4984 Siem Jobs - Page 7

About us At R Systems, we are shaping the future of technology by designing cutting-edge software products, platforms, and digital experiences that drive business growth for our clients. Our product mindset and advanced engineering capabilities in Cloud, Data, AI, and Customer Experience empower us to deliver innovative solutions to key players across the high-tech industry. This includes ISVs, SaaS, and Internet companies, as well as leading organizations in telecom, media, healthcare, finance, and manufacturing. We are Great Place to Work® Certified™ in 10 countries where we have a full-time workforce - India, the USA, Canada, Poland, Romania, Moldova, Indonesia, Singapore, Malaysia, and Thailand. This means we are a dynamic, global team that values continuous learning, collaboration, and innovation. Join us and experience a workplace where your contributions are celebrated, and your growth, development, and well-being are at the heart of everything we do!! Exp Range : 9 to 12 Yrs Notice Period : Early joiners are preferred Job Description Information Security Analyst with a strong Security Operation, Incident response/Management, DLP, Forensic/Reverse engineering, Cloud Security & IAM background. You’ll be part of our Security Operations team, which is a major component of our Global Information Security function. As the SecOps SME, you’ll oversee our Multiple Security Solutions like XDR, IAM, Firewall, Email Gateway, SIEM, CASB etc. instance, you’ll work as an InfoSec Analyst in our ASOC and will perform incident response and threat hunting tasks in coordination with our MSSP. Required Qualifications: 9-12 years working in SOC, Incident Response, IAM, DLP, SIEM, Email Gateway, Firewall Minimum of 7 - 9 years of practical information security experience. Experience working with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, Digital Forensics, WLAN Monitoring, and/or Threat Modeling Expert knowledge of information security technologies, networking, systems, authentication (including MFA) and directory services. Ability to manage complex troubleshooting issues Proven ability to manage competing priorities and work under pressure Ability to contribute to the organizational strategic thinking beyond area of responsibility. CEH, CISM, CHFI, Security+, Network+ or certifications preferred

Job Title: IT Control Testing Specialist Experience: 4+ Years Locations: Bangalore, Hyderabad, Kochi About the Role This role plays a vital role in ensuring the effectiveness of IT controls. As an IT Control Testing Specialist, you will design, execute, and document comprehensive test plans to evaluate ITGCs and ITACs. Key Responsibilities: Client Engagement: Serve as the primary point of contact for clients regarding OT SOC services. Conduct regular meetings with clients to discuss security posture, incidents, and recommendations. Develop and maintain strong client relationships to ensure satisfaction and trust in our services. Security Operations: Monitor and analyze security events from OT environments to identify potential threats and vulnerabilities. Perform real-time security monitoring and incident response for OT systems. Utilize security information and event management (SIEM) tools to detect and respond to security incidents. Incident Management: Lead and coordinate the response to OT security incidents, including investigation, containment, eradication, and recovery. Conduct root cause analysis and develop remediation plans to address security gaps. Prepare detailed incident reports and deliver findings to clients in a clear and professional manner. Threat Intelligence and Vulnerability Management: Gather and analyze threat intelligence relevant to OT environments. Conduct vulnerability assessments and penetration testing on OT systems. Develop and implement strategies to mitigate identified vulnerabilities and enhance security controls. Collaboration and Training: Work closely with internal teams, including IT SOC, engineering, and risk management, to ensure comprehensive security coverage. Provide training and guidance to clients and internal teams on OT security best practices. Stay updated with the latest trends, technologies, and threats in OT security. Develop and maintain a thorough understanding of IT controls frameworks and relevant regulations (e.g., SOX). Participate in risk assessments to identify IT control deficiencies and prioritize testing activities. Independently design and execute test plans for ITGCs and ITACs, utilizing a variety of testing methodologies. Working knowledge in one or more domains such as: Governance policies and procedures, Risk Management, Compliance, Access Control, Security Incident Response, Disaster Recovery, Business continuity management, Identity Access Review, Change Management Sound understanding of security technologies/techniques like Cryptography, Algorithms, Secure IT Authentication, Secure Development, Data Protection, Certificate Management Lifecycle Perform complex test procedures using automated tools and manual techniques, documenting the results comprehensively. Analyze test findings, identify control weaknesses, and recommend remediation actions. Collaborate with IT and business process owners to address control deficiencies and implement corrective actions. Experience in performing vendor security reviews covering cyber security domains Lead and mentor junior team members in control testing practices. Stay updated on emerging IT threats and control best practices. Qualifications Bachelor’s degree in information technology, Computer Science, or a related field (or equivalent experience). 1-7 years of experience in IT audit, IT security, or a similar role with a focus on IT control testing. Strong working knowledge of IT controls frameworks and IT control testing methodologies. Familiarity with tools like ServiceNow, Jira, or other GRC platforms. Experience with IT control testing tools is a must. Experience in assessing and providing recommendations on the feasibility of automating manual control testing processes. Adaptability to manage a dynamic control population and evolving client needs. Excellent analytical and problem-solving skills. Strong communication, collaboration, and leadership skills.

Our technology services client is seeking multiple System Administrator to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: System Administrator Experience: 1.5 - 3 Years Location: Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: VMware , Onpremise, Windows, VMare Configuration Job Description: Maintenance, Administration, Configuration, Monitoring and Troubleshooting of Windows 2012 / 2016 / 2019 / 2025 Servers. VMware vSphere Infrastructure - Installation, configuration, troubleshooting of VMware ESXi servers, Virtual appliance, vCenter, ESXI host upgrade and patching. Creating and managing VMware cluster, Enabling HA, and DRS features in a cluster. Configuration of Virtual switches, port groups and network connections Creating and managing standard templates and keeping them update. Deploying VMs from template and allocates resources as per client requirements. Security hardening of VMs and Esxi servers for security compliance. Performing snapshots, cloning, migrations of VMs Vulnerability Management - Assist in providing support and resolution for the Critical/High open vulnerabilities on Windows/ VMware Servers. Providing support to mitigate external Vulnerabilities reported by KPMG team. Coordinate with Server Owners to fix Application related vulnerabilities with the defined SLA. Providing support to raise a risk on insight360 portal for servers which have surpassed the SLA. Data Centre Operations - Installation, Configuration, Monitoring and Troubleshooting of physical servers like DELL PowerEdge, HP ProLiant, Cisco UCS servers. Coordination with OEM/Partners Technical Support Team to resolve problems. Support for Windows Defender, SOC SIEM, BigFix, Qualys, CIS CAT, SolarWinds team for installation, configuration, upgradation and troubleshooting of applications. Coordination with Backup team, Database and Network team to resolve problems. Incident and RITM Management - Work on Incidents, RITM raised for Server OS issue, backup failure, access management, performance alerts etc. Change Management – Work on Change Requests for Commission of new servers, Decommission, Operating system upgradation, IP change Activity, virtual machine CPU/Memory/Disk upgradation and others. Installation of monthly windows security updates for the on-prem windows servers. If you are interested, share the updated resume to madhuri.p@s3staff.com

Job Description Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Pre-Sales System Engineer to contribute to the success of our rapidly growing business. You would act as the key Systems Engineer to work closely with a sales representative in west India to handle Enterprise accounts customers. The Principal Systems Engineer's main mission will be to support the sales organization in all technical matters regarding pre-sales, sales calls, and post-sales. As a Pre-Sales System Engineer you will: Play an integral role in new business solution pitches, foster long-term relationships, to achieve enterprise-wide deployments of Fortinet solutions and deliver meaningful results for all parties involved. Pre-sales - assist in qualifying sales leads from a technical standpoint. Ability to respond to RFP compliances and able to work on cross references and handling pre-bid meetings. Sales calls - be the main technical resource on sales calls and answer / educate the customer on issues ranging from features, specifications and functionality to integration. Conversant with networking applications and solutions. Post-sales - be the lead technical contact for identified accounts for technical issues and will work closely with the technical support escalation team and engineering to answer, elevate and resolve customer's technical issues. Understand and follow escalation process Provide channel partners sustainable training on Fortinet solutions and competitive differentiation Provide channel partners technical expertise and oversight as required Work in collaboration with Channel and Sales management to establish channel partners and to qualify partner’s ability to sell Fortinet solutions Provide complex design and systems engineering configurations Maintain a high level of technical knowledge of Cyber security solutions and the relevant industry Utilize the Fortinet Sales Strategy and Solution Messaging to identify solutions for customer business objectives Participate in the development and support of presentations for customers and partners Clearly articulate technical elements of the Fortinet value proposition to customers and partners Contribute to the creation of case studies, white papers, and media articles for customers and/or partners Foster a collaborative, team-based environment, sharing best practices and building lasting relationships Effectively negotiate and pursue conflict resolution Lead strategic (organizational) opportunities and proactively provide consultative support Create customer documentation for POC Work effectively with SME, Sales and Technical Support Team We Are Looking For: An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities: Network, Cloud, Application and End point Security solutions such as SDWAN, NG Firewall, Application Delivery, SASE, Web Application Firewall, ZTNA, EDR/XDR etc. NOC/SOC Solutions such as SIEM, SOAR etc. Mobile core specific solutions such as GiFW, CGN, SecGW etc. Security solutions for Public and Private clouds. Knowledge of Fortinet Products / Solution and its competition. Should be able to do the POC to demonstrate the Fortinet Solutions to customers. Willing to travel across India. Approx. travel 25%. Good communication and presentation skill. Why Join Us: We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

Job Title: Senior Network Security Engineer Location: Hyderabad Experience: 4-7 Years Job Summary We are seeking an experienced Senior Network Security Engineer with strong expertise in implementing and managing Netskope Secure Web Gateway (SWG) . The ideal candidate will have a minimum of 2 years of hands-on experience with Netskope SWG and a deep understanding of API integration with various security tools. This role is critical in strengthening our security posture by designing and integrating scalable security solutions across hybrid environments. Required Skills & Qualifications 5+ years of experience in Network Security Engineering or a similar role. 2+ years of hands-on experience with Netskope SWG implementation. Strong experience with API-based integration across security ecosystems. Solid understanding of network protocols, firewalls, proxies, and cloud security. Proficiency with SIEM/SOAR platforms, Cloud Access Security Broker (CASB), and DLP tools. Familiarity with Zero Trust Architecture and Secure Access Service Edge (SASE) models. Scripting experience (Python, PowerShell) is a plus. Relevant certifications (e.g., Netskope Certified, CISSP, CCSP, CEH) preferred.

Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulnerability remediation procedures are followed Special Requirements Proficiency in KQL query and in a scripting language, preferably perl, PHP, or python a plus Must demonstrate basic knowledge of knowledge of Linux, Mac, and Strong understanding of Windows operating systems and networking protocols. About CDO - Cyber Defense Operations. An organization led by Microsoft’s Chief Information Security Officer enables Microsoft to deliver the most trusted devices and services. CDO’s vision is to ensure all information and services are protected, secured, and available for appropriate use through innovation and a robust risk framework. Responsibilities Technical Insight: Provides technical insight on incident analysis and management, threat mitigation, forensics, malware analysis, and automation. KRA and KPI Management: Ensures strong Key Result Areas (KRA) and Key Performance Indicators (KPI) management. Collaboration: Embraces the values of Microsoft through coaching and collaboration, and partners with peer teams working in similar areas. Stakeholder Management: Manages critical stakeholder calls and meetings (including non-business hours) while addressing critical security incidents. Security Knowledge: Possesses extensive hands-on knowledge of security concepts including cyber-attacks, techniques, threat vectors, risk management, and incident management. Automation Opportunities: Discovers potential automation opportunities or insights to enhance operational efficiency. Product Collaboration: Collaborates and advises product teams on enhancing Microsoft's first-party security products by offering actionable feedback for improvement. Team Environment: Cultivates a positive and inclusive team environment. Operational Rigor: Demonstrates exceptional operational rigor with real-world experience in cyber security operations, threat mitigation and incident response. Communication Skills: Exhibits excellent technical writing and oral communication skills. Problem-Solving: Shows a systematic problem-solving mindset. Qualifications 8+ years of work experience, with a minimum of 6 years of experience in SOC. Minimum 4 years of experience in Azure/Cloud Hands on experience with incident analysis, Threat Actor related incident handling, Large Scale incident responder and Threat Hunting. Understanding of Windows internals, Linux and Mac OS. Understanding of various attack methods, vulnerabilities, exploits, malware. Good Understanding of SIEM Console and tools such as Sentinel, Splunk, Qradar etc Social engineering - given that humans are the weakest link in the security chain, an analyst's expertise can help with awareness training Security assessments of network infrastructure, hosts and applications - another element of risk management. Conduct root cause analysis and post-incident reviews. Assist in tuning and optimizing detection rules and alerts. Forensics - investigation and analysis of how and why a breach or other compromise occurred. Develop and maintain incident response playbooks and standard operating procedures (SOPs). Collaborate with IT, DevOps, and other teams to remediate vulnerabilities and improve security controls. Troubleshooting - the skill to recognize the cause of a problem DLP, AV, FIM, web proxy, email proxy, etc. - a comprehensive understanding of the tools utilized to protect the organization. Excellent written and oral communication skills. Security certifications such as GCIH, GCFA, GREM, CySA+ Knowledge of Azure Sentinel and KQL query is a must and added advantage. Exposure to threat intelligence platforms and SOAR tools. Knowledge of MITRE ATT&CK framework and incident response methodologies. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

As an Associate Security Platform Engineer at NTT DATA, your role will involve being an entry-level subject matter expert focused on facilitating problem resolution and mentoring for the overall team. You will perform operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). Your responsibilities will include detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain, which includes servers, networks, appliances, and all infrastructure supporting production applications for the enterprise, as well as development environments. In this role, you will work as part of a 24/7 team on rotational shifts and be involved in Platform and Content Engineering, handling tunings, stakeholder requests, escalations, reporting, and trainings. You will administer the organization's security tools to gather security logs from the environment and be responsible for the lifecycle management of supported security tools/technologies, including break-fix, patching, and live updates. Adhering to SOPs and notifying stakeholders on log flow/log format issues, documenting best practices, identifying opportunities for automation to assist the incident response team, and performing security incident handling and response will also be part of your responsibilities. You will need entry-level knowledge of the implementation and monitoring of any SIEM or security tools/technologies, as well as security architecture and different security technologies. Attributes that will help you succeed in this role include being customer service-oriented, proactive, problem-solving, highly driven, self-organized, detail-oriented, analytically minded, and possessing excellent spoken and written communication skills. You should also be a team player capable of working well with colleagues and stakeholders. Academically, a Bachelor's degree or equivalent in Information Technology or a related field is required. Relevant networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA, etc., are preferred, and relevant security certifications such as AZ-500, SC-200, Security+, CEH, etc., would be an added advantage. Entry-level experience in security technologies like Firewall, IPS, IDS, Proxy, technical support to clients, diagnosis and troubleshooting, providing remote support in security technologies, SOC/CSIRT operations, handling security incidents end to end, and security engineering is required for this position. This is a hybrid working role at NTT DATA, a trusted global innovator of business and technology services, committed to helping clients innovate, optimize, and transform for long-term success. With a focus on investing in R&D to support organizations and society in confidently moving into the digital future, NTT DATA is a Global Top Employer with experts in more than 50 countries and a robust partner ecosystem. Their services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation, and management of applications, infrastructure, and connectivity. NTT DATA is part of the NTT Group and headquartered in Tokyo. NTT DATA is an Equal Opportunity Employer.,

You should have at least 7 years of experience in the Information Security field, specifically with direct experience in SOAR or other automation solutions. Your expertise should include Palo Alto XSOAR with SOC Operations understanding, with a focus on resolving Security Incidents and automating related tasks. A minimum of 5 years of hands-on experience in SOC / Incident Response is required. Additionally, you should possess experience with SOAR or other automation solutions (e.g., IT automation, SIEM, case management) and have a strong background in triaging security events using various tools like SIEM, SOAR, and XDR in a security operations environment. Proficiency in scripting and development skills (e.g., BASH, Perl, Python, or Java) along with a solid understanding of regular expressions is crucial for this role. This position falls under the Others category and is a Full-Time role located in Bangalore/Pune. The ideal candidate should have 7-10 years of relevant experience and be available to start immediately.,

You should be highly proficient in Microsoft Sentinel and Azure Log Analytics, with at least 5-8 years of experience. You will be responsible for connecting any type of logs from various sources to Sentinel Log Analytic work space. Your role will involve creating playbook analytic rule workbooks, notebooks, incidents, and threat hunting. Additionally, you should have experience in developing KQL queries for data normalization and parsing capability for Log Analytics data ingestion pipeline. As part of your responsibilities, you will automate and integrate developed use cases into DevOps CI/CD pipeline and develop incident response capabilities using Azure Logic Apps. You should also be able to develop Jupyter notebooks using scripts in Python and integrate them with Microsoft Sentinel. Knowledge of different Microsoft Defender products, implementation and integration of defender for cloud services, as well as experience in cloud computing and cloud security roles are required. The ideal candidate should have a minimum of 5 years of experience in Microsoft Sentinel and Azure log analytics, with a strong background in developing Kusto Query Language. Experience in SIEM and SOAR implementation, along with working on automation scripts, will be beneficial for this role. The position is based in Mumbai, Pune, Chennai, Hyderabad, Bangalore, Kolkata, Delhi, or Coimbatore.,

Key Responsibilities Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired Qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications T&T - Cyber | Deputy Manager IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working : Base location: Mumbai/Navi Mumbai Professional is required to work from office Your role as Consultant/Sr Consultant. (ref:hirist.tech)

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Responsibilities Deploy, configure, monitor, and maintain EDR solutions (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Carbon Black, etc.). Monitor endpoint security alerts and respond to threats in real-time. Analyze EDR telemetry to detect suspicious behavior, malware, and advanced persistent threats (APTs). Investigate endpoint security incidents and support root cause analysis. Develop and maintain detection rules, playbooks, and automation scripts. Collaborate with SOC and incident response teams for coordinated threat mitigation. Conduct regular health checks, patching, and performance tuning of EDR agents. Generate and present technical reports, dashboards, and incident summaries. Provide guidance on endpoint security best practices to IT and end users. Support audits and compliance efforts by ensuring endpoint security controls are in place. Participate in cyber drills and contribute to continuous improvement of the incident response process. Qualifications Strong hands-on experience with one or more EDR platforms (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Sophos Intercept X, Trend Micro Apex One). Knowledge of MITRE ATT&CK framework and threat detection techniques. Familiarity with malware analysis, endpoint forensics, and log analysis. Experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) for correlation and alerting. Scripting knowledge (PowerShell, Python, Bash) for automation and custom detection. Understanding of endpoint operating systems (Windows, macOS, Linux) and their security internals. Familiarity with enterprise IT infrastructure, Active Directory, and networking basics. Experience with ticketing and incident management tools (e.g., ServiceNow, JIRA). Understanding of compliance standards Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

* Minimum 4–5 years of experience in information security, preferably in fintech or payments. * Strong understanding of network security, encryption, authentication, and secure design principles. * Experience with cloud security tools and configurations ( e.g., AWS Security Hub, GuardDuty, IAM). * Familiarity with common exploits, vulnerabilities ( OWASP Top 10), and mitigation techniques. * Hands-on experience with security monitoring, threat intelligence, and incident response. * Experience working with SIEM tools like Elastic Security (aka. ELK Stack). * Working knowledge of compliance frameworks like PCI DSS, SOC 2, or GDPR. * Software Development skills in at least one of these languages, such as Java, Python, Go, Rust, etc, are required. * Industry certifications ( CISSP, CEH, OSCP, or similar) are a plus.

As a Cybersecurity Analyst at our organization, you will play a vital role in safeguarding digital assets and making a tangible impact. We are currently looking for skilled and passionate individuals to join our IT/Cybersecurity team in Mohali, India. In this role, you will have the opportunity to monitor and detect security alerts, perform initial triage of potential incidents, and assist in incident investigations. As an L1 Analyst, you will also leverage threat intelligence to enhance detection capabilities and escalate issues when necessary. For L2 Analysts, you will lead in-depth security incident investigations and threat-hunting activities. You will be responsible for conducting vulnerability assessments, supporting remediation efforts, providing mentorship to L1 analysts, and contributing to security awareness programs. To qualify as an L1 Analyst, you should have a Bachelor's degree or equivalent experience in cybersecurity or IT, a basic understanding of security tools such as SIEM, IDS/IPS, and firewalls, strong analytical and problem-solving skills, and a willingness to work in a 24/7 environment. For L2 Analysts, a minimum of 2+ years of experience in cybersecurity, preferably in a SOC environment, is required. You should possess advanced knowledge of security tools and incident response processes, as well as relevant certifications such as CEH, CISSP, CISM, or CompTIA Security+. Joining our team means being part of a dynamic environment where your skills are valued, and you contribute to securing critical information systems. You will have access to professional growth opportunities and work in a collaborative setting dedicated to excellence in cybersecurity. This is a full-time, permanent position with benefits including health insurance, performance bonuses, and yearly bonuses. The work schedule involves rotational shifts, and the expected start date is 27/01/2025. If you are enthusiastic about cybersecurity and want to be part of a team that values your contributions, we encourage you to apply and be a part of our mission to protect digital assets.,

The Senior Cyber Security Engineer role at our organization is crucial for safeguarding digital assets through the design, implementation, and maintenance of IT security infrastructures. Your responsibilities include preventing, detecting, and managing cyber threats by utilizing your knowledge of network and software security vulnerabilities, incident response skills, and risk management expertise. Collaboration with various teams is essential to develop and enforce security policies, conduct audits, and ensure compliance with regulatory standards. You will be accountable for Security Configuration, Monitoring, and Management (SCMM), where tasks involve configuring and maintaining security tools such as SIEM, Email security gateway, and advanced threat detection systems. Leading the monitoring of security events, directing incident response efforts, and proactively searching for threats within the environment are key responsibilities. You will also be required to aggregate logs, develop correlation rules, customize alerts, review security policies, and recommend security controls. Governance tasks include contributing to the creation, review, and updating of IT security policies, ensuring compliance with industry best practices and regulatory requirements. Overseeing security measures, promoting security awareness, conducting security audits, and reporting findings are part of your role. You will also be involved in developing documentation, conducting analyses, and preparing reports for executive leadership. Problem Resolution and Troubleshooting responsibilities include providing guidance to junior team members, conducting root cause analyses, collaborating with IT teams, and seeking continuous improvement through automation and process refinement. Training and Development tasks involve meeting certification requirements, expanding knowledge in security administration, and participating in technical events to increase professional knowledge and awareness. Your communication span will include internal teams and customers at FutureX. The required qualifications and certifications for this role include CompTIA Security+, CCNA Security, Certified Ethical Hacker, and CISSP. A minimum of 6-8 years of cybersecurity experience is necessary, along with skills in analyzing complex information, effective communication, leadership, time management, and prioritization. Technical competencies in SIEM, forensic analysis, network security, endpoint security, threat modeling, compliance, and risk management are essential. Certifications from vendors of widely used security tools, possible travel, project work at customer offices, and out-of-hours work may also be required for this position.,

The company 4S Advisory is looking to fill the position of Pre Sales Engineer based in Delhi. The ideal candidate should be a motivated individual with at least 2+ years of experience, particularly in the field of cybersecurity. As a Pre Sales Engineer, you will collaborate closely with the sales team to understand customer requirements and provide customized cybersecurity solutions to meet their needs. Your key responsibilities will include working with the sales team to comprehend customer needs and deliver personalized cybersecurity solutions. You will be involved in creating technical presentations, demos, and proof-of-concept (POC) for clients. Additionally, you will provide technical support during the sales process, addressing customer queries related to cybersecurity solutions. Your role will also entail designing and configuring cybersecurity solutions like SIEM, firewalls, and endpoint security products. Conducting product demonstrations to illustrate the value of our cybersecurity solutions and working directly with customers to propose effective security solutions are crucial aspects of the job. You will be expected to participate in direct client visits to present and discuss solutions face-to-face, ensuring customer satisfaction. Remaining updated on the latest cybersecurity trends, technologies, and threat landscape will be essential. Collaboration with cross-functional teams, including sales and technical support, is necessary to ensure the successful delivery of projects. To be considered for this role, you should hold a Bachelor's degree in Computer Science, Engineering, or a related field. Prior experience in presales, technical support, or cybersecurity-related roles is required. A strong understanding of cybersecurity concepts such as firewalls, SIEM, endpoint protection, and threat management is essential. You must possess the ability to present technical solutions to both technical and non-technical audiences, and have excellent verbal and written communication skills. The willingness to travel for direct client visits and maintain a customer-focused approach is expected. Keeping abreast of the latest cybersecurity technologies and trends is crucial, as is the ability to collaborate effectively with cross-functional teams. If you believe you meet the qualifications and are interested in this opportunity, please send your resume to sreevalli@4sadvisory.com. Kindly mention your current CTC, expected CTC, and notice period in your application.,

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Analyzing cyber threat data from multiple sources including open-source intelligence (OSINT), internal network logs, threat feeds, and commercial threat intelligence platforms is a key responsibility. You will perform the intelligence capitalization within the Group owned Threat Intelligence Platform and leverage Threat Intelligence Platforms, SIEM tools, and other security technologies to automate the collection, analysis, and dissemination of threat intelligence. Utilizing threat modeling techniques to anticipate and prioritize potential risks based on evolving cyber threat trends will be part of your role. You will assist with risk assessments, vulnerability management, and penetration testing efforts by providing insights into possible threat actor targeting and attack vectors. Investigating Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and malware samples to identify emerging threats and vulnerabilities is a critical aspect of the job. Correlating threat data with internal logs, threat intelligence platforms, and external sources to build comprehensive threat profiles is also part of your responsibilities. Providing technical threat intelligence support during active security incidents, assisting in the identification of malicious activity, threat actor attribution, and incident containment will be required. Working closely with the Incident Response & Threat hunting team to analyze and track threat actors, their tactics, and attack methods is essential. You will participate in the tools Proof of Concept used/expected by the Team and regularly look for their relevancy given the evolution of the Group needs. Applying the Business Continuity Plan for the Group Cyber Threat Intelligence Team and ensuring that the Service Level Agreements (SLAs) are not breached are also part of your duties. Primary Skills required for this role include experience in a Cyber Threat Intelligence or related cybersecurity role (e.g., SOC Analyst, Security Researcher, Incident Responder), familiarity with open-source intelligence (OSINT) & Social Media Intelligence (SOCMINT) tools and techniques, understanding of the cyber threat landscape, advanced persistent threats (APTs), and attack methodologies (e.g., MITRE ATT&CK framework), general intelligence knowledge, knowledge about intelligence capitalization, associations, and correlation, familiarity with threat intelligence platforms (e.g., OpenCTI, ThreatConnect, Anomali, MISP), and familiarity with security tools like SIEM (Splunk, QRadar) and endpoint security would be appreciated.,

As a SOC Manager at NTT DATA, you will play a crucial role in leading the Security Operations Center (SOC) team to monitor, detect, and respond to security incidents. Your responsibilities will include managing the day-to-day operations of the SOC, ensuring compliance with security policies, and providing strategic direction to enhance the security posture of the Managed Security Service Provider (MSSP) and its clients. Your primary duties will involve team leadership and management, incident response, security monitoring and analysis, strategic planning, client management, reporting, and documentation. You will lead and mentor a team of security analysts and engineers, develop training programs, and conduct performance reviews. Additionally, you will oversee the incident response process, develop incident response playbooks, and coordinate with other departments and clients during major security incidents. In terms of security monitoring and analysis, you will ensure effective monitoring of client networks and systems for security threats, analyze security data and trends, and implement security tools and technologies such as SIEM, IDS/IPS, and threat intelligence platforms. Furthermore, you will develop and implement strategic plans to enhance security posture, stay updated with the latest security trends, and collaborate with other departments to align security strategies with business objectives. As the primary point of contact for clients, you will manage security incidents and issues, provide regular reports on security status, and conduct security assessments and vulnerability scans. You will also be responsible for preparing and presenting regular reports on SOC activities, documenting security incidents and responses, and maintaining detailed records of security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with a master's degree preferred. You should also have proven experience in a SOC or similar role, experience in leading and managing a team of security professionals, and relevant certifications such as CISSP, CISM, or CEH. Proficiency in security tools and technologies, strong knowledge of network security, incident response, and threat analysis, and excellent leadership and communication skills are essential. The work environment for this role may include working in shifts, occasional travel for client meetings or industry conferences, and a hybrid working setup. NTT DATA is a trusted global innovator of business and technology services committed to helping clients innovate, optimize, and transform for long-term success. With a diverse team of experts and a focus on digital and AI solutions, NTT DATA is dedicated to creating a sustainable digital future for organizations and society.,

As a shift lead in the Security Operations Center (SOC) at Virtusa, you will play a crucial role in supporting SOC operations by conducting detailed threat-based investigations, making recommendations for incident detection methodologies, and offering expert assistance for incident response and monitoring activities. Your responsibilities will include being a technical and strategic leader in driving key performance indicator (KPI) metrics, promoting automation, analytics, and operational efficiencies to enhance the overall security posture. You will be tasked with providing suggestions to enhance security postures, minimize security risks, and identify opportunities for automation to streamline manual efforts. Your role will involve ensuring the highest quality of SOC service delivery and aiding in the development of incident response actions, policies, and procedures, including process enhancements. As the escalation point for advanced security incident escalations from Level 1 SOC analysts, you will oversee all SOC activities and business-as-usual (BAU) tasks during your shift, which involves 24/7 support. Additionally, you will review and improve run books, operating procedures, and playbooks, as well as assign and prioritize tasks and incidents for Level 1 SOC team members. You will manage the incident pipeline, including escalating outstanding incidents, updating incidents as needed, and escalating open incidents when necessary. Furthermore, you will be responsible for meeting service level agreements (SLAs) and leading SOC shift handover calls. Your role will also involve providing continuous improvement initiatives and on-the-job training for Level 1 SOC analysts. Your expertise will be paramount in analyzing logs from various sources such as network devices, applications, infrastructure services, security products, and endpoint data using Security Information and Event Management (SIEM) tools and other security technologies. You will also lead security event and incident investigations, applying industry-recognized incident detection and response frameworks like NIST, MITRE, and others. At Virtusa, we prioritize teamwork, quality of life, and professional development. Join our global team of 30,000 professionals who are dedicated to fostering your personal and career growth. We offer exciting projects, opportunities to work with cutting-edge technologies, and a collaborative environment where great minds come together to innovate and excel.,

As an experienced Information Security professional with 8+ years of experience, you will be responsible for planning, implementing, managing, and maintaining security systems such as antimalware solutions, vulnerability management solutions, and SIEM solutions. Your role will involve monitoring and investigating security alerts from various sources, providing incident response, and identifying potential weaknesses within the organization's network and systems to recommend effective solutions. Additionally, you will take up security initiatives to enhance the overall security posture of the organization. You will be required to document Standard Operating Procedures (SOPs), metrics, and reports as necessary, provide Root Cause Analyses (RCAs) for security incidents, and collaborate with different teams and departments to address vulnerabilities, security incidents, and drive security initiatives. Moreover, researching and monitoring emerging threats and vulnerabilities, understanding current industry and technology trends, and assessing their impact on applications will be crucial aspects of your role. Your qualifications should include industry-recognized professional certifications such as CISSP, GCSA, CND, or similar certifications. Demonstrated experience in computer security with a focus on risk analysis, audit, and compliance objectives is essential. Proficiency in Network and Web Security tools like Palo Alto, ForeScout, and Zscaler, as well as experience in AWS Cloud Environment and Privileged Access Management solutions, will be advantageous. Familiarity with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts is desired. The ideal candidate will possess strong decision-making and complex problem-solving skills under pressure, along with a high degree of creativity and "out-of-the-box" thinking. The ability to manage multiple projects simultaneously in fast-paced environments, a service-oriented approach, and excellent communication, presentation, and writing skills are key requirements for this role. You should also be adept at sharing knowledge, collaborating with team members and customers, and adapting to a fast-paced, ever-changing global environment. Strong organization, time management, and priority-setting skills are essential, along with a proactive approach to achieving results. In summary, this role offers an exciting opportunity for an experienced Information Security professional to contribute to the enhancement of the organization's security posture, collaborate with diverse teams, and stay abreast of emerging threats and industry trends.,

As a Principal / Senior Software Engineer (UI) at our company located in Baner, Pune, India (Hybrid), your primary responsibility will be to design and develop intuitive, responsive, and scalable user interfaces that enhance the deployment, usability, and management of our product. You will lead the UI development process from conceptualization to implementation, ensuring that our interfaces are optimized for performance and usability on various platforms. Collaboration with cross-functional teams, including Product Management, UX/UI, QA, Backend, and Solutions, is essential to deliver a seamless customer experience. Your responsibilities will include working closely with UX/UI designers, product managers, and backend engineers to translate business requirements into technical solutions that result in seamless user experiences adhering to the highest standards of quality and security. You will write clean, maintainable, and efficient code, conduct code reviews, and mentor junior engineers to maintain high-quality standards. Identifying and resolving performance bottlenecks in UI to ensure fast and responsive user interactions will be crucial. Implementing security best practices in UI development to protect against cybersecurity threats, developing and executing comprehensive testing strategies, and continuously evaluating and improving UI frameworks and tools are also part of your role. You will be expected to create and maintain detailed technical documentation, automate repetitive operational tasks, and stay updated with the latest trends and technologies in front-end development and emerging threats in the identity security landscape. Your ability to propose and implement innovative solutions to enhance our product offerings and thrive in a dynamic startup environment will be key contributors to our culture of innovation and excellence. To qualify for this role, you should have at least 8+ years of hands-on experience in front-end development, including 2 years in a senior or lead role. Experience in the cybersecurity domain, particularly in identity security, authentication, and access management, will be advantageous. Proficiency in modern JavaScript frameworks such as React, Angular, or Vue.js, strong knowledge of HTML5, CSS3, and JavaScript (ES6+), experience with RESTful APIs, Web Sockets, version control systems like Git, and CI/CD pipelines is required. Understanding of UI/UX principles, responsive design, and familiarity with cybersecurity concepts, principles, and best practices are also essential. A degree in Computer Science, Engineering, or a related field is preferred for this position.,

Location: Hyderabad Experience: 3+ Years Type: Full-time About Us It is a leading AI Product Company that simulates user actions through AI — Universal Search, last-mile navigation, and contextual guidance. We partner with top product companies and have delivered results like: 70% reduction in support ticket volume 30%+ improvement in product adoption, higher conversions, and NPS Roles & Responsibilities Automate deployment and DevOps processes using Infrastructure as Code (IaC). Build, maintain, and optimize CI/CD pipelines for robust software delivery. Monitor and maintain system performance to ensure high availability and scalability. Collaborate closely with developers and product teams for seamless deployment integration. Manage cloud infrastructure (AWS or Azure), ensuring high security and compliance. Implement container orchestration using Docker and Kubernetes. Conduct Vulnerability Assessment & Penetration Testing (VAPT) and integrate InfoSec practices. Use IaC tools like Terraform, Ansible, or Pulumi (TypeScript preferred). Set up environments for development, testing, and production on secure cloud platforms. Perform periodic security audits and assessments aligned with compliance standards (SOC 2, ISO 27001). Integrate security best practices directly into CI/CD workflows. Requirements 1-3 years of experience as a DevOps Engineer or in a similar role. Experience in cloud platforms: AWS (preferred), GCP, or Azure. Strong command over Python, Bash/Shell, TypeScript, YAML, and optionally Groovy/Java. Solid knowledge of Linux systems and cloud networking. Hands-on experience with Infrastructure as Code (IaC) - Terraform, Pulumi, or similar. Deep understanding of CI/CD, containerization (Docker), and orchestration (Kubernetes). Familiarity with microservices architecture and agile methodologies. Practical knowledge in InfoSec principles, tools (e.g., WAF, SIEM), and frameworks (SOC 2, ISO 27001). Experience with security tooling and VAPT processes is highly desirable. Bonus: Experience with Pulumi using TypeScript. Why Join Us? Here, you’ll work at the forefront of AI and ML innovation, shaping the future of enterprise technology. Join a team that’s leveraging cutting-edge AI to power real-time automation, insights, and intelligent decision-making. We Offer Competitive salary High-impact commission structure Endless opportunities for learning and growth Come unlock your potential — and help us transform industries along the way.

About Marvell Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact Joining Marvell as a CyberSecurity Analyst, you will be an expert at identifying and responding to threats against Marvell data and systems. The SOC is the central nervous system for the cybersecurity organization, a 24x7 service responsible for detection, assessing, and responding to security threats globally. You will be deeply engaged in the day-to-day operations that ensure we effectively detect and respond to evolving cyber threats using leading edge technology and robust processes. What You Can Expect Provide primary triage, analysis and operational support for security events and alerts. Perform correlation using security analytics tools, log aggregators, advanced network malware protection, data indicator mining tools, forensics tools and threat intelligence repositories. Perform real-time incident handling (e.g., intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Participate in analyzing nature of the attack and root cause analysis of an incident. Monitor external data sources proactively to determine which security issues may have an impact on the enterprise. Document and publish techniques, guidance, and reports on incident findings to appropriate constituencies within Marvell. Participate in the improvement tasks such as but not limited to false positive reduction, use case refinement. Effectively communicate both verbal and written updates on alerts and incidents What We're Looking For 4+ years' experience as a SOC Analyst preferably for a >5000 person enterprise. Experience in working with a geographically diverse team in multiple time zones around the globe Strong communication skills and an ability to adapt a message to audiences ranging from technology SMEs to company executives to stakeholders in every business discipline. Deep understanding of MITRE ATT&CK, with demonstrated experience building detection cases and playbooks around the tactics and techniques most relevant to your business. Proficient technical writing skills (documenting processes and procedures). Ability to solve problems and work through ambiguity and uncertainty. Proficiency with one or more DLP platform Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners. Expert level and continually expanding understanding of common and emerging security threats and vulnerabilities Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry. Industry security certifications such as C|EH and relevant GIAC certifications or equivalent highly desirable. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization. Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Role Description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep Technical Expertise In Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM