482 Soar Jobs - Page 13

Description: Client is looking for a skilled and versatile Security Engineer (NOT Analyst) to drive the advancement and growth of our detection and automation initiatives. Reporting to the Senior Manager of Security Engineering and Operations, this role will collaborate with cross-functional teams and external partners to mitigate risks and implement security measures that safeguard sensitive data and systems against infiltration and cyber-attacks. The position will also lead our incident response efforts and the development of threat detection platforms. Must Have Skills to Qualify (Atleast 5+ Years): Building automation workflows from scratch Owning SOAR playbook architecture Hands-on Python scripting for integrations Deploying detection logic across hybrid environments Has managed and maintained CASB, EDR, and or an Email Security platform. Developed and enforced security policies across corporate security tools. Designed and built automation workflows in our SOAR platform. Create and maintain custom integrations and scripts using Python. Troubleshoot and resolve issues across security tools and automation pipelines. Is knowledgeable in at least one cloud environment. Knows Terraform or any Infrastructure as Code

The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 6+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Exp in L1, L2 and L3 mandatory. Looking for a candidate who can join company within 30 Days For more details feel free to call Jyoti Tiwari 9819589998

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Global Cyber Defense Security Operations Center What can you expect We are looking for someone to join and grow in our Security Operations Center (SOC) in a technical analyst role on various daytime business hours shifts. As an Analyst, you will be responsible for analyzing security event data, assessing the potential impact of events, and creating recommendations to defend against emerging threats. You will follow security events through the triage and response lifecycle and document all processes in a centralized knowledgebase. In this role, you will participate in ongoing security incidents and continuous SOC initiatives, such as new content development and enrichment. Additionally, you will collaborate across multiple teams on various efforts to continue to strengthen the security posture of Marsh & McLennan Companies. What is in it for you Be able to work with a global team with a company with a strong brand and strong results to match. Be part of an organization with a culture of internal mobility, collaboration, valued partnership from the business and drive for innovation in data & analytics, including the latest AI technology Grow your career with direct exposure to Senior Technologists, Business Leaders, and s which provide access relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations. Competitive pay (salary and bonus potential), Full benefits package starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account.) Entitled to vacation, floating holidays, time off to give back to your community, sick days, and national holidays. We will count on you to: Analyzing network traffic, endpoint security events, and other various log sources to identify threats, assess potential impact, and recommend mitigations Supporting other security functions and teams to ensure the holistic implementation of security controls, technologies, practices, and programs Contributing to the development and improvement of response processes, documentation, tool configurations, and detection logic Assisting in additional Security Operation Center initiatives, including playbook development and documentation, new rule creation, and tool evaluations Maintaining an operational knowledge of global threat trends, known threat actors, common tactics, techniques, and procedures (TTPs), and emerging security technologies Collaborating on Security Operation Center team training opportunities and other cross training opportunities Operating as a subject matter expert on various security topics across multiple domains Supporting 24x7 operations by assisting in ongoing incidents during non-standard hours What you need to have Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience 2+ years of information security experience and/or 2-4 years of experience in security analysis in a non-security focused role Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences Demonstrated experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies Knowledge in one or more of the following domainsNetwork Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography What makes you stand out Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously Knowledge of common attacks, current threats, threat actors, and industry trends Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework Professional or technical certifications, such as Security+, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or other related certifications Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on Internal SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

•Thorough knowledge of Firewalls, IPS, SIEM, SOAR, XDR & Networking components. •Should have on field exp in handling customers face to face. •Capable of designing solutions, documenting project plans & RFP's. Required Candidate profile • Minimum 7+ yrs of exp • Certifications in Cyber Security will be an added advantage • Good Verbal & Written communication. • Work Exp in OEM's preferred. • Should have good presentation skills.

Role & responsibilities Preferred candidate profile Experience: 4+ Years Location: Mumbai Design, operate, manage SOAR and automation platform Creation, maintenance, and customization of cross platform playbooks/workflows. Centralized automated tracking of SLAs, KPIs & KRIs Automating analysis and response workflows for routine security analyst activities Ensure alignment of automated responses with organizational policies with an objective of reduced Mean Time to Respond (MTTR) and minimized damage. Intra SOC technologies integrations Integration with IT security technologies and IT technologies Define response playbooks and oversee automated actions Automated filtering of false positives and prioritizing genuine threats for investigation Ongoing efforts to decrease Mean Time to Detect (MTTD), Mean Time to Repair (MTTR), number of false positives and improving overall efficiency of SOC. Provide Annual roadmap for innovations, new initiatives, SOC Automation & Process Enhancement with quarterly milestones the same shall be linked to respective milestone-based payments. The roadmap should align with the bank's security strategy, support ongoing SOC maturity, and adapt to emerging threats and regulatory changes. Required Certification: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc

Your potential, unleashed. India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matter s. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Job Description: We are seeking a Skilled SOAR Engineer with hands-on experience in Palo Alto XSOAR to join our cybersecurity automation team. The ideal candidate will be responsible for designing, developing, and maintaining SOAR playbooks, creating custom integrations and managing the underlying infrastructure. Key Responsibilities Develop and optimize automation playbooks within SOAR platforms (preferably Palo Alto XSOAR). Design and implement custom integrations with third-party tools using Python. Maintain and enhance SOAR platform infrastructure, including setup, configuration, upgrades, data purging etc. Troubleshoot playbook or integration issues and ensure high availability of SOAR services. Ability to work in a 24x7 rotational shift environment. Required Skills: Proven experience with SOAR tools (XSOAR experience highly preferred) Strong proficiency in Python for scripting and automation. Experience in creating custom connectors, scripts, and automations in SOAR environments. Familiarity with SOAR platform administration, including health monitoring, backup/restore, and performance tuning. Desired qualifications Certifications such as CISSP, GSEC, CISM, or certifications specific to SOAR platforms (e.g., Palo Alto Cortex XSOAR Certification) Experience required 5-8 Years Location and way of working Base location: Mumbai/Hyderabad Professional is required to work from Client office How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. * Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Onboarding, Log ingestion, writing rules and polices in Cloud Security/SIEM/EDR/Antivirus/XDR/Firewall/MDR/SOAR tool Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced SOC Lead to manage security operations, lead incident investigations, and handle client interactions. The ideal candidate has hands-on expertise with Microsoft Sentinel, strong knowledge of the MITRE ATT&CK framework, and experience with EDR, SOAR, and network log analysis. Roles & Responsibilities:-Lead day-to-day SOC operations and manage a team of analysts.-Perform in-depth investigations using Sentinel SIEM, SOAR tools, and threat intel.-Analyze logs from EDR, firewalls, and network devices.-Apply MITRE ATT&CK to enhance threat detection and response.-Design and tune Sentinel analytics, playbooks, and automation workflows.Collaborate directly with clients on incident response, reporting, and recommendations.-Mentor team members and improve SOC processes. :-6+ years in SOC, 2+ in a lead role.-Strong Sentinel and SOAR hands-on experience.-Solid grasp of EDR tools, threat hunting, and log analysis.-Excellent client communication and stakeholder management skills.-Certifications like SC-200, AZ-500, GCIH, or similar are a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sumo Logic and CrowdStrike Falcon, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. Roles & Responsibilities:-Intermediate Sumo Logic SIEM query and dashboarding skills-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Incident Response and Containment:Take necessary actions to contain, eradicate and recover from security incidents.-Malware Analysis:Perform malware analysis using the sandboxing tools like CS etc.-SOAR Execution:Running and modifying basic playbooks in Sumo Logic SOAR-Incident Reporting and Documentation:Strong reporting skills with accurate detail capture to provide the RCA for the true positive security incidents with detailed documentation.-Communication & Collaboration:Send emails to request information, provide updates, and coordinate with different teams to ensure tasks are completed efficiently.-MITRE ATT&CK Mapping:Ability to classify incidents with tactics/techniques-Alert fine tuning recommendations to reduce false positive noise-Investigate alerts escalated by L1 to determine scope, impact, and root cause-Perform in-depth endpoint and network triage using CrowdStrike-Use CrowdStrike Falcon to perform endpoint analysis and threat validation-Correlate multiple log sources in Sumo Logic to trace attacker activity-Execute or verify SOAR playbooks for containment actions (isolate host, disable user)-Enrich events with asset, identity, and threat intelligence context-Document investigation workflows, evidence, and final conclusions-Support L3 during major incidents by performing log or memory triage-Suggest improvements in alert logic or SOAR workflow to reduce false positives-Conduct threat research aligned to alert patterns and business context-Enhance alert fidelity with threat intel and historical context-Document investigation findings and communicate with stakeholders Professional & Technical Skills: -Exposure to threat hunting techniques-Scripting to assist SOAR playbook tuning-Triage Automation:Ability to identify playbook gaps and recommend improvements-Cloud Security Basics:Awareness of log patterns from AWS/Azure-Log Analysis:Correlation and trend identification in Sumo Logic-Certifications:SC-200, CySA+, ECSA or relevant advanced certification-SIEM:Advanced queries, dashboards, correlation logic-SOAR:Execute and troubleshoot playbooks-Tools:CrowdStrike (RTR, detections, indicators), Sumo Logic SIEM-Threat Analysis:IOC enrichment, TTP identification-Primary Skill:Incident Investigation and Enrichment Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education\ Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

Job Title: Security Lead Department: IT Location: Navi Reporting To: Global IT Infra Lead Role Overview The Security Lead is responsible for managing security incident response and readiness within a 24x7 Security Operations Centre (SOC), supporting IT Infrastructure and Operations. The role includes overseeing vulnerability management, operating security tools, and ensuring rapid threat identification and remediation. Key Responsibilities Lead and coordinate security incident response and lifecycle management of on-premises and cloud-based security solutions. Manage and respond to security incidents and operational requests, ensuring swift identification, containment, and remediation. Develop and maintain incident response playbooks and procedures. Conduct regular vulnerability assessments, prioritize remediation, and collaborate with IT teams for patching and updates. Operate and monitor security tools (HIDS, NIDS, IPS, SIEM, etc.) to identify and address threats and vulnerabilities. Analyze security events, determine root causes, and recommend mitigation actions. Support audits, compliance reviews, and participate in industry forums. Monitor and communicate relevant security trends and developments. Qualifications & Experience Bachelors degree in Computer Science, Information Systems, Cyber Security, or related field. Minimum 10 years of relevant cyber security experience. Strong knowledge of IT operations (cloud, systems, infrastructure) and security assessment (audit, VAPT, pen testing). Hands-on experience with security products (EDR, WAF, DLP, SIEM, SOAR). Familiarity with frameworks such as ITIL, ISO, PCI-DSS, NIST. Relevant security certifications (e.g., CISSP, CISM, CISA, CEH) preferred. Excellent communication skills, with experience presenting to senior management. Project management certifications (e.g., PMP, PRINCE2) are an advantage. Interested candidate can share their cv at piyali.saha@parkconsultants.in

Have over 10+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response. Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc. Experience in defining and reporting KPIs for Security Incident response. Familiarity with advanced SOC monitoring technologies, risk, threat and security measures. Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc. Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy. Preferably worked in BFSI domain with proven experience in SOC function. Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc. Skills and Application Leads the development and implementation of comprehensive Security Governance strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture. Deep understanding of Security Incident response frameworks and their application in creating robust policies. Automate potential resilient security processes to ensure continuous compliance with security best practices. Maintaining up-to-date knowledge of security trends, threats, and countermeasures Assess and design security posture determination processes, tools and methodologies Reviewing and approving use cases/playbooks for SIEM/SOAR tools Continuously monitor security hygiene and performance using tools and processes Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilience Other Knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective. Knowledge and expertise in conducting risk assessment and management. The ideal candidate will have a technical or computer science degree. Professional certifications: GCIH, CISSP, CEH, FOR608, CISM etc.

Azure Cloud Migration Expert: An Azure Cloud Migration Expert isresponsible for planning, designing, and executing the migration of on-premises or other Public/Private Cloud Providers hosted applications and infrastructure to the Azure cloud.They ensure seamless transitions, optimization, integrity, and adhere to Azure Well-Architected Framework during and after the migration process. Key Responsibilities: Assessment and Planning: Evaluate existing systems (On-premises, AWS, GCP, etc.), and associated enabling capabilities (identity, security, HA/DR, monitoring, backup/restore, reporting, integrations, etc.). Design and develop comprehensive migration strategies and plans. Evaluate, recommend, and implement 7 Rs cloud migration strategies - rehost, replatform, refactor, repurchase, retire, retain, and relocate. Migration Execution: Manage and execute the migration process, ensuring minimal downtime and data integrity, and using tools like Azure Migrate. Cloud Infrastructure Management: Configure, optimize, and monitor Azure resources, including but not limited to virtual machines, AKS, storage, networking, and other services. Technical Expertise: Provide technical guidance to project teams, troubleshoot issues, and ensure compliance with cloud security best practices. Technical Leadership: Develop, train, and build internal teams with Azure skills and build a practice/Center of Excellence Post-Migration Support: Provide documentation, training, and ongoing support to internal teams and clients. Optimization and Cost Efficiency: Continuously monitor and optimize cloud infrastructure performance and cost-efficiency. Collaboration: Work with cross-functional teams (developers, IT, security, compliance) to ensure seamless integration and alignment. Required Skills: Azure expertise: Proficiency in Azure services, architecture, and best practices. AWS/Public Cloud awareness: Good working understanding of AWS or other public cloud providers. Cloud Architecture and Design: Good understanding of architecting cloud solutions – cloud native design, micro services framework. Cloud Native Skills: In-depth knowledge and experience with technologies like Docker, Kubernetes, Packer Cloud migration tools: Experience with Azure Migrate, Site Recovery, and other relevant tools. Networking and security: Strong understanding of cloud networking, security protocols, and compliance. Scripting and automation: Proficiency in scripting languages (PowerShell, Python) for automating tasks and infrastructure management.Experience in Azure Automation, Azure DevOps. Problem-solving and analytical skills: Ability to diagnose issues, develop solutions, and analyze data. Communication and collaboration: Excellent communication skills for interacting with stakeholders and cross-functional teams. Experience: Minimum 2-3 years of experience in cloud migration projects with Azureor Overall, 5-7 years of experience. Experience with cloud architecture and services, Azure migration, automation and DevOps tools. Experience in security and compliance, observability, monitoring, SIEM, SOAR, SRE.

Job Description: SOC Lead with experience in Cyber Security is preferred The resource should mandatorily have minimum 5 Years experience in SOC Operation Responsible for overseeing the operations of the Security Operations Center ensuring the organization s digital assets are continuously monitored protected and defended against cyber threats Key Responsibilities: Lead and manage the Security Operations Center SOC ensuring effective monitoring detection analysis and response to cybersecurity threats and incidents across the organization Define and implement SOC processes workflows and escalation protocols aligned with industry best practices and regulatory requirements Oversee the deployment configuration and optimization of SOC technologies including SIEM SOAR threat intelligence platforms and endpoint detection and response EDR tools Coordinate incident response activities ensuring timely investigation containment eradication and recovery from security events Conduct regular threat hunting exercises and proactive analysis to identify potential vulnerabilities and emerging threats Collaborate with internal teams and external partners to ensure comprehensive coverage of security monitoring and incident handling Develop and maintain SOC metrics dashboards and reporting mechanisms to provide visibility into security posture and operational effectiveness Ensure continuous improvement of SOC capabilities through training process refinement and technology upgrades Act as a key point of contact for cybersecurity incidents audits and compliance reviews providing expert guidance and documentation Mentor and lead SOC analysts fostering a culture of vigilance accountability and professional growth within the team Preferred Skills: Technology->Infrastructure Security->SOC Operations,Foundational->Cybersecurity Competency Management->Cyber Competency Strategy Planning

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Process Improvement & Documentation: Document all incident response procedures and lessons learned. Contribute to the continuous improvement of our detection and response capabilities. Proactive Security Measures: Participate in threat hunting and purple team exercises to enhance overall security preparedness. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling. Excellent written and verbal communication skills, with the ability to document and convey technical details clearly to both technical and non-technical stakeholders.

Essential knowledge• Have over 10+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response.• Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc.• Experience in defining and reporting KPIs for Security Incident response.• Familiarity with advanced SOC monitoring technologies, risk, threat and security measures.• Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.• Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy.• Preferably worked in BFSI domain with proven experience in SOC function.• Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc.Skills and Application• Leads the development and implementation of comprehensive Security Governance strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture.• Deep understanding of Security Incident response frameworks and their application in creating robust policies.• Automate potential resilient security processes to ensure continuous compliance with security best practices.• Maintaining up-to-date knowledge of security trends, threats, and countermeasures• Assess and design security posture determination processes, tools and methodologies• Reviewing and approving use cases/playbooks for SIEM/SOAR tools• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective.• Knowledge and expertise in conducting risk assessment and management.• The ideal candidate will have a technical or computer science degree.Professional certifications: GCIH, CISSP, CEH, FOR608, CISM etc.

Role & responsibilities 1. Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . 2. Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates . 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) . 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Preferred candidate profile Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

The Senior Manager Information Security in Hyderabad is a crucial leadership role, responsible for spearheading the security automation product team. This position drives the development, integration, and continuous improvement of our security automation platform. It demands a powerful blend of leadership, technical acumen, and product ownership skills to supervise a growing team dedicated to automating security workflows, integrating tools, enhancing operational efficiency, and fortifying the overall cybersecurity posture. As the product owner of the security automation platform and service, you will collaborate with stakeholders to deliver impactful automations and maintain a scalable, secure, and resilient automation infrastructure. Key aspects of this role include aligning automation projects with organizational security goals, fostering innovation in machine learning applications, and ensuring the adoption of industry-leading practices by staying ahead of evolving threats and trends. Roles & Responsibilities Lead and mentor a team of security automation engineers, data engineers, and data scientists , fostering a collaborative and high-performance culture. Oversee the security automation service , ensuring effective operations, prioritization, and continuous alignment with business and security goals. Oversee the security automation product team to ensure adherence to SAFe/Agile methodologies and definitions of done, maintaining high-quality standards in deliverables. Oversee the seamless operation, scalability, and efficiency of a cloud-based security automation solution , ensuring continuous enhancement of security controls and automation capabilities. Develop strategies to streamline incident response, threat detection, and remediation processes using automation capabilities. Drive and manage the seamless integration of new and existing security tools, platforms, and workflows to ensure a cohesive and optimized automation ecosystem. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Collaborate with stakeholders to establish and supervise critical metrics related to SAFe implementation . Generate and maintain security reports, metrics, and dashboards for management review. Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Build and deliver knowledge-sharing presentations and documentation to educate developers and operations teams on application security best practices and secure coding techniques. Triage and assess findings from tools, external reports, and tests to determine real risks and prioritize remediation efforts. Offer remediation guidance to partners for identified issues and serve as a customer escalation resource for developers as they reduce issues. What We Expect of You We are all different, yet we all use our unique contributions to serve patients. The professional we seek is a senior manager with these qualifications. Basic Qualifications Master's degree and 8 to 10 years of Scrum teams management or related field experience OR Bachelor's degree and 8 to 10 years of in Scrum teams management or related field experience OR Diploma and 12 to 14 years of in Scrum teams management or related field experience. Preferred Qualifications Experience managing and scaling security automation platforms and tools (e.g., SOAR) . Demonstrated success in leading high-performing technical teams in an agile environment. Strong understanding of integrating security tools and data platforms (SIEM, EDR, IAM, etc.) . In-depth knowledge of cybersecurity frameworks, technologies, and best practices . Experience in risk management, incident response, and security governance . Strong knowledge of security architecture frameworks and principles . Strong understanding of common software and web application security vulnerabilities . Excellent communication, stakeholder management, and analytical skills. Good-to-Have Skills Experience with network security, endpoint protection, and incident response . Proficiency in scripting and automation (e.g., Python, Bash) is a plus. Professional Certifications (Preferred) CEH CompTIA Security+ CISSP TOGAF Certified Scrum Product Owner (CSPO), or equivalent Soft Skills Initiative to explore alternate technology and approaches to solving problems. Skilled in breaking down problems, documenting problem statements, and estimating efforts. Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals.

About Us Our purpose at Avient Corporation is to be an innovator of materials solutions that help our customers succeed, while enabling a sustainable world. Innovation goes far beyond materials science; its powered by the passion, creativity, and diverse expertise of 9,000 professionals worldwide. Whether youre a finance wizard, a tech enthusiast, an operational powerhouse, an HR changemaker, or a trailblazer in materials development, youll find your place at Avient. Join our global team and help shape the future with sustainable solutions that transform possibilities into realities. Your unique perspective could be the key to our next breakthrough! Job Summary The Senior Manager of Security Operations and Identity Management is responsible for 24x7 security monitoring and the administration of identity management processes. This role includes overseeing the architectural design, deployment, execution, and optimization of solutions in alignment with risk requirements and compliance obligations. Essential Functions Ensure that SIEM and SOAR environments are “fit for purpose” and continually enhanced to cover known and emerging MITRE ATT&CK techniques Manage the global SOC team responsible for 24x7 alerting, triage, investigation and Incident Response. Monitor and improve Key Performance Indicators (KPIs) Track SOC Maturity and partner with CISO to establish road map for growing SOC capabilities and automation Manage the Cyber Threat Intelligence program Oversee forensics, litigation support, and e-discovery capabilities in support of requests from Legal Lead the team responsible for identity lifecycle functions, identifying and implementing best practices to automate repetitive processes Oversee IAM architecture design, deployment and delivery of capabilities to achieve target levels of cyber maturity and efficiency, working with vendors, partners and other 3rd parties Ensure compliance with required regulations and frameworks across all divisions and markets, driving timely remediation of any IAM deficiencies Other duties as assigned Education and Experience Qualifications Bachelor’s degree in information technology, engineering, business management, operations management, or related field or discipline 10+ years' experience in cyber security with 3+ years in a management role Solid understanding of IAM principles, design and engineering, including Single sign-on (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM) Working knowledge of multiple IAM systems (traditional and cloud) Experience implementing Zero Trust capabilities in complex operating environments Additional Qualifications Security certifications (CISSP, CISM, GCIH, GSEC, etc) Experience with modern cloud detection and response tools and processes Operational Technology (OT) experience