5462 Siem Jobs - Page 43

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

Job Summary JD: Education must be BE/BTech/MCA & 4+ Years Hands on exp. ¿ Complete understanding of the organization's technology and information security framework. ¿ Designing and implementing infra and network security solutions. ¿ Providing L2 support in all Network related activities. ¿ Install, configure, manage, customize and troubleshoot network related activities. ¿ Monitoring and administration of LB, WAF and DDoS. ¿ Preparing weekly/monthly reports. ¿ Deploying and managing SSL certificates in Radware LB¿s. ¿ Raising Firewall requests as per requirements and coordinating with different departments to get Firewall Requests implemented. ¿ Managing the inventory i.e. hardware, software, IP¿s (public, private), DNS etc. ¿ Coordinating with hardware vendors in configuration and troubleshooting ¿ Daily reporting of LB resource utilization ¿ IOS upgrade of all devices as and when required. ¿ Implementing Audit recommendations pertaining to Network ¿ Guide/Mentor the team members on technical problems which cannot be resolved at their level ¿ Ensure that Systems, Organization processes, & Unit practices adhere to Organization policies ¿ Experience in leading the team ¿ Experience of working on ITIL processes ¿ Leading the major incidents, fixing the problems, and submitting RCA ¿ Perform in depth packet capture analysis using Wireshark to diagnose network performance issues, incidents, and other anomalies and detailed reports on findings from PCAP analysis. WAF (Web Application Firewall)F5 ¿ Monitoring security alerts ¿ Provide Remedial actions ¿ Prepare Analysis Reports ¿ Analysis of application logs ¿ Coordinate with Application team and get input ¿ Fine tuning as per the recommendation by App team ¿ Report generation LOAD BALANCER (Radware & AVI) ¿ Capacity Planning ¿ SSL Off loader Configuration ¿ Configuration and Troubleshooting issues ¿ IPv4 and IPv6 enablement ¿ Integration with SOC, SIEM and Other tools ¿ Co ordination with Vendor for support. ¿ Preventive Maintenance. ¿ Firmware Upgradation

Who We Are We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them. We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity. Job Summary The Cyber Security Team Lead will support the Head of Information Security in the development, implementation, and management of the organisation’s information security strategy. This role involves overseeing daily operations, ensuring the security of information assets, managing security incidents, and fostering a security-conscious culture within the organisation. Key Responsibilities Strategic Support: Assist in the development and execution of the organisation's information security strategy and policies. Provide strategic guidance and leadership in all areas of information security. Operational Management: Oversee day-to-day security operations, including monitoring, threat management, and incident response. Ensure effective 24/7 monitoring and incident handling. Risk Management: Identify and assess security risks, and develop mitigation strategies. Conduct regular security audits and vulnerability assessments. Incident Response: Lead the response to security incidents and breaches, ensuring timely and effective resolution. Develop and maintain the incident response plan, including conducting regular drills. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Maintain up-to-date documentation of security policies, procedures, and incidents. Team Leadership: Supervise and mentor the information security team, providing guidance and support. Foster a collaborative and high-performance team environment. Training and Awareness: Develop and deliver security training and awareness programs for employees. Promote a culture of security awareness throughout the organisation. Stakeholder Collaboration: Collaborate with IT, legal, HR, and other departments to ensure cohesive security practices. Serve as a key point of contact for security-related matters with external partners and vendors. Qualifications Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree is a plus. Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Experience: Minimum of 10 -15 years of experience in information security, with at least 3 - 5 years in a leadership role. Proven experience in managing security operations, incident response, and risk management. Skills And Competencies Technical Expertise: Strong knowledge of information security principles, technologies, and best practices. Experience with security tools and technologies such as SIEM, firewalls, IDS/IPS, and endpoint protection. Analytical Skills: Ability to analyse complex security issues and develop effective solutions. Strong risk assessment and management skills. Leadership and Communication: Excellent leadership and team management skills. Strong verbal and written communication skills, with the ability to convey complex security concepts to non-technical stakeholders. Problem-Solving: Strong critical thinking and problem-solving abilities. Ability to remain calm and effective in high-pressure situations. Additional Requirements Availability for on-call duties and to respond to security incidents outside regular working hours. Willingness to travel as needed. Hybrid Policy - 2 to 3 days in a month work from Office* Benefits What we offer We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered. Our Values Our values are a collective set of beliefs and behaviours that strengthen The Economist Group's purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world. Independence We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world. Integrity We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency. Excellence We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation. Inclusivity We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully. Openness We foster a collaborative and empathetic culture conducive to the interests, wit and initiative of our colleagues. New ideas are our lifeblood. The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our colleagues and potential colleagues regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation, age, marital status or any other status.

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Security Tower Head This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do Security Tower Head role at HPE's critical large customer is a strategic role that needs deep experience in a similar capacity of CISO and as Lead Cybersecurity Architect for at least 10 years and has a total experience in the security domain for a minimum of 15 years. This role shall also demand for a strong stakeholder management. The experience of leading a large team of cybersecurity specialists from various domains such as VAPT, DLP, Edge Security/EDR, WAF, LB, SIEM SOAR UEBA, ITSM, GRC, SAST DAST, Cloud Security, DevSECOps, and related scripting/coding experience in the above domains including AI/ML based Cybersecurity modelling is mandatory. Responsible for IS operations Oversee formal risk assessment and self-assessments program for various Information Services systems and processes Manage and Monitor, organization technology security policy, ISO 27001, Data privacy and regulatory requirement to remediate new and outstanding issues; track & resolve security-related issues Carry out audits for ensuring enforcement of information security policies Promote and monitor our corporate wide IS Security awareness for ISO 27001 program Responsible for design, develop and update the policies regarding Information Security, data governance and privacy Responsible for application security, Governance and Compliance Responsible for Initiating and advocating safe practices and Industry standards Advises the CISO office on the emerging information security risks and their mitigation strategies Responsible for performing all Security audits & IT risk assessment activities Responsible for initiating and managing required information security Compliance certification processes Responsible for integration and gap analysis of the Information security of any company that company acquires Strong knowledge of the requirement of Computer Applications and Network security technologies and principles Develop, promulgate, and maintain policies, standards and practices of Information Security by establishing and maintaining efficient processes to monitor compliance of defined policies, standards and practices. Implement policies through digital workflows. Ensure activities related to BCP-DR and Emergency operations are performed in timely manner Assist in planning for information security risk monitoring, risk analysis, incident management, Change Management and overall information security requirements needed to support strategic IT and business needs What you need to bring: Qualifications BE/ B.Tech/ M.Tech/ MSc/ MCA qualification or equivalent Certifications: LA ISO 27001 (mandatory requirement) and any one of the IT risk management or Information security certificates such as CISA, CISSP, CISM, CRISC, ISO31000 Experience Experience of 10 years and minimum IT Audit experience of 3 Years Experience in driving key meetings for closing identified IS issues or gaps across different teams and vendors and achieve the outcomes within the define deadlines Strong understanding of ISO 27001 as well as industry security frameworks Strong knowledge of risk assessment and mitigation Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_05 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Designation: Manager Department: Digital Forensic Location: Gurugram Certification: Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred. ROLE & RESPONSIBILITIES: Lead and manage digital forensics investigations involving endpoints, servers, mobile devices, cloud environments, and network log analysis. Oversee forensic imaging, evidence acquisition, chain-of-custody protocols, and in-depth artifact analysis using tools such as EnCase, FTK, Intella, Autopsy, Cellebrite, Magnet AXIOM, Macquisition, and Falcon NEO. Support investigations involving data exfiltration, IP theft, malware, insider threats, and other cyber incidents. Manage and mentor a team of forensic analysts to ensure consistent quality, adherence to process, and timely delivery. Act as the client-facing lead, effectively managing communications with legal teams, compliance, and law enforcement during sensitive engagements. Review, refine, and finalize high-quality forensic reports, timelines, and findings tailored for legal, regulatory, and business audiences. Perform root cause analysis and post-incident reviews across security incidents such as ransomware, phishing, and unauthorized access. Coordinate across internal departments to ensure seamless and efficient delivery of DFIR services. Contribute to business development by supporting proposal creation, client discussions, and case study preparation. Stay current on emerging cyber threats, forensic methodologies, legal standards, and regulatory expectations. Required Skills Excellent communication and interpersonal skills; must be confident in dealing directly with clients, including CXOs and legal teams. Strong forensic report-writing abilities, capable of translating technical findings into clear, concise narratives for non-technical audiences. Ability to handle high-pressure investigations with maturity, discretion, and a solution-oriented mindset. Proven leadership in managing forensic engagements and handling multiple investigations simultaneously. High level of professional integrity, discretion, and attention to detail, especially when dealing with sensitive data. Willingness to travel for client engagements or investigations as required. Availability to support high-priority incidents during off-hours or weekends, if necessary. Experience: Graduate/Postgraduate in Computer Science, Cybersecurity, Forensic Science, or a related field. Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred. Minimum 8 years of experience in digital forensics and incident response, with at least 4 years in a leadership/managerial role. Proficient in industry-standard forensic tools including FTK, EnCase, Intella, Magnet AXIOM, Autopsy, Cellebrite, and Mac acquisition tools like Falcon NEO and Macquisition. Familiarity with EDR/SIEM platforms such as Splunk, CrowdStrike, or SentinelOne is an added advantage. Deep understanding of file systems (NTFS, HFS, APFS), Windows/Mac artifacts, log analysis, and chain-of-custody protocols. Experience in supporting legal processes, audits, or regulatory investigations related to cybercrime or data breaches. Job Description: As a Manager – Digital Forensics, you will lead and manage complex digital forensic and cyber investigations, with a strong focus on client communication, high-quality reporting, and team supervision. This role demands a balanced mix of forensic expertise, leadership, and exceptional communication skills. You will oversee engagements involving data breaches, IP theft, cyber fraud, insider threats, and more across varied digital environments. Academic Qualification: Graduate/Postgraduate in Computer Science, Cybersecurity, Forensic Science, or a related field. Relevant certifications such as CHFI, GCFA, EnCE, CCE, CFE, CEH are highly preferred.

We Are Hiring: Network Support Engineer Experience Required: 1–10 Years Location: Delhi, Bengaluru Employment Type: Full-time We are seeking talented Network Support Engineers, SOC, NOC, Network Engineer, across experience levels to join our growing security and infrastructure team. The ideal candidates will be responsible for ensuring the security, integrity, and performance of our network infrastructure across cloud and on-prem environments. Key Responsibilities: Monitor and manage network security systems including firewalls, IDS/IPS, VPNs, and proxies Analyze and respond to security incidents and vulnerabilities Implement and enforce security policies, standards, and best practices Conduct regular audits of network architecture and access controls Collaborate with IT and DevOps teams to secure networks, applications, and endpoints Perform vulnerability scanning and penetration testing Assist in incident response planning and disaster recovery testing Required Skills: Strong understanding of network protocols, TCP/IP, firewalls, and intrusion detection/prevention systems Hands-on experience with tools such as Palo Alto, Fortinet, Cisco ASA, or similar Familiarity with SIEM tools and log analysis Understanding of secure network design, segmentation, and access controls Experience with VPN configuration, DNS security, and endpoint protection Certifications like CCNA Security, CEH, CompTIA Security+, or CISSP (preferred but not mandatory) Why Join Us? Work on high-impact security infrastructure projects Grow your career in a fast-paced, learning-driven environment Competitive compensation and flexible working options

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

Must Have · Bachelor’s degree in Security Engineering, Computer Engineering, Computer Science, Data Science, or similar technical discipline · Familiarity with a broad range of security technologies: SIEM, CASB, SOAR, DLP, and EDR. · Technical proficiency with one or more of the major cloud computing environments. · Several years of experience with the Python programming language. · Excellent software design, problem-solving, and debugging skills. · Energetic, passionate about security, and professionally curious about the cybersecurity threat landscape Job Type: Full-time Pay: ₹2,560,609.46 - ₹4,000,000.00 per year Experience: SIEM: 4 years (Required) SOAR: 4 years (Required) Python: 5 years (Required) Security Engineer: 5 years (Required)

Description At Vitech, we believe in the power of technology to simplify complex business processes. Our mission is to bring better software solutions to market, addressing the intricacies of the insurance and retirement industries. We combine deep domain expertise with the latest technological advancements to deliver innovative, user-centric solutions that future-proof and empower our clients to thrive in an ever-changing landscape. With over 1,600 talented professionals on our team, our innovative solutions are recognized by industry leaders like Gartner, Celent, Aite-Novarica, and ISG. We offer a competitive compensation package along with comprehensive benefits that support your health, well-being, and financial security. Location: Hyderabad Reports To: Security Operations Manager Full-time | Hybrid/Remote flexibility based on business needs Full-time position with on-call responsibilities during critical incidents. What you will do: You’ll play a pivotal role in managing and optimizing our Sumo Logic SIEM environment while supporting critical day-to-day security operations. This is a hands-on technical role where your insights will directly enhance our threat detection and incident response capabilities. Note: Experience with Splunk is a strong plus, as we are currently transitioning to Sumo Logic and operating across multiple security platforms. Lead the administration of Sumo Logic SIEM Deploy, configure, and manage the platform Build and maintain dashboards, parsers, alerts, and queries Ingest and normalize logs from infrastructure, cloud, and identity sources Tune alerts to reduce noise and increase detection accuracy Monitor platform health, performance, and SLA compliance Strengthen security operations Investigate and triage alerts from Sumo Logic and other tools Support incident response activities and threat investigations Contribute to threat hunting, malware analysis, and vulnerability reviews Maintain security process documentation and runbooks Collaborate for continuous improvement Onboard new log sources in collaboration with application, cloud, and IT teams Work closely with InfoSec peers to evolve detection capabilities Support audit and compliance reporting requirements related to monitoring What We're Looking For: 3+ years of experience with Sumo Logic or another enterprise SIEM platform Strong understanding of log ingestion, threat detection, and SIEM alerting Hands-on experience writing and optimizing queries in Sumo Logic Familiarity with AWS, firewall, endpoint, and identity logs Working knowledge of frameworks such as MITRE ATT&CK and NIST Strong analytical, troubleshooting, and communication skills Bonus Points For: Deep experience with Sumo Logic administration and dashboards Exposure to cloud security, SOAR platforms, EDR, IDS/IPS Security certifications such as Security+, or equivalent Extra Credit: Experience transitioning from Splunk to Sumo Logic or working in hybrid environments Scripting knowledge (Python, Bash, PowerShell) for automation Understanding of compliance requirements (SOC 2, ISO 27001, HIPAA) Join Us at Vitech! Help shape our SIEM roadmap and elevate our security operations Work with a collaborative global InfoSec team and modern tech stack Access ongoing training, certifications, and professional growth Be part of a mission-driven company focused on innovation and excellence About Vitech At Vitech, Your Expertise Drives Transformative Change in Fintech For over 30 years, Vitech has empowered leading players in insurance, pensions, and retirement with cutting-edge, cloud-native solutions and implementation services. Our mission is clear: harness technology to simplify complex business processes and deliver intuitive, user-centric software that propels our clients' success. At Vitech, you won’t just fill a position; you’ll join a purpose-driven team on a mission that truly matters. Innovation is at our core, and we empower you to push boundaries, unleash creativity, and contribute to projects that make a real difference in the financial sector. Though our name may be new to you, our impact is recognized by industry leaders like Gartner, Celent, Aite-Novarica, ISG, and Everest Group. Why Choose Us? With Vitech, you won’t just fill a position; you’ll be part of a purpose-driven mission that truly matters. We pursue innovation relentlessly, empowering you to unleash your creativity and push boundaries. Here, you’ll work on cutting-edge projects that allow you to make a real difference—driving change and improving lives. We value strong partnerships that foster mutual growth. You will collaborate with talented colleagues and industry leaders, building trust and forming relationships that drive success. Your insights and expertise will be essential as you become an integral part of our collaborative community, amplifying not just your career but the impact we have on our clients. We are committed to a focus on solutions that makes a tangible difference. In your role, you will embrace the challenge of understanding the unique pain points faced by our clients. Your analytical skills and proactive mindset will enable you to develop innovative solutions that not only meet immediate needs but also create lasting value. Here, your contributions will directly influence our success and propel your professional growth. At Vitech, we foster an actively collaborative culture where open communication and teamwork are paramount. With our “yes and” philosophy, your ideas will be welcomed and nurtured, allowing you to contribute your unique insights and perspectives. This environment will enhance your ability to work effectively within diverse teams, empowering you to lead initiatives that result in exceptional outcomes. We believe in remaining curious and promoting continuous learning. You will have access to extensive resources and professional development opportunities that will expand your knowledge and keep you at the forefront of the industry. Your curiosity will fuel innovation, and we are committed to supporting your growth every step of the way. In addition to a rewarding work environment, we offer a competitive compensation package with comprehensive benefits designed to support your health, well-being, and financial security. At Vitech, you’ll find a workplace that challenges and empowers you to make meaningful contributions, develop your skills, and grow with a team that’s dedicated to excellence. If you’re ready to make a real impact in fintech and join a forward-thinking organization, explore the incredible opportunities that await at Vitech. Apply today and be part of our journey to drive transformative change!

Job Title: Network Security Engineer Location: Hyderabad-IN Job Type: Full-Time No.of Positions : 2 Exp: 2-3yrs Budget : 12-18LPA + Key Responsibilities: Design, implement, and manage secure network architecture (firewalls, VPNs, IDS/IPS, NAC) Monitor networks for security breaches and investigate incidents Configure and manage firewalls, security appliances, and intrusion detection/prevention systems Conduct vulnerability assessments and penetration testing; remediate findings Develop and enforce security policies, standards, and procedures Manage secure access controls (e.g., AAA, RBAC, 802.1x) Analyze security alerts and provide appropriate responses and escalations Maintain and update security infrastructure (patches, firmware, rule sets) Perform risk analysis and provide recommendations for improvements Support compliance efforts (ISO 27001, NIST, GDPR, SOC 2, etc.) Collaborate with IT teams on secure deployment of new infrastructure or services Document all configurations, incidents, and procedures for auditing and knowledge sharing Required Skills & Qualifications: Bachelor’s degree in Computer Science, Infra Security, or related field 3+ years of experience in network and/or security engineering roles Strong understanding of network protocols and security technologies (TCP/IP, SSL, IPSec, DNS, etc.) Experience with firewalls and security platforms (e.g., Palo Alto, Fortinet, Cisco ASA, Check Point) Proficiency in intrusion detection/prevention systems, VPNs, and endpoint security Familiarity with SIEM tools (Splunk, QRadar, LogRhythm, etc.) Knowledge of authentication mechanisms (LDAP, RADIUS, SAML, MFA) Security certifications such as CEH, CCNP Security, Palo Alto PCNSA/PCNSE , or CompTIA Security+ Preferred Qualifications: Experience in cloud security (AWS, Azure, GCP) Scripting skills (Python, PowerShell, Bash) for automation Exposure to Zero Trust Network Architecture (ZTNA) and SASE frameworks Understanding of threat modeling and advanced persistent threats (APT) Familiarity with regulatory standards (HIPAA, PCI-DSS, etc.) Job Type: Full-time Pay: ₹1,200,000.00 - ₹1,800,000.00 per year Work Location: In person

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Associate Managed Services Information Security Analyst is an entry level subject matter expert, responsible for monitoring, analyzing, interpreting and reporting on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services. This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients. This is an entry level role within the Managed Services Information Security Analyst team and works under guidance of more experienced analysts within the team. Key responsibilities: Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts. Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting. Under guidance, generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience. Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards. Utilizes and document best practices and amend existing documentation as required. Support with security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics. Learns and utilizes a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure. Ensures usage of knowledge articles in incident diagnosis and resolution. Under guidance, perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information. Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client. Performs any other related task as required. To thrive in this role, you need to have: Knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts. Knowledge on security architecture, worked across different security technologies. Knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised. Displays excellent customer service orientation and pro-active thinking. Displays problem solving abilities and is highly driven and self-organized. Good attention to detail. Displays analytical and logical thinking. Well spoken and written communication abilities. Ability to remain calm in pressurized situations. Ability to keep current on emerging trends and new technologies in area of specialization. Academic qualifications and certifications: Bachelor's degree or relevant qualification in Information Technology or Computing or a related field. Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous. Required experience: Entry level experience in SOC Analysis Operations. Entry level experience in SIEM usage for investigations. Entry level experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy. Entry level experience in dealing with technical support to clients. Entry level experience in handling security incidents end to end. Entry level experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools. Entry level experience in Security Analysis or Engineering preferably gained within a global services organization. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior KEY Capabilities : Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Description Why Join DAZN? Joining DAZN in Hyderabad means being part of a cutting-edge sports streaming company in a vibrant tech hub. You’ll work alongside passionate, talented professionals on innovative projects that reach millions of fans worldwide. Hyderabad offers a dynamic work environment with a great balance of career growth and lifestyle. If you’re excited about shaping the future of live and on-demand sports entertainment, DAZN Hyderabad is the perfect place to make your mark and grow your career. The Role: Join DAZN's Security Operations team as a Security Operations Analyst and help protect the world's leading global sports streaming platform. You'll be part of a dynamic team responsible for detecting, investigating, and responding to security threats across our diverse technology stack, from cloud infrastructure to broadcasting systems that deliver live sports to millions of fans worldwide. Key Responsibilities Threat Detection & Response Configure, maintain, and monitor security alerts and escalations from various tools including Microsoft Sentinel SIEM, Defender for Endpoint, WIZ, AWS WAFv2, Tenable, and other security platforms Lead and drive incident response activities from initial detection through remediation to prevention Conduct thorough incident root cause analysis and recommend actionable steps to prevent future occurrences Triage and investigate security alerts, determining true positives from false positives Threat Intelligence & Analysis Monitor and analyze global threat intelligence trends with potential impact on DAZN's business operations Get hands-on with threat feeds and real-time attack data, with particular focus on threats targeting broadcasting and streaming environments Configure new detection rules and alerts based on emerging threats, hunt results, or lessons learned from incident analysis. Security Operations Enhancement Identify, develop, and implement new processes and procedures to strengthen our security operations program Contribute to the development of custom automation tools to enhance monitoring and response capabilities Collaborate with the team to continuously improve security monitoring across our cloud and on-prem environments. Stakeholder Support Respond to internal security-related questions and requests from teams across DAZN Provide security and privacy expertise to support multiple business units and technical teams Participate in security awareness initiatives and help educate colleagues on security best practices. Skills, Knowledge & Expertise Essential Requirements Strong passion for cybersecurity, particularly threat detection and response Experience handling complex security incidents and conducting investigations Knowledge across multiple cybersecurity domains (network security, identity security, endpoint protection, cloud security, etc.) Familiarity with SIEM platforms (Microsoft Sentinel experience preferred) Understanding of security tools such as EDR, CASB, CSPM solutions Ability to work independently with minimal guidance while managing multiple tasks within set timeframes Strong analytical and problem-solving skills with attention to detail. Experience with Microsoft 365 E5 security stack and Azure security services Knowledge of AWS security services and cloud security best practices Familiarity with vulnerability management tools (Tenable, Nessus, Qualys) Experience with security automation and scripting Understanding of streaming/broadcasting technology security considerations Relevant security certifications (Security+, CySA+, GCIH, etc.) About DAZN At DAZN, we bring ambition to life. We are innovators, game-changers and pioneers. So, if you want to push boundaries and make an impact, DAZN is the place to be. As part of our team, you'll have the opportunity to make your mark and the power to make change happen. We're doing things no-one has done before, giving fans and customers access to sport anytime, anywhere. We're using world-class technology to transform sports and revolutionise the industry and we're not going to stop. DAZN VALUES – THE ‘HOW’ IN WHAT WE DO: Agility and creativity fuel growth and innovation, to Make It Happen. Prioritising what matters drives progress and positive outcomes, Focusing On Impact. Collective ambition builds optimism and success, in order to Win As One. At DAZN, we are committed to fostering an inclusive environment that values equality and diversity, where everyone can contribute and have their voices heard. This means hiring and developing talent across all races, ethnicities, religions, age groups, sexual orientations, gender identities and abilities. Everyone has the opportunity to make change and impact our DEI journey by joining our ERGs: Proud@DAZN, Women@DAZN, Disability@DAZN and ParentZone. If you’d like to include a cover letter with your application, please feel free to. Please do not feel you need to apply with a photo or disclose any other information that is not related to your professional experience. Our aim is to make our hiring processes as accessible for everyone as possible, including providing adjustments for interviews where we can. We look forward to hearing from you.

Advanced Troubleshooting & Support: Act as an escalation point (L2) for Zscaler-related issues. Diagnose and resolve complex security, networking, and performance-related issues. Work closely with vendors and internal teams to resolve critical incidents. Implementation & Administration: Lead the deployment and configuration of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA). Optimize security policies, access control lists (ACLs), and traffic forwarding methods. Manage integrations with SIEM, EDR, and other security tools. Performance Optimization & Tuning: Analyze and fine-tune Zscaler performance metrics, including latency, bandwidth, and routing. Conduct deep packet inspection (DPI) and log analysis for security monitoring. Security Policy Management: Design and implement web filtering, SSL inspection, data loss prevention (DLP), and sandboxing policies. Enforce zero-trust security principles across the organization. Collaboration & Documentation: Work closely with SOC, NOC, and IT teams to align security policies with business requirements. Create detailed documentation for configurations, troubleshooting steps, and best practices. Provide training and knowledge transfer to L1/L2 teams. Required Skills : Troubleshooting & Analysis: Strong experience in packet capture analysis (Wireshark, tcpdump). Proficiency in using Zscaler logs, dashboards, and reporting tools for incident resolution. Ability to diagnose and resolve proxy bypass, latency, authentication, and tunneling issues. Soft Skills: Excellent problem-solving and analytical skills. Strong communication and collaboration abilities. Job Types: Full-time, Permanent Pay: ₹600,000.40 - ₹800,000.34 per year Benefits: Health insurance Provident Fund Work Location: In person

About the Role As a fresher SOC Analyst in an OEM environment, you'll learn how to operate SIEM platforms that monitor networking devices and hardware logs. This is a hands-on opportunity to develop foundational cybersecurity skills, from basic alert triage to refining detection capabilities. Key Responsibilities 1. SIEM Monitoring & Alert Triage Use SIEM tools to monitor alerts and events from network devices, and endpoints. Perform initial triage: distinguish security incidents from false positives, and escalate them appropriately. Document and log all alert investigations clearly in the SOC ticketing system. 2. Log & Incident Documentation Analyze system and network logs to detect anomalies or IOC patterns. Support incident documentation with root cause analysis and step-by-step actions taken. Maintain detailed incident records to support compliance and escalation. 3. SIEM Configuration Support Assist in onboarding new log sources: collect, normalize, and categorize OEM system logs. Help tune existing correlation rules to reduce alert fatigue and improve accuracy under guidance 4. Learning, Process & Collaboration Collaborate with senior analysts and network engineers to enhance detection coverage and FAQ procedures. Participate in SIEM rule tuning, dashboard creation, and documenting standard operating procedures (SOPs). Engage in continuous learning: attend training, internal sessions, and keep up with emerging threats and best practices. Technical Skills & Qualifications Basic knowledge of networking (OSI model, TCP/IP, DNS, HTTP), security principles, and common cyber threats (malware, phishing, ransomware) . Hands-on experience with home labs or training platforms . Strong problem-solving skills and attention to detail when investigating logs. Exposure to Python, PowerShell, or regex helpful for log parsing or automation. Soft Skills Demonstrable curiosity and eagerness to learn the best entry-level analysts are team players looking to grow and iterate fast . Effective communication , both written and verbal for documenting incidents and collaborating across teams. Attention to detail and discipline in following SOPs and logging investigative steps. Ability to work in shifts (including early or late hours) as part of a SOC 24/7 environment. Job Type: Full-time Pay: ₹240,000.00 - ₹300,000.00 per year Location: Dehli, Delhi (Required) Work Location: In person

About Us: Cywarden is a fast-growing cybersecurity firm based in the United States. We provide advanced security solutions to protect businesses from ever-evolving digital threats. Our mission is to make the digital world safer—one organization at a time. We are looking for a results-driven Cybersecurity Sales Executive who is passionate about technology and eager to drive revenue growth by identifying, developing, and closing new business opportunities. Key Responsibilities: Identify and engage new business prospects through cold outreach, networking, and inbound leads. Understand client needs and present tailored cybersecurity solutions to address their pain points. Manage the full sales cycle – from lead generation and proposal development to contract negotiation and closing. Build and maintain strong, long-term relationships with clients and key decision-makers. Meet or exceed monthly and quarterly sales targets. Collaborate with the marketing and technical teams to align messaging and strategies. Stay updated on industry trends, competitor offerings, and evolving cybersecurity threats. Qualifications: 1-2 years of B2B sales experience, preferably in cybersecurity, SaaS, IT services, or tech. Proven track record of meeting or exceeding sales targets. Strong understanding of cybersecurity products and services (e.g., SOC, SIEM, endpoint protection, penetration testing, etc.) is a big plus. Excellent communication, presentation, and negotiation skills. Self-starter with the ability to work independently and manage multiple deals simultaneously. Bachelor’s degree in Business, Marketing, Information Technology, or a related field preferred. Job Type: Full-time Pay: ₹18,000.00 - ₹34,000.00 per month Location: Mohali, Punjab (Required) Shift availability: Night Shift (Required) Work Location: In person

Key Responsibilities: ● Develop, implement, and maintain information security policies, standards, and procedures aligned with organizational goals. ● Monitor security incidents and events, utilizing security information and event management (SIEM) tools to identify and respond to threats. ● Conduct risk assessments and vulnerability assessments to identify potential security threats and weaknesses. ● Support the incident response process by investigating and documenting security incidents. ● Collaborate with IT teams to ensure that security best practices are integrated into the design and architecture of systems and applications. ● Lead incident response activities, including investigation, documentation, and reporting of security incidents ● Conduct training and awareness programs to educate employees on security policies, practices, and emerging threats. ● Assist in compliance audits and reviews to ensure adherence to industry standards and regulations . ● Stay current on emerging security threats and trends, recommending appropriate mitigation strategies and technologies. ● Participate in security awareness initiatives and promote a culture of security within the organization. ● Assist in the evaluation and implementation of security tools and technologies to enhance the organization's security posture. Job Types: Full-time, Permanent Pay: ₹358,200.35 - ₹439,311.00 per year Schedule: Morning shift Experience: Information security: 2 years (Preferred) Work Location: In person