32 Siem Platforms Jobs

Role Overview: As a Security Specialist at Vaibhav Global Ltd (VGL), your primary responsibility will be to ensure the safety of the company's digital systems. This will involve tasks such as setting up firewalls, monitoring network activities, responding to security incidents promptly, and collaborating with other teams on technical tools. Your role will also entail supporting compliance efforts and documenting security procedures. Key Responsibilities: - Install and manage firewalls (e.g., Fortinet, Palo Alto) and WAF tools (e.g., Azure WAF, Cloudflare). - Set up and maintain Azure networking, including routing and private access. - Create and enforce security access rules to safeguard digital systems. - Monitor logs, detect potential threats, and resolve security incidents efficiently. - Implement CNAPP/CSPM tools in Azure cloud environments for enhanced security. - Collaborate with DevOps team to integrate security measures into CI/CD pipelines. - Support audits such as PCI-DSS, ISO 27001, and SOC 2 to ensure compliance. - Develop and maintain standard operating procedures (SOPs), runbooks, and incident support documentation. - Evaluate new security tools, conduct tests, and implement them as required. Qualification Required: - Bachelor's Degree - Minimum of 3 years of experience in network and cloud security - Strong proficiency with NGFWs, WAFs, and Azure cloud security tools - Familiarity with SIEM platforms, packet capture tools (e.g., Wireshark), VPNs, TCP/IP, and application security - Excellent problem-solving and communication skills Additional Company Details: Vaibhav Global Ltd (VGL) is an electronic deep discount retailer specializing in fashion jewelry, gemstones, and lifestyle products. The company operates in multiple countries, including the US, UK, Germany, and Canada, with a wide reach across various platforms. VGL is dedicated to sustainable business practices, renewable energy initiatives, and social responsibility, as evidenced by its awards and charitable initiatives. It values teamwork, honesty, commitment, passion, and a positive attitude. (Note: The above information provides a brief overview of Vaibhav Global Ltd and its commitment to sustainability and social responsibility. For more detailed insights, please refer to the complete job description.) (Note: The above information provides a brief overview of Vaibhav Global Ltd and its commitment to sustainability and social responsibility. For more detailed insights, please refer to the complete job description.),

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, LogRhythm, Splunk, QRadar, Wazuh etc.) Develop, implement, and maintain SOC processes, procedures, and playbooks to ensure effective incident response. Perform threat hunting and proactive analysis to identify emerging threats. Manage and mentor SOC analysts, providing training and professional development. Conduct root cause analysis and prepare detailed incident reports and recommendations. Drive continuous improvement in SOC capabilities through adoption of new tools and technologies. Participate in security audits, assessments, and vulnerability management initiatives. Stay up-to-date with the latest threat trends, vulnerabilities and regulatory requirements. Required Qualifications: Minimum 12 years of professional experience in cybersecurity, with at least 8 years in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting. Preferred Certifications: CISSP, GCIA, GCIH, CEH, OSCP, Security+, CySA+ or similar. SIEM-specific certifications (e.g. Azure Sentinel, LogRhythm, Splunk etc). Education: BE CSE/IT or a related field, MCA with 60%+ throughout the academics.

Job Description: Splunk SIEM Specialist Position Overview We are seeking an experienced Splunk SIEM Specialist to lead and support end-to-end SIEM solution activities, including migrations, implementations, onboarding, normalization, content development, troubleshooting, platform management, and optimization. The ideal candidate will have deep expertise in Splunk administration and a strong background in security operations, log management, and use case development. Key Responsibilities SIEM Migration & Implementation Lead and execute SIEM solution migrations, including planning, data transfer, and validation. Implement and configure Splunk SIEM solutions tailored to organizational security requirements. Log Onboarding & Normalization Onboard diverse log sources into Splunk, ensuring data is parsed and normalized according to the Common Information Model (CIM). Develop and maintain data models, field extractions, and event parsing logic. Content Development & Tuning Design, develop, and tune detection rules, correlation searches, dashboards, and alerts. Continuously optimize content to reduce false positives and improve detection accuracy. Troubleshooting & Platform Management Diagnose and resolve issues related to log ingestion, parsing, and platform performance. Monitor and maintain the health, availability, and scalability of the Splunk environment. SIEM Optimization & Administration Perform regular platform optimization, including indexing, storage management, and search performance tuning. Administer Splunk components (indexers, search heads, forwarders, etc.) and manage upgrades/patches. Deployment & Solution Delivery Deploy and configure Splunk SIEM solutions in both on-premises and cloud environments. Collaborate with stakeholders to ensure successful delivery of security monitoring capabilities. Gap Analysis & Use Case Development Conduct log source and use case gap analysis to identify coverage gaps and recommend enhancements. Work with security teams to develop new use cases aligned with evolving threat landscapes. Required Skills & Qualifications 3+ years of hands-on experience with Splunk SIEM (Enterprise Security preferred). Strong understanding of SIEM concepts, log management, and security operations. Proficiency in log source onboarding, parsing, and CIM compliance. Experience in content development (correlation rules, dashboards, alerts) and tuning. Solid troubleshooting skills for both Splunk platform and security content. Experience with Splunk administration, deployment, and health monitoring. Familiarity with SIEM optimization techniques and best practices. Ability to conduct gap analysis and develop actionable recommendations. Excellent communication and documentation skills. Relevant certifications (e.g., Splunk Certified Admin, Splunk Enterprise Admin, Splunk Certified Architect) are a plus. Preferred Experience Strong Knowledge in Security concepts Experience with cloud-based SIEM deployments (AWS, Azure, GCP). Knowledge of scripting languages (Python, Bash) for automation. Exposure to other SIEM platforms (QRadar, Sentinel, SecOps, XSIAM, etc.) is advantageous.

Role Overview: You will be joining the Defender Experts (DEX) Research team within Microsoft Security, whose mission is to protect customers from advanced cyberattacks by transforming raw signals into intelligence. As a Threat Researcher, you will collaborate with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats impacting both Microsoft and third-party products. Your work will directly contribute to developing real-time protections for enterprises worldwide and enhancing threat detection and response capabilities within Microsoft Sentinel. This role offers a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Key Responsibilities: - Execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Develop and refine detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel, to ensure comprehensive threat coverage and response capabilities. - Collaborate with internal and external security teams to implement scalable solutions for multi-cloud threat intelligence, detection, mitigation, and response. - Translate complex raw security data into actionable intelligence to enhance cloud security operations for a global customer base. - Mentor and guide researchers and detection engineers on advanced threat hunting and incident response best practices across diverse SIEM ecosystems. - Contribute to industry knowledge and Microsoft's security posture by publishing research, developing threat models, and identifying threats and attack trends in the cloud. Qualifications: - 3+ years of relevant experience in security research, detection engineering, threat lifecycle, and cloud security in large-scale complex cloud environments. - Proven ability in executing advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across heterogeneous cloud environments. - Demonstrated experience in developing and refining detection and response strategies using major SIEM platforms, with a focus on Microsoft Sentinel. - Extensive hands-on experience with cloud platforms, including Azure, and understanding of multi-cloud security challenges and solutions. - Strong practical experience in identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. - Ability to work independently, deliver complete solutions, articulate technical insights effectively, and influence multidisciplinary teams.,

A career in our Advisory Acceleration Centre is the natural extension of PwC's leading class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process quality and delivery capability in,

The role involves translating customer needs into technical systems solutions and leading projects at the architecture level. It requires determining and developing architectural approaches for solutions and conducting business reviews. The ideal candidate should have 8-10 years of experience with a strong technical background in system and applications solution architecture design. Additionally, experience in designing solutions using appropriate platforms and system technologies is essential. A degree in Computer Science and Engineering is preferred. Key responsibilities include analyzing the client's needs and translating them into system and architecture requirements to ensure that the design meets the client's needs. Evaluating the client's system specifications, work practices, and business nature is crucial. Developing a solution concept design in alignment with enterprise architecture and business requirements is also a key aspect of the role. Analyzing the impact of solutions on the client's overall business processes and systems to mitigate business risks is another important responsibility. The ideal candidate for the Cyber Security Architect position should have at least 18 years of IT experience, with 10 years specifically in Cybersecurity Project Experience. Key requirements include proven experience in Cybersecurity architecture, focusing on Threat Hunting, Threat Adversaries, Offensive Security activities, and the Mitre ATT&CK framework. Expertise in delivering enterprise-level defensible security architecture and industry-specific cyber architecture framework for multiple customer projects is essential. In-depth knowledge of cybersecurity principles, practices, technologies, and methodologies is required. Hands-on experience with Cybersecurity tools and technologies such as SIEM platforms, threat intelligence platforms, endpoint detection and response (EDR) solutions, etc., in the past five years is necessary. A strong understanding of offensive security techniques, including penetration testing, Red Teaming, and Ethical Hacking, is also important. Expertise with security compliance and the ability to develop security controls adhering to security frameworks and agile practices for a leading global organization are key requirements. Candidates for this role must possess one or multiple advanced security certifications from accredited bodies, such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), CompTIA Advanced Security Practitioner (CASP+), or Certified Information Security Manager (CISM). The location for this role is Bangalore/Ahmedabad.,

As an L1 Security Threat Monitoring Resource, you will play a crucial role in the organization by being responsible for the initial detection, analysis, and response to security incidents and alerts. Your primary duties include monitoring security event feeds and alerts, analyzing security alerts, escalating critical incidents, documenting all activities in compliance with company policies, collaborating with internal teams for timely response, and staying updated on emerging threats and security technologies. You will work closely with senior analysts and engineers to maintain the security posture of the University and mitigate potential threats. Additionally, you will assist in the development of standard operating procedures for threat monitoring and incident response, as well as participate in Security Awareness training, monitoring, and reporting. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Technology, or a related field. You must possess a strong understanding of networking fundamentals, common security protocols, and familiarity with SIEM platforms. Basic knowledge of cybersecurity principles and practices is essential, along with excellent analytical and problem-solving skills. Effective communication, interpersonal skills, and the ability to work in a fast-paced environment are also required. The ideal candidate should have a minimum of 2 years of experience in a relevant security threat monitoring role. Possessing certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) would be advantageous in this position.,

As an IT Security Analyst in our Security Operations Center (SOC) team based in Noida (Hybrid), you will play a crucial role in safeguarding our organization's digital assets and infrastructure from cyber threats. Your responsibilities will include working in rotational night shifts, administering and troubleshooting security infrastructure devices, managing service tickets, detecting and responding to security incidents, monitoring system logs, and collaborating with internal teams to enhance security measures. You will need to stay updated on emerging threat vectors, contribute to refining SOC playbooks and SOPs, and possess a strong foundation in cybersecurity principles. To excel in this role, you should have at least 3 years of experience in IT Security, particularly within a SOC environment, and be well-versed in information security principles and networking fundamentals. Hands-on experience with security tools like SIEM platforms, EDR tools, IDS/IPS, firewalls, VPNs, and antivirus solutions is essential. Additionally, familiarity with network traffic analysis, vulnerability triage, malware identification, and phishing detection will be beneficial. Your ability to analyze compromise indicators, work efficiently in fast-paced settings, think critically under pressure, and possess relevant certifications like CompTIA Security+ or CEH will be highly valued. Key competencies for success in this role include meticulous attention to detail in documentation, strong written and verbal communication skills, effective team collaboration, the ability to remain composed and make decisions during high-stress situations, and a proactive mindset focused on continuous improvement. If you are a passionate IT Security professional with a proactive approach and a commitment to enhancing cybersecurity measures, we encourage you to apply for this challenging and rewarding opportunity.,

As an Endpoint Security Engineer, you will play a crucial role in implementing, monitoring, and optimizing endpoint protection platforms to ensure the security of our IT infrastructure against modern threats. Your primary responsibilities will include deploying, configuring, and managing security tools such as Microsoft Defender for Endpoint, CrowdStrike Falcon, and SentinelOne. You will also be tasked with monitoring and responding to security alerts, investigating suspicious activities, and collaborating with SOC/IT teams for root cause analysis. In this role, it is essential to tune policies, rules, and detection logic to enhance threat visibility and reduce false positives. You will support day-to-day operations, including patching, EDR tool maintenance, and threat hunting, while maintaining documentation for configurations, incident reports, and remediation actions. Staying updated with the latest threats, vulnerabilities, and EDR technology updates will be crucial to your success. To excel in this position, you should have experience with Microsoft Defender for Endpoint, CrowdStrike, and/or SentinelOne, along with familiarity with SIEM platforms like Microsoft Sentinel. A solid understanding of endpoint threat vectors, malware behavior, and basic forensic techniques is desirable. Exposure to compliance frameworks such as ISO 27001 and NIST would be a plus. Soft skills such as strong problem-solving abilities, effective communication, attention to detail, and the capability to work both independently and collaboratively are essential for this role. Your ability to document findings and present security insights clearly will be key to ensuring the effectiveness of our endpoint security measures.,

Key Responsibilities Team Management & Leadership Manage and mentor a team of Level 1 and Level 2 SOC analysts. Conduct regular team reviews, performance evaluations, and skill development plans. Foster a culture of continuous learning, collaboration, and accountability. SOC Operations Oversight Oversee 24/7 SOC operations, ensuring adherence to SLAs and KPIs. Monitor escalation workflows for alerts, incidents, and investigations. Ensure proper case documentation, knowledge base updates, and handover processes. Incident Response & Analysis Supervise triage, analysis, containment, and resolution of security incidents. Provide guidance on complex threat investigations and escalations. Coordinate with clients during major incidents and post-incident reviews. Process & Compliance Drive process improvements in alert management, reporting, and escalation procedures. Ensure SOC operations comply with regulatory standards (ISO 27001, GDPR, etc.). Maintain and enhance SOC runbooks and standard operating procedures (SOPs). Client & Stakeholder Management Act as the point of contact for client escalations related to SOC operations. Deliver periodic SOC reports, dashboards, and incident summaries. Support client onboarding, service reviews, and audit requirements. Required Skills & Qualifications Experience: 25 years in Security Operations, with at least 1–2 years in a supervisory or lead role. Technical Knowledge: Strong understanding of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm). Familiarity with EDR, SOAR, threat intelligence, IDS/IPS, firewalls, and cloud security tools. Incident response methodology and threat detection frameworks (MITRE ATT&CK, Cyber Kill Chain). Leadership Skills: Ability to manage, mentor, and motivate a young SOC team. Communication: Strong written and verbal skills for interacting with clients and stakeholders. Certifications (preferred): CEH, CompTIA Security+, CySA+, SSCP, or SOC Analyst certifications. Key Attributes Strong problem-solving and decision-making abilities. Ability to perform under pressure in a 24/7 SOC environment. Detail-oriented with a focus on process improvement and operational excellence. Team-first mindset with passion for developing cybersecurity talent.

About ASB ASB is committed to empowering students with expertise in emerging technologies. We are looking for an enthusiastic and passionate Cybersecurity Training Expert to lead and mentor students, equipping them with industry-relevant skills in cybersecurity. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a passion for teaching. The ideal candidate will have solid experience in network security, penetration testing, ethical hacking, compliance, and security frameworks. They should be an excellent communicator who can break down complex cybersecurity concepts into easy-to-understand modules. Key Responsibilities 1. Training Delivery Design, develop, and deliver high-quality cybersecurity training through courses, workshops, boot camps, and webinars. Cover a broad range of cybersecurity topics, including but not limited to: Network Security & Firewalls Penetration Testing & Ethical Hacking Cloud Security & DevSecOps Security Compliance & Auditing (ISO 27001, NIST, GDPR, etc.) Threat Intelligence & Incident Response SIEM, SOC & Security Tools (Burp Suite, Wireshark, Metasploit, AWS Security Hub, etc.) 2. Curriculum Development Develop and continuously update cybersecurity training materials, including hands-on labs, case studies, quizzes, and real-world projects. Ensure training content is aligned with industry best practices, compliance frameworks, and emerging security trends. 3. Training Management Organize and manage cybersecurity training sessions, ensuring smooth content delivery, engagement, and assessments. Track learner progress and provide additional support, including one-on-one guidance and mentorship. 4. Technical Support & Mentorship Assist students with technical queries and troubleshoot cybersecurity-related challenges. Provide career guidance and mentorship, helping students navigate certifications (CEH, CISSP, OSCP, CISM, etc.) and job opportunities in cybersecurity. 5. Industry Engagement Stay updated with the latest cybersecurity threats, vulnerabilities, and defense mechanisms. Represent ASB at cybersecurity conferences, webinars, and industry events. 6. Assessment & Evaluation Develop hands-on challenges, CTFs (Capture The Flag), and practical assessments to evaluate student proficiency. Provide constructive feedback to enhance their technical skills. Required Qualifications & Skills Educational Background Bachelor's or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field. Hands-on Cybersecurity Experience 3+ years of experience in cybersecurity roles such as Penetration Tester, Security Analyst, SOC Analyst, Cybersecurity Engineer, or Security Auditor. Expertise in ethical hacking, threat analysis, cloud security, risk assessment, and compliance. Strong knowledge of Linux, Windows Security, Networking, and Cryptography. Teaching & Communication Skills 2+ years of experience in training, mentoring, or delivering cybersecurity education. Ability to explain complex security concepts in a clear and engaging way. Cybersecurity Tools & Platforms Experience with security tools such as Kali Linux, Metasploit, Burp Suite, Wireshark, Nessus, Nmap, Snort, Splunk, SIEM platforms, and AWS Security Hub. Knowledge of SOC operations, incident response, and security automation tools. Passion for Education A genuine enthusiasm for training the next generation of cybersecurity professionals. Preferred Qualifications Industry Certifications CEH, OSCP, CISSP, CISM, CCSP, AWS Security Certification, or equivalent. Experience in Online Teaching Prior experience in online training platforms (Udemy, Coursera, etc.) or learning management systems (LMS). Knowledge of Security Frameworks & Compliance Familiarity with ISO 27001, NIST, GDPR, SOC 2, and PCI-DSS. Experience in Blue Team & Red Team Operations Understanding of ethical hacking (offensive security) and defensive security (SOC, SIEM, endpoint protection, etc.).

Your Role .3-5 years of hands-on experience with BigID or similar data discovery/classification tools (e.g., Varonis, Informatica, and MIP). .Strong understanding of data governance, data privacy, and compliance regulations (GDPR, CCPA, SOX, SEBI etc.). .Experience working with structured data in RDBMS (Oracle, MS SQL Server, and PostgreSQL) and unstructured data sources (file servers, SharePoint, cloud repositories). .Proficiency in configuring BigID policies, classifiers, data flows, and discovery and classification operations modules. .Experience integrating BigID with security tools like Microsoft Information Protection, DLP solutions, or SIEM platforms. .Familiarity with metadata management, data catalogs, and data lineage concepts Your Profile Design, implement, and manage data discovery and classification workflows using the BigID platform for both structured (e.g., databases, data warehouses) and unstructured data (e.g., file shares, SharePoint, email). .Configure and maintain BigID connectors to integrate with enterprise data sources including databases (Oracle, SQL Server, MySQL), cloud storage (AWS S3, Azure Blob), collaboration platforms (O365, Google Drive), and more. .Define and customize classification policies, sensitivity labels, and data tagging rules to align with organizational data governance and compliance frameworks (e.g., GDPR, CCPA, SEBI, DORA etc.). .Collaborate with data owners, security teams, and compliance stakeholders to identify sensitive data types (PII, PCI, etc.) and apply appropriate classification and protection strategies. .Integrate BigID with Microsoft Information Protection (MIP) and other DLP platforms or IRM tools to automate labeling and enforcement policies. .Monitor discovery scans and classification jobs, troubleshoot issues, and optimize performance. .Generate and present reports and dashboards to stakeholders, highlighting data classification coverage, risk areas, and remediation plans. What You'll love about working hereShort Description We recognize the significance of flexible work arragemnets to provide support.Be it remote work, or flexible work hours. You will get an enviorment to maintain healthy work life balance. At the heart of our misssion is your career growth. our Array of career growth programs and diverse professions arecrafted to spport you in exploring a world of opportuneties Euip Yourself with valulable certification in the latest technlogies such as unix,Sql.

Job Title: SOC Analyst Location: Remote Position Overview We are seeking a SOC Analyst to join our security operations team. The role involves continuous monitoring, detection, investigation, and response to security incidents across enterprise systems. The SOC Analyst will work with SIEM, SOAR, IDS/IPS, NGFW, EDR, and other security technologies to protect against evolving threats, ensure rapid incident response, and strengthen the overall security posture. Key Responsibilities Monitor and analyze security events through SIEM platforms to detect potential threats. Investigate alerts and incidents using IDS/IPS, NGFW, EDR, WAF, vulnerability scanners, and bot management solutions. Perform network protocol analysis (TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.) to identify abnormal traffic and possible intrusions. Utilize EDR tooling to analyze endpoint activity and provide containment/remediation recommendations. Respond to and mitigate DDoS attacks and other advanced threat vectors. Operate SOAR platforms to streamline and automate detection and response processes. Contribute to defensive security strategies, incident response playbooks, and continuous improvement of SOC operations. Document investigation findings, response actions, and lessons learned. Required Skills & Qualifications Experience with SIEM platforms (Splunk, QRadar, ArcSight, or similar). Strong knowledge of IDS/IPS, NGFW, WAF, and vulnerability management tools. Hands-on experience with EDR solutions such as CrowdStrike, Carbon Black, or SentinelOne. Familiarity with bot management solutions and DDoS mitigation strategies. Solid understanding of network protocols and protocol analysis tools. Exposure to SOAR platforms for incident response automation. Strong analytical, problem-solving, and communication skills. Bachelors degree in Information Security, Computer Science, or a related field (or equivalent work experience). Security certifications (CompTIA Security+, CEH, GCIH) preferred) Show more Show less

As a Cyber Security Operations Analyst, your primary responsibility is to protect the day-to-day operations of the organization by understanding and monitoring cybersecurity risks and threats. You will help ensure the correct protective, detective, and monitoring controls are in place while also playing a key role in cyber incident response activities. You will be a critical part of the Cyber Security Operations team, working closely with internal stakeholders and external partners (e.g., SOC MSSP) to safeguard the organisation's critical systems and data. Your key responsibilities will include responding to alerts and escalations from the Managed Security Service Provider (SOC MSSP) and internal systems, investigating, triaging, and resolving security incidents in a timely and effective manner, developing and maintaining documentation to improve investigation and response efficiency, supporting the Cyber Security Operations Manager with analysis and reporting, monitoring the effectiveness of implemented security controls, ensuring compliance with internal policies and industry standards, recommending improvements in information security monitoring and controls, maintaining up-to-date knowledge of the cybersecurity threat landscape, participating in incident response activities, contributing to post-incident reviews and lessons learned, and assisting in improving cybersecurity policies and standards across the business. To be successful in this role, you should have an undergraduate degree in Cyber Security, Computer Science, Engineering, or a related field, or equivalent practical experience. You must demonstrate understanding of security operations, threat detection, and incident response, as well as familiarity with IT system and network architecture. Experience working in a Security Operations Centre (SOC) or similar environment, hands-on experience in investigating and responding to security incidents, understanding of key IT service management and change management processes, and working knowledge of cybersecurity monitoring tools, SIEM platforms, and investigation techniques are preferred. Key skills and attributes for this role include strong analytical and problem-solving skills, ability to adapt quickly to changing priorities and emerging threats, excellent verbal and written communication skills for technical and non-technical audiences, ability to work independently and collaboratively in a hybrid (remote/on-site) environment, and high attention to detail and commitment to maintaining confidentiality and integrity. You will build key relationships with the Cyber Security Team, wider IT and Infrastructure Teams, Business Managers and Senior Leaders, as well as external vendors and MSSP partners. Encora, the preferred digital engineering and modernization partner of leading enterprises and digital native companies, is where you will be a part of a global team of experts driving innovation in Product Engineering & Development, Cloud Services, Quality Engineering, DevSecOps, Data & Analytics, Digital Experience, Cybersecurity, and AI & LLM Engineering.,

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security, and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world. The Opportunity: ECI has an exciting opportunity for a Network Compliance & Assurance Technical Lead, who is responsible for overseeing and ensuring the security, compliance, and integrity of our enterprise network infrastructure. The ideal candidate will have deep expertise in network vulnerability assessments, compliance assurance, and governance frameworks. This role involves leading a team of engineers to identify, mitigate, and monitor risks while ensuring adherence to industry standards and regulatory requirements. This is an onsite role. What you will do: Leadership & Collaboration: Lead and mentor a team of compliance and network security engineers, fostering a culture of excellence and continuous learning. Collaborate with IT leadership, security teams, and compliance officers to establish and maintain a secure and compliant network infrastructure. Develop and communicate compliance strategies and progress reports to stakeholders and executive leadership. Network Vulnerability Management: Conduct regular vulnerability assessments, penetration testing, and risk analyses on network infrastructure. Oversee the remediation of identified vulnerabilities, ensuring timely resolution to maintain compliance with organizational and regulatory requirements. Utilize tools such as Nessus, Qualys, and OpenVAS to continuously monitor network security posture. Compliance Assurance: Implement and enforce compliance with regulatory frameworks such as PCI-DSS, HIPAA, GDPR, SOX, and NIST. Develop and maintain network security policies, standards, and procedures, ensuring alignment with industry best practices. Conduct audits to validate compliance with internal policies and external regulations and prepare detailed compliance reports. Serve as the primary point of contact for internal and external audits related to network security and compliance. Security Architecture & Best Practices: Design and implement secure network architectures to mitigate risks and ensure data confidentiality, integrity, and availability. Define and enforce access controls, including role-based access and least privilege principles. Collaborate with network design teams to ensure security is integrated into all network implementations. Automation & Monitoring: Automate compliance checks and vulnerability scans using scripting tools such as Python or Ansible. Implement continuous monitoring solutions to ensure real-time compliance and security visibility. Analyze and interpret monitoring data to proactively address potential compliance issues. Documentation & Training: Create and maintain detailed documentation, including network security policies, vulnerability remediation plans, and audit reports. Train staff on network security and compliance best practices, fostering awareness and reducing risks. Who you are: Bachelors degree in Computer Science, Information Security, or a related field. Minimum of 7 years of experience in network compliance, security, or vulnerability management roles. Proven leadership experience in a technical or compliance-focused role. Expertise in vulnerability management tools (Nessus, Qualys, OpenVAS) and network security frameworks. Strong knowledge of regulatory compliance standards, such as PCI-DSS, HIPAA, GDPR, SOX, and NIST. Proficiency in designing secure network architectures and implementing access control systems. Hands-on experience with firewall technologies, intrusion detection/prevention systems, and secure VPNs. Familiarity with SIEM platforms (Splunk, QRadar, etc.) for threat monitoring and compliance reporting. Experience with scripting languages (Python, Bash) and automation tools (Ansible, Terraform). Bonus points if you have: Experience with cloud security and compliance in AWS, Azure, or Google Cloud environments. Familiarity with Zero Trust principles and implementation. Certifications such as CISSP, CISM, CRISC, CEH, or CISA are highly desirable. Passionate about leading compliance efforts, mitigating network vulnerabilities, and ensuring regulatory adherence in a complex network environment. Strong leadership and mentoring skills. Effective communication and collaboration skills with technical and non-technical stakeholders. Ability to thrive in a dynamic and fast-paced environment. ECIs culture is all about connection connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more! If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you! Love Your Job, Share Your Technology Passion, Create Your Future Here!,

The primary responsibility of this role is to improve the security posture of Microsoft environments and containerized applications. You will be tasked with implementing hardening strategies, handling vulnerabilities, ensuring compliance, and integrating security into development pipelines to protect systems from evolving threats. Your key tasks will include strengthening the security of Microsoft systems (Windows Server, Active Directory, Azure) and containerized platforms (Docker, Kubernetes, AKS) by implementing Microsoft Defender for Containers and related tools for threat detection and posture management. Additionally, you will apply secure configuration baselines for Microsoft systems using CIS Benchmarks and Microsoft Security Baselines, as well as harden container images and Kubernetes deployments by implementing the least privilege, disabling root access, and using read-only file systems. In order to make a significant impact in this role, you will conduct vulnerability assessments using tools like Microsoft Defender, Snyk, and Qualys and remediate vulnerabilities in OS, container images, and workloads across hybrid and multicloud environments. You will also ensure consistency to security standards such as NIST SP 800-190, CIS, and Microsoft Cloud Security Benchmark, maintain audit trails and documentation for regulatory compliance, supervise and respond to threats using SIEM systems and Defender XDR, and implement runtime protection and anomaly detection for Kubernetes clusters. Furthermore, you will define and implement network policies, RBAC, and resource limits for containers, use Azure Policy and Gatekeeper to prevent non-compliant deployments, deploy observability tools and log analytics to supervise sensitive actions and detect incidents, enable binary drift detection, and automate security scans and policy enforcement in CI/CD pipelines. To be successful in this role, you should possess a Bachelor's degree in Computer Science, Cybersecurity, or related field, along with 3+ years of experience in Microsoft system hardening and container security. Proficiency with Docker, Kubernetes, AKS, and CI/CD tools is essential, as well as experience with security tools like Microsoft Defender, Snyk, Qualys, and SIEM platforms. Knowledge of cloud security (Azure, AWS, GCP) and infrastructure-as-code (Terraform, ARM), as well as relevant certifications (e.g., CKS, AZ-500, CISSP) are preferred. Siemens Gamesa is part of Siemens Energy, a global leader in energy technology committed to making sustainable, reliable, and affordable energy a reality. As a leading player in the wind industry, Siemens Gamesa is passionate about driving the energy transition and providing innovative solutions to meet the global energy demand. The company values diversity and inclusion, celebrating character regardless of ethnic background, gender, age, religion, identity, or disability. All employees at Siemens Gamesa are automatically covered under Medical Insurance, with a considerable Family floater cover that includes the employee, spouse, and 2 dependent children up to 25 years of age. The company also provides an option to opt for a Meal Card as per the prescribed terms and conditions in the company policy, which serves as a tax-saving measure.,

POSITION RESPONSIBILITIES (100%) Partner with onshore security teams to operationalize, maintain, and enhance endpoint detection and response (EDR) capabilities using CrowdStrike . Optimize the performance, reliability, and effectiveness of endpoint detections, response actions, and policy configurations to ensure comprehensive threat coverage. Identify opportunities to improve endpoint visibility and detection by analyzing current workflows, detection logic, and endpoint behaviors. Support continuous tuning of CrowdStrike detection rules, custom IOAs , and event correlation to reduce false positives and improve alert fidelity. Collaborate across Information Security teams (Security Operations, Threat Intelligence, Vulnerability Management, Incident Response) to align on endpoint-focused detection strategies . Monitor effectiveness of EDR detections, prevention policies , and response workflows ; provide recommendations for continuous improvement. Assist in the deployment and configuration of CrowdStrike sensors across endpoints, ensuring coverage, policy enforcement, and telemetry ingestion . Provide technical expertise and guidance to onshore and offshore teams to support incident investigations, containment, and root cause analysis tied to endpoint threats. Contribute to the development and maintenance of documentation , playbooks, and standard operating procedures (SOPs) for endpoint monitoring, response, and containment. Stay current with emerging endpoint threats , attacker techniques, and CrowdStrike capabilities to proactively enhance detection and response . ORGANIZATIONAL RELATIONSHIPS Works closely with onshore security teams , including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness. Collaborates with cross-functional teams : Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration of security tools. Partners with Identity and Access Management (IAM) teams to implement and maintain secure access controls . Engages with external vendors and service providers to evaluate and integrate third-party security solutions. Coordinates with internal stakeholders to align security initiatives with business and compliance requirements. EDUCATION AND EXPERIENCE Education: University Degree in Computer Science or Information Systems is required. MS or advanced security certifications preferred, such as: Certified Information Systems Security Professional ( CISSP ) Additional certifications highly preferred: Offensive Security Certified Professional (OSCP) GIAC Certified Vulnerability Assessor (GCVA) Certified Ethical Hacker (CEH) Experience: Minimum 6+ years of experience in security operations , EDR (CrowdStrike), threat intelligence , and security engineering . At least 2+ years in a regulated industry (e.g., pharmaceutical, Animal Health). Experience working with global teams across multiple time zones. Proven ability to work within diverse technical teams . TECHNICAL SKILLS REQUIREMENTS Strong hands-on expertise with CrowdStrike EDR , SIEM platforms , and threat detection engineering . Proficiency in scripting and automation using Python, PowerShell, or Bash to streamline workflows. Experience with cloud security tools and cloud platforms (AWS, Azure, GCP). Strong grasp of network security concepts including firewalls, IDS/IPS, VPNs , and zero-trust architectures . Familiarity with IAM solutions (Azure AD, Secret Server, SailPoint). Solid understanding of incident response, vulnerability management , and threat lifecycle tools. Knowledge of container security and DevSecOps practices . Strong understanding of encryption, key management , and secure coding best practices. Ability to analyze and interpret security data to identify trends, vulnerabilities, and threats. Familiarity with compliance standards (e.g., GDPR, HIPAA, PCI DSS ). Fluent in written and spoken English , with the ability to communicate effectively with both technical and non-technical audiences. PHYSICAL POSITION REQUIREMENTS Must be available to work between 1 PM IST and 10 PM IST , with a minimum 3-hour overlap with US Eastern Time .

Job Description Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the worlds automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What youll do: The Cyber Defence Analyst plays a meaningful role in improving the organisations security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisations exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between the Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisations overall cyber resilience. What youll need: Experience as L2 Analyst - as least 3 years Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidates profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Experience with the following tooling: Sentinel, Defender Why youll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you please feel free to get in touch with us at [HIDDEN TEXT] (mailto:[HIDDEN TEXT]) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the worlds car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders helps bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives, to spark originality, imagination and creativity in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process. Please contact us to request any such accommodation. Show more Show less

Protect Threat is a leading provider of advanced cybersecurity and IT services based in Mumbai. Our certified experts deliver tailored cybersecurity strategies to safeguard digital assets and strengthen security postures. We offer a comprehensive suite of services, including penetration testing, cloud security, threat intelligence, compliance, and incident response. We are currently hiring for our client, a leading private sector bank, to strengthen their Security Operations Center (SOC) capabilities. This is a full-time on-site role for a SOC Manager, who will lead a 20-member SOC team and oversee security operations for our clients banking environment. The SOC Manager will report directly to the CISO and collaborate closely with incident response teams to manage SIEM platforms, monitor security events, and ensure rapid incident detection and response. Key responsibilities include leading SOC operations and managing day-to-day security monitoring, overseeing incident detection, triage, and response activities, managing SIEM platforms (Securonix preferred; QRadar/Splunk/Arcsight acceptable), coordinating with incident response teams in a large-scale enterprise environment, mentoring SOC analysts, and ensuring adherence to security processes. Qualifications required for this role include 10+ years of experience in Cybersecurity and SOC Management, proven experience with SIEM platforms (Securonix, QRadar, Splunk, or Arcsight), a strong background in cybersecurity operations, vulnerability management, and network security, excellent leadership, communication, and analytical skills, experience managing SOC teams (L1, L2, L3 mix) in enterprise/banking environments, relevant certifications such as CISSP, CISM or CISA (preferred), and a Bachelors degree in Cybersecurity, Information Technology, or related field. As a SOC Manager, you will work on-site in Mumbai (Kanjurmarg & Airoli) from Monday to Friday. You will lead SOC operations for our client, a large private sector bank, manage a high-performing SOC team, and collaborate with advanced IR teams. There is a projection for 10-12 additional security roles through November. To apply for the SOC Manager Role with 10 years of experience, please send your resume to inquiries@protectthreat.com with the subject line: "Application for SOC Manager Role - 10 Years Experience".,

You will be joining a leading Indian telecom company operating in 18 countries and serving over 300 million customers and 1 million+ businesses. The company values a customer-first mindset and a user-centric approach. Your role will require you to be experienced in SIEM platforms such as QRadar, Splunk, and ArcSight, with knowledge of UEBA, NBAD, and SOAR. You should be skilled in incident management, network troubleshooting, and comfortable working in 24x7 SOC environments. Your responsibilities will include having a technical understanding and working knowledge of SIEM platforms, along with exposure to UEBA, NBA, NBAD, and SOAR. It is essential to have experience with industry-standard SIEM platforms like QRadar, Splunk, RSA, Seceon, Arcsight, etc. You will need to adhere to processes and procedures, possess general network knowledge, and be proficient in TCP/IP troubleshooting. Additionally, you should be able to trace down an endpoint on the network based on ticket information. Good customer communication skills are essential, along with working knowledge of SIEM incident management and providing customer updates. Experience in Managed SOC Services is a must, and you should be prepared to work across 24x7 shifts. Hands-on experience in SIEM platforms and the mentioned technologies is required for this role. It would be beneficial to have industry certifications on SIEM Platform, CCNA, CEH, MCSE, and others as preferred skills.,

Vaibhav Global Ltd (VGL) is a well-established electronic deep discount retailer of fashion jewelry, gemstones, and lifestyle products, with operations in the US, UK, Germany, and Canada. The company, listed on Indian stock exchanges since 1996-97, has a wide reach across 124 million households in key markets. As the digital retail landscape evolves, VGL continues to innovate its portfolio and omni-channel strategy to meet customer demands for convenience. With a group turnover of approximately Rs. 3,041 Crore (FY 2023-2024) and a global workforce of over 3800 employees, VGL is dedicated to sustainable business practices and social responsibility. The company's commitment to environmental sustainability is reflected in its renewable energy initiatives and accolades such as the Excellence Award for IGBC Performance Challenge 2021. Through initiatives like "Your Purchase Feeds.", VGL has provided millions of meals to school children, showcasing its dedication to giving back to the community. VGL is also recognized as a Great Place to Work (GPTW) certified organization. Shop LC and TJC are key subsidiaries of VGL, operating in the US and UK markets respectively. Shop LC, established in 2007 in Austin, TX, broadcasts live to millions of homes in the US and ships thousands of products daily. TJC, founded in London in 2006, is a prominent teleshopping and digital retail brand in the UK. The acquisitions of Mindful Souls B.V. and Ideal World have further strengthened VGL's digital business capabilities and product offerings. As a Security Specialist at VGL, your role is crucial in maintaining the security of the company's digital systems. Responsibilities include setting up and managing firewalls, monitoring network activity, responding to security incidents promptly, and collaborating with other teams on technical tools. You will also support compliance efforts, document security procedures, and evaluate and implement new security tools as needed. Key Responsibilities: - Install and manage firewalls and WAF tools - Set up and maintain Azure networking - Monitor logs, detect threats, and resolve incidents - Implement security tools in Azure cloud environments - Collaborate with DevOps on security for CI/CD pipelines - Support audits and compliance requirements - Write SOPs, runbooks, and incident support documentation Required Skills And Experience: - 4-7 years of experience in network and cloud security - Strong knowledge of NGFWs, WAFs, and Azure cloud security tools - Familiarity with SIEM platforms and packet capture tools - Understanding of VPNs, TCP/IP, and application security - Excellent problem-solving and communication skills At VGL, our purpose is to deliver joy, our vision is to be the Value Leader in Electronic Retailing of Jewelry and Lifestyle Products, and our core values include teamwork, honesty, commitment, passion, and a positive attitude. Join us in our mission to deliver one million meals per day to children in need by FY40 through our one-for-one meal program, "Your Purchase Feeds.".,

About Rippling Rippling, based in San Francisco, CA, has secured over $1.4B from renowned investors such as Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock. The company has been recognized as one of America's best startup employers by Forbes. Rippling prioritizes candidate safety, ensuring that all official communications are exclusively sent from @Rippling.com addresses. About The Role Rippling is seeking an experienced Security Engineer to join the Detection and Response Team (DART). As a member of the team, you will play a crucial role in establishing a top-notch incident response function that effectively handles challenging security incidents. Your responsibilities will include driving process enhancements, fostering an open culture of learning from mistakes, and constructing the necessary tools and detection infrastructure to scale our threat response capabilities across both Production and Corporate environments. What You Will Do - Respond promptly to security events, conduct triage, investigations, and incident analysis, and communicate findings effectively to stakeholders. - Contribute to the enhancement of processes, procedures, and technologies for detection and response to ensure continual improvement post-incident. - Develop and manage tools for collecting security telemetry data from cloud-based production systems. - Automate workflows to streamline identification and response times for security events. - Create and refine detection rules to focus efforts on critical alerts. - Establish runbooks and incident playbooks for new and existing detections. - Lead Threat hunting practices, recommend signals for detecting attacks in product and infrastructure, and incorporate discoveries into security controls. What You Will Need - Minimum of 12 years of full-time experience as a security engineer, encompassing security monitoring, incident response, and threat hunting in a cloud environment. - Possess a defensive mindset while understanding offensive security and the scenarios leading to compromise. - Proven experience in managing complex investigations involving numerous stakeholders. - Excellent communication skills with a track record of effectively engaging with internal and external stakeholders of all levels. - Expertise in AWS security controls and services. - Proficiency in coding for automation, alert enrichment, and detections. - Familiarity with adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles. - Hands-on experience in data analysis, modeling, and correlation at scale. - Strong background in operating systems internals and forensics for macOS, Windows, and Linux. - Domain expertise in handling current SIEM and SOAR platforms. - Experience in developing tools and automation using common DevOps toolsets and programming languages. - Understanding of malware functionality and persistence mechanisms. - Ability to analyze endpoint, network, and application logs for unusual events. Additional Information Rippling places significant value on having in-office employees to promote a collaborative work environment and company culture. For office-based employees residing within a specified radius of a Rippling office, working in the office for at least three days a week is considered an essential function of their role under the current policy.,

A career in our Advisory Acceleration Centre is the natural extension of PwC's leading class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process,

Configure, manage, and optimize Microsoft Sentinel for efficient threat detection and response. Ensure SIEM infrastructure is running optimally, including performance monitoring and issue resolution. Regularly update and optimize SIEM policies, rules and configurations based on evolving threats. Onboard, configure, and manage data connectors from various log sources, including cloud, on-premises, and hybrid environments. Ensure log ingestion health and troubleshoot data collection issues. Develop, implement, and fine-tune analytics rules, detection logic, and playbooks in Sentinel. Assist SOC and incident response teams with log analysis, threat correlation, and incident investigation. Reduce false positives by refining detection rules and optimizing event filtering. Implement and enhance automation using Kusto Query Language (KQL), Logic Apps , and Microsoft Defender XDR integrations. Maintain SIEM compliance with security policies, industry regulations (e.g., GDPR, NIST, ISO 27001), and best practices. Generate reports and dashboards to provide visibility into security posture and SIEM performance. Work with SOC, IT, and Cloud Security teams to enhance Sentinel capabilities. Document SIEM configurations, detection use cases, and operational procedures. Incident & Problem Management, Change & Release Management, Vendor Management, Capacity Management functions for the platform. Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and cyber security best practices. Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence. Passionate about data to drive information-based security analytics. Value add - Person in having experience in Cloud Management, Splunk and Chronicle. Your skills and experience The candidate must have Engineering Background in Computer Science, Information Technology, Cybersecurity or related field and a minimum of 8+ years of experience with recent experience in Security engineering, system administration, network engineering, software engineering/development with a focus on Cybersecurity. 8+ years of IT engineering experience with recent experience in building and managing infrastructure and security platforms. 3+ years of Experience implementing, architecting and administering SIEM platforms like Sentinel, Chronicle, Splunk for a large global organization. Knowledge of Azure services and data ingestion from those services into SIEM. Familiarity with MITRE ATT&CK, cyber threat intelligence and SOC Workflows Understanding of SOAR Principles Hands on Experience with Microsoft Azure platform, managing various configurations to enable & manage Sentinel. Experience developing in XML, Bash,Python, and PowerShell scripts. DevOps Engineering experience.(Terraform, SDLC, Actions) Independent, self-motivated, proactive approach to problem solving and prevention. Excellent written and verbal communication skills. Passionate about cyber security and the aptitude to identify and solve security problems.

As the exclusive recruiting partner to our client, Aimhire.io is urgently seeking a highly skilled and experienced Network Engineer with specialization in Fortinet security and networking products (e.g., FortiGate, FortiManager, FortiAnalyzer). In this role, you will be responsible for designing, implementing, managing, and troubleshooting secure and scalable network infrastructures within enterprise environments. Key Responsibilities: - Design, deploy, and maintain secure network solutions utilizing Fortinet products. - Configure and manage FortiGate firewalls, VPNs (IPSec/SSL), and UTM features. - Monitor network performance, troubleshoot issues, and ensure high availability and security. - Implement and maintain FortiManager and FortiAnalyzer for centralized management and logging. - Collaborate with security teams to enforce policies and respond to incidents. - Conduct network assessments and provide recommendations for improvements. - Document network configurations, diagrams, and standard operating procedures. - Provide mentorship and technical guidance to junior engineers. - Participate in on-call rotation and provide support during critical incidents. Required Qualifications: - Bachelor's degree in computer science, Information Technology, or a related field (or equivalent experience). - 5+ years of experience in network engineering with an emphasis on security. - Strong hands-on experience with Fortinet products such as FortiGate, FortiManager, FortiAnalyzer, FortiAP, and FortiSwitch. - Deep understanding of networking protocols including TCP/IP, BGP, OSPF, VLANs, NAT, etc. - Experience with VPN technologies, firewall policies, and intrusion prevention systems. - Familiarity with network monitoring tools and SIEM platforms. - Fortinet NSE 4 certification or higher (NSE 5/6/7 preferred). Preferred Skills: - Experience with SD-WAN, cloud networking (AWS/Azure), and automation tools (Ansible, Python). - Knowledge of other security platforms such as Palo Alto, Cisco ASA, and Check Point is a plus. - Excellent problem-solving, communication, and documentation skills.,