482 Soar Jobs - Page 2

Overall exp can be 10+ years. 3-8 yrs relevant experience in Microsoft Sentinel & SOAR ? Experience in the following tools : Microsoft Sentinel, Azure Security Center, Microsoft Log Analytics, ? Experience in writing queries for cyber-attack detection in Kusto Query Language (KQL) in Azure. ? Experience in supporting security infrastructure such as MS Sentinel Security Information and Event Management (SIEM) , SOAR ? Experience in automation using Playbooks like Logic Apps in Sentinel. ? Experience in Monitoring, investigating and remediating Security Alerts in Sentinel and Log analytics

Job Description : Senior IT Security Engineer Job Location : Azamabad, Near RTC Cross Roads, Hyderabad Senior IT Security Engineer (AM/DM)with 10–15 years of hands-on experience in enterprise security infrastructure and network management. The ideal candidate will have deep expertise in firewalls (Fortinet, Palo Alto, Checkpoint, Barracuda) , advanced knowledge of networking (VLANs, routing, switching) , and a broad understanding of cybersecurity solutions including XDR, EDR, and threat management. Key Responsibilities Design, implement, and manage enterprise-grade firewalls (Fortinet, Palo Alto, Checkpoint, Barracuda) including rule base optimization, upgrades, and high availability setups. Administer and troubleshoot complex network infrastructures , including VLANs, routing, switching, and VPNs, ensuring secure and reliable connectivity across the organization. Lead security architecture reviews, risk assessments, and provide recommendations to enhance enterprise security posture. Deploy, configure, and maintain EDR/XDR solutions , ensuring endpoint protection and advanced threat detection. Knowledge of SIEM and SOAR platforms for log correlation, incident monitoring, and automation. Familiarity with vulnerability assessments and penetration testing methodologies. Respond to security incidents, perform root-cause analysis, and lead containment, eradication, and recovery efforts. Define and enforce network segmentation policies , access controls, and zero-trust security models. Work with SOC teams to monitor, analyze, and respond to threats, leveraging threat intelligence feeds and automation. Collaborate with cross-functional IT and business teams to ensure security is embedded in all IT operations and projects. Provide mentorship and guidance to junior engineers and ensure adherence to security best practices. Stay updated with emerging cybersecurity threats, tools, and technologies, and recommend proactive measures. Required Skills & Experience 10–15 years of experience in network & security engineering roles. Hands-on expertise with Fortinet, Palo Alto, Checkpoint, Barracuda firewalls. Strong networking knowledge: VLANs, routing, switching, TCP/IP, DNS, DHCP, VPN. Deep understanding of cybersecurity technologies : EDR, XDR, DLP, CASB, MFA, WAF. Exposure to SIEM, SOAR, VA/PT tools (preferred, not mandatory). Experience in incident response, threat hunting, and security operations. Relevant certifications preferred: CISSP, CISM, CCNP Security, Palo Alto PCNSE, Fortinet NSE, CEH . Roles and Responsibilities Design, implement, and manage enterprise-grade firewalls (Fortinet, Palo Alto, Checkpoint, Barracuda) including rule base optimization, upgrades, and high availability setups. Administer and troubleshoot complex network infrastructures , including VLANs, routing, switching, and VPNs, ensuring secure and reliable connectivity across the organization. Lead security architecture reviews, risk assessments, and provide recommendations to enhance enterprise security posture. Deploy, configure, and maintain EDR/XDR solutions , ensuring endpoint protection and advanced threat detection. Knowledge of SIEM and SOAR platforms for log correlation, incident monitoring, and automation. Familiarity with vulnerability assessments and penetration testing methodologies. Respond to security incidents, perform root-cause analysis, and lead containment, eradication, and recovery efforts. Define and enforce network segmentation policies , access controls, and zero-trust security models. Work with SOC teams to monitor, analyze, and respond to threats, leveraging threat intelligence feeds and automation. Collaborate with cross-functional IT and business teams to ensure security is embedded in all IT operations and projects. Provide mentorship and guidance to junior engineers and ensure adherence to security best practices. Stay updated with emerging cybersecurity threats, tools, and technologies, and recommend proactive measures.

As an Incident Response Analyst at Autodesk, your role involves monitoring, identifying, assessing, containing, and responding to various information security events. You will work in a large and complex environment, collaborating with teams across the company to address security issues and drive incident response. Your passion for security and growth will be crucial in accepting challenging projects and incidents. **Key Responsibilities:** - Handle day-to-day operations to monitor, identify, triage, and investigate security events using various Endpoint (EDR), Network, and Cloud security tools - Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity - Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents - Create and maintain process tools and documentation - Perform all stages of incident response from detection to postmortem - Collaborate with stakeholders to build and enhance the Security Orchestration Platform - Document incident notes in the case management solution - Perform basic forensics and malware analysis based on playbooks and procedures - Work in a 24/7 environment, including night shifts, based on business requirements - Maintain a high level of confidentiality and integrity **Qualifications Required:** - BS in Computer Science, Information Security, or equivalent professional experience - 2+ years of cyber security experience in incident response - Technical depth in specialties like Malware analysis, Host analysis, and Digital forensics - Strong understanding of Security Operations and Incident Response process and practices - Experience with security monitoring, response capabilities, log analysis, and forensic tools - Familiarity with operating systems including Windows, Linux, and OSX - Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools - Excellent critical thinking, analytical, organizational, verbal, and written communication skills - Ability to design playbooks for responding to security incidents - Willingness to support off-hours, weekends, and holidays as needed for incident response At Autodesk, we are committed to creating a culture of belonging where everyone can thrive. If you are passionate about security, growth, and making a difference in the world, join us in shaping the future with meaningful work. (Note: The job description does not contain any additional details about the company.),

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In identity and access management at PwC, you will focus on confirming secure and efficient access to systems and data for employees and/or clients. Your work will involve the design and implementation of strategies to protect sensitive information and manage user identities. Why PWC AtPwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more aboutus . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, CyberArk Management, Cybersecurity, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF), Identity Verification, Inclusion, Information Security + 17 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In identity and access management at PwC, you will focus on confirming secure and efficient access to systems and data for employees and/or clients. Your work will involve the design and implementation of strategies to protect sensitive information and manage user identities. Why PWC AtPwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more aboutus . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, CyberArk Management, Cybersecurity, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF), Identity Verification, Inclusion, Information Security + 17 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

About The Role Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Google Cloud Security Services Good to have skills : React.js Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. A typical day involves collaborating with various teams to understand their needs, developing innovative solutions, and ensuring that applications are aligned with business objectives. You will engage in problem-solving activities, contribute to key decisions, and manage the development process to deliver high-quality applications that enhance operational efficiency and user experience. Responsibilites-As a Google SecOps SIEM Engineer, you will be responsible for strategic delivery helping ourcustomers securely adopt Google SecOps. You will provide best practices on secure build of GoogleSecOps plaorm, foundational cloud implementation for Google SecOps, tackle dicult problemsthat businesses are facing when building Google SecOps, and more. You will provide prescriptiveguidance in ensuring customers receive the best of what Google SecOps can oer and you will ensurethat customers have the best experience in migrating, building, modernising, and maintaining GoogleSecOps. Additionally, you will work closely with Product Management and Product Engineering todrive excellence of Google SecOps and features.Responsibilities Lead the design and implementation of Google SecOps data ingestion from diverse sources,various mechanisms for integration and normalization of logs. Extension of pre-built UDMs in Google SecOps and creation of custom parsers where requiredfor log sources.Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR,EDR, NDR, threat intelligence plaorm, and ticketing systems.Write custom actions, scripts and/or integrations to extend SIEM plaorm functionality.Monitor performance and perform timely actions to scale SIEM deployment, especially in avery high-volume security environment. Creation of SIEM assets such as:detection rules using YARA-L, dashboards, parsers etc. Migration of existing assets from existing customers SIEM/SOAR to SecOps and assisting inimplementing the SIEM/SOAR phase-out, phase-in approach. Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts,dashbords etc Design and implement solutions to handle alert fatigue encountered in SIEM correlation. Creation of custom SIEM dashboards to meet customer requirements. Guide on building or maturing cloud security programs and the implementation of tools andapproaches used for improving cloud security.Debug and solve customer issues in ingestion, parsing, normalization of data etcDevelop SOAR playbooks to provide case handling and Incident response as per triage needsProfessional & Technical Skills: Experience in Prevention, Detection and response to cyber threatsGoogle SecOps SOAR experience of 1 year in creation of playbooks, testing and validation ofplaybooks, integration with custom actions using bespoke scripts, or other SOAR plaormsKnowledge and experience in SIEM plaorms Knowledge in GCP, including Google Cloud Professional Certications (Security, Architect)and other industry certications (CISSP, CCSP etc)Experience in security governance, security risk management, security operations, securityarchitecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases andcreating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and inuencing skills. Must To Have Skills: Proficiency in Google Cloud Security Services.- Good To Have Skills: Experience with React.js.- Strong understanding of cloud security principles and practices.- Experience in application development using various programming languages.- Familiarity with application deployment and monitoring tools. Additional Information:- The candidate should have minimum 7.5 years of experience in Google Cloud Security Services.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. We are seeking a highly skilled and experienced Level 4 SOC Incident Responder to join our Security Operations Center (SOC) team. This senior-level position is critical in managing and responding to advanced cybersecurity threats, leading complex incident investigations, and developing detection and response strategies. The ideal candidate will possess deep technical expertise, strong analytical skills, and proven experience in managing end-to-end incident responses. Roles & Responsibilities:Incident Response & ManagementAct as the primary lead on critical security incidents and complex investigations.Triage, analyze, and respond to escalated security alerts and events from Level 1-3 SOC teams.Conduct root cause analysis, forensic investigations, and impact assessments.Coordinate with internal stakeholders and external partners during major incidents (e.g., breach response).Develop and execute incident response plans (IRPs) and playbooks for various attack scenarios.Threat Hunting & AnalysisProactively hunt for threats using SIEM, EDR, and threat intelligence data.Identify and mitigate advanced persistent threats (APTs) and zero-day exploits.Analyze malware, network traffic, endpoint artifacts, and log data to detect and contain threats.Tooling & AutomationTune detection content and enhance alerting logic across SIEM/SOAR platforms.Integrate and optimize use of tools such as Splunk, MxDR, Sentinel, CrowdStrike, Tines, XSOAR, etc.Contribute to development and refinement of automated response workflows using SOAR tools.Mentoring & LeadershipProvide guidance and mentorship to L1-L3 analysts on investigation techniques and escalation paths.Conduct knowledge-sharing sessions and tabletop exercises for IR preparedness.Assist in training team members on evolving threats, tools, and methodologies.Reporting & DocumentationPrepare detailed incident reports, post-incident reviews (PIRs), and lessons learned.Maintain up-to-date documentation of incident handling procedures and response plans.Communicate technical findings clearly to both technical and non-technical stakeholders. Professional & Technical Skills: 12+ years of experience in cybersecurity, with 8+ years in incident response or SOC operations.Proven experience leading response for critical security incidents and breaches.Expertise in analyzing and interpreting logs, packet captures, endpoint telemetry, and malware samples.Strong experience with SIEM (e.g., Splunk, QRadar, Sentinel, MxDR) and EDR (e.g., CrowdStrike, Carbon Black) platforms.Hands-on experience with SOAR platforms and scripting (Python, PowerShell, Bash).Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat modeling frameworks.Excellent understanding of Windows, Linux, network protocols, and cloud environments (AWS, Azure).Strong written and verbal communication skills, especially in high-pressure situations.Preferred Certifications (one or more):GIAC Certified Incident Handler (GCIH)GIAC Certified Forensic Analyst (GCFA)Certified Information Systems Security Professional (CISSP)Certified Ethical Hacker (CEH)MITRE ATT&CK Defender (MAD)Azure/AWS Security CertificationsSoft Skills: Calm and decisive under pressure.Highly analytical with strong problem-solving skills.Ability to lead investigations with minimal supervision.Excellent collaboration and communication abilities.Why Join Us:Opportunity to work on cutting-edge security challenges and advanced threats.Collaborate with a high-performing global security team.Access to industry-leading tools and continuous learning resources.Competitive compensation and growth opportunities. Additional Information:- The candidate should have minimum 12 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. We are seeking a highly skilled and experienced Level 4 SOC Incident Responder to join our Security Operations Center (SOC) team. This senior-level position is critical in managing and responding to advanced cybersecurity threats, leading complex incident investigations, and developing detection and response strategies. The ideal candidate will possess deep technical expertise, strong analytical skills, and proven experience in managing end-to-end incident responses. Roles & Responsibilities:Incident Response & ManagementAct as the primary lead on critical security incidents and complex investigations.Triage, analyze, and respond to escalated security alerts and events from Level 1-3 SOC teams.Conduct root cause analysis, forensic investigations, and impact assessments.Coordinate with internal stakeholders and external partners during major incidents (e.g., breach response).Develop and execute incident response plans (IRPs) and playbooks for various attack scenarios.Threat Hunting & AnalysisProactively hunt for threats using SIEM, EDR, and threat intelligence data.Identify and mitigate advanced persistent threats (APTs) and zero-day exploits.Analyze malware, network traffic, endpoint artifacts, and log data to detect and contain threats.Tooling & AutomationTune detection content and enhance alerting logic across SIEM/SOAR platforms.Integrate and optimize use of tools such as Splunk, MxDR, Sentinel, CrowdStrike, Tines, XSOAR, etc.Contribute to development and refinement of automated response workflows using SOAR tools.Mentoring & LeadershipProvide guidance and mentorship to L1-L3 analysts on investigation techniques and escalation paths.Conduct knowledge-sharing sessions and tabletop exercises for IR preparedness.Assist in training team members on evolving threats, tools, and methodologies.Reporting & DocumentationPrepare detailed incident reports, post-incident reviews (PIRs), and lessons learned.Maintain up-to-date documentation of incident handling procedures and response plans.Communicate technical findings clearly to both technical and non-technical stakeholders. Professional & Technical Skills: 12+ years of experience in cybersecurity, with 8+ years in incident response or SOC operations.Proven experience leading response for critical security incidents and breaches.Expertise in analyzing and interpreting logs, packet captures, endpoint telemetry, and malware samples.Strong experience with SIEM (e.g., Splunk, QRadar, Sentinel, MxDR) and EDR (e.g., CrowdStrike, Carbon Black) platforms.Hands-on experience with SOAR platforms and scripting (Python, PowerShell, Bash).Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat modeling frameworks.Excellent understanding of Windows, Linux, network protocols, and cloud environments (AWS, Azure).Strong written and verbal communication skills, especially in high-pressure situations.Preferred Certifications (one or more):GIAC Certified Incident Handler (GCIH)GIAC Certified Forensic Analyst (GCFA)Certified Information Systems Security Professional (CISSP)Certified Ethical Hacker (CEH)MITRE ATT&CK Defender (MAD)Azure/AWS Security CertificationsSoft Skills: Calm and decisive under pressure.Highly analytical with strong problem-solving skills.Ability to lead investigations with minimal supervision.Excellent collaboration and communication abilities.Why Join Us:Opportunity to work on cutting-edge security challenges and advanced threats.Collaborate with a high-performing global security team.Access to industry-leading tools and continuous learning resources.Competitive compensation and growth opportunities. Additional Information:- The candidate should have minimum 12 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Security Information and Event Management (SIEM) Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a experienced Level 3 SOC Analyst, will lead advanced security incident investigations, develop detection use cases, improve security monitoring, and provide deep technical support to L1 and L2 SOC analysts, act as a technical escalation point for critical incidents, threat hunting, and cyber threat intelligence integration. Roles & Responsibilities:-Lead in-depth investigation of security incidents (e.g., malware outbreaks, phishing, data exfiltration, insider threats).-Perform root cause analysis and attack vector tracing for complex security incidents which involve OT system and IT systems.-Monitor OT network and security logs via SIEM and other monitoring tools to identify potential threats and anomalies. Also Design and tune detection rules and correlation logic in SIEM platforms. -Proactively hunt for threats using IOC, behavioral analytics, and threat intelligence feeds.-Correlate internal security data with threat intel to identify attacker TTPs using frameworks like MITRE ATT&CK.-Serve as Tier 3 escalation for complex security alerts and incidents. Also mentor and guide L1 and L2 analysts on investigation techniques, triage steps, and reporting standards.-Technical Expertise in SIEM, EDR, Threat Intel, Forensics Tools.-Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and TTP-based detectionProfessional & Technical Skills: -experience in SOC operations, cybersecurity analysis, or incident response.- experience in OT/ICS environments or critical infrastructure cybersecurity will be added advantage.-Proficient in SIEM platforms (e.g., Splunk, QRadar, LogRhythm, Securonix) and security monitoring tools.- Act as SME for security tools including SIEM, EDR, SOAR, IDS/IPS, threat intel platforms, and sandbox environment Additional Information:- The candidate should have a minimum of 5 years of experience in Operational Technology (OT) Security.- This position is based at our Bengaluru office.- A 15 years full-time education is required. Qualification 15 years full time education

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engineering & Delivery (Primary) Deploy and configure Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps). Implement and tune Microsoft Sentinel SIEM/SOAR: log sources, analytics rules, playbooks. Configure Microsoft Purview for DLP, insider risk, information governance, and compliance reporting. Lead threat modelling, vulnerability remediation, attack surface reduction, and security hardening . Align customer environments to Zero Trust and compliance frameworks (ISO 27001, SOC 2, NIST). SOC & Operational Security Provide Level 3/4 escalation for incidents across identity, endpoint, and cloud security. Partner with Oreta’s SOC for threat hunting, investigation, and incident response. Conduct proactive security health checks and ensure patch/vulnerability compliance . Maintain security documentation, runbooks, and incident response playbooks . Cloud Security (Supporting) Apply security architecture and controls to Azure, Microsoft 365, and hybrid workloads. Support secure cloud migrations and integrations, focusing on IAM, encryption, and monitoring. Configure Intune for endpoint compliance and secure device lifecycle management. Leadership & Practice Development Mentor and coach junior engineers in security engineering and incident handling . Contribute to Oreta’s security playbooks, frameworks, and managed service enhancements . Participate in customer workshops and advisory sessions , translating risks into solutions. Required Skills & Experience 5–8+ years’ experience in security engineering/operations (with Microsoft stack focus). Hands-on expertise in: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender Suite (Endpoint, Identity, O365, Cloud Apps) Microsoft Purview (DLP, compliance, insider risk) Entra ID (MFA, Conditional Access, Identity Governance, PIM) Strong understanding of threat detection, incident response, and SOC workflows . Familiarity with Azure/M365 cloud security controls (landing zones, governance, monitoring). Experience with compliance frameworks (ISO 27001, SOC 2, NIST CSF). Preferred certifications: SC-200, SC-300, AZ-500 (core); additional Azure/AWS security certs a plus. Excellent communication skills with customer-facing experience in delivery and operations . Role & responsibilities

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engineering & Delivery (Primary) Deploy and configure Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps). Implement and tune Microsoft Sentinel SIEM/SOAR: log sources, analytics rules, playbooks. Configure Microsoft Purview for DLP, insider risk, information governance, and compliance reporting. Lead threat modelling, vulnerability remediation, attack surface reduction, and security hardening . Align customer environments to Zero Trust and compliance frameworks (ISO 27001, SOC 2, NIST). SOC & Operational Security Provide Level 3/4 escalation for incidents across identity, endpoint, and cloud security. Partner with Oreta’s SOC for threat hunting, investigation, and incident response. Conduct proactive security health checks and ensure patch/vulnerability compliance . Maintain security documentation, runbooks, and incident response playbooks . Cloud Security (Supporting) Apply security architecture and controls to Azure, Microsoft 365, and hybrid workloads. Support secure cloud migrations and integrations, focusing on IAM, encryption, and monitoring. Configure Intune for endpoint compliance and secure device lifecycle management. Leadership & Practice Development Mentor and coach junior engineers in security engineering and incident handling . Contribute to Oreta’s security playbooks, frameworks, and managed service enhancements . Participate in customer workshops and advisory sessions , translating risks into solutions. Required Skills & Experience 5–8+ years’ experience in security engineering/operations (with Microsoft stack focus). Hands-on expertise in: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender Suite (Endpoint, Identity, O365, Cloud Apps) Microsoft Purview (DLP, compliance, insider risk) Entra ID (MFA, Conditional Access, Identity Governance, PIM) Strong understanding of threat detection, incident response, and SOC workflows . Familiarity with Azure/M365 cloud security controls (landing zones, governance, monitoring). Experience with compliance frameworks (ISO 27001, SOC 2, NIST CSF). Preferred certifications: SC-200, SC-300, AZ-500 (core); additional Azure/AWS security certs a plus. Excellent communication skills with customer-facing experience in delivery and operations . Role & responsibilities

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Work with security teams to understand their requirements and translate them into SIEM use cases Design, implement, and test SIEM use cases to detect specific types of security threats Continuously optimize use cases to improve detection accuracy and reduce false positives Develop and implement SIEM rules and correlation logic to detect security incidents Tune alerts to minimize false positives and ensure they are actionable Create and maintaining parsers/connectors in SIEM and SOAR Set appropriate thresholds for alerts based on analysis and threat intelligence Ensure data is normalized and enriched for effective correlation and analysis Develop and maintain log parsing rules to accurately ingest and process data Maintain detailed documentation of SIEM use cases, including design, implementation, and tuning procedures Generate reports on the performance and effectiveness of SIEM use cases Work closely with stakeholders, including SOC analysts, incident responders, and IT teams, to ensure use cases meet their needs Collaborate with SIEM vendors to troubleshoot issues and implement new features Innovate and experiment with new use case ideas to enhance the SIEM's detection capabilities Design and develop automated workflows to address common security operations tasks and incidents Write and maintain scripts (e.g., Python, PowerShell) to support automation tasks Create and implement playbooks that automate the response to security incidents. Develop use cases for automation based on common incident scenarios and threat patterns Automate the enrichment of security alerts with contextual information to improve decision-making Integrate various security tools (e.g., SIEM, EDR, ITSM (Service Now), firewalls, Threat intelligence platforms) with the SOAR platform. Continuously optimize automated workflows to reduce false positives and enhance detection accuracy. Tune the performance of automated workflows to ensure they operate efficiently and effectively. Establish a feedback loop with security teams to gather input on automation performance and make necessary adjustments. Monitor the performance and health of the SOAR platform and automated workflows Maintain detailed documentation of automated workflows, playbooks, and scripts. Skills Required: Proficiency with proposed SOAR and SIEM solutions Experience in configuring, managing, and optimizing SOAR and SIEM platforms Strong skills in scripting languages (e.g., Python, PowerShell, JavaScript) for developing automation scripts Experience in writing and maintaining scripts to automate security tasks and processes Experience in utilizing RESTful APIs to enable communication between different security tools Experience in converting MITRE TTPs to Misuse cases for better detection and response Shall have 4 to 6 Years of experience and proposed OEM certifications SOC Operations -SIEM Use case and SOAR Automation Specialist SPLUNK/Palo Alto SOAR Desired qualifications Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields Skills Technologies: SOC Operations -PIM Specialist a) Arcon Experience Required - 4 to 6 years Location and way of working Base location: MG Road - Bangalore Professional is required to work from office Your role as Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Deputy Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: 08*6 general shift and provide on call support for critical issues Platform management for SIEM, SOAR, UEBA, NBAD, DLP, Anti-APT, Deception, VM, and any other in scope solutions. Log Source Management, Ensure timely integration of log sources SIEM Rule Management - Ensure rules are up to date to reduce false positives Performance Tuning: Optimize SIEM performance to ensure efficient processing and alerting. Compliance and Reporting: Generate reports for compliance and audit requirements. Integrate UEBA solutions with existing security infrastructure. Model Development: Develop and fine-tune machine learning models to detect abnormal activities. Provide insights and context to support security investigations. Reduce false positives by fine-tuning alerting mechanisms. Create automated workflows to streamline security operations. Implement and manage incident response playbooks. Integrate SOAR platforms with various security tools and systems. Enhance the efficiency of security operations through orchestration and automation. Track and report on the effectiveness of automation and response efforts. Platform Management: The installation, configuration, maintenance, update, upgrade of SIEM, UEBA, SOAR, Anti APT, NBA, DLP, Deception, VA and any other in scope solutions. Work closely with other security teams to enhance threat detection, investigation, and response processes. Provide training and support to security analysts on the use and capabilities of these platforms. Ensure that the platforms meet regulatory and compliance requirements. Perform health check-up daily and share the reports with the stakeholders Perform major and minor upgrades of the platform Ensure all the components are up to date (n-1) Monitor the availability of all the deployed components Skills Required: Deep understanding of networking, operating systems, and security principles. Have designed and implemented the proposed solutions in at least 2 clients Strong analytical and problem-solving skills. Proficiency in using advanced security tools and technologies. Excellent communication and documentation skills. Ability to handle high-pressure situations and make critical decisions. Continuous learning mindset to stay updated with the evolving threat landscape. The platform engineer shall have minimum 4-9 years of experience in managing the proposed solutions with OEM certification SOC Operations -Platform Engineer - SIEM, SOAR and UEBA Palo Alto /SOAR/Splunk Desired qualifications Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields Experience- 4 to 9 years Location and way of working Base location: Koramangala - Bangalore Professional is required to work from office Your role as Deputy Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Deputy Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Work with security teams to understand their requirements and translate them into SIEM use cases Design, implement, and test SIEM use cases to detect specific types of security threats Continuously optimize use cases to improve detection accuracy and reduce false positives Develop and implement SIEM rules and correlation logic to detect security incidents Tune alerts to minimize false positives and ensure they are actionable Create and maintaining parsers/connectors in SIEM and SOAR Set appropriate thresholds for alerts based on analysis and threat intelligence Ensure data is normalized and enriched for effective correlation and analysis Develop and maintain log parsing rules to accurately ingest and process data Maintain detailed documentation of SIEM use cases, including design, implementation, and tuning procedures Generate reports on the performance and effectiveness of SIEM use cases Work closely with stakeholders, including SOC analysts, incident responders, and IT teams, to ensure use cases meet their needs Collaborate with SIEM vendors to troubleshoot issues and implement new features Innovate and experiment with new use case ideas to enhance the SIEM's detection capabilities Design and develop automated workflows to address common security operations tasks and incidents Write and maintain scripts (e.g., Python, PowerShell) to support automation tasks Create and implement playbooks that automate the response to security incidents. Develop use cases for automation based on common incident scenarios and threat patterns Automate the enrichment of security alerts with contextual information to improve decision-making Integrate various security tools (e.g., SIEM, EDR, ITSM (Service Now), firewalls, Threat intelligence platforms) with the SOAR platform. Continuously optimize automated workflows to reduce false positives and enhance detection accuracy. Tune the performance of automated workflows to ensure they operate efficiently and effectively. Establish a feedback loop with security teams to gather input on automation performance and make necessary adjustments. Monitor the performance and health of the SOAR platform and automated workflows Maintain detailed documentation of automated workflows, playbooks, and scripts. Skills Required: Proficiency with proposed SOAR and SIEM solutions Experience in configuring, managing, and optimizing SOAR and SIEM platforms Strong skills in scripting languages (e.g., Python, PowerShell, JavaScript) for developing automation scripts Experience in writing and maintaining scripts to automate security tasks and processes Experience in utilizing RESTful APIs to enable communication between different security tools Experience in converting MITRE TTPs to Misuse cases for better detection and response Shall have 7 Years of experience and proposed OEM certifications SOC Operations -SIEM Use case and SOAR Automation Specialist SPLUNK/Palo Alto SOAR Desired qualifications Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields Experience Required - 4 to 9 years Location and way of working Base location: Koramangala - Bangalore (Mandatory client deputation) Professional is required to work from office How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Heres a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area youre applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In identity and access management at PwC, you will focus on confirming secure and efficient access to systems and data for employees and/or clients. Your work will involve the design and implementation of strategies to protect sensitive information and manage user identities. Why PWC AtPwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more aboutus . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, CyberArk Management, Cybersecurity, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF), Identity Verification, Inclusion, Information Security + 17 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

position: Cybersecurity Enterprise Sales SIEM Engineering Focus Location: Hyderabad/Bangalore/Mumbai Role Overview: We are seeking a dynamic and results-driven Cybersecurity Enterprise Sales professional to join our team. This role is focused on selling advanced cybersecurity solutions, including SIEM, SOAR, and Adaptive MDR offerings, to mid-to-large enterprises. The ideal candidate will have a strong foundation in cybersecurity operations, particularly SIEM engineering, and a proven track record in enterprise technology sales Key Responsibilities: Develop and execute a strategic sales plan to meet and exceed quarterly and annual sales targets. Identify, qualify, and pursue new business opportunities in enterprise accounts. Conduct engaging product presentations and solution demonstrations to prospective clients. Understand customer security needs and map solutions accordingly, with a focus on SIEM, SOAR, and MDR. Lead contract negotiations and close deals. Build and maintain long-term relationships with key stakeholders and channel partners. Stay current on the latest cybersecurity trends and emerging technologies. Collaborate with internal technical and product teams to align solutions with customer needs. Required Qualifications: Bachelor's degree in Business, Computer Science, Information Security, or a related field. 8+ years of experience in cybersecurity sales, with a focus on enterprise customers. Hands-on understanding of SIEM tools (e.g., Splunk, IBM QRadar, Securonix) and security operations workflows. Proven ability to meet or exceed sales targets in a complex, solution-oriented environment. Excellent communication, presentation, and negotiation skills. Self-starter with the ability to work independently and cross-functionally Preferred Skills: Experience selling MDR, SIEM, SOAR, or AI-driven security solutions. Familiarity with SaaS security platforms and cloud security posture management. Background in threat detection, incident response, or SIEM engineering is a strong plus

Job role - Senior Splunk Security Engineer Experience - 9 to 12 years Location - Bangalore/chennai/pune Primary Skills- SIEM experience Splunk Admin (essential) and Azure Sentinel (proficiency in writing KQL and SPL; log sources, ingestion patters and correlation rules). DevOps knowledge (Git / BitBucket / GitLab). Security Fundamentals (threat detection, incident response, threat intel; knowledge of the MITRE Att*ck framework and security operations). Secondary Skills- Scripting - Python, Shell. Compliance and governance awareness. Strong analytical and troubleshooting skills. Experience with working with cross functional teams (security, infra, compliance etc). Role Overview: The Splunk Engineer / Administrator will be responsible for designing, implementing, and maintaining Splunk environments, including SIEM, SOAR, and UEBA components. This role supports security operations by enabling advanced analytics, automation, and incident response capabilities. Key Responsibilities: SIEM (Splunk Enterprise Security): • Administer and optimize Splunk Enterprise Security (ES) for log management, ingestion, normalization, and correlation. • Develop and maintain dashboards, alerts, saved searches, and reports. • Onboard data sources and ensure CIM compliance. • Implement risk scoring models to identify suspicious access events and reduce false positives. SOAR (Security Orchestration, Automation, and Response): • Administer Splunk SOAR (formerly Phantom), including cluster and PostgresDB environments. • Develop and maintain playbooks for automated incident response. • Create Python-based custom functions to enhance playbook capabilities. • Integrate AI models to improve alerting and operational efficiency. UEBA (User and Entity Behavior Analytics): • Develop use cases and dashboards for behavior analytics. • Integrate UEBA models with Splunk ES and SOAR for enhanced threat detection. General Splunk Administration: • Install, configure, and troubleshoot Splunk components (indexers, search heads, forwarders). • Develop custom Splunk apps and add-ons using SPL, Python, SimpleXML, JavaScript, or Bash. • Monitor and troubleshoot performance issues. • Ensure compliance with ISO27001, ITIL, and internal security standards. Required Skills & Experience: • 5+ years of experience in Splunk administration and engineering. • Strong knowledge of Splunk architecture, SPL, and data modeling. • Experience with Python, Bash, and web technologies (JavaScript, CSS). • Familiarity with SIEM, SOAR, and UEBA concepts and tools. • Experience in a Cyber Security Operations Center (CSOC) is a plus. Certifications: • Splunk Enterprise Certified Architect (Required) • Splunk ES Administration Certification (Required) • Splunk SOAR Administration Certification (Required) • Splunk UEBA Administration Certification (Required) • Splunk Core Certified Consultant (Preferred)

WHO WE ARE: Zinnia is the leading technology platform for accelerating life and annuities growth. With innovative enterprise solutions and data insights, Zinnia simplifies the experience of buying, selling, and administering insurance products. All of which enables more people to protect their financial futures. Our success is driven by a commitment to three core values: be bold, team up, deliver value and that we do. Zinnia has over $180 billion in assets under administration, serves 100+ carrier clients, 2500 distributors and partners, and over 2 million policyholders. WHO YOU ARE We’re looking for a Manager of Platform Security Engineering to lead a team focused on securing our corporate environment and on-premises infrastructure, while also building automation and platform capabilities that support the broader InfoSec function. This role sits at the intersection of infrastructure security, system reliability, and security engineering, and is ideal for someone who knows how to build, maintain, and support production-grade security platforms that scale. You will oversee a team responsible for a range of foundational security services — including endpoint detection and response (EDR), asset management, log management, IAM infrastructure, and more. You’ll also drive initiatives around automation to improve operational efficiency and reduce manual work across the InfoSec organization. You will bring strong technical depth across both Microsoft and Linux environments, a solid understanding of networking and Zero Trust principles, and a track record of building secure, reliable systems. You’re comfortable leading engineering teams while still being hands-on when necessary. WHAT YOU’LL DO: Lead the Security Platform Engineering team responsible for corporate and infrastructure security tooling Own the design, implementation, and operations of production-grade security systems such as log management, EDR, asset inventory, configuration management, etc. Partner with internal infrastructure, IT, and cloud teams to ensure security controls are deployed, monitored, and maintained effectively across all environments Build automation pipelines and backend systems to support security operations – e.g., data pipelines for telemetry, workflow automation for alert handling, enforcement of security policies via code Implement and support security principles such as Zero Trust, least privilege, and secure-by-default infrastructure Ensure systems are reliable, scalable, and properly documented, with appropriate monitoring and alerting Support compliance and audit efforts through well-instrumented systems and accurate reporting capabilities Help define roadmaps, drive technical architecture decisions, and manage day-to-day execution within the team WHAT YOU’LL NEED: 10+ years of experience in security engineering, infrastructure security, or platform engineering roles, with 2+ years in a team leadership or management position Strong hands-on experience with both Microsoft (Active Directory, Intune, Defender, etc.) and Linux platforms in enterprise environments Deep understanding of networking, Zero Trust, EDR, and endpoint hardening Proven ability to design, build, and operate production-grade systems (log management, telemetry pipelines, etc.) Experience with automation frameworks and infrastructure-as-code (e.g., Terraform, Ansible, or similar) Familiarity with SIEM/SOAR platforms, identity platforms, and asset management solutions Comfortable working across cross-functional teams and communicating with both technical and non-technical stakeholders Bonus: experience with regulated environments (e.g., SOC 2, ISO 27001), and security certifications like CISSP, CISM, or OSCP WHAT’S IN IT FOR YOU? At Zinnia, you collaborate with smart, creative professionals who are dedicated to delivering cutting-edge technologies, deeper data insights, and enhanced services to transform how insurance is done. Visit our website at www.zinnia.com for more information. Apply by completing the online application on the careers section of our website. We are an Equal Opportunity employer committed to a diverse workforce. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called Mega Banks of Japan. MGS was established in the year 2020 as part of Mizuhos long-term strategy of creating a captive global processing center for remotely handling banking and IT related operations of Mizuho Banks domestic and overseas offices and Mizuhos group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGSs development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. Whats in it for you? Immense exposure and learning Excellent career growth Company of highly passionate leaders and mentors Ability to build things from scratch Company website : - https://www.mizuhogroup.com/asia-pacific/mizuho-global-services 1) VAPT SME About the Role: We are seeking a highly skilled and experienced Vulnerability Assessment SME to join our dynamic team. You will play a critical role in safeguarding our organization's information assets by identifying, assessing, and mitigating vulnerabilities. Roles and Responsibilities: Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Analyze vulnerability assessment results to identify and prioritize risks. Develop and maintain vulnerability management processes and procedures. Coordinate vulnerability remediation activities with relevant stakeholders. Perform penetration testing to assess the effectiveness of security controls. Stay up-to-date on the latest security threats and vulnerabilities. Relevant Skills and Experience: 5-10 years of experience in vulnerability assessment, penetration testing, or a related field. Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box). Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Qualifications: Bachelor's degree in computer science, information technology, or a related field. Security certifications (e.g., CISSP, CISM, CEH, OSCP). Strong problem-solving and analytical skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Additional Skills (Preferred): Experience with source code analysis tools. Experience with web application security testing. Experience with mobile application security testing. Experience with security incident response. 1) Engineering JO About the Role: We are looking for professionalsa Senior Architect to join our team focused on application and infrastructure security hardening. These individuals will play a crucial role in enhancing the security posture of the organization's platforms by providing actionable hardening guidance, assisting with remediation efforts, and collaborating with teams to ensure compliance with security standards. Roles and Responsibilities: Application and Infrastructure Security Hardening: Deliver clear and practical security hardening guidance for various platforms, including Web Servers, Databases, Operating Systems, and Infrastructure components. Document security hardening processes comprehensively to ensure clarity and repeatability. Provide remediation support to address vulnerabilities identified during hardening audits. Collaborate with application and infrastructure teams to implement security configurations based on identified hardening requirements. Conduct periodic reviews of platforms to detect deviations from the hardening benchmarks and facilitate immediate rectifications. Scope of Work: Coordinate efforts with offshore teams to research optimal security configurations tailored to the organizations needs. Partner with infrastructure and application teams to apply updated system configurations and monitor adherence to security guidance. Assist in periodic assessments of system platforms, ensuring that deviations from security standards are promptly addressed. Recommend and implement best practices to maintain a secure environment across multiple system layers. Relevant Skills and Experience: For Senior Architecture Resource: 57 years of experience in application and infrastructure security domains. Expertise in documenting and guiding application/system hardening processes. Proven track record of implementing security configurations across complex platforms. Strong ability to coordinate remediation tasks with diverse teams. Qualifications: Bachelors degree in Computer Science, Cybersecurity, Information Systems, or a related field. Relevant certifications in security hardening or infrastructure hardening are preferred. Proven experience in identifying vulnerabilities and collaborating on remediation efforts. Additional Skills (Preferred): Familiarity with automated tools and frameworks for ensuring compliance with hardening standards. Strong communication skills to simplify security configurations for diverse teams while maintaining technical accuracy. Adaptable research capabilities to align hardening recommendations with industry best practices. 2) Architecture About the Role: We are looking for professionals a Senior Architect to join our team focused on application and infrastructure security hardening. These individuals will play a crucial role in enhancing the security posture of the organization's platforms by providing actionable hardening guidance, assisting with remediation efforts, and collaborating with teams to ensure compliance with security standards. Roles and Responsibilities: Application and Infrastructure Security Hardening: Deliver clear and practical security hardening guidance for various platforms, including Web Servers, Databases, Operating Systems, and Infrastructure components. Document security hardening processes comprehensively to ensure clarity and repeatability. Provide remediation support to address vulnerabilities identified during hardening audits. Collaborate with application and infrastructure teams to implement security configurations based on identified hardening requirements. Conduct periodic reviews of platforms to detect deviations from the hardening benchmarks and facilitate immediate rectifications. Scope of Work: Coordinate efforts with offshore teams to research optimal security configurations tailored to the organizations needs. Partner with infrastructure and application teams to apply updated system configurations and monitor adherence to security guidance. Assist in periodic assessments of system platforms, ensuring that deviations from security standards are promptly addressed. Recommend and implement best practices to maintain a secure environment across multiple system layers. Relevant Skills and Experience: For Senior Architecture Resource: 57 years of experience in application and infrastructure security domains. Expertise in documenting and guiding application/system hardening processes. Proven track record of implementing security configurations across complex platforms. Strong ability to coordinate remediation tasks with diverse teams. Qualifications: Bachelors degree in Computer Science, Cybersecurity, Information Systems, or a related field. Relevant certifications in security hardening or infrastructure hardening are preferred. Proven experience in identifying vulnerabilities and collaborating on remediation efforts. Additional Skills (Preferred): Familiarity with automated tools and frameworks for ensuring compliance with hardening standards. Strong communication skills to simplify security configurations for diverse teams while maintaining technical accuracy. Adaptable research capabilities to align hardening recommendations with industry best practices. Address: - Mizuho Global Services India Pvt. 11th Floor, Q2 Building Aurum Q Park, Gen 4/1, Ttc, Thane Belapur Road, MIDC Industrial Area, Ghansoli, Navi Mumbai- 400710. Please Note : Candidates residing within 20KM s radius from the office location will ONLY be considered. Only shortlisted candidates will be invited for an F2F interview at office on 13th September, Saturday

Mandatory skill sets: Minimum 2-12 years of professional experience in cybersecurity, with experience in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Experience in handling security incidents, ransomware, phishing campaigns and zero-day exploits. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting.

Mandatory skill sets: Minimum 2-12 years of professional experience in cybersecurity, with experience in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Experience in handling security incidents, ransomware, phishing campaigns and zero-day exploits. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting.

Required Details: Experience: 3-9 Years Location: Pune Employment: Permanent Full Time Mode: Hybrid *****Looking for candidates who can join Immediately to 20 Days max (Sep month joiners) *** Role & responsibilities Job Summary We're seeking a skilled and experienced SIEM Administrator to join our cybersecurity team. The ideal candidate will be responsible for the full lifecycle of our Security Information and Event Management (SIEM) platforms. This includes the design, implementation, and maintenance of solutions to centralize and analyze security data from across our on-premises and cloud environments. You'll play a critical role in enhancing our threat detection capabilities, incident response processes, and overall security posture. Responsibilities * Platform Management: Administer and maintain our SIEM solutions, including Splunk, Azure Sentinel, and Google Chronicle. This involves managing instances, ensuring platform health, and applying updates and patches. * Log Ingestion & Data Onboarding: Design and implement robust log collection strategies. Onboard new data sources from a variety of endpoints, servers, network devices, and applications, ensuring data is correctly parsed and normalized. * Rule & Dashboard Development: Create, tune, and maintain custom correlation rules, alerts, and dashboards to detect threats and suspicious activity. Use query languages like Splunk SPL, KQL (Kusto Query Language), and Google Chronicle's YARA-L to build effective detections. * Incident Response Support: Collaborate with security analysts to investigate alerts and incidents. Provide technical expertise to troubleshoot data gaps and enrich security events for effective analysis. * Cloud Security Expertise: Work with cloud environments like AWS, Azure, and Google Cloud Platform (GCP) to integrate cloud-native logs and services into the SIEM. Understand cloud security logging best practices. * EDR & SOAR Integration: Implement and manage integrations with Endpoint Detection and Response (EDR) solutions to enhance endpoint visibility. Configure and develop playbooks on Security Orchestration, Automation, and Response (SOAR) platforms to automate incident response workflows and reduce manual tasks. * Documentation & Reporting: Maintain detailed documentation of SIEM configurations, data sources, and procedures. Generate security reports for management and compliance purposes. * Automation: Use scripting languages such as Python or Bash to automate repetitive tasks and improve operational efficiency. Preferred candidate profile Proven hands-on experience as a SIEM Administrator, specifically with Splunk, Azure Sentinel, or Google Chronicle. * Strong knowledge of security concepts, including network protocols, attack vectors, and threat intelligence. * Proficiency in creating complex queries and detection rules in SIEM platforms. * Experience with cloud security and integrating logs from major cloud providers. * Practical experience in implementing and integrating EDR and SOAR solutions. * Problem-Solving: Strong troubleshooting and analytical skills with a keen eye for detail. * Soft Skills: Excellent communication and teamwork abilities to collaborate with different teams, including security operations and IT. If above JD matches your profile kindly share resume to lakshmi.naidu@citiustech.com with below details: Total Experience: Relevant Experience in SIEM (Splunk): Current CTC: Expected CTC: Notice Period: Current location: Are you available for virtual interview on Saturday (13th Sep)?

Mandatory skill sets: Minimum 2-12 years of professional experience in cybersecurity, with experience in a SOC environment. Deep understanding of networking, system administration, cloud environments (AWS/Azure/GCP) and security architecture. Experience with EDR, SIEM, SOAR, IDS/IPS, firewalls and forensic tools. Strong knowledge of malware analysis, log correlation, threat hunting and vulnerability management. Experience in handling security incidents, ransomware, phishing campaigns and zero-day exploits. Strong analytical and problem-solving skills with an investigative mindset. Excellent communication skills for technical and executive-level reporting.

You will be responsible for spearheading the architecture and implementation on Google Cloud Platform for large scale deployments and migration. You will design and implement data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of customers. Additionally, you will design, plan, and implement data migrations from existing SIEM/SOAR platforms. Your role will also involve hardening critical infrastructures and platform services, as well as integrating other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. You will be expected to write custom actions, scripts, and/or integrations to extend platform functionality. Monitoring performance and taking timely actions to scale deployment, especially in a high-volume security environment, will be part of your responsibilities. You will also provide guidance on building or maturing cloud security programs. Minimum Qualifications (MQs): - 10+ years of experience in leading projects and delivering technical solutions related to security - Implementation experience of YARA-L 2.0 and at least one more general-purpose language - Experience managing customer projects to completion, working with engineering teams, sales, and partners - Experience in architecting, developing, or maintaining secure Cloud solutions - Strong verbal and written communication skills - Demonstrated experience in consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements - Hands-on and deep knowledge of security principles - Demonstrated experience in Cloud Security delivered within customer-facing roles Preferred Qualifications (PQs): - Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud - Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures - Excellent organizational, problem-solving, articulating, and influencing skills - Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC) - Google Cloud Professional Certifications Your future duties and responsibilities will involve ensuring the successful implementation of security solutions and providing support to clients. You will need to have strong organizational, problem-solving, and communication skills to excel in this role. In this position, you are expected to collaborate with team members and clients to turn meaningful insights into action. As a CGI Partner, you will have the opportunity to take ownership from day one and contribute to the company's success. Your work will create value through innovative solutions and collaboration with global teams. CGI provides a supportive environment for career growth and offers opportunities to enhance your skills and expand your horizons. If you are looking to join one of the largest IT and business consulting services firms in the world, CGI offers a dynamic and rewarding environment where you can thrive and make a difference.,