Job Description Seeking a strong Senior Software Engineer to help build the Oracle Cloud Observability Platform. The ideal candidate possesses robust distributed systems skills, understands networking and OS fundamentals. The Oracle Cloud Infrastructure (OCI) team builds and manages a suite of large-scale, integrated cloud services in a broadly distributed, multi-tenant environment. OCI is committed to providing top-tier cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges. The Observability organization within OCI is on a mission to deliver a world-class Integrated Observability and Management platform for our customers. This platform works seamlessly across OCI, other clouds, and on-premises environments to provide a unified view. Our integrated platform combines Logging, Monitoring, Auditing, SIEM, Events, Inventory, and other services. We continuously innovate each of these services to make them feature-rich and integrate them seamlessly to provide meaningful insights into resources and data. Career Level - IC3 Responsibilities Key Responsibilities: Hands-on and top-tier engineer who can design and drive end to end engineering efforts (incld development, test infrastructure, operational excellence) Resolve complex technical issues and make design decisions to meet the critical requirements of this multi-OS/multi-platform scalable, highly available, secure multi-tenant enablement of services in cloud. Mentor and guide junior members in the team on the technological front. Work closely with all the team members including the Other technical Leads, Director, Engineering manager, architects, product, and program managers to deliver product features on time and with high quality. Proactively identify and resolve risks and issues that may dent the team’s ability to implement. Work with external (application) teams’ integration with the product and help guide the integration. Understand various Cloud technologies in Oracle to help evolve the cloud provisioning and enablement process on a continuous basis. Must-have Skills BS/MS degree or equivalent in related technical field involving coding or equivalent practical experience with 5+ years of overall experience along with exposure to at least 1 cloud service provider (AWS/OCI/Azure/GCP etc.) . Experience in building and designing microservices and/or cloud native applications. Being a problem solver with strong can-do attitude and ability to think on the go would be critical for success on this role. Strong fundamentals on OS, networks, distributed systems, designing fault tolerant and high available systems. Strong on at least one of the modern programming languages (Java, Kotlin, Python, C#) along with containers experiences (likes of Docker/Kubernetes). Demonstrated ability to adapt to new technologies and learn quickly. Must be detail-oriented (critical and conscientious eye for detail), task-driven and have excellent communication skills. Be organized and goal-focused, ability to deliver in a fast-paced environment with minimal direction. Strong, creative problem-solving skills and ability to abstract and share details to create substantial articulation. Preferred Skills Or Nice-to-have Skills Experience with Architectural patterns for High Availability, Performance, Scale Out architecture, Disaster Recovery, Security Architecture Knowledge of cloud-based architectures, deployment and operational aspects of cloud set up is a plus. Prior experience/knowledge on multi-OS/multi-platform products would be a significant plus. Experience in implementing container monitoring tools like Prometheus/Grafana, CI/CD pipelines (Jenkins, GitLab etc.), using/creating build tools (Gradle, Ant, Maven, or similar) About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Responsibilities Manage a team of senior Networking and Security personnel. Serves as the subject matter expert (SME) on Cloud networking and security, having previously worked in a senior technical network or security role. Help deliver and manage projects that apply the company’s security policies and standards for use in cloud environments. Communicate security concepts to different audiences ranging from business leaders to engineers, as well as customers. Serve as a key subject matter expect in security and networking topics and support delivery of core services from a network & security perspective. Mentor and influence team members in implementing and delivering projects and performing ongoing security and network monitoring. Help design security frameworks and effective solutions for vulnerability remediation. Develops standards, policies, and procedures as well as best practices documentation. Able to translate technical requirements into business requirements. Assist team members to update their security and networking skills and knowledge. Collaborate with other IT teams, developers, and business stakeholders to ensure alignment on network and security requirements. Stay up-to-date with the latest cloud networking and security trends and technologies. Develop and execute security roadmaps and initiatives. Drive change and improvements in security delivery of our Cloud security services. Education / Qualifications A university qualification of Bachelor's degree level in Engineering/IT, or a related field. Skills Required Strong experience in a Security and networking leadership role (5 years+ in a management role combined with previous experience working at a senior technical level for 5 years+ in network/security role). Extensive security management experience in an environment leveraging Azure and/or AWS public cloud platforms. Strong Application, Networking, & Cloud Security knowledge and experience. Previous experience working in environments that leverage public Cloud. Extremely knowledgeable in security and networking technical matters. Experience of compliance standards, including ISO27001 and/or SOC2. Familiarity with directives such as GDPR and NIS2/DORA. Experience of team management and interview protocols. Strong understanding of penetration testing and vulnerability assessments. Experience with project management and security project delivery. Solid understanding of application development and SDLC. Security certifications a strong plus (eg CISSP). Fluent English speaker. Desired Technical Skills Or Knowledge Areas Expertise in Azure and AWS networking and security services. Proficiency in network protocols and technologies (e.g., TCP/IP, DNS, VPN, routing). Knowledge of security frameworks and standards (e.g., NIST, CIS). Experience with SIEM, IDS/IPS, and vulnerability management tools. Strong practical experience with Fortinet security solutions (FortiGate, FortiAnalyzer, etc.). Proficiency in using Rapid7 security tools (Insight IDR & VM) for vulnerability management and forensic investigation. Experience with tooling used for malware analysis and threat prevention. Experience with ManageEngine suite of products, especially PAM360 and Patch Manager Plus. Scripting and automation knowledge (e.g., Python, PowerShell, Terraform). About Hexagon Hexagon is the global leader in digital reality solutions, combining sensor, software and autonomous technologies. We are putting data to work to boost efficiency, productivity, quality and safety across industrial, manufacturing, infrastructure, public sector, and mobility applications. Our technologies are shaping production and people related ecosystems to become increasingly connected and autonomous – ensuring a scalable, sustainable future. Hexagon (Nasdaq Stockholm: HEXA B) has approximately 24,500 employees in 50 countries and net sales of approximately 5.4bn EUR. Learn more at hexagon.com and follow us @HexagonAB. Hexagon’s R&D Centre in India Hexagon’s R&D Centre in India is the single largest R&D centre for the company globally. More than 2,000 talented engineers and developers create innovation from this centre that powers Hexagon's products and solutions. Hexagon’s R&D Centre delivers innovations and creative solutions for all business lines of Hexagon, including Asset Lifecycle Intelligence, Autonomous Solutions, Geosystems, Manufacturing Intelligence, and Safety, Infrastructure & Geospatial. It also hosts dedicated service teams for the global implementation of Hexagon’s products. R&D India – MAKES THINGS INTELLIGENT Asset Lifecycle Intelligence: Produces insights across the asset lifecycle to design, construct, and operate more profitable, safe, and sustainable industrial facilities. Everyone is welcome At Hexagon, we believe that diverse and inclusive teams are critical to the success of our people and our business. Everyone is welcome—as an inclusive workplace, we do not discriminate. In fact, we embrace differences and are fully committed to creating equal opportunities, an inclusive environment, and fairness for all. Respect is the cornerstone of how we operate, so speak up and be yourself. You are valued here. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required. What You'll Be Doing Key Responsibilities: Min 3 Years exp in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Client’s requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of ITIL processes. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled Security Consultant to join our Cisco Secure Access Helpdesk team. The ideal candidate should have a strong foundation in network security, with hands-on experience in deploying and managing security solutions to ensure secure network access and data protection. This role requires expertise in any or all of the following technologies - SASE solutions such as Zscaler and Prisma Access, Cisco Umbrella, VPN deployments such as Cisco AnyConnect, and Next generation firewall configurations. Key Responsibilities Cisco Secure Access Implementation & Migration Deploy and manage Cisco Secure Access SSE solution for assigned customer. Migrate from existing SSE/VPN solution to Cisco Secure Access. Provide support and knowledge transfer to customer after deployment/migration. Basic Qualifications ZScaler SASE solutions deployment and management. Cisco Umbrella implementation and policy enforcement. VPN solutions (SSL/IPSec) design, deployment, and troubleshooting. Cisco AnyConnect configuration and management Cisco routing and firewall deployment (Cisco ASA, Firepower, or similar). Strong understanding of network protocols & services: TCP/IP, DNS, DHCP, HTTP/HTTPS, VPN tunnelling protocols, etc. Familiarity with security monitoring & threat prevention: SIEM solutions, IDS/IPS, endpoint security, and cloud security principles. Experience with network management & monitoring tools to ensure network security and performance. Preferred Qualifications Problem-Solving: Strong analytical and troubleshooting abilities to diagnose and resolve security issues effectively. Communication: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Teamwork: Ability to collaborate effectively with cross-functional teams and work in a fast-paced environment.‍ Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

Role & responsibilities Minimum experience 8 years experience in SIEM and SOAR engineering work. Knowledge on XSOAR, Sentinel SOAR, Splunk Phantom, IBM QRadar, Microsoft Sentinel, Tines SOAR. Should have experience configuring Security Orchestration, Automation, and Response tools, scripts, events, and playbooks. Should be well versed with XSOAR application components and know how to configure it and implement system updates. Should be able to create and maintain custom content and playbooks. Should be able to troubleshoot client/server issues. Should be able to manage and maintain the health of Security Orchestration, Automation, and Response infrastructure manager/clients. Must possess strong Python, JavaScript and other scripting skills to automate system maintenance tasks. Must be comfortable and proficient in use of regular expression (regex). Must have a solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Must possess strong analytical, problem solving and documentation skills• Experience in creating threat detection use cases on any SIEM tools (QRadar/Sentinel/Splunk) Experience in Log Source integration for use case and SOAR automation Strong defensive mindset with understanding of security events of interest for building detection rules Experience with programming (preferably Python, REST API), automation or machine learning Good in query languages like SQL, KQL, AQL from Splunk, Sentinel and QRadar pov Good command of the English language, both written and verbally Must demonstrate strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What You'll Be Doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LIC’s security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L3) is a seasoned engineering role, responsible for providing a service to clients by proactively identifying and resolving technical incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and is responsible for managing tickets of high complexity, conducts advanced and complicated tasks, aware of client's high level and low-level security architecture and provides resolution to a diverse range of complex problems. This position uses considerable judgment and independent analysis within defined policies and practices and applies analytical thinking and deep technical expertise in achieving client outcomes, while coaching and mentoring junior team members across functions. The Security Managed Services Engineer (L3) may also contribute to / support on project work as and when required. What You'll Be Doing Key Responsibilities: Advanced Cyber Analytics, Proactively drive hunting and analysis against the dataset available for customers Work with our security operations center (SOC) and take the lead role in threat detection and incident response activities Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure Use Big Data Analytics platform to identify threats, determine root cause, scope, and severity of each and compile/report findings Work with Threat Intelligence and Malware solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise Leveraging tactical and technical intelligence for eradication of threats Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs Identify potential malicious activity from memory dumps, logs, and packet captures Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture Create Threat Models based on Mitre ATT&CK framework and cyber kill chain for customers Linking of threat models with SIEM use cases and hunting exercises Basic Malware Analysis Work with SOAR platforms to generate and configure orchestration workflows and responses Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience) Required Experience: Seasoned Managed Services experience handling complex Security Infrastructure. Seasoned experience required in Engineering function within a medium to large ICT organization. Seasoned working knowledge of ITIL processes. Seasoned experience working with vendors and/or 3rd parties. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required. What You'll Be Doing Key Responsibilities: Min 3 Years exp in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Client’s requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of ITIL processes. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Job Title: Senior Security Analyst Threat Hunting & Incident Response Location: Bangalore (Rotational Shifts) Mode of work- 5 days WFO Experience: 8+ Years Job Type: Full-time Job Description: We are looking for a highly skilled and experienced Senior Security Analyst to join our client's Cybersecurity team. This role involves leading incident response activities, performing proactive threat hunting, and enhancing our overall security posture through innovative detection strategies and forensic investigations. Key Responsibilities: Lead end-to-end security incident response, including analysis, containment, mitigation, and reporting. Design and implement detective controls for emerging threats and vulnerabilities. Perform proactive threat hunting across multiple platforms and environments. Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. Research emerging threats, vulnerabilities, and attack techniques to improve defenses. Participate in a 24/7 on-call rotation to support incident response and critical investigations. Document incident response activities and produce detailed reports for stakeholders. Conduct post-incident reviews to drive improvements in tools, processes, and readiness. Collaborate across teams to improve the organization’s threat detection and response maturity. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field. Minimum 8 years of experience in Security Operations, Incident Response, or Threat Detection. Strong experience with threat hunting methodologies and frameworks. Hands-on expertise with tools such as SIEM, SOAR, XDR (e.g., Cortex XSIAM, Torq). Working knowledge of MITRE ATT&CK , NIST frameworks, and cyber kill chain concepts. Preferred Skills & Experience: Strong understanding of network and endpoint security, defense-in-depth, and current threat trends. Experience with cloud security (AWS, Azure, GCP) and public cloud defense techniques . Exposure to Endpoint Detection & Response (EDR) tools, forensic analysis, and log correlation. Proficiency in scripting languages (e.g., Python, PowerShell ) for automation and analysis. Relevant certifications such as CISSP, GIAC (GCIA, GCIH, GCFA), CEH are a plus. Strong analytical mindset with the ability to assess risk and prioritize response. Excellent written and verbal communication skills.

* Design, implement & maintain automated security solutions. * Ensure compliance with industry standards & best practices. * Monitor SIEM data & SOC alerts.

Role & responsibilities Primary Skills: SIEM: Platform Engineering, Log Integration, SIEM Reporting, Production Management. Secondary Skills: Identification of various security tools and technologies to enhance the effectiveness of security operations. SOC Lead/L3 Responsibilities: Lead and manage all high-priority and critical security incidents, including end-to-end incident management. Provide support, assistance, and guidance to L1/L2 teams in handling complex issues and incidents. Lead and participate in the study and proof of concept (POC) of tools and technologies that align with the security roadmap. Serve as an expert in one or two key security technologies/tools globally and be part of the global SOC L3/Experts team. Example areas include Threat Hunting, Forensic Analysis, IPS, EDR, DLP, etc. Contribute to the risk detection management approach, consistent with the SG MITRE Matrix and other relevant industry standards. Provide analysis support for complex investigations and improve reaction procedures, run book definitions, and enhancements. Support analyses on cybersecurity technical plans, analysis approaches, and incident management. Identify various security tools and technologies to enhance the effectiveness of security operations. Identify security gaps, develop mitigation strategies, implement solutions, and track progress until closure. Collaborate with various regional SOC and CERT teams on security aspects and incidents as required.

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response, Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection & Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 1.5+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory .

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Job Title: SOC Analyst (SA- Security Analyst – L1 Threat Hunt) Location: Kochi We are seeking a highly motivated Level 1 SOC Threat Hunte r to join our Security Operations Center team. This entry-level role is ideal for individuals with a foundational understanding of cybersecurity who are eager to grow their skills in proactive threat detection and response. As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-have: 2 - 3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, Email security. Excellent written and verbal communication skills. Good to have: Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Monitor security alerts and events from SIEM and other security tools. Perform basic threat hunting across endpoints, network traffic, and log sources using predefined queries and playbooks. Investigate anomalies, potential indicators of compromise (IOCs), and low-fidelity alerts. Escalate verified threats to L2/L3 analysts with relevant context and documentation. Assist in identifying false positives and refining detection rules in collaboration with senior analysts. Document findings, maintain accurate logs of activities, and contribute to reports. Follow standard operating procedures and incident handling workflows. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts, incidents. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹50,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you have worked in the role Threat Hunting and SIEM Tools ? Education: Bachelor's (Required) Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Cohesity is a leader in AI-powered data security and management. Aided by an extensive ecosystem of partners, Cohesity makes it easy to secure, protect, manage, and get value from data — across the data center, edge, and cloud. Cohesity helps organizations defend against cybersecurity threats with comprehensive data security and management capabilities, including immutable backup snapshots, AI-based threat detection, monitoring for malicious behavior, and rapid recovery at scale. We’ve been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design. Join us on our mission to shape the future of our industry. Cohesity is on a mission to radically simplify how organizations secure and manage their data, while unlocking limitless value. As a leader in data security and management, we make it easy to secure, protect, manage and derive value from data—across the data center, edge, and cloud. At Cohesity, we're a group of builders and go-getters who are committed to doing the right thing. We encourage you to come as you are, as our differences make us stronger. We’ve been named a Leader by multiple analyst firms and are prominently featured in the Forbes Cloud 100 and CRN’s Coolest Cloud companies. Join us and we'll lead the way together. Your Skills Can Stop Cyber Threats – Come Secure with Us The security team at Cohesity is on a mission to help organizations around the world protect their data and stay ahead of evolving cyber threats. Our mission is to help organizations around the world to safeguard their data and bounce back fast from ransomware attacks. In this role, you will be responsible for identifying vulnerabilities through code analysis and reverse engineering, and documenting your findings with detailed reports, including proof of concept (PoC) and actionable recommendations. You will also provide suggestions to strengthen the overall security posture of the target systems. Staying up to date with the latest cybersecurity trends, emerging threats, and technologies is essential, as you will contribute implementation plans to enhance the security of our product. How You’ll Spend Your Time Here You should be able to penetrate the applications, network, systems and have a diverse understanding of the current state of security, use best practices and be familiar with the vulnerability research process that includes foot printing, scanning, enumeration, systems hacking, escalation of privilege, and the tools that are deployed in each phase of the process. You must be able to understand product architecture and identify attack vectors which could include standard as well as proprietary protocols and use methodologies like OWASP, SANS, NIST. You should be able to find 0-Day vulnerability with code analysis or reverse engineer and create a report with the appropriate recommendations / POC of the identified vulnerabilities. You should be able to do threat modelling of a feature and perform its validations. Additionally, you should have strong written communication skills to document and categorize the threat level of discovered vulnerabilities and make suggestions about how to improve the targets security posture. You should have a strong understanding of technical domains like (Applications, Platforms, Networking, etc.) as well as human interaction domains (e.g., Social Engineering), as well as an awareness about current laws that may affect the way in which the analysis is conducted. You should know modern authentication protocols and have a background of cyber security. You should be well versed in cloud computing technologies and have knowledge of Windows, Linux, Unix internals. Should have in depth understanding of network security: TCP/IP, DNS, proxies, firewall configuration, intrusion detection and prevention systems, IPSec and TLS/SSL. Experience with cryptography including symmetric and asymmetric cryptography, hashing and should be able to simulate Ransomware attacks and provide suggestions to defend them. Experience with tools for conducting enumeration of target environment and configuration and penetrate by tools used for system hacking (e.g., password cracking), malware creation/deployment, network traffic sniffing, session hijacking, denial of service and SQL injection. Experience in developing payloads using applications or scripts (C++,Python, Shell etc.) WE’D LOVE TO TALK TO YOU IF YOU HAVE MANY OF THE FOLLOWING Preferred Certifications: Certified Information Systems Security Professional (CISSP) | Certified Ethical Hacker (CEH) | EC-Council certified Security Analyst (ECSA) | Offensive Security Certified Professional (OSCP) | Licensed Penetration Tester (LPT) Minimum 5-7 years of experience in the Security Domain Excellent communication skills and great collaboration Familiarity with frameworks like NIST, MITRE ATT&CK, and CIS Controls Good to have experience with SIEM, IDS/IPS, endpoint protection, and other security tools. Knowledge of scripting (Python, Bash) or automation tools for security operations F or information on personal data processing, please see our Privacy Policy . Disclosure Pursuant to Applicable State Equal Pay Transparency Laws This position has a starting pay range of $MIN - $MID per year. Actual salary depends upon many factors, including a candidate’s skills, qualifications and experience, location, and salary expectations, and therefore a starting salary at the low end, high end, or even above the stated range may be offered. This position may also be eligible for bonus compensation, commission (if in a sales function), and/or equity grants. Additionally, full-time employees are eligible to participate in our comprehensive benefits framework, including health and wellness benefits, vacation, paid holidays and refresh days, 401(k) retirement plan, life and disability insurance coverages, and other benefits the Company may offer from time to time. Equal Employment Opportunity Employer (EEOE) Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com for assistance. Data Privacy Notice For Job Candidates For information on personal data processing, please see our Privacy Policy . In-Office Expectations Cohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing. Show more Show less

About the Role We are hiring an experienced IT Security Manager to lead our enterprise-wide security initiatives in the Banking & Financial Services domain. You will be responsible for defining and enforcing security standards across applications, infrastructure, data, and user environments, ensuring compliance with RBI and other regulatory requirements. This is a strategic and hands-on role suited for a security leader who understands the unique challenges of financial systems and enterprise-grade IT infrastructure. Key Responsibilities Define and implement enterprise-level security policies, frameworks, and controls aligned with RBI guidelines, ISO 27001, and other BFSI regulations. Lead end-to-end security operations: vulnerability management, threat detection, incident response, and security monitoring. Work closely with Compliance, DevOps, Cloud, and Infrastructure teams to embed security into all layers of IT. Oversee data protection and privacy efforts, including encryption, data classification, DLP, and secure data sharing. Conduct regular internal/external audits, third-party risk assessments, and compliance checks. Establish and manage Identity & Access Manage enterprise security tools such as SIEM, endpoint protection, firewalls, IDS/IPS, and antivirus. Lead employee security awareness and training programs across the organization. Coordinate with regulators, auditors, and client teams for security reviews and certifications. Stay updated with BFSI-specific cyber threats and regulatory changes. Required Skills & Qualifications Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 8+ years of experience in IT Security, with 3+ years in a BFSI or regulated enterprise environment. Strong knowledge of RBI cybersecurity guidelines, ISO 27001, NIST, SOC 2, and data privacy laws (DPDP/GDPR). Experience in securing enterprise applications (core banking, lending, payments, etc.) and cloud infrastructure (AWS, Azure). Hands-on experience with tools like SIEM, WAF, EDR, DLP, IAM, vulnerability scanners, and endpoint security platforms. Deep understanding of network security, application security (including mobile/web), and secure SDLC practices. Security certifications preferred: CISSP, CISM, CEH, CRISC, ISO 27001 Lead Implementer/Auditor. Show more Show less

Job Summary: We are seeking an experienced and proactive Network Administrator to manage and support our web portal infrastructure. The ideal candidate will be responsible for ensuring high availability, optimal performance, and robust security across all servers and network components. This role requires hands-on experience with Linux , Microsoft SQL Server , AWS Cloud Platform , and network security protocols. The candidate should also possess relevant industry certifications to validate their expertise. Key Responsibilities: Design, implement, and maintain secure and scalable networks for a high-traffic web portal. Administer and monitor physical and virtual S ervers , ensuring optimal performance and uptime. Manage MS SQL Server databases, including backup, restoration, and security protocols. Implement and enforce robust data security policies, including firewalls, intrusion detection/prevention, and access controls. Maintain and optimize AWS infrastructure , including EC2, RDS, S3, IAM, and VPC configurations. Monitor network traffic and troubleshoot connectivity issues across servers and endpoints. Ensure disaster recovery and backup procedures are tested and reliable. Apply patches, updates, and system hardening as part of a proactive security strategy. Coordinate with development and DevOps teams to support application deployment and infrastructure needs. Document network infrastructure, configurations, processes, and changes comprehensively. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. 3–5 years of proven experience as a Network Administrator in a production web environment. Strong hands-on experience with Windows OS & Linux (Ubuntu/CentOS/Red Hat) systems administration. Proficient in managing and securing MS SQL Server environments. In-depth knowledge of AWS Cloud Services , including architecture, deployment, and monitoring tools. Solid understanding of TCP/IP , routing, DNS, VPN, and other core networking protocols. Experience with firewalls , VPNs , SIEM , and endpoint security tools. Familiar with network automation and monitoring tools (e.g., Ansible, Nagios, Prometheus, CloudWatch). Excellent problem-solving and documentation skills. Certifications (Preferred) AWS Certified Solutions Architect – Associate or Professional (Required) Red Hat Certified System Administrator (RHCSA) or equivalent (Preferred) Microsoft Certified: Azure/Windows Server or MS SQL Certification (Preferred) CompTIA Network+ or Security+ (Preferred) Certified Information Systems Security Professional (CISSP) (Optional but a plus) Preferred Attributes: Ability to work independently and take ownership of critical infrastructure components. Strong communication and interpersonal skills to coordinate with cross-functional teams. Keen attention to detail and commitment to ensuring secure and efficient IT operations. Show more Show less