Job Summary: As an OT Cybersecurity Detection Engineer, you will be responsible for designing, implementing, and managing detection strategies and tools to respond to cyber threats targeting critical OT/ICS environments. You will work with both internal and external cyber security teams to ensure the security and resilience of our industrial infrastructure. We are looking for an understanding of OT protocols, industrial control systems, OT threat intelligence and cybersecurity best practices, coupled with. You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune. Your Responsibilities: Develop detection rules, correlation searches, and alerting mechanisms within our Security Information and Event Management (SIEM) and other security monitoring tools specifically tailored for OT environments. Analyze OT network traffic, system logs, and security events to identify suspicious activity, anomalies, and potential security incidents. Develop of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their security possible effects. Collaborate with OT operations and engineering teams to understand their processes, and potential vulnerabilities. Tune and optimize detection rules to minimise false positives and ensure high-fidelity alerts. Maintain documentation for detection strategies, rules, and incident response procedures specific to OT. Participate in incident response activities related to OT cybersecurity incidents, providing technical expertise in detection and analysis. Contribute to the development of OT security policies, standards, and procedures. Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques. Recommend new security tools relevant to OT detection capabilities. Collaborate with IT security teams to ensure a cohesive and integrated security posture across both IT and OT environments. Develop and deliver training or awareness sessions on OT-specific detection techniques for relevant teams. The Essentials - You Will Have: Have 2-3years strong understanding of OT protocols, architectures, and common industrial control systems Experience with SIEM\SOAR platforms and developing custom correlation rules and alerts. Experience analyzing network traffic using tools like Wireshark and understanding OT-specific network protocols. Knowledge of common cybersecurity frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443) Familiarity with threat intelligence sources and their application to OT environments. Technical information to both technical and non-technical audiences. Understand internal or external customer needs. The Preferred - You Might Also Have: You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may use a wide array of technologies and partners. Across multiple departments with different goals. Develop important product and service launches. Collaborative culture across the automation engineering team while meeting CI goals Adopt technology best practices around technology vendor evaluation and managing maintenance of technology platforms. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program Personalised wellbeing programmes through our OnTrack programme On-demand digital course library for professional development ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if youre excited about this role but your experience doesnt align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-SM1 Rockwell Automation s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Design, configure, and manage SIEM solutions to monitor and analyze security events effectively. Conduct threat hunting and develop use cases to identify and mitigate potential vulnerabilities. Monitor alerts, perform root cause analysis, and implement corrective actions for security incidents. Work with IT and security teams to integrate SIEM with other tools and systems seamlessly. Maintain security documentation and provide training to promote a culture of security awareness. Stay updated on emerging threats and technologies to enhance the organizations security posture.

Job Summary The Director, TSG Information Security, Cyber Threat Management is a position within Bain's Cyber Security Department, whose mission is to define and enable strategies to safeguard the digital assets and integrity of the organization. In this role, the Director understands how security measures align with the overall organizational strategy and will begin to organize and lead in the development and implementation of security controls that adhere to regulatory requirements and best practices. The Director combines a strong level of technical and managerial skills and business alignment to build and guide a growing team and resources across a spectrum of capabilities. The position primarily focuses on the efficient, effective and reliable resolution of Bain's defensive strategy as well as focuses on improving our offensive strategy to help the company meet its overall business objectives. The position therefore must have the technical skills to troubleshoot and resolve complex issues as well as excellent communication and upward management. These measures require taking a leadership position in coordinating activities across the team working with Technical, IT and Cybersecurity leadership. The Director role has expertise and experience in multiple disciplines, including Threat Intelligence programs, Detection and Deterrence systems, Threat Exposure Management, Incident Response, Forensics and Evidence gather and Pro-Active Security probing capabilities (Red/Blue/Purple teaming & Penetration Testing). Principal Accountabilities Monitoring & Detection Oversee and strategize on developing advanced security monitoring, analysis, and correlation platforms to detect cybersecurity events. Direct cross-functional efforts in the identification and in-depth analysis of sophisticated security threats, including malware, APTs (Advanced Persistent Threats), and targeted attacks. Enable a wide range of security tools and technologies, including SIEM, IDS/IPS, or next gen/advanced threat detection solutions. Partner with organizations and vendors to identify and integrate new data sources. Incident Response & Analysis Oversee the ongoing management and evolution of security runbooks and champion for ongoing automation or AI/ML based technologies to increase speed/efficiency. Strengthen Bain’s capability in-depth log analysis, data correlation, and forensic investigations to identify root causes of incidents and improve security measures. Provide strong and clear communications on cyber events and situations with sr. leadership. Ensure alignment in security policies and practices adhere to industry standards and compliance requirements and oversee the validation of the controls. Serve as a subject matter expert in security discussions and decision-making and enable and grow team members skills and experience. Work with the primary goal of building efficiencies in Cyber Threat Management responses and driving down MTTR and reducing overall risk. Threat Intelligence Enable a threat intelligence capability, including open-source intelligences (OSINT), dark web forums, and industry reports to drive awareness and improvement in our defensive posture. Utilize threat intelligence platforms and tools to aggregate and correlate threat data. Drive coordination with intelligence and incident response teams to investigate and analyze security incidents. Develop and refine threat intelligence methodologies and tools. Stay current with industry best practices and new methodologies to enhance the teams capabilities. Vulnerability Management & Threat Exposure Management Work cross-functionally across IT teams and provide leadership and guidance in mitigating threats to Bain. Serve as a subject matter expert in security discussions and decision-making. Build processes to enable regular vulnerability scans on the organization's network, applications, and systems using industry-standard tools Pro- Active Security Testing Experience implementing and operationalizing vulnerability management tools, processes, and best practices. Oversee the classification and prioritization of vulnerabilities based on risk and potential impact. Stay informed about emerging trends and technologies in cybersecurity. Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Pro- Active/Enhanced Security Testing Partner with colleagues to expand controlled penetration testing technologies and capabilities on networks, applications, and systems to identify security vulnerabilities. Investigate and keep up to date with changes in tooling and advanced attacks in network, cloud and application testing. Analyze and interpret results to identify potential risk as well as evaluate potential impact. Red Team, Blue Team, Purple team exercise leadership experience. Professional Development and Innovation Stay informed about emerging trends and technologies in cybersecurity. Drive collaboration and defensive standards/expertise across Bain, working with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Explore Professional Certifications and work with leadership to plan trainings. Knowledge, Skills, And Abilities Security Monitoring & Incident Detection and Response Strong knowledge of Splunk (or other SIEM tools),CrowdStrike or equivalent EDR/MDR platforms, Windows Defender, Palo Alto Networks, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools) Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologies Knowledge of ticketing, triage and forensics capabilities and toolsets General Skills Great communication skills, with the ability to document and explain technical information clearly. Analytical mindset, with a focus on learning and problem-solving. Ability to work independently and well in a team, showing strong interpersonal skills. Eagerness to learn and adapt to new challenges in cybersecurity. Entrepreneurial spirit, open to trying new approaches and learning from them. Team Management Drive and expand the training and professional development of Security Operations staff. Qualification And Experience Bachelor's degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experience 10-15 years of relevant experience Experience with Information Security technologies (Firewall, IPS, IDS, SIEM, EDR, CASB, AV, DLP, etc.) Experience with common information security controls frameworks (i.e. ISO, NIST, CIS, or CSA) Global company or equivalent Experience deploying systems or applications Ability to work independently and with teams on complex problems Complex problem solving Ability to work in a fast paced, dynamic environment. Show more Show less

Who We Are The Security Operations Team is looking for a Security Operations Engineer to uphold security posture for Cisco. Security Operations focus on three pillars: Incident Response, Vulnerability Management, Threat Detection. We deliver a robust security program to help protect a portfolio of products. Deep technical, interpersonal, and relationship building skills are traits of successful employees. We emphasize the importance of working cross-collaboratively to achieve our goals and drive decisions. What You’ll Do Serve as the incident commander during security incidents. Investigate alerts in Security Information and Event Management (SIEM) systems. Cyber threat identification, analysis and resolution Manage queues for vulnerability management tickets, security event tickets, and project tasks. Participate in on-call rotation to ensure 24/7 coverage. Respond to engineering teams with detailed information on vulnerabilities and processes. Run Projects scopes independently with limited guidance. Build scripts or automation to aid investigations or reduce workload efforts. Conduct postmortems on security incidents to identify improvements. Evaluate and articulate risk exceptions clearly. Participate in audit interviews to provide insights and information. Provide evidence requests to compliance teams efficiently. Complete tasks aimed at operational improvements. Mentor and motivate other team members in cyber threat analysis principles and operational efficiencies Create and update documentation playbooks for consistent procedures. Who You Are Mandatory Qualifications: Bachelor's degree in computer science, engineering or a related discipline Minimum of 7+ years' experience in Security Operations role or relevant security position Experience working in queue work Strong experience with SIEMs (Preferred Splunk) Strong experience in leading Incidents Strong Investigation skills Firm understanding of vulnerability management Prior experience working on-call rotation Preferred Qualifications: You have proven experience in the security field performing investigations, evaluating alerts, working and advising security best practices in cloud environments, running incidents as an incident commander. You are passionate about the opportunity to be part of an all-star team that is integral to security. You are motivated to work with multi-functional teams and drive things together to accomplish role objectives. You thrive in a fast-paced environment and seek ownership of large, critical projects. We're looking for people who enjoy crafting solutions to tackle problems rather than focusing on completing tasks as fast as possible. Experience working in Cloud infrastructures (AWS, GCP, OCI, etc.) Strong documentation skills Industry security certifications are a plus Why Cisco #WeAreCisco #WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all. Our passion is connection—we celebrate our employees’ diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best. We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer—80 hours each year—allows us to give back to causes we are passionate about, and nearly 86% do! Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us! Show more Show less

About The Position Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Built off years of Israeli cybersecurity experience, Snowbit is looking to offer the broadest managed detection and response offering available today. Snowbit is part of the Coralogix group, with Coralogix rebuilding the path to observability by offloading the burden of indexing and providing deep insights, at an infinite scale, for less than half the cost. We are looking for experienced and highly motivated Cloud Security Consultant to join our journey and be a part of the India Security Resource Centre (SRC) Team. Joining this team provides a unique opportunity to work in a global security resource center and benefit from the best of Israeli cybersecurity talent and influence the direction of a world-class offering in the cybersecurity domain as well as working closely with Coralogix leadership. Responsibilities Gain a deep understanding of Snowbit's security solutions, along with customer cloud environments and security architectures. Serve as the primary advocate and point of contact for Proof of Concepts (PoCs) and high-profile customer engagements, ensuring successful outcomes. Ensure the efficient implementation and enforcement of advanced security services provided by the team. Proactively identify and anticipate potential security escalations at early stages, mitigating risks effectively. Manage multiple high-priority tasks, including handling escalations with a strategic approach. Oversee the triage and analysis of security assessments, enhancing incident investigation processes and ensuring swift resolution of security threats. Communicate with customers on alerts, remediation actions, and incident response using structured playbook-driven solutions. Lead quarterly reviews and PoC evaluation calls, while taking ownership of key initiatives and coordinating with various stakeholders. Collaborate with cross-functional teams—including Customer Success Management (CSM), Security Research, Incident Response, and Product—to strengthen security operations and continuously enhance the Snowbit offering. Share industry insights, best practices, and technical knowledge within the team while keeping internal documentation and knowledge bases up to date. Foster a collaborative and growth-driven team culture by leading by example, supporting professional development, and promoting continuous learning and innovation. Requirements Availability during US time zone 5PM - 2AM IST in order to allow daily interaction with US based customers Bachelor's degree in Computer Science, Engineering, Electrical Engineering, or relevant industry certifications. Strong communication skills with proficiency in English (written and verbal). Experience working with multi-regional customers across different locations. 3+ years of experience in customer-facing security operations roles, preferably within SOC/MDR environments handling multiple clients. Expertise in cybersecurity assessments and incident management methodologies. Hands-on experience with security technologies such as SOC, MDR, SIEM, SOAR, WAF, IPS and other security solutions. Strong understanding of the cybersecurity landscape, including common threats, attack vectors, and mitigation strategies. Familiarity with monitoring, ticketing, and CRM tools to manage security operations efficiently. Ability to build and maintain strong customer relationships, ensuring a positive and proactive engagement experience. Preferred Requirements Experience with cloud services (AWS or Azure or GCP) Knowledge of Cloud security principles Security certifications such as CISSP,CEH,CSA Show more Show less

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. Our Cyber Defense team focuses on helping our clients design and implement an effective cybersecurity program and technologies that protect against threats, support business objectives, and enables growth. As businesses move to a digital world, more data is generated and shared among organisations, partners and customers; to have business value, that data needs to be protected. You'll play an integral role in helping our clients ensure they are protected by developing solutions focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. In joining, you'll be a part of a team that values technical and business acumen and provides training and development to extend and develop your skills, while fostering a strong collaborative culture. You'll have the opportunity to help organisations design and create sustainable security solutions at enterprise scale, through a focused approach on enterprise requirements and prioritisation, information technology security architecture, and the software development lifecycle. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Director, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Arrange appropriate assignments and experiences to support others' learning and development. Seek out different ways to use current and relevant technological advances. Analyse marketplace trends - economical, social, cultural, technological - to identify opportunities and create value propositions. Deploy methods to keep up with, and stay ahead of, new developments and ideas. Offer a global perspective in stakeholder discussions and when shaping solutions/recommendations. Drive and take ownership for developing networks that help deliver what is best for stakeholders. Proactively manage stakeholders to create positive outcomes for all parties. Uphold the firm's code of ethics and business conduct. Platform: Cybersecurity Experience: 12-15 years Minimum Degree Required: Bachelor’s or master’s degree in Computer Science/Communications or related field from reputed Indian universities Certification(s) Preferred : Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Job Responsibilities:- Lead Cyber Defense pillar consisting of multiple sub capabilities (including SIEM/SOC, Network Security, Cloud Security, IOT Security). Driving support in sales lifecycle and crafting a narrative that helps convert an opportunity to a WIN Manage/coach a team of practitioners that deliver client services in areas listed above Managing multiple stakeholders including senior leadership to help realise stated vision/goals Identify and build new capabilities to help expand the current portfolio of offerings Having the ability to mentor and support Managers/Senior Managers to the fullest extent in practice development Drive practice operations that include hiring, managing supply/demand, grooming staff towards a path of continuous improvement Creating career paths and enabling team members to pursue their professional goals that tie into the practice goals Collaborating with extended leadership to drive initiatives that are of utmost importance to the firm’s goals Skills Required Must have hands-on experience SIEM platforms (Splunk, Sentinel) / Network Security / Cloud Security / IOT Security /SNOW / ITIL / Agile Methodologies Good understanding of use case development based on client requirements. Experience in developing project plans and tracking the complete project delivery Driving stand up call with team / clients Exposure \ knowledge of integration on various SIEM platforms Experience on implementing EDR solutions Experience in implementing DLP solutions Experience in Network Security & Cloud Security (AWS/Azure). Previous experience as a Cyber security architect is a plus. Experience on handling client proposals a plus Have good understanding of the MITRE framework Knowledge of programming languages a plus (Python, Perl and Shell scripting etc.) Experience working with US clients Good communications skills Minimum Degree Required: Bachelor’s or master’s degree in Computer Science/Communications or related field from reputed Indian universities Certification(s) Preferred : Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Show more Show less

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale — unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI. What Is The Role As a Security Specialist Solutions Architect, you will bring deep expertise in SIEM solutions, security technologies, and consultative selling to support customers in securing their data and infrastructure. You will leverage your knowledge of vendor ecosystems, security architectures, and operational processes to help customers solve complex challenges, enhance incident response, and build modern, scalable security solutions. Joining Elastic Means Joining a Company That: Empowers you to make a real impact: Your work will directly influence the success of organizations worldwide, helping them unlock new opportunities and make insightful decisions. Offers unparalleled growth opportunities: We cultivate a culture of learning and provide access to world-class training programs and cutting-edge technology. Connects you with passionate individuals: Collaborate with a diverse team of engineers, data scientists, and industry experts who are passionate about pushing the boundaries of security analytics and AI-powered solutions. Rewards you for your contributions: Enjoy a competitive compensation and benefits package that reflects your talent and dedication. Learn More: Our Mission: To help people understand their data and align with their desired outcomes Our Values: Collaboration, Openness, Customer Obsession, and Innovation. Our Culture: We're a diverse team of passionate individuals united by a common goal: to make the world a more informed place. What You Will Be Doing Architect next-generation security solutions: Design and implement cutting-edge solutions utilizing Elastic's latest advancements in AI, to help improve incident response Harness the power of the Elastic Security Solution to enable organizations to achieve their use case requirements and improve overall operational efficiency Deliver compelling proof-of-value (POV) projects: Showcase the value of Elastic Security’s detection, AI, and Incident Response capabilities, demonstrating the potential to improve the analyst experience and shorten the time it takes for an analyst to make an informed decision. Be a thought leader and evangelize our vision: Share your expertise through presentations, blog posts, and other channels, positioning Elastic as the leader in SIEM and Analytics Foster collaboration and knowledge sharing: Cultivate a collaborative environment within the Solutions Architecture team and across departments, promoting knowledge sharing and driving continuous improvement. Stay ahead of the curve: Continuously learn and explore the ever-evolving landscapes of SIEM and Analytics and related technologies, ensuring our solutions are always at the forefront of innovation. What You Bring 15+ years of experience in designing and architecting enterprise-level SIEM solutions. Extensive experience with SIEM platforms and vendor solutions in enterprise environments Deep understanding of AI and its impact on SIEM and Analytics solutions. Strong understanding of SOC workflows, processes, and operational challenges. Knowledge of a wide range of security solutions, the type of data they produce and build content to satisfy Use Case Requirements Background that includes forensic analysis, troubleshooting, and threat mitigation. Experience with Behavioral Analytics, and Machine Learning techniques. Ability to work independently and thrive in fast-paced environments. Proven success in consultative selling, RFI/RFP responses, and customer presentations. Excellent communication and presentation skills, able to engage both technical and non-technical audiences Collaborative spirit and a passion for sharing knowledge and expertise. Unwavering commitment to continuous learning and staying ahead of the curve in technology and emerging trends Certifications such as CISSP, CEH, or GIAC are a plus Willingness to travel 30-50% of the time What Is The Role As a Security Specialist Solutions Architect, you will bring deep expertise in SIEM solutions, security technologies, and consultative selling to support customers in securing their data and infrastructure. You will use your knowledge of supplier networks, security systems, and daily operations to help customers. Your goal is to solve complex problems, enhance emergency response, and develop modern, scalable security systems. Joining Elastic Means Joining a Company That: Empowers you to make a real impact: Your work will directly influence the success of organizations worldwide, helping them unlock new opportunities and make insightful decisions. Offers unparalleled growth opportunities: We cultivate a culture of learning and provide access to world-class training programs and cutting-edge technology. Work with a team of devoted engineers, data scientists, and industry experts. You will collaboratively push the boundaries of security analytics and AI-powered solutions. Rewards you for your contributions: Enjoy a competitive compensation and benefits package that reflects your talent and dedication. Learn More: Our Mission: To help people understand their data and align with their desired outcomes Our Values: Collaboration, Openness, Customer Obsession, and Innovation. Our Culture: We're a diverse team of motivated individuals united by a common goal: to make the world a more informed place Create advanced security solutions: Improve incident response by using the latest AI technology from Elastic. Harness the power of the Elastic Security Solution to enable organizations to achieve their use case requirements and improve overall operational efficiency Lead successful project demos that show how Elastic Security can improve an analyst's job. Demonstrate its detection, artificial intelligence, and incident response capabilities to help them make quick, well-informed decisions. Be a thought leader and evangelize our vision: Share your expertise through presentations, blog posts, and other channels, positioning Elastic as the leader in SIEM and Analytics Foster teamwork and information sharing: Create a team in the Solutions Architecture group that collaborates well. Expand this collaboration to other departments. Exchange knowledge and strive for continuous improvement. What You Bring Stay ahead of the curve: Continuously learn and explore the ever-evolving landscapes of SIEM and Analytics and related technologies, ensuring our solutions are always at the forefront of innovation. 15+ years of experience in designing and architecting enterprise-level SIEM solutions. Extensive experience with SIEM platforms and vendor solutions in enterprise environments Deep knowledge of AI and its impact on SIEM and Analytics solutions. Robust knowledge of SOC workflows, processes, and operational challenges. Knowledge of a wide range of security solutions, the type of data they produce and build content to satisfy Use Case Requirements Background that includes forensic analysis, troubleshooting, and threat mitigation. Experience with Behavioral Analytics, and Machine Learning techniques. Ability to work autonomously and thrive in dynamic environments. Proven success in consultative selling, RFI/RFP responses, and customer presentations. Excellent communication and presentation skills, able to engage both technical and non-technical audiences Collaborative spirit and an interest for sharing knowledge and expertise. Unwavering commitment to continuous learning and staying ahead of the curve in technology and emerging trends Certifications such as CISSP, CEH, or GIAC are a plus Willingness to travel 30-50% of the time. Additional Information - We Take Care Of Our People As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do. We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do. Competitive pay based on the work you do here and not your previous salary Health coverage for you and your family in many locations Ability to craft your calendar with flexible locations and schedules for many roles Generous number of vacation days each year Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service Up to 40 hours each year to use toward volunteer projects you love Embracing parenthood with minimum of 16 weeks of parental leave Different people approach problems differently. We need that. Elastic is an equal opportunity employer and is committed to creating an inclusive culture that celebrates different perspectives, experiences, and backgrounds. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation. We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co. We will reply to your request within 24 business hours of submission. Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster) Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People’s Republic (“DNR”), and the Luhansk People’s Republic (“LNR”). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic. Please see here for our Privacy Statement. Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation. We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission. Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster. Please see here for our Privacy Statement. Show more Show less

Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! Job Description Your Career We are seeking a dynamic and experienced Sales Specialist to drive the growth of our Cortex and Cloud business across the region. The ideal candidate will operate in a high-growth environment at scale, thrive in driving innovation, have a solid background in cybersecurity sales, and a deep understanding of security solutions. They will have a proven track record of developing strong customer relationships and executing strategies that support rapid expansion and success. This role requires a strategic thinker who excels in collaboration with internal teams, engages effectively with customers, and drives revenue growth through the sale of complex solutions. Your Impact Join the fastest growing team where experience meets cutting-edge solutions Build and cultivate strong customer relationships, driving business growth within the region. Partner with the core sales team to align customer strategies and engagements with Cortex and Cloud business objectives. Take full ownership of leading strategic sales campaigns, sales forecasting, utilizing in-depth knowledge of sales cycles from initial contact through procurement. Engage in deep technical discussions beyond standard sales presentations and pitches; while translating complex technical cybersecurity solutions into clear business value propositions for customers. Collaborate closely with cross-functional teams, including sales engineers, to provide tailored customer-centric solutions. Partner with Alliances to develop joint strategies, enhance customer engagement and deliver innovative solutions for existing and prospective clients. Travel domestically as needed to meet with customers and attend key business events. Qualifications Your Experience 14+ years of field sales experience focusing on key customer accounts and delivering value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SecOps SIEM, EDR or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution sales methodologies to drive results. Experience working with channel partners and a deep understanding of a channel-centric go-to-market strategy. Demonstrated ability to thrive in a fast-paced, high-growth startup environment while collaborating effectively with sales engineers and cross-functional teams. Experience operating in a continuous adoption, expansion, and upsell sales motion within a matrixed sales organization is preferred Willingness to travel domestically as necessary to meet business needs. Additional Information The Team [Input by recruiter and audited by recruiting specialist] Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines. Covid-19 Vaccination Information for Palo Alto Networks Jobs Vaccine requirements and disclosure obligations vary by country. Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if: The job requires accessing a company worksite The job requires in-person customer contact and the customer has implemented such requirements You choose to access a Palo Alto Networks worksite If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter. Show more Show less

Sr. Information Security Analyst Hyderabad, India General Management/ Administration/ Support 64974 Job Description WHAT YOU DO AT AMD CHANGES EVERYTHING We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences – the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives. AMD together we advance_ THE ROLE: The Sr. Systems Security Engineer will be responsible for identifying cyber threats, defining the security requirements, and engineering solutions to solve the existing threats and security issues of a global organization. We have competitive benefit packages and an award-winning culture. Join us! THE PERSON: The ideal candidate will possess strong multi-tasking skills and passion for details and should think one step ahead of cyber-criminals. You should be well-prepared to thrive in a fast-paced environment, possessing good interpersonal and communication skills. As a self-motivated employee, you are a strategic problem solver, with a demonstrable ability to provide and articulate architecture future visions and the ability to deliver end-to-end solutions in a fast moving, high-tech industry. We are seeking a highly skilled and experienced Detection Engineering Lead to join our Information Security team. The ideal candidate will be responsible for designing, developing, and deploying advanced threat detection strategies to handle sophisticated threats. This role requires a deep technical understanding of analyzing tactics and techniques, particularly within the MITRE ATT&CK framework, and the ability to build detection use cases to enhance the efficiency and effectiveness of our threat detection capabilities. **Key Responsibilities: ** Design, develop, and deploy advanced threat detection strategies to identify and mitigate sophisticated cyber threats. Analyze tactics, techniques, and procedures (TTPs) used by threat actors and translate them into actionable detection use cases. Utilize the MITRE ATT&CK framework to develop and refine detection methodologies. Collaborate with cross-functional teams to ensure the integration and effectiveness of detection strategies. Continuously improve detection capabilities by staying updated with the latest threat intelligence and industry best practices. Conduct regular assessments and tuning of detection mechanisms to ensure optimal performance. Develop response procedures for detections and collaborate with the automation and engineering teams to implement automated responses Provide expert guidance and mentorship to junior team members on threat detection and response. **Qualifications: ** 3-9 years of experience in cybersecurity, with a focus on threat detection and response. Proven experience in designing and implementing threat detection strategies. Deep technical knowledge in analyzing cyber threat tactics, techniques, and procedures. Expertise in the MITRE ATT&CK framework and its application in threat detection. Strong analytical and problem-solving skills with the ability to think critically and creatively. Excellent communication and collaboration skills to work effectively with cross-functional teams. Relevant certifications such as CISSP, GIAC, or equivalent are a plus. **Preferred Skills: ** Experience with security information and event management (SIEM) systems. Familiarity with common security solutions like EDR, CASB, DLP, Firewall, IDS/IPS etc. Knowledge of scripting and automation to enhance detection capabilities. Understanding of network security principles and technologies. If you are passionate about cybersecurity and have the expertise to lead our threat detection efforts, we encourage you to apply for this exciting opportunity. #LI-SK4 AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.

Job Summary The Security Analyst is responsible for ensuring the security and integrity of the organization's information systems and data. This role involves identifying and mitigating security risks, reviewing project security requirements, and maintaining compliance with security standards. The Security Analyst will also focus on detection engineering by designing systems to detect malicious activities and implementing automation technologies to streamline security operations, including vulnerability management and incident response. General Duties and Responsibilities Information Security Analyst duties and responsibilities include: Identify and ensure mitigation of information security risks within the organization. standards, procedures, and practices across various types of projects. Review requests for adherence to security policies, assuring requests are executed correctly. Identify security incidents and respond to ensure threats and risks are contained. Maintain integrity of security controls, toolsets, and other security-relevant services. Develop and analyze security reports, and build presentations as required. Facilitate status reports and other relevant information to compliance staff and department leadership. Monitor and audit systems for security violations, vulnerabilities, and abnormalities. Develop, implement, and maintain alignment with security control frameworks. Make updates to security policies, standards, procedures, practices, and operating procedures, as required. Assist with incident handling and other incident response activities, as required. Complete and monitor the status of corrective action plans, resolve audit findings and security issues, ensuring problems are resolved in an effective and timely manner. Implement and evaluate the effectiveness of data loss prevention (DLP) policies and detections. Design, build, and fine-tune systems and processes to detect malicious activities or unauthorized behaviors. Implement tools, processes, and procedures to identify unusual or suspicious behavior that may indicate a breach. Create actionable alerts based on detected threats to prompt immediate response from concerned teams. Implement automation technologies to streamline security operations such as vulnerability management, threat detection, and incident response. Use automation to reduce incident response time by enabling swift threat remediation through predefined actions. Educational and Certification Requirements A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable. Industry recognized certifications are a plus. Certifications may include: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), CompTIA Security+, certifications issued by the SANS Institute, etc. Certifications issued by public cloud providers (AWS, Azure, Google, Oracle, etc.) is a plus. General Knowledge, Skills, and Abilities As well as formal qualifications, an Information Security Analyst should possess: A working level understanding of controls (e.g., access control, auditing, authentication, encryption, and system integrity). Versed in operating systems such as Linux (various distributions) and Microsoft Windows. Experience with Microsoft Active Directory, encryption and algorithms, authorization and authentication mechanisms/software, network monitoring, TCP/IP networks, DNS, next generation firewalls, and intrusion detection/prevention systems. General knowledge of network design and common network protocols, and infrastructure systems. Ability to create scripts to automate processes in PowerShell, Python or Bash is a plus. Ability to recognize and analyze malware. Ability to analyze large data sets and identify patterns and anomalies. Ability to quickly create and deploy countermeasures or mitigations under pressure. Build effective relationships. Develop and use collaborative relationships to facilitate the accomplishment of work goals. Experience with the PCI-DSS, ISO-27001, and/or SOC II compliance frameworks is a plus. Experience implementing and measuring security controls aligned with NIST 800-53 and the Center for Internet Security (CIS) is a plus. Project Management skills is a plus. Experience with the following technologies is a plus: SentinelOne Singularity Platform, Tanium, Google Chronicle SIEM, Cloudflare L3-L7 security technologies, Tenable.io, Lacework, Recorded Future, KnowBe4, ServiceNow, Jira, Microsoft Defender for Endpoints, Microsoft Security and Compliance, Microsoft Azure Key Vault. Experience with the native security service solutions for public cloud service providers (AWS, Google, Azure, Oracle) is a plus. Job Type: Contractual / Temporary Contract length: 6-12 months Pay: From ₹322,415.01 per year Schedule: Day shift Monday to Friday Morning shift Night shift Rotational shift Work Location: In person

Position Title: Information & Cyber Security Specialist Mode: 100% Remote Contract: Full-time Compensation: Upto ₹70,000 per month Working Days: Monday to Saturday Shift Timing: 03:00 PM – 12:00 AM IST Experience Required: 5+ Years Job Description: We are seeking a highly motivated Information & Cyber Security Specialist with a strong background in software management and IT coordination. The ideal candidate will take ownership of our digital security infrastructure, support software implementation initiatives, and collaborate with internal teams and external vendors to ensure robust security and seamless operations across all departments. Key Responsibilities: Microsoft Defender Expertise Experience with Microsoft Defender for Office 365 (email threat protection, anti-phishing, anti-malware, safe links/attachments). Ability to manage and optimize Defender Security Policies. Knowledge of threat hunting and incident response using Microsoft 365 Defender. Office 365 Security Administration Hands-on with Microsoft 365 Security & Compliance Center. Familiarity with Exchange Online Protection (EOP). Capable of reviewing and investigating email delivery issues and spoof/phishing reports. Firewall Log Monitoring and Analysis Experience with analyzing firewall logs for suspicious activities and lateral movement. Understanding of network protocols, ports, and IP behavior. VPN and Network Security Monitoring Experience in monitoring and investigating VPN usage logs for anomalies. Understanding of remote access security and best practices. Azure Virtual Desktop Infrastructure (AVDI) Basic understanding of Azure VDI environment, including user/session monitoring, VM security, and identity/access control. Ability to coordinate with IT team for secure VDI deployment and maintenance. General Cybersecurity Skills Knowledge of SIEM tools (even if not currently used, future readiness). Ability to respond to alerts and incidents in a structured way. Strong understanding of cyber threats, MITRE ATT&CK, and defense strategies. Communication & Reporting Ability to create incident reports and document security procedures. Good written and verbal communication skills to explain technical risks to non-technical stakeholders. Interested Candidates can send their resumes at swati.chauhan@gehilaw.com Show more Show less

Cyber Security Analyst UltraViolet Cyber is seeking a Cyber Security Analyst to add to our existing team. Primary responsibilities will require: (i) in-depth analysis of intrusions in diverse computing environments; (ii) thorough packet analyses; (iii) implementing/optimizing changes to security infrastructure; (iv) integrating threat intelligence into the operational environment; and (v) protecting systems and infrastructure from infiltration or exfiltration of data. Responsibilities: Perform analyses of network infrastructure, applications, operating systems, firewalls, proxy devices and malware detection in a fast-paced environment Proactively identify threats across a wide range of customer environments Monitor alerts using a SIEM platform to respond, triage and escalate incidents, as necessary Perform vulnerability scans, analyze results and recommend remediation actions Perform continuous monitoring of diverse security environments and analyze event log data to determine severity and prioritization of incident response efforts Contribute to the advancement of security posture Minimum Requirements: 2 years of operational experience with securing and monitoring multiple platforms, network configurations and implementations Broad knowledge of IT security General systems infrastructure experience Experience with log correlation and packet analysis tools Solid understanding of common enterprise information systems services such as Active Directory Solid understanding of TCP/IP protocol suite, security architecture and security techniques/products Experience with various security management tools (e.g., vulnerability management, configuration management and SIEM) Proven ability to analyze captured data to perform incident response and identify potential compromises Excellent written and oral communication skills Preferred Education and Certifications: B.A or B.S in computer science or related field CompTia Sec+ CompTia CySa+

New Delhi, National Capital Territory of Delhi, India Sales Full-time Ref ID: JR-006167 Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! Your Career We are seeking a dynamic and experienced Sales Specialist to drive the growth of our Cortex and Cloud business across the region. The ideal candidate will operate in a high-growth environment at scale, thrive in driving innovation, have a solid background in cybersecurity sales, and a deep understanding of security solutions. They will have a proven track record of developing strong customer relationships and executing strategies that support rapid expansion and success. This role requires a strategic thinker who excels in collaboration with internal teams, engages effectively with customers, and drives revenue growth through the sale of complex solutions. Your Impact: Join the fastest growing team where experience meets cutting-edge solutions Build and cultivate strong customer relationships, driving business growth within the region. Partner with the core sales team to align customer strategies and engagements with Cortex and Cloud business objectives. Take full ownership of leading strategic sales campaigns, sales forecasting, utilizing in-depth knowledge of sales cycles from initial contact through procurement. Engage in deep technical discussions beyond standard sales presentations and pitches; while translating complex technical cybersecurity solutions into clear business value propositions for customers. Collaborate closely with cross-functional teams, including sales engineers, to provide tailored customer-centric solutions. Partner with Alliances to develop joint strategies, enhance customer engagement and deliver innovative solutions for existing and prospective clients. Travel domestically as needed to meet with customers and attend key business events. Your Experience 14+ years of field sales experience focusing on key customer accounts and delivering value to Enterprise or Major-level accounts in the cybersecurity industry. Extensive platform selling experience in complex sales with multiple buying centers. Experience selling SecOps SIEM, EDR or CNAPP (DevSecOps, CloudOps) solutions is highly preferred. Established trusted relationships with CIOs and CISOs with the ability to influence and drive strategic conversations Expertise in applying complex solution sales methodologies to drive results. Experience working with channel partners and a deep understanding of a channel-centric go-to-market strategy. Demonstrated ability to thrive in a fast-paced, high-growth startup environment while collaborating effectively with sales engineers and cross-functional teams. Experience operating in a continuous adoption, expansion, and upsell sales motion within a matrixed sales organization is preferred Willingness to travel domestically as necessary to meet business needs. The Team [Input by recruiter and audited by recruiting specialist] Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines. Covid-19 Vaccination Information for Palo Alto Networks Jobs Vaccine requirements and disclosure obligations vary by country. Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if: The job requires accessing a company worksite The job requires in-person customer contact and the customer has implemented such requirements You choose to access a Palo Alto Networks worksite If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter.

Job Summary The Director, TSG Information Security, Cyber Threat Management is a position within Bain's Cyber Security Department, whose mission is to define and enable strategies to safeguard the digital assets and integrity of the organization. In this role, the Director understands how security measures align with the overall organizational strategy and will begin to organize and lead in the development and implementation of security controls that adhere to regulatory requirements and best practices. The Director combines a strong level of technical and managerial skills and business alignment to build and guide a growing team and resources across a spectrum of capabilities. The position primarily focuses on the efficient, effective and reliable resolution of Bain's defensive strategy as well as focuses on improving our offensive strategy to help the company meet its overall business objectives. The position therefore must have the technical skills to troubleshoot and resolve complex issues as well as excellent communication and upward management. These measures require taking a leadership position in coordinating activities across the team working with Technical, IT and Cybersecurity leadership. The Director role has expertise and experience in multiple disciplines, including Threat Intelligence programs, Detection and Deterrence systems, Threat Exposure Management, Incident Response, Forensics and Evidence gather and Pro-Active Security probing capabilities (Red/Blue/Purple teaming & Penetration Testing). Principal Accountabilities Monitoring & Detection Oversee and strategize on developing advanced security monitoring, analysis, and correlation platforms to detect cybersecurity events. Direct cross-functional efforts in the identification and in-depth analysis of sophisticated security threats, including malware, APTs (Advanced Persistent Threats), and targeted attacks. Enable a wide range of security tools and technologies, including SIEM, IDS/IPS, or next gen/advanced threat detection solutions. Partner with organizations and vendors to identify and integrate new data sources. Incident Response & Analysis Oversee the ongoing management and evolution of security runbooks and champion for ongoing automation or AI/ML based technologies to increase speed/efficiency. Strengthen Bain’s capability in-depth log analysis, data correlation, and forensic investigations to identify root causes of incidents and improve security measures. Provide strong and clear communications on cyber events and situations with sr. leadership. Ensure alignment in security policies and practices adhere to industry standards and compliance requirements and oversee the validation of the controls. Serve as a subject matter expert in security discussions and decision-making and enable and grow team members skills and experience. Work with the primary goal of building efficiencies in Cyber Threat Management responses and driving down MTTR and reducing overall risk. Threat Intelligence Enable a threat intelligence capability, including open-source intelligences (OSINT), dark web forums, and industry reports to drive awareness and improvement in our defensive posture. Utilize threat intelligence platforms and tools to aggregate and correlate threat data. Drive coordination with intelligence and incident response teams to investigate and analyze security incidents. Develop and refine threat intelligence methodologies and tools. Stay current with industry best practices and new methodologies to enhance the teams capabilities. Vulnerability Management & Threat Exposure Management Work cross-functionally across IT teams and provide leadership and guidance in mitigating threats to Bain. Serve as a subject matter expert in security discussions and decision-making. Build processes to enable regular vulnerability scans on the organization's network, applications, and systems using industry-standard tools Pro- Active Security Testing Experience implementing and operationalizing vulnerability management tools, processes, and best practices. Oversee the classification and prioritization of vulnerabilities based on risk and potential impact. Stay informed about emerging trends and technologies in cybersecurity. Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Pro- Active/Enhanced Security Testing Partner with colleagues to expand controlled penetration testing technologies and capabilities on networks, applications, and systems to identify security vulnerabilities. Investigate and keep up to date with changes in tooling and advanced attacks in network, cloud and application testing. Analyze and interpret results to identify potential risk as well as evaluate potential impact. Red Team, Blue Team, Purple team exercise leadership experience. Professional Development and Innovation Stay informed about emerging trends and technologies in cybersecurity. Drive collaboration and defensive standards/expertise across Bain, working with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Explore Professional Certifications and work with leadership to plan trainings. Knowledge, Skills, and Abilities Security Monitoring & Incident Detection and Response Strong knowledge of Splunk (or other SIEM tools),CrowdStrike or equivalent EDR/MDR platforms, Windows Defender, Palo Alto Networks, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools) Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologies Knowledge of ticketing, triage and forensics capabilities and toolsets General Skills Great communication skills, with the ability to document and explain technical information clearly. Analytical mindset, with a focus on learning and problem-solving. Ability to work independently and well in a team, showing strong interpersonal skills. Eagerness to learn and adapt to new challenges in cybersecurity. Entrepreneurial spirit, open to trying new approaches and learning from them. Team Management Drive and expand the training and professional development of Security Operations staff. Qualification and Experience Bachelor's degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experience 10-15 years of relevant experience Experience with Information Security technologies (Firewall, IPS, IDS, SIEM, EDR, CASB, AV, DLP, etc.) Experience with common information security controls frameworks (i.e. ISO, NIST, CIS, or CSA) Global company or equivalent Experience deploying systems or applications Ability to work independently and with teams on complex problems Complex problem solving Ability to work in a fast paced, dynamic environment.

Delhi, National Capital Territory of Delhi, India Sales Full-time Ref ID: 3128678 Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we are looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! Your Career As a Domain Consultant you will be the expert for our Cortex portfolio, a Next-Gen AI-powered security operations platform. You will play a key role in defining technical solutions that secure a customer’s key business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customer’s cybersecurity partner of choice Your Impact Collaborate with account teams to recommend and develop customer solutions within your assigned specialization area Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership Lead and support customer demonstrations that showcase our unique value proposition Scope and Lead Proof of Value (PoV) projects for prospective customers based on best practices to ensure technical win in your assigned opportunities Drive high technical validation and PoV win rates within your assigned specialization area Architect solutions that will help our customers strengthen and simplify their security posture Accelerate technical validation of proposed solutions within your specialization Document High-Level Design and Key Use Cases to ensure proper implementation and value realization of Palo Alto Networks Solutions Help our customers build and develop further their services around Cortex solutions Lead conversations about industry trends and emerging changes to the security landscape Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative Assist account solutions consultants to respond effectively to RFIs/RFPs while serving as the main technical point of contact for Cortex Position Palo Alto Networks or Partner delivered services as appropriate to ensure proper implementation and value realization of Palo Alto Networks solutions Your Experience Deep experience with security incident response, both IR tools and IR workflow process or SOC operational processes Strong technical hands-on experience (At least 5+ years) with EDR/XDR Experience around SOAR and SIEM will be an added advantage Strong practical experiences with threat hunting, malware, exploits and be able to demonstrate simulation of cyber attacks Experience installing, configuring and integrating a complex Security environment Experience with Security Analytics or Threat Intel is a plus Deep understanding of Unix/Linux and Windows operating systems and scripting skill in Python/JavaScript/PowerShell is an advantage Strong problem finding and solving skills, ability to analyze complex multivariate problems and use a systematic approach to gain quick resolution 8+ years of experience in a customer facing role Strong English language skills, both oral and written - Ability to confidently present with impact to an audience in person and remotely A team player - ability to share knowledge openly, interact with integrity, embrace diversity A Self-Starter, self-motivated and a quick learner with the ability to embrace change - the Cortex portfolio is always evolving and as a technical Specialist your expertise must be at the leading edge The Team Palo Alto Networks has brought technology to market that is reshaping the cybersecurity threat and protection landscape. Our ability to protect digital transactions is limited only by our ability to establish relationships with our potential customers and help them understand how our products can protect their environments. You won’t find someone at Palo Alto Networks that isn’t committed to your success – with everyone pitching in to assist when it comes to solutions selling, learning, and development. As a member of our systems engineering team, you are motivated by a solutions-focused sales environment and find fulfillment in working with clients to resolve incredible complex cyber threats. Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines. Covid-19 Vaccination Information for Palo Alto Networks Jobs Vaccine requirements and disclosure obligations vary by country. Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if: The job requires accessing a company worksite The job requires in-person customer contact and the customer has implemented such requirements You choose to access a Palo Alto Networks worksite If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter.

New Delhi, National Capital Territory of Delhi, India Systems Engineering Full-time Ref ID: JR-006652 Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision. Your Career As a Domain Consultant you will be the expert for our Cortex portfolio, a Next-Gen AI-powered security operations platform. You will play a key role in defining technical solutions that secure a customer’s key business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customer’s cybersecurity partner of choice Your Impact Collaborate with account teams to recommend and develop customer solutions within your assigned specialization area Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership Lead and support customer demonstrations that showcase our unique value proposition Scope and Lead Proof of Value (PoV) projects for prospective customers based on best practices to ensure technical win in your assigned opportunities Drive high technical validation and PoV win rates within your assigned specialization area Architect solutions that will help our customers strengthen and simplify their security posture Accelerate technical validation of proposed solutions within your specialization Document High-Level Design and Key Use Cases to ensure proper implementation and value realization of Palo Alto Networks Solutions Help our customers build and develop further their services around Cortex solutions Lead conversations about industry trends and emerging changes to the security landscape Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative Assist account solutions consultants to respond effectively to RFIs/RFPs while serving as the main technical point of contact for Cortex Position Palo Alto Networks or Partner delivered services as appropriate to ensure proper implementation and value realization of Palo Alto Networks solutions Your Experience Deep experience with security incident response, both IR tools and IR workflow process or SOC operational processes Strong technical hands-on experience (At least 5+ years) with EDR/XDR Experience around SOAR and SIEM will be an added advantage Strong practical experiences with threat hunting, malware, exploits and be able to demonstrate simulation of cyber attacks Experience installing, configuring and integrating a complex Security environment Experience with Security Analytics or Threat Intel is a plus Deep understanding of Unix/Linux and Windows operating systems and scripting skill in Python/JavaScript/PowerShell is an advantage Strong problem finding and solving skills, ability to analyze complex multivariate problems and use a systematic approach to gain quick resolution 8+ years of experience in a customer facing role Strong English language skills, both oral and written - Ability to confidently present with impact to an audience in person and remotely A team player - ability to share knowledge openly, interact with integrity, embrace diversity A Self-Starter, self-motivated and a quick learner with the ability to embrace change - the Cortex portfolio is always evolving and as a technical Specialist your expertise must be at the leading edge The Team Palo Alto Networks has brought technology to market that is reshaping the cybersecurity threat and protection landscape. Our ability to protect digital transactions is limited only by our ability to establish relationships with our potential customers and help them understand how our products can protect their environments. You won’t find someone at Palo Alto Networks that isn’t committed to your success – with everyone pitching in to assist when it comes to solutions selling, learning, and development. As a member of our systems engineering team, you are motivated by a solutions-focused sales environment and find fulfillment in working with clients to resolve incredible complex cyber threats. Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines. Covid-19 Vaccination Information for Palo Alto Networks Jobs Vaccine requirements and disclosure obligations vary by country. Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if: The job requires accessing a company worksite The job requires in-person customer contact and the customer has implemented such requirements You choose to access a Palo Alto Networks worksite If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter.

Job requisition ID :: 82284 Date: May 31, 2025 Location: Delhi Designation: Deputy Manager Entity: You will be responsible for managing and maintaining the IBM QRadar Security Information and Event Management (SIEM) platform. Your primary role will involve deploying, configuring, and optimizing the QRadar system to ensure effective security monitoring, event correlation, and threat detection within the organization's infrastructure. You will collaborate with security analysts, network engineers, and other IT teams to implement and maintain a robust security infrastructure.

Job requisition ID :: 82922 Date: May 31, 2025 Location: Delhi Designation: Assistant Manager Entity: SOC - DM

Designation: SOC analyst L3 Experience: 7-15 Year Office Location: Sector 18, Gurugram Job Type: Full-time Job Summary: We are seeking an experienced and proactive SOC Analyst Level 3 to join our cybersecurity operations team. As a senior member of the Blue Team, you will lead threat detection, incident response, and threat hunting efforts using cutting-edge tools including SOAR and XDR platforms. You will also play a key role in mentoring junior analysts, fine-tuning detection mechanisms, and developing automated playbooks. Key Responsibilities: * Lead real-time monitoring and analysis of security events from various sources (XDR, SIEM, SOAR, etc.). * Coordinate and perform advanced threat hunting across endpoints, networks, and cloud environments. * Analyze alerts and incidents to identify false positives and true threats. * Manage and develop SOAR playbooks to improve response times and incident handling. * Correlate threat intelligence with internal events to identify potential risks. * Drive incident response efforts, including containment, eradication, and recovery. * Collaborate with cross-functional teams to remediate vulnerabilities and prevent recurrence. * Perform forensic analysis as part of post-incident review and root cause analysis. * Mentor and train SOC Level 1 and 2 analysts. * Maintain and optimize detection rules and signatures in XDR and SIEM platforms. * Document investigation findings, incident reports, and threat hunting activities. Required Skills & Qualifications: * 7+ years of experience in Security Operations, Incident Response, or Cyber Threat Detection. * Deep understanding of Blue Team methodologies and defense-in-depth strategies. * Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, or similar). * Strong experience with XDR solutions (e.g., Palo Alto Cortex XDR, Microsoft Defender XDR, SentinelOne). * Advanced threat hunting techniques using both manual and automated approaches. * Proficient in using SIEM tools (Splunk, QRadar, or similar) and correlating log data from multiple sources. * Knowledge of MITRE ATT&CK framework and its application in threat detection and response. * Strong scripting and automation skills (Python, PowerShell, etc.) for SOAR and data parsing. * Familiarity with EDR, NDR, IDS/IPS, and endpoint forensic tools. * Solid understanding of TCP/IP, network protocols, and operating system internals (Windows, Linux). * Excellent communication and analytical skills. Job Type: Full-time Pay: ₹2,200,000.00 - ₹2,500,000.00 per year Schedule: Day shift Night shift Work Location: In person

1. Advanced Troubleshooting & Incident Analysis Perform in-depth analysis of network security incidents (e.g., DDoS, firewall breach attempts, malware communication). Investigate alerts escalated by L1 support. Analyze traffic patterns, logs, and system behavior for potential threats. Use packet analysis tools (Wireshark, tcpdump) to investigate suspicious traffic. 2. Firewall and Network Security Device Management Implement and manage firewall policies (Palo Alto, Fortinet, Cisco ASA). Review and refine firewall rules to minimize false positives and improve security posture. Perform configuration changes, backups, and rule audits. 3. Incident Response & Mitigation Act as first responder in critical security incidents. Work with SOC team to contain and remediate threats (e.g., isolate hosts, block IPs, reconfigure ACLs). Coordinate with L3 and Threat Intelligence teams for advanced threat mitigation. 4. Change Management & Implementation Review and implement network security changes as part of the change control process. Deploy updates, patches, and configuration adjustments in firewalls, IDS/IPS, and VPNs. Test and validate the impact of changes before implementation. 5. Log Analysis & Correlation Analyze logs from firewalls, routers, switches, IDS/IPS, and SIEM systems (e.g., Splunk, QRadar). Correlate events across multiple systems to identify attack patterns. Hunt for indicators of compromise (IOCs) in network traffic. 6. Tool Optimization & Maintenance Tune IDS/IPS signatures and firewall rules to reduce noise and increase accuracy. Ensure the health and performance of network security devices. Collaborate on SIEM tuning to improve detection capability. 7. Escalation Point & Support to L1 Team Act as technical escalation point for L1 team. Guide L1 analysts on SOPs, investigation techniques, and tool usage. Help document new playbooks and update knowledge bases. 8. VPN & Remote Access Support Configure and troubleshoot site-to-site and client VPNs. Investigate failed VPN connections, authentication issues, and access violations. 9. Security Audits & Compliance Support internal/external audits by providing logs, reports, and evidence. Ensure compliance with security policies, standards, and regulations (e.g., ISO 27001, PCI-DSS, NIST). Required Skills for L2 Network Security Strong understanding of: TCP/IP, routing protocols, NAT, ACLs Firewall architecture, DMZ, proxy servers IDS/IPS concepts, VPN, IPSec, SSL. Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹550,000.00 per year Benefits: Health insurance Life insurance Paid sick time Provident Fund Schedule: Day shift Work Location: In person

Conduct regular security assessments, including penetration testing and vulnerability assessments, to identify and remediate potential security risks. Design and implement secure network architectures, including firewalls, intrusion detection/prevention systems, and encryption technologies. Adhere to enterprise governance & review processes to deliver project goals & deliverables. Follow enterprise ITSM & CMDB processes Monitor and analyze security alerts using Security Information and Event Management (SIEM) tools, and respond to security incidents in a timely and effective manner. Collaborate with cross-functional teams to develop and enforce identity and access management (IAM) policies and network access control (NAC) solutions. Stay abreast of the latest security threats, industry trends, and best practices to proactively enhance the organization's network security posture. Ensure compliance with relevant security regulations and standards and assist in audit processes as needed. Essential Experience Bachelors degree in computer science, Information Technology, or related field. Proven experience in network security, with a strong understanding of network security fundamentals, encryption technologies, and secure network design principles. Zscaler Private Access & Internet Access Proficiency in configuring, managing, and troubleshooting firewalls. Cisco, Palo Alto etc,. Experience with intrusion detection/prevention systems, as well as with SIEM tools and security incident response. Excellent problem-solving skills, analytical thinking, and the ability to communicate effectively with diverse stakeholders. CERTIFICATIONS: (any of below) Cisco Certified Network Professional/Expert in Security Zscaler Digital Transformation Administrator Zscaler Zero Trust Certified Associate Cisco Certified CyberOps Associate or Professional Palo Alto Networks Certified Network Security Administrator (PCNSA) Palo Alto Networks Certified Network Security Engineer (PCNSE) Check Point Certified Security Administrator (CCSA) Check Point Certified Security Expert (CCSE) Certified Network Security Professional (e.g., CISSP, CompTIA Security Show more Show less

Bhubaneswar, India Job Category : Security Research Posting Date : 01 January 2024 Job Type : Engineering Years of Experience : 5-10 Does this position require a security clearance? No Applicants are required to read,write and speak the following languages Hindi/English Additional Info : Job Description As an esteemed Security Research Engineer with expertise in offensive methodologies and substantiating exploitation, your indispensable role within our security team cannot be understated. Your principal task entails spearheading team exercises to evaluate and enhance our organizational defenses. Moreover, you will partake in team exercises, working alongside the team to strengthen detection prowess and simulate intricate attack scenarios. As part of your role, you will have the responsibility of overseeing and implementing an efficient security strategy, along with security programs and services that are both effective and reliable. Responsibilities Ensure that you remain ahead in the industry by consistently enhancing your understanding of emerging threats, up-to-date attack techniques, and well-documented vulnerabilities. Conduct diverse exercises, including internal and external penetration tests and lateral movement assessments. Evaluate and circumvent security systems to uncover vulnerabilities and propose enhancements. Improve tools for managing configuration or attack paths. Simulate advanced methods and detect different approaches to Tactics, Techniques, and Procedures (TTPs) that could remain unnoticed. Create comprehensive reports that thoroughly document the discoveries, approaches, and applicable suggestions derived from Team engagements. Construct concise and persuasive reports that proficiently convey identified weaknesses, potential attack paths, and potential consequences to relevant parties. Guarantee that reports offer pragmatic advice for rectifying vulnerabilities and improving overall security. Qualifications Bachelor's degree in Computer Science or certifications in Offensive Security such as OSCP, OSCE, or similar qualifications. Minimum of 4 years of experience in a similar role, showcasing a strong background in offensive security and penetration testing. Required Skills Proficient in writing IPS/SIEM detection logic using tools like Splunk or Anvilogic. Hands-on experience in blue team activities with SPL, KQL, YARA-L, and SIGMA. Skilled in crafting detection logic for SIEM or Data Lakes, including Splunk, Anvilogic, etc. Excellent English communication skills, both written and verbal, to effectively communicate complex technical concepts to technical and non-technical stakeholders. Capable of sharing knowledge effectively to educate others. Strong problem-solving abilities and a creative mindset for identifying attack vectors and developing innovative strategies. Disclaimer Hiring Range: from 1000000 to 2250000 per annum. May be eligible for bonus and equity. We maintain broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Nirmalya’s differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. About Us Nirmalya's career has the potential to encompass various industries, roles, countries, and cultures, allowing for growth in novel positions and driving innovation, while effectively balancing work and personal life. Nirmalya has achieved success over the years by embracing change, fostering innovation, and consistently upholding ethical principles, thereby delivering exceptional results for leading companies across multiple industries.To foster and support the talents responsible for such accomplishments, our dedication lies in cultivating an inclusive culture that appreciates and embraces diverse insights and perspectives. We strive to create a workforce that inspires thought leadership and sparks innovation, ensuring a thriving environment for all. Nirmalya Employee Benefits are meticulously designed to prioritize equality, reliability, and affordability. Our comprehensive package encompasses essential features such as Medical and Life Insurance, while also granting access to Retirement Planning and more. Additionally, we actively encourage our employees to actively contribute to the well-being of the communities where we operate. We firmly believe that fostering diversity and inclusion lays the foundation for innovation. To shape a brighter tomorrow, we seek talent from diverse backgrounds, embracing a range of perspectives and abilities. We are committed to providing reasonable accommodations to individuals with disabilities throughout the job application, interview, and prospective role stages, thereby enabling them to effectively perform crucial job functions. Our dedication lies in fostering an inclusive workforce that enables every individual to thrive. We believe in the power of diverse perspectives and value every voice, as it is this harmony that propels us to surpass previous achievements. As an Equal Employment Opportunity Employer, Nirmalya ensures that all applicants are treated fairly and without discrimination. We promote equality regardless of race, color, religion, national origin, gender identity, disability, protected veterans’ status, or any other characteristic protected by law. Additionally, Oracle complies with applicable legislation by considering qualified applicants with arrest and conviction records for employment opportunities. Join our team where diversity is celebrated, and everyone's unique contribution is respected. Together, we embrace innovation and strive towards excellence – a testament to our commitment to fostering an inclusive and thriving workplace.

Required Skills and Qualifications: 5-7 year experience Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience). The candidate should be willing to relocate to Noida. Good knowledge of Windows /Linux system and networking fundamentals. Experience with cloud security and technologies like AWS, Azure, or Google Cloud Knowledge in operating and configuring SIEM tools (e.g., Sentinel , Splunk, MS defender). Knowledge of firewalls, IDS/IPS, DLP, and endpoint protection systems. Familiar with scripting and automation tools (e.g., Python, PowerShell). Experience with monitoring and logging platforms like ELK Stack, Splunk, Prometheus, Grafana, New Relic , Solarwinds Knowledge in CI/CD tools and processes (e.g., Jenkins, GitLab CI/CD). Knowledge containerization and orchestration tools (e.g., Docker, Kubernetes). Key Responsibilities Hands-on experience in Security incident response and threat intelligence analysis Knowledge of networking concepts, firewalls, and security protocols. Experience with SIEM tools, IDS/IPS systems, and endpoint security tools. Investigate security incidents and recommend remediation measures. Analyze security alerts from various monitoring tools and respond appropriately. Manage SIEM (Security Information and Event Management) tools and ensure logs are analyzed. Respond to incidents, perform initial troubleshooting, and escalate complex issues to L2/L3 engineers. Perform routine maintenance of servers, virtual machines, and cloud resources. Assist in provisioning, configuring, and decommissioning infrastructure as required. Support and maintain CI/CD pipelines for various projects. Execute existing automation scripts for routine tasks. Contribute to the improvement of automation scripts and processes. Maintain accurate and up-to-date documentation for configurations, incidents, and procedures. Coordinate with L2/L3 engineers, development, and QA teams for issue resolution.

Job Title: DLP Operations and Trellix Security Analyst Location: Noida, India Job Type: Full-time Experience: 1+ years Job Summary: We are seeking a skilled and detail-oriented DLP (Data Loss Prevention) Operations and Trellix Security Analyst to manage and enhance data protection mechanisms using Trellix (formerly McAfee) and other DLP tools. The role requires hands-on experience in managing DLP incidents, policies, and responding to data security breaches. Key Responsibilities: Monitor, triage, and respond to DLP alerts triggered by endpoint, network, and cloud data movement using Trellix DLP platform. Analyze and investigate DLP incidents to identify root causes and recommend mitigation actions. Administer and maintain Trellix DLP solutions including policy creation, updates, and exception handling. Coordinate with IT, Legal, and HR teams on DLP incident response and investigations. Generate periodic reports and dashboards for DLP events, trends, and policy violations. Perform periodic DLP rule tuning and false positive reduction. Ensure DLP systems are updated, patched, and compliant with security policies. Collaborate with the Information Security team to improve overall data protection strategy. Participate in internal and external audits related to data protection. Required Skills: Strong hands-on experience with Trellix DLP (formerly McAfee DLP) or similar platforms (Forcepoint, Symantec, Microsoft Purview). Knowledge of data classification , content inspection , regex patterns , incident workflows . Understanding of security frameworks such as ISO 27001, NIST, GDPR, and other data privacy regulations. Experience with SIEM tools (Splunk, QRadar) is a plus. Familiarity with endpoint security, email/web gateways, and data exfiltration methods. Excellent analytical, communication, and documentation skills. Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. Relevant certifications like CEH, CISA, Trellix/McAfee Certified Product Specialist , or DLP-specific certifications preferred. Minimum 3 years of experience in DLP operations or information security roles. Preferred Attributes: Proactive attitude and ability to work independently. Strong ethical standards and attention to data privacy. Ability to manage and prioritize multiple tasks in a fast-paced environment. Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹50,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Do you have experience in DLP Operation and Trellix? Experience: minimum: 1 year (Required) Language: English (Required) Location: Noida, Uttar Pradesh (Required) Work Location: In person

Job Description: We are seeking a dedicated Vehicle SOC Analyst to join our automotive cybersecurity operations team. This role focuses on monitoring and responding to threats targeting in-vehicle systems , connected car platforms, and vehicle-to-everything (V2X) technologies. The analyst will work with in-vehicle security tools and contribute to the development of automotive-specific detection and response strategies. Key Responsibilities: Automotive Security Monitoring & Analysis: Monitor vehicle telemetry, network traffic, and logs from ECUs, gateways, and telematics units. Identify, investigate, and respond to cyber threats affecting in-vehicle networks (CAN, LIN, FlexRay, Ethernet). Perform root cause analysis of security alerts and anomalous vehicle behavior. In-Vehicle Security Protocols & Standards: Ensure implementation of in-vehicle cybersecurity protocols such as secure boot, secure OTA, authentication, and encryption. Maintain awareness of ISO/SAE 21434, UNECE WP.29 regulations, and industry best practices. Use Case & Playbook Development: Design and maintain detection use cases tailored to automotive environments (e.g., CAN message flooding, firmware tampering). Develop and update response playbooks for in-vehicle attack scenarios. Collaborate with engineering and R&D teams to refine security detection logic. Hands-On Tools & Technology: Use in-vehicle IDS and anomaly detection tools (e.g., Argus, GuardKnox, Upstream Security, AutoCrypt). Work with automotive SIEM platforms and data aggregation tools. Apply EDR or endpoint monitoring to IVI systems, telematics control units (TCUs), and other connected components. Conduct packet analysis with automotive-specific tools (e.g., CANalyzer, Savari, Wireshark with CAN protocol plugins).