4996 Siem Jobs - Page 8

The Senior Cyber Security Engineer role at our organization is crucial for safeguarding digital assets through the design, implementation, and maintenance of IT security infrastructures. Your responsibilities include preventing, detecting, and managing cyber threats by utilizing your knowledge of network and software security vulnerabilities, incident response skills, and risk management expertise. Collaboration with various teams is essential to develop and enforce security policies, conduct audits, and ensure compliance with regulatory standards. You will be accountable for Security Configuration, Monitoring, and Management (SCMM), where tasks involve configuring and maintaining security tools such as SIEM, Email security gateway, and advanced threat detection systems. Leading the monitoring of security events, directing incident response efforts, and proactively searching for threats within the environment are key responsibilities. You will also be required to aggregate logs, develop correlation rules, customize alerts, review security policies, and recommend security controls. Governance tasks include contributing to the creation, review, and updating of IT security policies, ensuring compliance with industry best practices and regulatory requirements. Overseeing security measures, promoting security awareness, conducting security audits, and reporting findings are part of your role. You will also be involved in developing documentation, conducting analyses, and preparing reports for executive leadership. Problem Resolution and Troubleshooting responsibilities include providing guidance to junior team members, conducting root cause analyses, collaborating with IT teams, and seeking continuous improvement through automation and process refinement. Training and Development tasks involve meeting certification requirements, expanding knowledge in security administration, and participating in technical events to increase professional knowledge and awareness. Your communication span will include internal teams and customers at FutureX. The required qualifications and certifications for this role include CompTIA Security+, CCNA Security, Certified Ethical Hacker, and CISSP. A minimum of 6-8 years of cybersecurity experience is necessary, along with skills in analyzing complex information, effective communication, leadership, time management, and prioritization. Technical competencies in SIEM, forensic analysis, network security, endpoint security, threat modeling, compliance, and risk management are essential. Certifications from vendors of widely used security tools, possible travel, project work at customer offices, and out-of-hours work may also be required for this position.,

The company 4S Advisory is looking to fill the position of Pre Sales Engineer based in Delhi. The ideal candidate should be a motivated individual with at least 2+ years of experience, particularly in the field of cybersecurity. As a Pre Sales Engineer, you will collaborate closely with the sales team to understand customer requirements and provide customized cybersecurity solutions to meet their needs. Your key responsibilities will include working with the sales team to comprehend customer needs and deliver personalized cybersecurity solutions. You will be involved in creating technical presentations, demos, and proof-of-concept (POC) for clients. Additionally, you will provide technical support during the sales process, addressing customer queries related to cybersecurity solutions. Your role will also entail designing and configuring cybersecurity solutions like SIEM, firewalls, and endpoint security products. Conducting product demonstrations to illustrate the value of our cybersecurity solutions and working directly with customers to propose effective security solutions are crucial aspects of the job. You will be expected to participate in direct client visits to present and discuss solutions face-to-face, ensuring customer satisfaction. Remaining updated on the latest cybersecurity trends, technologies, and threat landscape will be essential. Collaboration with cross-functional teams, including sales and technical support, is necessary to ensure the successful delivery of projects. To be considered for this role, you should hold a Bachelor's degree in Computer Science, Engineering, or a related field. Prior experience in presales, technical support, or cybersecurity-related roles is required. A strong understanding of cybersecurity concepts such as firewalls, SIEM, endpoint protection, and threat management is essential. You must possess the ability to present technical solutions to both technical and non-technical audiences, and have excellent verbal and written communication skills. The willingness to travel for direct client visits and maintain a customer-focused approach is expected. Keeping abreast of the latest cybersecurity technologies and trends is crucial, as is the ability to collaborate effectively with cross-functional teams. If you believe you meet the qualifications and are interested in this opportunity, please send your resume to sreevalli@4sadvisory.com. Kindly mention your current CTC, expected CTC, and notice period in your application.,

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Analyzing cyber threat data from multiple sources including open-source intelligence (OSINT), internal network logs, threat feeds, and commercial threat intelligence platforms is a key responsibility. You will perform the intelligence capitalization within the Group owned Threat Intelligence Platform and leverage Threat Intelligence Platforms, SIEM tools, and other security technologies to automate the collection, analysis, and dissemination of threat intelligence. Utilizing threat modeling techniques to anticipate and prioritize potential risks based on evolving cyber threat trends will be part of your role. You will assist with risk assessments, vulnerability management, and penetration testing efforts by providing insights into possible threat actor targeting and attack vectors. Investigating Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and malware samples to identify emerging threats and vulnerabilities is a critical aspect of the job. Correlating threat data with internal logs, threat intelligence platforms, and external sources to build comprehensive threat profiles is also part of your responsibilities. Providing technical threat intelligence support during active security incidents, assisting in the identification of malicious activity, threat actor attribution, and incident containment will be required. Working closely with the Incident Response & Threat hunting team to analyze and track threat actors, their tactics, and attack methods is essential. You will participate in the tools Proof of Concept used/expected by the Team and regularly look for their relevancy given the evolution of the Group needs. Applying the Business Continuity Plan for the Group Cyber Threat Intelligence Team and ensuring that the Service Level Agreements (SLAs) are not breached are also part of your duties. Primary Skills required for this role include experience in a Cyber Threat Intelligence or related cybersecurity role (e.g., SOC Analyst, Security Researcher, Incident Responder), familiarity with open-source intelligence (OSINT) & Social Media Intelligence (SOCMINT) tools and techniques, understanding of the cyber threat landscape, advanced persistent threats (APTs), and attack methodologies (e.g., MITRE ATT&CK framework), general intelligence knowledge, knowledge about intelligence capitalization, associations, and correlation, familiarity with threat intelligence platforms (e.g., OpenCTI, ThreatConnect, Anomali, MISP), and familiarity with security tools like SIEM (Splunk, QRadar) and endpoint security would be appreciated.,

As a SOC Manager at NTT DATA, you will play a crucial role in leading the Security Operations Center (SOC) team to monitor, detect, and respond to security incidents. Your responsibilities will include managing the day-to-day operations of the SOC, ensuring compliance with security policies, and providing strategic direction to enhance the security posture of the Managed Security Service Provider (MSSP) and its clients. Your primary duties will involve team leadership and management, incident response, security monitoring and analysis, strategic planning, client management, reporting, and documentation. You will lead and mentor a team of security analysts and engineers, develop training programs, and conduct performance reviews. Additionally, you will oversee the incident response process, develop incident response playbooks, and coordinate with other departments and clients during major security incidents. In terms of security monitoring and analysis, you will ensure effective monitoring of client networks and systems for security threats, analyze security data and trends, and implement security tools and technologies such as SIEM, IDS/IPS, and threat intelligence platforms. Furthermore, you will develop and implement strategic plans to enhance security posture, stay updated with the latest security trends, and collaborate with other departments to align security strategies with business objectives. As the primary point of contact for clients, you will manage security incidents and issues, provide regular reports on security status, and conduct security assessments and vulnerability scans. You will also be responsible for preparing and presenting regular reports on SOC activities, documenting security incidents and responses, and maintaining detailed records of security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with a master's degree preferred. You should also have proven experience in a SOC or similar role, experience in leading and managing a team of security professionals, and relevant certifications such as CISSP, CISM, or CEH. Proficiency in security tools and technologies, strong knowledge of network security, incident response, and threat analysis, and excellent leadership and communication skills are essential. The work environment for this role may include working in shifts, occasional travel for client meetings or industry conferences, and a hybrid working setup. NTT DATA is a trusted global innovator of business and technology services committed to helping clients innovate, optimize, and transform for long-term success. With a diverse team of experts and a focus on digital and AI solutions, NTT DATA is dedicated to creating a sustainable digital future for organizations and society.,

As a shift lead in the Security Operations Center (SOC) at Virtusa, you will play a crucial role in supporting SOC operations by conducting detailed threat-based investigations, making recommendations for incident detection methodologies, and offering expert assistance for incident response and monitoring activities. Your responsibilities will include being a technical and strategic leader in driving key performance indicator (KPI) metrics, promoting automation, analytics, and operational efficiencies to enhance the overall security posture. You will be tasked with providing suggestions to enhance security postures, minimize security risks, and identify opportunities for automation to streamline manual efforts. Your role will involve ensuring the highest quality of SOC service delivery and aiding in the development of incident response actions, policies, and procedures, including process enhancements. As the escalation point for advanced security incident escalations from Level 1 SOC analysts, you will oversee all SOC activities and business-as-usual (BAU) tasks during your shift, which involves 24/7 support. Additionally, you will review and improve run books, operating procedures, and playbooks, as well as assign and prioritize tasks and incidents for Level 1 SOC team members. You will manage the incident pipeline, including escalating outstanding incidents, updating incidents as needed, and escalating open incidents when necessary. Furthermore, you will be responsible for meeting service level agreements (SLAs) and leading SOC shift handover calls. Your role will also involve providing continuous improvement initiatives and on-the-job training for Level 1 SOC analysts. Your expertise will be paramount in analyzing logs from various sources such as network devices, applications, infrastructure services, security products, and endpoint data using Security Information and Event Management (SIEM) tools and other security technologies. You will also lead security event and incident investigations, applying industry-recognized incident detection and response frameworks like NIST, MITRE, and others. At Virtusa, we prioritize teamwork, quality of life, and professional development. Join our global team of 30,000 professionals who are dedicated to fostering your personal and career growth. We offer exciting projects, opportunities to work with cutting-edge technologies, and a collaborative environment where great minds come together to innovate and excel.,

As an experienced Information Security professional with 8+ years of experience, you will be responsible for planning, implementing, managing, and maintaining security systems such as antimalware solutions, vulnerability management solutions, and SIEM solutions. Your role will involve monitoring and investigating security alerts from various sources, providing incident response, and identifying potential weaknesses within the organization's network and systems to recommend effective solutions. Additionally, you will take up security initiatives to enhance the overall security posture of the organization. You will be required to document Standard Operating Procedures (SOPs), metrics, and reports as necessary, provide Root Cause Analyses (RCAs) for security incidents, and collaborate with different teams and departments to address vulnerabilities, security incidents, and drive security initiatives. Moreover, researching and monitoring emerging threats and vulnerabilities, understanding current industry and technology trends, and assessing their impact on applications will be crucial aspects of your role. Your qualifications should include industry-recognized professional certifications such as CISSP, GCSA, CND, or similar certifications. Demonstrated experience in computer security with a focus on risk analysis, audit, and compliance objectives is essential. Proficiency in Network and Web Security tools like Palo Alto, ForeScout, and Zscaler, as well as experience in AWS Cloud Environment and Privileged Access Management solutions, will be advantageous. Familiarity with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts is desired. The ideal candidate will possess strong decision-making and complex problem-solving skills under pressure, along with a high degree of creativity and "out-of-the-box" thinking. The ability to manage multiple projects simultaneously in fast-paced environments, a service-oriented approach, and excellent communication, presentation, and writing skills are key requirements for this role. You should also be adept at sharing knowledge, collaborating with team members and customers, and adapting to a fast-paced, ever-changing global environment. Strong organization, time management, and priority-setting skills are essential, along with a proactive approach to achieving results. In summary, this role offers an exciting opportunity for an experienced Information Security professional to contribute to the enhancement of the organization's security posture, collaborate with diverse teams, and stay abreast of emerging threats and industry trends.,

As a Principal / Senior Software Engineer (UI) at our company located in Baner, Pune, India (Hybrid), your primary responsibility will be to design and develop intuitive, responsive, and scalable user interfaces that enhance the deployment, usability, and management of our product. You will lead the UI development process from conceptualization to implementation, ensuring that our interfaces are optimized for performance and usability on various platforms. Collaboration with cross-functional teams, including Product Management, UX/UI, QA, Backend, and Solutions, is essential to deliver a seamless customer experience. Your responsibilities will include working closely with UX/UI designers, product managers, and backend engineers to translate business requirements into technical solutions that result in seamless user experiences adhering to the highest standards of quality and security. You will write clean, maintainable, and efficient code, conduct code reviews, and mentor junior engineers to maintain high-quality standards. Identifying and resolving performance bottlenecks in UI to ensure fast and responsive user interactions will be crucial. Implementing security best practices in UI development to protect against cybersecurity threats, developing and executing comprehensive testing strategies, and continuously evaluating and improving UI frameworks and tools are also part of your role. You will be expected to create and maintain detailed technical documentation, automate repetitive operational tasks, and stay updated with the latest trends and technologies in front-end development and emerging threats in the identity security landscape. Your ability to propose and implement innovative solutions to enhance our product offerings and thrive in a dynamic startup environment will be key contributors to our culture of innovation and excellence. To qualify for this role, you should have at least 8+ years of hands-on experience in front-end development, including 2 years in a senior or lead role. Experience in the cybersecurity domain, particularly in identity security, authentication, and access management, will be advantageous. Proficiency in modern JavaScript frameworks such as React, Angular, or Vue.js, strong knowledge of HTML5, CSS3, and JavaScript (ES6+), experience with RESTful APIs, Web Sockets, version control systems like Git, and CI/CD pipelines is required. Understanding of UI/UX principles, responsive design, and familiarity with cybersecurity concepts, principles, and best practices are also essential. A degree in Computer Science, Engineering, or a related field is preferred for this position.,

Location: Hyderabad Experience: 3+ Years Type: Full-time About Us It is a leading AI Product Company that simulates user actions through AI — Universal Search, last-mile navigation, and contextual guidance. We partner with top product companies and have delivered results like: 70% reduction in support ticket volume 30%+ improvement in product adoption, higher conversions, and NPS Roles & Responsibilities Automate deployment and DevOps processes using Infrastructure as Code (IaC). Build, maintain, and optimize CI/CD pipelines for robust software delivery. Monitor and maintain system performance to ensure high availability and scalability. Collaborate closely with developers and product teams for seamless deployment integration. Manage cloud infrastructure (AWS or Azure), ensuring high security and compliance. Implement container orchestration using Docker and Kubernetes. Conduct Vulnerability Assessment & Penetration Testing (VAPT) and integrate InfoSec practices. Use IaC tools like Terraform, Ansible, or Pulumi (TypeScript preferred). Set up environments for development, testing, and production on secure cloud platforms. Perform periodic security audits and assessments aligned with compliance standards (SOC 2, ISO 27001). Integrate security best practices directly into CI/CD workflows. Requirements 1-3 years of experience as a DevOps Engineer or in a similar role. Experience in cloud platforms: AWS (preferred), GCP, or Azure. Strong command over Python, Bash/Shell, TypeScript, YAML, and optionally Groovy/Java. Solid knowledge of Linux systems and cloud networking. Hands-on experience with Infrastructure as Code (IaC) - Terraform, Pulumi, or similar. Deep understanding of CI/CD, containerization (Docker), and orchestration (Kubernetes). Familiarity with microservices architecture and agile methodologies. Practical knowledge in InfoSec principles, tools (e.g., WAF, SIEM), and frameworks (SOC 2, ISO 27001). Experience with security tooling and VAPT processes is highly desirable. Bonus: Experience with Pulumi using TypeScript. Why Join Us? Here, you’ll work at the forefront of AI and ML innovation, shaping the future of enterprise technology. Join a team that’s leveraging cutting-edge AI to power real-time automation, insights, and intelligent decision-making. We Offer Competitive salary High-impact commission structure Endless opportunities for learning and growth Come unlock your potential — and help us transform industries along the way.

About Marvell Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact Joining Marvell as a CyberSecurity Analyst, you will be an expert at identifying and responding to threats against Marvell data and systems. The SOC is the central nervous system for the cybersecurity organization, a 24x7 service responsible for detection, assessing, and responding to security threats globally. You will be deeply engaged in the day-to-day operations that ensure we effectively detect and respond to evolving cyber threats using leading edge technology and robust processes. What You Can Expect Provide primary triage, analysis and operational support for security events and alerts. Perform correlation using security analytics tools, log aggregators, advanced network malware protection, data indicator mining tools, forensics tools and threat intelligence repositories. Perform real-time incident handling (e.g., intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Participate in analyzing nature of the attack and root cause analysis of an incident. Monitor external data sources proactively to determine which security issues may have an impact on the enterprise. Document and publish techniques, guidance, and reports on incident findings to appropriate constituencies within Marvell. Participate in the improvement tasks such as but not limited to false positive reduction, use case refinement. Effectively communicate both verbal and written updates on alerts and incidents What We're Looking For 4+ years' experience as a SOC Analyst preferably for a >5000 person enterprise. Experience in working with a geographically diverse team in multiple time zones around the globe Strong communication skills and an ability to adapt a message to audiences ranging from technology SMEs to company executives to stakeholders in every business discipline. Deep understanding of MITRE ATT&CK, with demonstrated experience building detection cases and playbooks around the tactics and techniques most relevant to your business. Proficient technical writing skills (documenting processes and procedures). Ability to solve problems and work through ambiguity and uncertainty. Proficiency with one or more DLP platform Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners. Expert level and continually expanding understanding of common and emerging security threats and vulnerabilities Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry. Industry security certifications such as C|EH and relevant GIAC certifications or equivalent highly desirable. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization. Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Role Description We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep Technical Expertise In Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Skills Email Security, EDR, Threat hunting, SIEM

Looking to hire a IT Infra and Cybersecurity Lead for a leading Real estate Developer in Bangalore. The candidate would be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The role will work closely with executive management to determine acceptable levels of risk for the organization and will lead efforts to safeguard the company's information systems and data. Responsibilities : IT Infrastructure: Lead the planning, deployment, and management of IT infrastructure including servers, networks, storage, and cloud services. Ensure high availability, performance, and scalability of infrastructure systems. Manage vendor relationships and service level agreements (SLAs). Oversee disaster recovery and business continuity planning. Monitor system performance and implement improvements. Cybersecurity: Develop and enforce cybersecurity policies, standards, and procedures. Conduct risk assessments and vulnerability scans; implement mitigation strategies. Manage security tools such as firewalls, antivirus, SIEM, and endpoint protection. Lead incident response and forensic investigations. Ensure compliance with relevant regulations (e.g., GDPR, ISO 27001). Leadership & Collaboration: Lead and mentor a team of IT and security professionals. Collaborate with cross-functional teams to align IT and security strategies with business goals. Provide regular reports and updates to senior management on infrastructure and security posture. Qualifications : Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is preferred. Professional security management certification, such as CISSP, CISM or CISA. Minimum of 18+ years of experience in a combination of risk management, information security and IT Infrastructure. Knowledge of common information security management frameworks, such as ISO/IEC 27001. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment. Strong project management skills. Experience with contract and vendor negotiations and management including managed services. Preferred Skills : Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical, and project plans. Strong analytical skills to analyse security requirements and relate them to appropriate security controls. Experience in managing a security operations center (SOC). Knowledge of IT Networks, IT Infrastructure management will be a plus.

Role : WAF Engineer (F5/ Radware) Experience : 3 to 6 years in Network Security Location : Navi Mumbai, Noida The WAF - L2 Engineer is a critical role within our Network Security team, responsible for managing and optimizing Web Application Firewall (WAF) solutions. The ideal candidate will bring 3 to 6 years of network security experience, with a specific focus on WAF management. This position is based in Mumbai and requires a strong technical background, excellent problem-solving skills, and the ability to work in a dynamic, fast-paced environment. The WAF - L2 Engineer will ensure the security and integrity of our network infrastructure, support incident response efforts, and collaborate with various teams to maintain high service levels. Responsibilities : Manage and optimize Web Application Firewall (WAF) solutions. Integrate WAF solutions with various management and authentication tools such as email, AD, IAM, and SIEM. Automate processes using scripting and SOAR tools. Manage policies, exceptions, and perform packet capture, analysis, and troubleshooting. Oversee incident, problem, service request, change, configuration, and capacity management of WAF setups. Proactively use network monitoring tools to isolate events before service degradation. Support incident monitoring and analysis/response initiatives. Troubleshoot network issues across OSI Model layers 1, 2, and 3. Conduct daily performance checks, periodic audits, and ensure compliance. Perform immediate troubleshooting for network outages. Implement and maintain network security policies, standards, and procedures. Deploy and maintain access and security policies for WAF solutions. Maintain service levels and oversee the 24/7 configuration, administration, and monitoring of network security infrastructure. Coordinate with OEMs for TAC support, RMA, replacement, and reconfiguration of WAF. Create technical documentation, network diagrams, inventory control, and security documentation. Collaborate with helpdesk, IT support, and application support teams for high-priority incident resolution. Investigate, isolate, and resolve WAF incidents, providing Root Cause Analysis (RCA). Design and implement WAF solutions for Data Centers (DC), Disaster Recovery (DR), Cloud, and Branch office environments. Develop SOPs, Run books, and update knowledgebase in ITSM tools. Automate and integrate tools with REST API/SDK for security dashboards and InfoSec tools (AD, IDAM, PAM, SIEM, SOAR). Ensure compliance with audit points and timelines. Perform patch updates and upgrades per compliance and audit requirements. Lead and mentor L1 & L2 engineers. Analyze packet captures using tools like Wireshark/Pcap. Ensure timely closure of tickets within SLA and follow up on escalated tickets. Prepare SLA reports for respective technology. Required Skills: Proficiency in managing WAF solutions. Experience in Windows, Linux, Unix environments. Hands-on experience in commissioning, implementation, and integrating WAF solutions. Strong scripting and process automation skills. Experience in policy and exception management. Proficiency in packet capture, analysis, and troubleshooting tools. Incident and problem management skills. Strong verbal and written communication skills. Demonstrated ability to manage, analyze, and solve complex issues. Ability to lead and mentor a team of engineers. If you are a dedicated network security professional with a passion for ensuring the safety and integrity of web applications, we encourage you to apply for this challenging and rewarding role.

10+ yrs Exp in cybersecurity Multi-tenant MSSP SOC Analytics rules KQL Playbooks Logic Apps Workbooks Connectors Incident response Detection use cases-MITRE ATT&CK Defender XDR stack PowerShell ISO 27001 SOC 2 /PCI DSS CISSP CISM GIAC (GCIA, GCIH)

Job Title: Lead Engineer – Network Security Implementation / Network Security Implementation Lead Department: Engineering and Operations Location: Mumbai Reporting: Manager Security Operations Job Type: Full Time Shift: Rotational Shift PRE-REQUISITES Strong technical and subject matter expertise in at least four or more of the following security specialties: Firewall: Palo Alto, Cisco, Checkpoint, Fortinet VPN - IPSEC, Pulse SSL VPN : Juniper, F5, Cisco Content Filtering: Bluecoat , Websense, McAfee, Iron Port, Zscaler IPS: Palo Alto, Cisco, Juniper, Tipping Point, McAfee, Unified Thread Management (UTM) SIEM/SIM products AAA services: ACS, Radius, RSA Load Balancers: F5 BigIP LTM/GTM, Juniper, Netscaler Network Security (multi-vendor) experience Knowledge of Cloud Infrastructure Management: Cloudstack, Openstack, Virtualization (KVM, CentOS) Scripting language: Ruby, Perl or Python Extensive implementation experience on Palo Alto, SSL VPN’s and other security products Working knowledge and hands-on experience on Linux/Unix OS is desirable Understanding the business requirements and working with customer and sales team for optimal solution Attend client calls and other technical meetings and working across shifts depending on the implementation schedule Experience in a Global environment for implementing security solutions Flexible with work schedule to align with migration or implementation window in 24x7 global environment Excellent communication skills and ability to handle high pressure situations Analytical thinker willing to “think outside the box” to resolve customer impacting situations Act as an escalation for Operations to resolve the business impacting critical issues Exceptional documentation and communication skills Aptitude and desire to learn advanced Network Security services Creative, flexible thinker who is willing to take initiatives and share alternative solutions with peers and management Knowledge on Vulnerability Scanning, Penetration Testing Tools Ability to thrive in a fast paced, multi-cultural, customer-oriented environment RESPONSIBILITIES Responsible for implementing end to end security solutions for enterprise customers. The key task is understanding the business requirements, collaborating with various internal teams including sales/vendor/customer, highlight risk and provide mitigation plan and timely implementation of the solution Attend client calls and other technical meetings Working across time zones depending on the implementation schedule Excellent documentation skills and creating SOP’s and MOP’s Hand holding to Operations on implemented projects for smooth transition to Operations Act as an escalation for Operations to resolve the business impacting critical issues Perform the minor/major changes as per defined SOC process and work instructions Subject Matter Expert (SME) for select products Attend CAB meetings and provide comprehensive maintenance plans for change management review and approval Security Performance Tuning Review code upgrade and test implement before rolling on to production Cross-train and mentor juniors Any additional task given to the incumbent from time-to-time based on business needs TRAINING AND CERTIFICATION REQUIRED PCNSE, PCNSA, ACE, CCNA, CCSA/SE, CCSP, CCIE, JNCIS-SEC, JNCIS-FWV, JNCIS-SSL EXPERIENCE Minimum 10 years of progressive, relevant implementation experience working in a complex network environment for Global customers EDUCATION Bachelor’s in engineering - Computers/Electronics/Communication or related field Graduate/Postgraduate in Science/Maths/IT or related streams with relevant technology experience TECHNICAL AND OTHER SKILLS Knowledge of ITIL, ISO27K will be beneficial

We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients. Req Id : 110024 Job Title : Incident Response Analyst Business Unit sector : CPL-BECIO-CIO Department: BVCPL DIGITAL OFFICE Work Location : INPUNE Opportunity Type : Staff Relocation eligible : Yes Full time/Part time : Full-Time Contract Hire Only for this Project : No Visa Sponsorship Available: No Recruiter : Indranee Bindu Job Summary The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures, and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process. Key Responsibilities The Incident Response Analyst fulfills the following tasks: Responds to computer security incidents according to the computer security incident response policy and procedures. Provides technical guidance to first responders for handling cybersecurity incidents. Provides timely and relevant updates to appropriate stakeholders and decision makers. Communicates investigation findings to relevant business units to help improve the cybersecurity posture. Validates and maintains incident response plans and processes to address potential threats. Compiles and analyzes data for management reporting and metrics. Analyzes potential impact of new threats and communicates risks back to detection engineering functions. Performs root-cause analysis to document findings and participate in root-cause elimination activities as required. Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents. Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases. Management Responsibilities Individual Contributor Preferred Qualifications Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. BE/BTech, BS or MA in computer science, information security or a related field.Bachelors Degree (in Business, Technology, Computer Science or related field), preferred or equivalent experience. Candidate must have 5 years of experience in incident response. Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK. Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial. Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial. Minimum Qualifications Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Candidate must have 5 years of experience in incident response. Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Understands organizational mission, values, goals, and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to effectively influence others to modify their opinions, plans, or behaviors. A team-focused mentality, with the proven ability to work effectively with diverse stakeholders. Strong problem-solving and troubleshooting skills. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. #LI-IB2 Certifications Contact Compensation Work Environment/Physical Demands Typical office environment Competencies Salary Plan ITS: Information Technology Service Job Grade 004 BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients. Req Id : 110025 Job Title : Incident Response Analyst Business Unit sector : CPL-BECIO-CIO Department: BVCPL DIGITAL OFFICE Work Location : INPUNE Opportunity Type : Staff Relocation eligible : Yes Full time/Part time : Full-Time Contract Hire Only for this Project : No Visa Sponsorship Available: No Recruiter : Indranee Bindu Job Summary The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures, and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process. Key Responsibilities The Incident Response Analyst fulfills the following tasks: Responds to computer security incidents according to the computer security incident response policy and procedures. Provides technical guidance to first responders for handling cybersecurity incidents. Provides timely and relevant updates to appropriate stakeholders and decision makers. Communicates investigation findings to relevant business units to help improve the cybersecurity posture. Validates and maintains incident response plans and processes to address potential threats. Compiles and analyzes data for management reporting and metrics. Analyzes potential impact of new threats and communicates risks back to detection engineering functions. Performs root-cause analysis to document findings and participate in root-cause elimination activities as required. Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents. Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases. Management Responsibilities Individual Contributor Preferred Qualifications Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. BE/BTech, BS or MA in computer science, information security or a related field.Bachelors Degree (in Business, Technology, Computer Science or related field), preferred or equivalent experience. Candidate must have 5 years of experience in incident response. Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK. Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial. Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial. Minimum Qualifications Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Understands organizational mission, values, goals, and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to effectively influence others to modify their opinions, plans, or behaviors. A team-focused mentality, with the proven ability to work effectively with diverse stakeholders. Strong problem-solving and troubleshooting skills. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. #LI-IB2 Certifications Contact Compensation Work Environment/Physical Demands Typical office environment Competencies Salary Plan ITS: Information Technology Service Job Grade 004 BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

We are looking for a proactive and experienced L2 Security Operations Analyst to strengthen our Security Operations Centre (SOC) team. This role will be responsible for detecting, analysing, and responding to cybersecurity incidents in a hybrid infrastructure comprising AWS Cloud, on-prem infrastructure, and diverse endpoint systems including Linux, Windows, and macOS. The candidate should have hands-on experience with SIEM, EDR, firewalls, and cloud-native security tools, along with a solid understanding of threat landscapes and incident response processes. Responsibilities Act as the first level of the escalation point to the L1 team and investigate, validate, and escalate security alerts received from SIEM and other monitoring tools. Monitor and analyse security events from various sources, including CNAPP, SIEM, EDR, firewalls, AWS CloudTrail, Guard Duty, and endpoint logs. Triage security alerts and escalate incidents based on severity and impact. Correlate data across sources to identify patterns of malicious activity and potential breaches. Review and refine detection use cases and rule tuning to reduce false positives. Update and maintain incident response runbooks and knowledge base. Assist in the development of automation using SOAR platforms for repetitive tasks. Document incidents, root cause analysis, and lessons learned in a structured and timely manner. Provide regular status reports and metrics to SOC leads and management. Collaborate with infrastructure, application, and IT teams for investigation and remediation. Requirements Bachelor's degree in information security, Computer Science, or related field. 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency with SIEM tools (e. g., Sentinel, Splunk). Hands-on experience with EDR/XDR platforms (e. g., CrowdStrike, Sentinel One). Strong understanding of network protocols, operating systems, malware analysis, and threat actor behaviour. Familiarity with frameworks such as MITRE ATT& CK, NIST CSF, Incident response and investigation skills, including log analysis and packet inspection. Experience with ticketing systems and incident tracking tools. This job was posted by Debapti Roy from mPokket.

Jul 28, 2025 Location: Mumbai Designation: Assistant Manager Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure

Dreamplus colonizers and Developers private limited is looking for TeleCaller to join our dynamic team and embark on a rewarding career journey A telecaller is a customer service representative who contacts customers over the telephone A typical job description for a telecaller includes the following responsibilities: Make outbound calls to customers to promote products and services, or follow up on recent purchases Respond to customer inquiries and provide information about products and services Resolve customer complaints and provide appropriate solutions Keep records of all customer interactions and transactions, updating customer information in a database as necessary Meet and exceed sales and customer satisfaction targets Continuously improve product and service knowledge to provide accurate information to customers Stay up-to-date with industry developments and maintain a working knowledge of competitor offerings Follow all company policies and procedures, including those related to confidentiality and data security Participate in training and development opportunities to improve skills and knowledge 0 Adhere to schedules and work efficiently under pressure to meet deadlines

We are seeking an experienced and proactive SOC Lead to drive the operations of our Security Operations Center. The ideal candidate will have strong expertise in cybersecurity monitoring, incident response, threat hunting, and stakeholder communication. This role involves leading a global 24x7 SOC team, coordinating with cross-functional teams, and enhancing our threat detection and response capabilities. You will act as the escalation point for complex incidents and play a key role in process improvement, automation, and mentoring the SOC team. Key Responsibilities: Lead and coordinate the 24x7 SOC operations, managing a distributed team of L1 and L2 analysts. Provide advanced triage and investigation of escalated security s and incidents from L1 analysts. Act as the primary escalation contact for high-priority incidents and security breaches. Ensure timely incident response and resolution within SLA while maintaining high-quality ticket documentation. Conduct Root Cause Analysis (RCA) and create detailed incident reports for high-severity cases. Continuously review and fine-tune security s, rules, and thresholds across SIEM and other monitoring tools. Design and propose new security use cases and playbooks to improve detection and response automation. Conduct training sessions for the team on new tools, updated processes, and emerging threats. Organize and lead governance meetings (weekly/biweekly/monthly) with internal stakeholders and clients. Stay informed on the latest threat intelligence, vulnerabilities, and security technologies to proactively enhance SOC capabilities. Maintain and enhance SOC documentation, including SOPs, incident runbooks, and knowledge bases. Collaborate with engineering, infrastructure, and compliance teams to align incident response with organizational risk management practices. Required Skills & Experience: Minimum 4 years of hands-on experience in a Security Operations Center, focusing on incident response, security analysis, and threat hunting. Deep technical expertise in: Email Security (Mimecast) EDR Tools (e.g., Threat Down / Malwarebytes) Secure Web Gateway (Netskope SWG) Cloud Security (Microsoft Azure, Microsoft Defender) SIEM Platforms (Azure Sentinel preferred) Threat analysis and phishing investigation Sound understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, etc.) and incident response lifecycle. Working knowledge of enterprise infrastructure: networking, firewalls, operating systems (Windows/Linux), databases, and web applications. Excellent written and verbal communication skills; able to convey technical details to non-technical stakeholders. Strong organizational and prioritization skills; experience handling multiple concurrent incidents and tasks in high-pressure environments Preferred Certifications: Relevant security certifications such as: CEH (Certified Ethical Hacker) Microsoft SC-200 (Security Operations Analyst) AZ-500 (Azure Security Engineer Associate) CISSP, GCIH, or similar. Proficiency with Security Tools: Mimecast Email Security Threat Down (Malwarebytes) Microsoft Azure, Microsoft Defender for O365 Netskope SWG Azure Sentinel (SIEM) Open-source tools for phishing analysis Required Skills Email Security, EDR, Threat hunting, SIEM

Why Join Siemens? At Siemens, you will be part of a global leader committed to innovation, quality, and excellence. This role offers the opportunity to work on challenging projects, develop professionally, and make a significant impact in the electrical and instrumentation domain, particularly within power plant and renewable energy projects. If you are passionate about leading a talented team and driving technical excellence, we encourage you to apply. As Siemens Energy, "We energize society" by supporting our customers to make the transition to a more sustainable world, based on innovative technologies and our ability to turn ideas into reality. We do this by: Expanding renewables Transforming conventional power Strengthening electrical grids Driving industrial decarbonization Securing the supply chain and necessary minerals Looking for challenging role? If you really want to make a difference - make it with us Siemens Energy (SE) is a global pacesetter in energy, helping customers to meet the evolving demands of today’s industries and societies. SE comprises broad competencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Munich in Germany and more than 88,000 employees in over 80 countries, Siemens energy has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years. Your new role – challenging and future-oriented You would be responsible for all system administration requirements like installation, upgrades, and updates of DCS Systems (SPPA T3000) before the delivery of components to customers as well as during the after-sales service phase. You would be part of remote service support center and would support customers in troubleshooting of problems faced by customer. As part of your profile there would be requirement of travelling to many project sites during installation as well as service phase of I&C Systems. You have great opportunity to work with global remote support centers and global teams We don’t need superheroes, just super minds You’re a bachelor’s in engineering with 3 to 5 years of experience in system administration of Instrumentation & Control (I&C)/PLC systems. You’ve great knowledge and experience of DCS & PLC Systems You’ve great knowledge of SPPA T3000 control system and ‘know-how’ on the system administration and troubleshooting would be an added advantage. You’ve great knowledge of network implementation including switches, firewalls, router etc. You’ve professional exposure in implementation of cyber solutions like NIDS, Application Whitelisting, Domain Controller, SIEM Solutions would be added advantage. We’ve got quite a lot to offer. How about you? This role is based in Gurgaon, where you’ll get the chance to work with teams impacting entire cities, countries – and the shape of things to come. We’re Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Develop and maintain comprehensive documentation of cloud security architecture and controls. - Conduct regular assessments of cloud security measures to ensure effectiveness and compliance. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM). - Strong understanding of cloud security principles and best practices. - Experience with security incident response and management. - Familiarity with regulatory compliance frameworks relevant to cloud security. - Ability to analyze security threats and vulnerabilities in cloud environments. Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM). - This position is based at our Noida office. - A 15 years full time education is required., 15 years full time education

Role & responsibilities Experience in Splunk, Deep analysis Should be in L2 Preferred candidate profile