for an experienced ArcSight Solution Architect to lead the design, implementation, and optimization of ArcSight-based security solutions. The ideal candidate will have deep expertise in SIEM (Security Information and Event Management), with hands-on experience in ArcSight architecture, deployment, and integration with various log sources and security tools. The role also includes close collaboration with cloud engineering, security operations, and compliance teams to ensure end-to-end security visibility across the GCP environment. What will you do: Analyse and understand new log source formats (syslog, flat files, APIs, JSON etc.). Design and develop custom Flex Connectors, including support for JSON and non-standard log formats & deploy ArcSight Flex Connectors for custom log source integration. Lead parser creation and tuning for various log sources and security technologies. Collaborate with the SOC and threat intel teams to build detection use cases and correlation rules aligned with MITRE ATT&CK. Integrate ArcSight with SOAR platforms for automated response, leveraging Python scripting. Conduct feasibility analysis for new integrations and support parser deployment lifecycle. Review parser performance, log quality, EPS optimization, and correlation tuning. Document architecture, parser specifications, playbooks, and integration workflows. Lead implementation projects, including installation, configuration, and tuning of ArcSight ESM, Logger, and Smart Connectors. Work closely with security operations and infrastructure teams to integrate log sources and develop use cases. Perform infrastructure sizing, health checks, and system performance tuning. Develop and maintain documentation including solution design, implementation guides, and SOPs. Provide subject matter expertise during POCs, and implementation support. The skills you bring: Bachelor in CS/IT or similar 8+ years of experience in cybersecurity with at least 4+ years in ArcSight solution design and deployment. Familiarity with regular expressions (regex) for parsing custom logs. Experience with log onboarding, parsing, and normalization processes. Log analysis (Analyst) Understanding of cloud environment (GCP) & Kubernetes & docker technologies Integration of different types of log sources Solid understanding of - CEF (Common Event Format) ,ArcSight Event Schema and Field Mapping, Device/Product Event Categorization Knowledge of Linux/Unix systems and basic scripting. Experience with ArcSight content development: rules, correlation, dashboards, reports. And familiarity with ArcSight upgrades and migration planning. Strong understanding of log management, threat detection, and SOC workflows. Knowledge of related tools and platforms such as SIEM, SOAR, firewalls, IDS/IPS, endpoint security. Scripting knowledge (e.g., Python, Shell) for automation and data parsing. Excellent communication and stakeholder management skills. Architect and implement end-to-end SIEM solutions using ArcSight 24* (ESM, SmartConnectors, Thub, Recon). Hands-on experience in leading parser development, customization, and tuning for various log sources and third-party security technologies. Integrate ArcSight with SOAR platforms for automated response, leveraging Python scripting. Skilled in performing feasibility analysis and POCs for new log source integrations and managing the complete parser deployment lifecycle. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Req ID: 770473

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. Role Summary MDR Sales Lead is an overlay Sales function. The person would be a second layer of specialised engagement with the existing Enterprise customers, prospects and is expected to have an in-depth understanding of the managed security services and market opportunity available. Person should be able to position the MDR services effectively and appropriately with the customers and build the business opportunity for Sophos India working closely with all the stakeholders across the Globe. What you will do As the Sales Leader for MDR Services, you would be the lead for Services Sales for the country. You will be a part of defining the strategy for MDR Services growth in India, strengthen key relationships with C-level executives, build visibility for and expand business for Sophos India‚ MDR Services. You will work closely with Regional Heads and Sales Leaders for the Account/partner management teams, Presales and Solution Leaders and drive the right engagement with customers to showcase the strength of the Sophos MDR services You will also partner with other functional teams across Product, Compliance, Operations and Enablement to remove barriers and ensure flawless execution and success of the customer engagement. The ideal candidate will possess Sales and Technical knowledge with exposure to sales and delivery of Security Services that enables him or her to develop and execute the plan, to meet Order and Revenue objectives. The person is also expected to be a self-starter who will elevate the conversation with customers to strategic levels and build long standing relationships for Sophos India Develop and execute the plan to meet and exceed book of orders & Revenue targets Effectively position Sophos MDR Services You should possess excellent inter-personal skills to seamlessly collaborate with the entire Sales team Manage all the moving parts of the business with the relevant stakeholders Opportunity ownership and qualification / creation of funnel, forecast deal closures Provide Market insights and competition updates to stakeholders Maintain operational discipline in all execution parameters; respond to all weekly, monthly, quarterly updates in time as may be expected on an on-going basis Support Sales team effectively through regular conversations and support them in handling their respective customer patches effectively to enable them to meet their targets and objectives Handle training activities with the sales teams as may be required What you will bring Min 5-10 years of Cyber security industry experience with minimum 5 years in security services selling Any Security certifications will be an advantage, but not a must Must show demonstrable experience in having developed C-level relationships Demonstrate business acumen in presenting solutions on an ROI basis, strategies, successful penetration of territories for services business growth and across an entire spectrum of buyers, influencers and C-Level decision makers Relationship with Enterprise level of customer, >5000 users Prior CRM experience (preferable Salesforce) #B2 Ready to Join Us? At Sophos, we believe in the power of diverse perspectives to fuel innovation. Research shows that candidates sometimes hesitate to apply if they don't check every box in a job description. We challenge that notion. Your unique experiences and skills might be exactly what we need to enhance our team. Don't let a checklist hold you back – we encourage you to apply. What's Great About Sophos? · Sophos operates a remote-first working model, making remote work the primary option for most employees. However, some roles may necessitate a hybrid approach. Please refer to the location details in our job postings for further information. · Our people – we innovate and create, all of which are accompanied by a great sense of fun and team spirit · Employee-led diversity and inclusion networks that build community and provide education and advocacy · Annual charity and fundraising initiatives and volunteer days for employees to support local communities · Global employee sustainability initiatives to reduce our environmental footprint · Global fitness and trivia competitions to keep our bodies and minds sharp · Global wellbeing days for employees to relax and recharge · Monthly wellbeing webinars and training to support employee health and wellbeing Our Commitment To You We’re proud of the diverse and inclusive environment we have at Sophos, and we’re committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know. Data Protection If you choose to explore an opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our Privacy Policy and used by our recruitment team to contact you regarding this or other relevant opportunities at Sophos. If you would like Sophos to delete or update your details at any time, please follow the steps set out in the Privacy Policy describing your individual rights. For more information on Sophos’ data protection practices, please consult our Privacy Policy Cybersecurity as a Service Delivered | Sophos

position: Cybersecurity Enterprise Sales SIEM Engineering Focus Location: Hyderabad/Bangalore/Mumbai Role Overview: We are seeking a dynamic and results-driven Cybersecurity Enterprise Sales professional to join our team. This role is focused on selling advanced cybersecurity solutions, including SIEM, SOAR, and Adaptive MDR offerings, to mid-to-large enterprises. The ideal candidate will have a strong foundation in cybersecurity operations, particularly SIEM engineering, and a proven track record in enterprise technology sales Key Responsibilities: Develop and execute a strategic sales plan to meet and exceed quarterly and annual sales targets. Identify, qualify, and pursue new business opportunities in enterprise accounts. Conduct engaging product presentations and solution demonstrations to prospective clients. Understand customer security needs and map solutions accordingly, with a focus on SIEM, SOAR, and MDR. Lead contract negotiations and close deals. Build and maintain long-term relationships with key stakeholders and channel partners. Stay current on the latest cybersecurity trends and emerging technologies. Collaborate with internal technical and product teams to align solutions with customer needs. Required Qualifications: Bachelor's degree in Business, Computer Science, Information Security, or a related field. 8+ years of experience in cybersecurity sales, with a focus on enterprise customers. Hands-on understanding of SIEM tools (e.g., Splunk, IBM QRadar, Securonix) and security operations workflows. Proven ability to meet or exceed sales targets in a complex, solution-oriented environment. Excellent communication, presentation, and negotiation skills. Self-starter with the ability to work independently and cross-functionally Preferred Skills: Experience selling MDR, SIEM, SOAR, or AI-driven security solutions. Familiarity with SaaS security platforms and cloud security posture management. Background in threat detection, incident response, or SIEM engineering is a strong plus

While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth. If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi! As a Google SecOps Platform Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. You will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernising, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features. Spearhead the architecture and implementation of Google SecOps environment on Google Cloud Platform for large scale deployments and migration. Strategic design and implementation of data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of Google SecOps customers. Design, plan and implement data migrations from existing SIEM/SOAR platforms of customers to Google SecOps. Hardening of critical infrastructures and platform services leveraged by Google SecOps. Integration of Google SecOps with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and/or integrations to extend Google SecOps platform functionality. Monitor performance and perform timely actions to scale Google SecOps deployment, especially in a very high-volume security environment. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Minimum Qualifications Bachelor’s degree in Computer Science, Engineering or related technical field or equivalent practical experience. Implementation experience of YARA-L 2.0 and at least one more general purpose language. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience in architecting, developing, or maintaining secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality 10+ years experience in leading projects and delivering technical solutions related to security Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Google SecOps experience in the areas of responsibility for at least 1 year. Ability to be located in Mumbai, India for at least 1 year. Hands on and deep knowledge of security principles. Demonstrated experience in Cloud Security delivered within the context of customer facing roles. Good To Have Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Excellent organizational, problem-solving, articulating and influencing skills. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). Google Cloud Professional Certifications (Security, Architect) and other industry certifications (CISSP, CCSP etc) If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us !

While technology is the heart of our business, a global and diverse culture is the heart of our success. We love our people and we take pride in catering them to a culture built on transparency, diversity, integrity, learning and growth. If working in an environment that encourages you to innovate and excel, not just in professional but personal life, interests you- you would enjoy your career with Quantiphi! As a Google SecOps SIEM Engineer , you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. You will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernising, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features. Lead the design and implementation of Google SecOps data ingestion from diverse sources, various mechanisms for integration and normalization of logs. Extension of pre-built UDMs in Google SecOps and creation of custom parsers where required for log sources. Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and/or integrations to extend SIEM platform functionality. Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment. Creation of SIEM assets such as: detection rules using YARA-L, dashboards, parsers etc. Migration of existing assets from existing customer’s SIEM/SOAR to SecOps and assisting in implementing the SIEM/SOAR phase-out, phase-in approach. Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashbords etc. Design and implement solutions to handle alert fatigue encountered in SIEM correlation. Creation of custom SIEM dashboards to meet customer requirements. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Debug and solve customer issues in ingestion, parsing, normalization of data etc. Develop SOAR playbooks to provide case handling and Incident response as per triage needs. Minimum Qualification Bachelor’s degree in Computer Science, Engineering or related technical field or equivalent practical experience. Google SecOps SIEM experience in the areas of responsibility for at least 1 year. Implementation experience of YARA-L 2.0 and at least one more general purpose language. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality 8+ years experience in leading projects and delivering technical solutions related to security Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Ability to be located in Mumbai, India for at least 1 year Good To Have Experience in Prevention, Detection and response to cyber threats Google SecOps SOAR experience of 1 year in creation of playbooks, testing and validation of playbooks, integration with custom actions using bespoke scripts, or other SOAR platforms Knowledge and experience in SIEM platforms Knowledge in GCP, including Google Cloud Professional Certifications (Security, Architect) and other industry certifications (CISSP, CCSP etc) Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Excellent organizational, problem-solving, articulating and influencing skills. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us !

GOOGLE SecOps SIEM Engineer (INDIA, Mumbai) Job Title SecOps SIEM Engineer, Google Cloud Professional Services Role Description (About The Job) As a Google SecOps SIEM Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. You will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernising, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features. Responsibilities Lead the design and implementation of Google SecOps data ingestion from diverse sources, various mechanisms for integration and normalization of logs. Extension of pre-built UDMs in Google SecOps and creation of custom parsers where required for log sources. Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and/or integrations to extend SIEM platform functionality. Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment. Creation of SIEM assets such as: detection rules using YARA-L, dashboards, parsers etc. Migration of existing assets from existing customers SIEM/SOAR to SecOps and assisting in implementing the SIEM/SOAR phase-out, phase-in approach. Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashbords etc Design and implement solutions to handle alert fatigue encountered in SIEM correlation. Creation of custom SIEM dashboards to meet customer requirements. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Debug and solve customer issues in ingestion, parsing, normalization of data etc Develop SOAR playbooks to provide case handling and Incident response as per triage needs Minimum Qualifications (MQs) Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. Google SecOps SIEM experience in the areas of responsibility for at least 1 year. Implementation experience of YARA-L 2.0 and at least one more general purpose language. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality 8+ years experience in leading projects and delivering technical solutions related to security Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Ability to be located in Mumbai, India for at least 1 year

GOOGLE SecOps SOAR Engineer (INDIA, Mumbai) Job Title SecOps SOAR Engineer, Google Cloud Professional Services Role Description (About The Job) As a Google SecOps SOAR Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. You will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernising, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features. Responsibilities Lead the design and implementation of Google SecOps SOAR playbooks for security use cases, such as phishing incident response, vulnerability triage, or threat hunting on Google SecOps based on specific threat models. Integration of Google SecOps SOAR with other security capabilities and tools such as SIEM, EDR, NDR threat intelligence platform, and ticketing systems. Design testing and conduct validation of SOAR playbooks before deployment to live environment. Write custom actions, scripts and/or integrations to extend SOAR platform functionality. Monitor performance and perform timely actions to scale SOAR deployment, especially in a high-volume security environment. Migration of existing assets from existing customers SIEM/SOAR to SecOps and assisting in implementing the SIEM/SOAR phase-out, phase-in approach. Develop SOAR playbooks to provide case handling and Incident response as per triage needs Creation of SOAR assets such as reports etc. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Minimum Qualifications (MQs) Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. Google SecOps SOAR experience in the areas of responsibility for at least 1 year Coding experience in one or more general purpose languages. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience architecting, developing, or maintaining secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality 8+ years experience in leading projects and delivering technical solutions related to security Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Ability to be located in Mumbai, India for at least 1 year

Location: Okhla, Delhi Experience: 5–10 Years Industry Background: System Integration / Cybersecurity / Enterprise IT Department: Information Security / IT Infrastructure Key Responsibilities Solution Design & Deployment: Design and implement enterprise-grade network and cybersecurity solutions as per customer requirements. Configure and deploy firewalls, routers, switches, wireless controllers, and security appliances (Fortinet, Cisco, Arista, Palo Alto, etc.). Integrate security tools such as endpoint protection, DLP, SIEM, email security, and MFA solutions. Work on Layer 2/3 switching, routing protocols (OSPF, BGP), VLANs, VPNs, and load balancers. Customer Support & Project Execution: Deliver end-to-end project execution including installation, configuration, UAT, documentation, and handover. Provide L2/L3 technical support for troubleshooting and incident resolution in customer environments. Work in coordination with OEMs for escalations and TAC support. Pre-sales & Technical Consultation: Assist the sales team with solution design, BOM preparation, and proposal documentation. Participate in customer meetings, technical presentations, and POCs (Proof of Concept). Conduct site surveys and assessments for solution sizing and planning. Documentation & Compliance: Prepare high-quality implementation and configuration documentation. Ensure adherence to best practices and customer-specific compliance requirements (ISO, PCI-DSS, etc.). Job Type: Full-time Pay: ₹600,000.00 - ₹1,200,000.00 per year Benefits: Health insurance Provident Fund Work Location: In person

Position: Team Lead-SOC, Noida Department: Information Technology | Role: Full-time | Experience: 7 to 12 Years | Number of Positions: 1 | Location: Noida Skillset: SOC Lead, Team Lead, Threat monitoring, Cyber Security, Forensics Services, Audit Trails, SIEM, ITSM Tools, Excellent English communication skills Job Description: We are seeking for SOC Lead to support threat monitoring, detection, event analysis, incident response/reporting, brand monitoring, forensics and threat hunting activities for its SOC, which is a 24/7 environment. The individual must be able to rapidly respond to security incidents and should have at least 7 years of relevant experience in Cyber security incident response. Should have deeper understanding with some hands-on experience on enterprise IT infra components such as advanced firewalls, IPS/IDS/WIPS/HIPS, routers/switches, TACACS, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, DLP etc. along with cloud environments like AWS (Must), Azure etc. Responsibilities: • Should be able to manage a SOC L1/L2 team • Providing incident response/investigation and remediation support for escalated security alerts/incidents • Work with various stakeholders for communicating and remediating the cyber incidents • Use emerging threat intelligence IOCs, IOAs, etc.to identify affected systems and the scope of the attack and perform threat hunting, end user’s systems and AWS infrastructure • Provides support for complex computer/network exploitation and defense techniques to include deterring, identifying and investigating computer, applications and network intrusions • Provides technical support for forensics services to include evidence capture, computer forensic analysis and data recovery, in support of computer crime investigation. • Should be able to safeguard and custody of audit trails in case of any security incident • Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends. • Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats. • Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response. • Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling. • Has a sound understanding of SIEM (Splunk, Datadog, Arcsight etc), PIM/PAM, EDR, O365 security suite and other threat detection platforms and Incident Response tools. • Should have knowledge of integrating security solutions to SIEM tool and crate the use cases as per the best practices and customized requirements • Has knowledge on working on ITSM tools such as JIRA, Service NOW etc • Has a logical, disciplined and analytical approach to problem solving • Has knowledge of current threat landscape such as APTs • Has basic knowledge of Data Loss Prevention monitoring • Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) • Should be flexible to work in 24*7 environment Preferred qualifications: Security Certifications Preferred (but not limited to): CISSP, CHFI, CEH Additional Information: • This is 5 days work from office role.(No Hybrid/ Remote options available) • There are 2-3 rounds in the interview process. • Final round will be F2F only (Strictly) Required Qualification: Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) - IT/CS/E&CE/MCA With a Top Pharmacovigilance IT Products MNC

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. Position Summary We are looking for a skilled Software Engineer with 3-5 years of experience in Java development, SaaS architectures, and cybersecurity solutions. You will play a key role in designing and implementing scalable security applications while following best practices in secure coding and cloud-native development. Key Responsibilities Develop and maintain scalable, secure software solutions using Java. Build and optimize SaaS-based cybersecurity applications, ensuring high performance and reliability. Collaborate with cross-functional teams including Product Management, Security, and DevOps to deliver high-quality security solutions. Design and implement security analytics, automation workflows and ITSM integrations. Basic Qualifications A bachelor’s or master’s degree in computer science, electronics engineering or a related field 3-5 years of experience in software development using Java. Experience with cloud platforms (AWS, GCP, or Azure) and microservices architectures. Proficiency in containerization and orchestration tools (Docker, Kubernetes). Knowledge of DevSecOps principles, CI/CD, and infrastructure-as-code tools (Terraform, Ansible). Preferred Qualifications Exposure to cybersecurity solutions, including SIEM (Splunk, ELK, QRadar) and SOAR (XSOAR, Swimlane). Familiarity with machine learning or AI-driven security analytics. Strong problem-solving skills and ability to work in an agile, fast-paced environment. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

At Securonix, we’re on a mission to secure the world by staying ahead of cyber threats, reinforcing all layers of our platform with AI capabilities. Our Securonix Unified Defense SIEM provides organizations with the first and only AI-Reinforced solution built with a cybersecurity mesh architecture on a highly scalable data cloud. Enhanced by Securonix EON’s AI capabilities, our innovative cloud-native solution delivers a seamless CyberOps experience, empowering organizations to scale their security operations and keep up with evolving threats. Recognized as a five-time leader in the Gartner Magic Quadrant for SIEM and highly rated on Gartner Peer Insights, our award-winning Unified Defense SIEM provides organizations with 365 days of ‘hot’ data for rapid search and investigation, threat content-as-a-service, proactive defense through continuous peer and partner collaboration, and a fully integrated Threat Detection, Investigation, and Response (TDIR) experience—all within a single platform. Built on a cloud-native architecture, the platform leverages the Snowflake Data Cloud for unparalleled scalability and performance. Securonix is proud to be a cybersecurity unicorn and featured in CRN's 2024 Security 100 list. Backed by Vista Equity Partners, one of the largest private equity firms with over $100 billion in assets under management, we have a unique advantage in driving innovation and growth. With a global footprint, we serve more than 1,000 customers worldwide, including 10% of the Fortune 100. Our network of 150+ partners and Managed Security Service Providers (MSSPs) enables us to deliver unmatched security solutions on a global scale. At Securonix, we are driven by our core values and place our people at the heart of everything we do: Winning as One Team: We work together with universal respect to achieve aligned outcomes Customer Driven Innovation: We innovate to stay ahead of the market and create value for our customers Agility in Action: We embrace change and are unified in our purpose and objectives amidst change Join us as we redefine cybersecurity, innovate fearlessly, and grow together as one team. Role Summary: The SIEM Engineer III position is an integral part of our Professional Services team. In this role, you will work with our customers , supporting our mission to help them quickly and completely adopt our Security Operating Platform, leaving them more secure. This is a highly technical, hands-on role that will focus on architecting, planning, implementing, and operationalizing the SIEM platform. The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customers. Securonix Next-Gen SIEM and UEBA experience, although desired, is not required, but the candidate must have SIEM and SOAR software expertise and be willing to train on the Securonix platform and products. Primary Responsibility: Lead end-to-end SIEM implementation or integrations in a customer environment. Understand customer business requirements and the threat landscape applicable to their industry’s vertical sector to develop tailored use cases for security and Incident monitoring. Coordinate with customers to deploy collectors and agents in the on-premises network for data collection and forwarding. Work with customers to design and implement secure data flow into the Securonix cloud, following industry-standard best practices. Coordinate with service delivery managers, management, engineering, maintenance, and operational support teams to ensure timely delivery. Develop content, use cases, data models, dashboards, and connectors to support custom user requirements. Troubleshooting end-to-end network and infrastructure issues during data onboarding. Deploy and integrate the Securonix SOAR solution with the customer infrastructure for response orchestration. Engage with customers and internal product development teams to gather user requirements, suggest new product features, and help improve existing ones. Training and enabling customers and partners for successful adoption. Minimum Requirements: 5+ years of experience in information security and SIEM field. Strong understanding of SIEM solutions such as Splunk, Qradar, ArcSight, Logrhythm and Exabeam. Experience deploying SIEM across multiple customers. Good understanding of MITRE ATT&CK matrices, kill chains and other attack models. Strong communication skills and customer facing experience. Strong knowledge of scripting languages such as Python, Powershell. Industry certifications such as CISSP, CISM Preferred: BS in Computer Science, Information Systems, CyberSecurity 3-4+ years of experience in UEBA deployment Working knowledge of Machine learning in cybersecurity Working knowledge of cloud technologies such as Amazon, Azure and Google Good understanding of log collection methodologies and aggregation techniques such as Syslog-NG, syslog, Nxlog, Windows Event Forwarding Good understanding of Hadoop ecosystem and Apache technologies. Experience integrating endpoint security and host-based intrusion detection solutions Experience with network forensics and toolsets such as Wireshark, PCAP, tcpdump Benefits: As a full-time employee with Securonix, you will be eligible for the following employee benefits: Health Insurance with a total sum insured is INR 7,50,000 Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law Personal Accident with total sum insured is INR 10,00,000 Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered. Securonix provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training. Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated. Headhunters and recruitment agencies may not submit candidates through this application. Securonix does not accept unsolicited headhunter and agency submissions for candidates and will not pay fees to any third-party agency without a prior agreement with Securonix.