133 Soar Jobs - Page 2

Role- Splunk SOAR Job Description: Experience in SIEM SOAR implementation and administration Experience in Playbook creation Demonstrated proficiency in the daily monitoring of Information Security events ensuring prompt detection and response to potential threats Proficient in performing 24x7 monitoring of security logs conducting detailed analysis and escalating detected events based on agreed runbooks and SLAs Knowledgeable in malware analysis techniques aiding in the identification and mitigation of malicious software Experience in SIEM SOC operations for very large enterprises ensuring security posture and compliance Proficiency in reviewing security monitoring tool policies using a logical and security focused approach aligning them with the latest security concepts to enhance the overall security posture of the organization Possess expertise in threat modeling and the development of use cases enabling the creation of effective strategies for identifying and mitigating security threats Proficient in working with SOAR tools particularly XSOAR Skilled in playbook development and integrating third party solutions with SOAR Experienced in security automation using scripting languages like Python and Shell Hands on experience in Managing and maintaining existing SOAR solution ensuring its optimal performance and functionality Successfully on boarded new customers to the platform ensuring a smooth transition and adoption of the platform Managed the entire customer onboarding process starting from host building firewall requests and tenant on boarding Integrated third party solutions with the SOAR platform including SIEM email and ITSM Troubleshot errors related to playbook execution and third party integrations ensuring smooth operation of the SOAR system Assisted in SOAR platform upgrades including testing deployment and configuration to maintain up to date and secure infrastructure Gathered playbook development requirements from customers or suggested new playbook development requirements to enhance the SOAR systems capabilities

• Proficiency with management PROXY • Experience in working with Windows, Linux, Unix environments • Hands-on experience in commissioning and Implementation of PROXY solutions

Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:-Monitor email traffic for suspicious activities.-Configure and manage email security platforms-Analyze and respond to phishing attacks, spam, and malware delivered via email-Implement and maintain email authentication protocols (SPF, DKIM, DMARC).-develop and enforce email security policies (e.g., email encryption,-Respond to email-related security incidents.-Conduct forensic analysis of email-based attacks.-Work with SOC teams during breach investigations.-Conduct phishing user training.-Automate detection and response using SOAR tools.-Analysis of Email Header and Email body analysis Professional & Technical Skills: - Email protocols:SMTP, IMAP, POP3 -DNS records:SPF, DKIM, DMARC Additional Information:- The candidate should have minimum 5 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Lead and mentor a team of Tier 1, Tier 2, and Tier 3 SOC analysts.- Define and enforce SOC processes, workflows, SLAs, and escalation protocols.- Provide regular performance feedback and conduct training to upskill the team.- Collaborate with IT, DevOps, Risk, and Compliance teams on security initiatives.- Oversee daily security monitoring, triage, and incident response activities.- Ensure timely detection, investigation, and resolution of security incidents.- Maintain incident tracking and reporting for internal stakeholders and audits.- Conduct root cause analysis and ensure lessons learned are documented and implemented.- Manage and optimize SIEM, SOAR, EDR, and other monitoring tools.- Define and tune detection rules, playbooks, and alerts to reduce false positives.- Evaluate and recommend new tools and technologies to improve SOC capabilities.- Ensure log sources and telemetry are complete and properly ingested.- Ensure SOC operations support compliance requirements (ISO 27001, NIST, PCI DSS, GDPR).- Prepare and deliver regular security metrics and executive reports.- Coordinate with internal and external auditors during assessments. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience with cloud security architecture and implementation.- Ability to conduct security assessments and audits.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.Minimum a bachelors or a masters degree in addition to regular 15- year full time educationAdaptability to accept change Qualification 15 years full time education

Cybersecurity, Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept, Fortinet FortiSOAR, Palo Alto Networks - Firewalls, Cortex XSOAR, Python We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred) Experience with SOAR play book creation , integration etc Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage

A SOAR Automation Professional specializes in Security Orchestration, Automation, and Response (SOAR), focusing on enhancing the efficiency and effectiveness of security operations through automation. This role involves integrating various security tools, developing automated workflows, and responding to security incidents swiftly to minimize potential damage. Contract To Hire(C2H) Role. Python Any SOAR tool experience Splunk SOAR/Phantom Cortex XSOAR SOC/SIEM experienced Note: Looking for Immediate to 30-Days joiners at most.

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Key Responsibilities: : Business-Cybersecurity Alignment: o Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organization’s broader business goals. o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams. Risk Analysis & Security Assessments: o Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities. o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements. Cybersecurity Frameworks & Compliance: o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA). o Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have) Security Process Improvement: o Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows. o Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments. The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in at least 5 of the following areas o SIEM Sentinel & Security Operations: Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments. Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management. o Security Tools & Technology Integration: Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems. Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem. o User Access Management (UAM) & RBAC: Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements. Support the development of processes for managing user roles, privileges, and access rights across enterprise systems. o Cloud & Encryption Security: Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management. Collaborate with technical teams to implement strong encryption methods for data - in - transit, data-at-rest, and data-in-use in line with organizational security policies. o AI & ML in Cybersecurity: (Good to have) Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organization’s security operations. Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation. o SOAR Integration & Incident Response: Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks. Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents. Benefits

Job Information Job Opening ID ZR_1899_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 3-5 years Job Title Phantom/SOAR City Hyderabad Province Telangana Country India Postal Code 500081 Number of Positions 5 Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Role & responsibilities SOC Automation Managing and operating Microsoft Sentinel Log Source Onboarding : Onboard and troubleshoot log sources (on-premises and cloud) to the Sentinel platform using syslog, APIs, and other mechanisms. Ensure data integrity, reliability, and proper formatting. Log Management : Hands-on experience with log collection, parsing, and analysis from various sources (e.g., firewalls, endpoints, cloud environments). Strong defensive mindset with understanding of security events of interest for building detection rules Good in query languages like KQL. Advanced threat intelligence with the help of kusto query language (KQL). Should have advanced knowledge on use case creation, parser development DevOps Knowledge : Understanding of DevOps practices such as CICD pipelines, GIT, ARM templates, and Azure Automation for streamlining processes. Creation of automation rules.Use of threat intelligence in Azure sentinel. Implement and optimize security controls in cloud environments ( AWS, Azure, GCP), enforcing security-as-code principles and compliance automation . Experience in working with SOAR tools Sentinel SOAR Experience with programming (preferably Javascript, Python, REST API), automation or machine learning SIEM Migration : Proven experience in SIEM migration projects and transitioning between platforms will be advantage. Good command of the English language, both written and verbally Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Role & responsibilities SOC Automation Managing and operating Microsoft Sentinel Log Source Onboarding : Onboard and troubleshoot log sources (on-premises and cloud) to the Sentinel platform using syslog, APIs, and other mechanisms. Ensure data integrity, reliability, and proper formatting. Log Management : Hands-on experience with log collection, parsing, and analysis from various sources (e.g., firewalls, endpoints, cloud environments). Strong defensive mindset with understanding of security events of interest for building detection rules Good in query languages like KQL. Advanced threat intelligence with the help of kusto query language (KQL). Should have advanced knowledge on use case creation, parser development DevOps Knowledge : Understanding of DevOps practices such as CICD pipelines, GIT, ARM templates, and Azure Automation for streamlining processes. Creation of automation rules.Use of threat intelligence in Azure sentinel. Implement and optimize security controls in cloud environments ( AWS, Azure, GCP), enforcing security-as-code principles and compliance automation . Experience in working with SOAR tools Sentinel SOAR Experience with programming (preferably Javascript, Python, REST API), automation or machine learning SIEM Migration : Proven experience in SIEM migration projects and transitioning between platforms will be advantage. Good command of the English language, both written and verbally Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Investigate, hunt, and lead escalated incident response using advanced threat detection from SIEM, EDR, NDR platforms. Develop and manage custom detection use cases aligned to threat frameworks and customer environments. Key Responsibilities: Monitoring, Investigation & Triage Triage and correlate alerts from SIEM (QRadar/Sentinel), EDR, and NDR Identify lateral movement, C2 activity, and data exfiltration Lead incident investigations and initiate containment measures Threat Hunting & Detection Engineering Proactive hunting using logs, flow data, and behavior analytics Apply MITRE ATT&CK for hypothesis-driven hunts Develop, test, and optimize custom detection rules Maintain a backlog aligned with emerging threats Tool Proficienc y SIEM: Advanced KQL/AQL queries, rule tuning, alert optimization EDR: Defender for Endpoint binary/process analysis, endpoint containment NDR: Darktrace/LinkShadow behavioral baselining, detection logic SOAR: Sentinel Playbooks / Cortex XSOAR for automated workflows Cloud Security: Azure AD alerts, MCAS, Defender for Cloud, M365 Defender Threat Intelligence Integration IOC/TTP enrichment Threat intel feed integration Contextual alert correlation Reporting & RCA Draft technical incident reports and RCAs Executive-level summaries for major incidents Cloud Security (Optional): Investigate alerts like impossible travel, app consent abuse Respond to cloud-native security incidents using Defender for Cloud, MCAS Create advanced SOAR workflows and playbook Tool Familiarity QRadar Microsoft Sentinel Microsoft Defender for Endpoint LinkShadow or Darktrace EOP/Exchange protection Antivirus platforms Defender for Identity / Defender for Cloud Advanced SOAR workflows (Sentinel playbooks / Cortex XSOAR) Network forensic tools like Wireshark / Zeek Certifications (Preferred): GCIH / GCIA / CEH Microsoft SC-200 / SC-100 QRadar Admin or equivalent Shift Readiness: 24x7 rotational shifts, including on-call support for escalations and major incidents Soft Skills: Strong analytical and documentation skills Proactive communicator Independent problem-solver and critical thinker

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Resource would be working directly with Client driving enhancements and recommending technological enhancements. Integrating custom applications by developing custom connectors like OT and internal build applications. Perform Log Analytics Migration from different Azure regions, basically performing architectural changes recommended by audit team. Working with Cyber Threat client team to develop detection models using Sentinel Jupiter. Work with security architects to recommend and build DR environment for Azure Sentinel. Integrate Anomaly Threat Stream with Azure Sentinel. Would be working with infrastructure architects to segment sentinel resources based on Tier architecture. Recommend and implement new upcoming Azure Sentinel features. Recommend and Architect Complex SOAR automations using Azure Logic Apps. Professional & Technical Skills: Must Have Skills: Proficiency in Azure Sentinel Build activity. Strong understanding of threat intelligence analysis Experience in designing and implementing security solutions Knowledge of security compliance standards and regulations Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in which 4 years of experience in Azure Sentinel deployments and implementation. This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Role & responsibilities Minimum experience 8 years experience in SIEM and SOAR engineering work. Knowledge on XSOAR, Sentinel SOAR, Splunk Phantom, IBM QRadar, Microsoft Sentinel, Tines SOAR. Should have experience configuring Security Orchestration, Automation, and Response tools, scripts, events, and playbooks. Should be well versed with XSOAR application components and know how to configure it and implement system updates. Should be able to create and maintain custom content and playbooks. Should be able to troubleshoot client/server issues. Should be able to manage and maintain the health of Security Orchestration, Automation, and Response infrastructure manager/clients. Must possess strong Python, JavaScript and other scripting skills to automate system maintenance tasks. Must be comfortable and proficient in use of regular expression (regex). Must have a solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Must possess strong analytical, problem solving and documentation skills• Experience in creating threat detection use cases on any SIEM tools (QRadar/Sentinel/Splunk) Experience in Log Source integration for use case and SOAR automation Strong defensive mindset with understanding of security events of interest for building detection rules Experience with programming (preferably Python, REST API), automation or machine learning Good in query languages like SQL, KQL, AQL from Splunk, Sentinel and QRadar pov Good command of the English language, both written and verbally Must demonstrate strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Job Title: Senior Security Analyst Threat Hunting & Incident Response Location: Bangalore (Rotational Shifts) Mode of work- 5 days WFO Experience: 8+ Years Job Type: Full-time Job Description: We are looking for a highly skilled and experienced Senior Security Analyst to join our client's Cybersecurity team. This role involves leading incident response activities, performing proactive threat hunting, and enhancing our overall security posture through innovative detection strategies and forensic investigations. Key Responsibilities: Lead end-to-end security incident response, including analysis, containment, mitigation, and reporting. Design and implement detective controls for emerging threats and vulnerabilities. Perform proactive threat hunting across multiple platforms and environments. Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. Research emerging threats, vulnerabilities, and attack techniques to improve defenses. Participate in a 24/7 on-call rotation to support incident response and critical investigations. Document incident response activities and produce detailed reports for stakeholders. Conduct post-incident reviews to drive improvements in tools, processes, and readiness. Collaborate across teams to improve the organization’s threat detection and response maturity. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field. Minimum 8 years of experience in Security Operations, Incident Response, or Threat Detection. Strong experience with threat hunting methodologies and frameworks. Hands-on expertise with tools such as SIEM, SOAR, XDR (e.g., Cortex XSIAM, Torq). Working knowledge of MITRE ATT&CK , NIST frameworks, and cyber kill chain concepts. Preferred Skills & Experience: Strong understanding of network and endpoint security, defense-in-depth, and current threat trends. Experience with cloud security (AWS, Azure, GCP) and public cloud defense techniques . Exposure to Endpoint Detection & Response (EDR) tools, forensic analysis, and log correlation. Proficiency in scripting languages (e.g., Python, PowerShell ) for automation and analysis. Relevant certifications such as CISSP, GIAC (GCIA, GCIH, GCFA), CEH are a plus. Strong analytical mindset with the ability to assess risk and prioritize response. Excellent written and verbal communication skills.

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response, Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection & Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 1.5+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory .

As a Customer Success Manager - Azure & Security, The incumbent will be the key point of contact for customers adopting Microsoft Azure and Cybersecurity solutions. The mission is to drive customer success by ensuring secure and effective adoption of TTBS offered services, managing customer relationships, and supporting long-term strategic cloud and security goals. Its an Individual Contributor role. Key Role Deliverables Act as a trusted advisor for customers implementing Azure infrastructure, services, and security frameworks. Lead onboarding, training, and enablement for customers transitioning to Azure and Microsoft Security solutions (e.g., Defender, Sentinel, Entra). Monitor customer health, usage, and satisfaction to proactively address risks and promote solution value. Drive adoption of Azure-native security tools and best practices to strengthen cloud environments. Collaborate with technical delivery, cloud architecture, and support teams to ensure customer success and alignment. Conduct regular Executive Business Reviews (EBRs) and strategic planning sessions with key stakeholders. Maintain a deep understanding of Microsoft Azure & Security roadmap to guide clients on optimization and innovation. Identify expansion and upsell opportunities in areas like Azure cost optimization, compliance, Zero Trust architecture, etc. Right Person (Qualification & Experience) B. Tech (Computer Science, Electronics etc.) Minimum 6 years of experience in Customer Success, Technical Account Management, or Cloud Consulting with a focus on Azure and/or cybersecurity. Strong knowledge of Microsoft Azure, including core services (IaaS, PaaS), networking, identity, and security features. Familiarity with Security solutions: Defender for Cloud, SIEM, SOAR, VAPT, SOC, Purview, etc. Experience with compliance frameworks (e.g., NIST, ISO 27001, GDPR) and security best practices in the cloud. Ability to manage technical conversations with C-level stakeholders and IT teams. Strong project management, communication, and interpersonal skills. Certifications preferred: Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified: Security, Compliance, and Identity Fundamentals Microsoft Certified: Azure Security Engineer Associate

ABOUT THE ROLE The Senior Manager Information Security is responsible for leading the security automation product team and driving the development, integration and continuous improvement of a security automation platform. This role combines strong leadership, technical acuity, and product ownership skills to supervise a growing team responsible for automating security workflows, integrating tools, improving operational efficiency, and strengthening the overall cybersecurity posture. As the product owner of the security automation platform and service, the Senior Manager Information Security collaborates with collaborators to deliver impactful automations and maintain a scalable, secure, and resilient automation infrastructure. Key aspects of the role include aligning automation projects with organizational security goals, fostering innovation in machine learning applications, and ensuring the adoption of industry-leading practices by staying ahead of with evolving threats and trends. Roles & Responsibilities: Lead and mentor a team of security automation engineers, data engineers, and data scientists, fostering a collaborative and high-performance culture Oversee the security automation service, ensuring effective operations, prioritization, and continuous alignment with business and security goals Oversee the security automation product team to ensure adherence to SAFe/Agile methodologies and definitions of done, maintaining high-quality standards in deliverables Oversee the seamless operation, scalability, and efficiency of a cloud-based security automation solution, ensuring continuous enhancement of security controls and automation capabilities Develop strategies to streamline incident response, threat detection, and remediation processes using automation capabilities Drive and manage the seamless integration of new and existing security tools, platforms, and workflows to ensure a cohesive and optimized automation ecosystem Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST) Collaborate with collaborators to establish and supervise critical metrics related to SAFe implementation Generate and maintain security reports, metrics, and dashboards for management review Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations Build and deliver knowledge sharing presentations and documentation to educate developers and operations teams on application security standard methodologies and secure coding techniques Triage and assess findings from tools, external reports, and tests to determine real risks and prioritize remediation efforts Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues What we expect of you We are all different, yet we all use our unique contributions to serve patients. The professional we seek is a senior manager with these qualifications. Basic Qualifications: Masters degree and 8 to 10 years of Scrum teams management or related field experience OR Bachelors degree and 8 to 10 years of in Scrum teams management or related field experience OR Diploma and 12 to 14 years of in Scrum teams management or related field experience. Preferred Qualifications: Experience managing and scaling security automation platforms and tools (e.g., SOAR) Demonstrated success in leading high-performing technical teams in an agile environment Strong understanding of integrating security tools and data platforms (SIEM, EDR, IAM, etc.) In-depth knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Strong knowledge of security architecture frameworks and principles Strong understanding of common software and web application security vulnerabilities Excellent communication, stakeholder management, and analytical skills. Good-to-Have Skills: Experience with network security, endpoint protection, and incident response Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) CISSP (preferred) TOGAF (preferred) Certified Scrum Product Owner (CSPO), or equivalent (preferred) Soft Skills: Initiative to explore alternate technology and approaches to solving problems Skilled in breaking down problems, documenting problem statements, and estimating efforts Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team-oriented, with a focus on achieving team goals

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Google Chronicle SIEM Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :The SIEM SME leads in architectural design, specification, and maintenance of Splunk/Google Chronicle Security products and services.Candidates must have backgrounds in network planning and design, implementation, and operations. SIEM SMEs apply business and technology skills with structured methodologies to deliver complex solutions to the customer. Roles & ResponsibilitiesAnalyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breachPerform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal actionInterface with technical personnel and others teams as requiredMake recommendations on the appropriate corrective action for incidentsConfigure and manage Infrastructure Security and SIEM solutions.Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platformMonitor devices and correlation tools for potential threatsInitiate escalation procedure to counteract potential threats/vulnerabilitiesExperience building and maintain security incident correlation content (hands-on)Experience with reverse engineering tools and techniques as it pertains to network traffic collection and analysisOperational knowledge of system and network security engineering best practices and architectureWillingness to engage hands-on from inception to complete and audit to SIEMs deploymentProvide guidance and insight, as well as follow directives as necessary to complete accelerated deployment of the SIEMsCapable and willing to integrate multiple security control production into the SIEMs platformAppropriately inform and advise management on incidents and incident preventionEncourages and implements continuous improvement measures on day-to-day basisLeverages extensive knowledge of communications in a manner that provides business value to the IT OrganizationRequired to identify, assess, and resolve complex issues/problems within own area of responsibilityProvide Incident remediation and prevention documentationDocument and conform to processes related to security monitoringParticipate in knowledge sharing with other analysts and develop solutions efficientlyCoordinate or participate in individual or team projectsWrite technical articles for internal knowledge baseProvide performance metrics as necessaryDevelop and optimize technical processes and coordinate procedure documentation. Professional & Technical Skills: Must have working experience in Google Chronicle SIEM/SOAR as SME. At least 8+ years of experience in Information Security, Risk Management, Infrastructure Security and ComplianceSecurity device installations, configuration and troubleshooting (e.g., firewall, IDS, etc.)Hands on experience in supporting AWS and Azure Assets, especially supporting Splunk deployment in AWS/Splunk ES as a serviceExperience in deploying different type of forwarders and AppsDeep knowledge in AWS services and serverless architectureExpertise in UNIX, Linux, and Windows - able to tear down and rebuild a host systemExperience with Database installation and configuration is required and Oracle experience is a plusExploit and detection analysis skills, including ability to analyze logs for useful information and patternsInstall, configure, tune, and maintain the Splunk SIEM componentsPrimarily focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc) of incoming data and for self-monitoring of the solution itself.Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.Assist with the creation of detailed deployments plans, architectural drawings and operation manuals.Assist with event source auditing configurations, integration with various security platforms, network devices, and systemsExpert in development of Regular Expression (REGEX)Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management.A solid understanding of frameworks such as ISO 27001/27002, COBIT, and other relevant compliance such PCI, HIPAA, SOX, FISMA, and others those are required for Security Information and Event Management. Experience working in a diversified, virtual environment.Administrational tool development and maintenance.Desirable to have some certifications such as CISSP, ITIL, CISA, CISM and GIAC-GCIADesirable to have some advanced Certification from SIEM vendor on products such as HP ArcSight or RSA envision. Additional InformationBachelors and above degree in Computer Science, Information & Technology, MIS, Engineering. Qualification 15 years full time education

Job Overview: We are seeking an experienced and skilled Firewall L1 & L2 Engineers to join our network security team in Mumbai. The ideal candidate will have a strong background in network security, with specific experience managing and supporting firewalls and security appliances from Palo Alto Networks (PA), Checkpoint, Cisco ASA, and Fortinet. This role requires a proactive individual with a keen eye for security, a strong technical foundation, and effective communication skills to handle daily operational tasks, manage incidents, and maintain security policies within a 24/7 environment. Key Responsibilities: Firewall Administration and Support: Manage, configure, and troubleshoot firewall solutions across PA, Checkpoint, Cisco ASA, and Fortinet platforms. Perform day-to-day BAU MACDs (Moves, Adds, Changes, and Deletes) and configuration changes as required. Incident and Problem Management: Manage and resolve incidents, problems, and service requests associated with firewall operations. Proactively monitor network security events using network monitoring tools to identify and resolve issues before service degradation occurs. Conduct incident analysis and response, supporting troubleshooting efforts across OSI layers 1, 2, and 3. Policy and Exception Management: Manage firewall policies and exceptions to ensure compliance with organizational security standards. Deploy and maintain access and security policies, aligning with organizational requirements. Technical Expertise and Troubleshooting: Hands-on experience with packet capture, analysis, and troubleshooting tools. Perform daily performance checks, periodic audits, and compliance reviews on firewall devices. Troubleshoot network, transport, session, presentation, and application layers as required. Network Security Operations: Implement and uphold network security policies, standards, and procedures. Apply security patches as needed and support automation of processes through scripting or SOAR tools. Collaboration and Coordination: Work closely with users to resolve trouble tickets efficiently. Coordinate with OEMs for TAC support, RMA, replacement, and reconfiguration of PA, Checkpoint, Cisco ASA, and Fortinet devices. Backup device configurations in accordance with the agreed schedule. Candidate Requirements: Experience: 2-7 years of experience in network security, with managing PA, Checkpoint, Cisco ASA, or Fortinet firewall solutions. Technical Proficiency: Proficiency in managing and configuring PA, Checkpoint, Cisco ASA, and Fortinet firewall solutions. Strong experience with Windows, Linux, and Unix environments. Skilled in commissioning, implementation, and integration of firewall solutions with management and authentication tools (e.g., email, AD, IAM, SIEM). Experience in automating processes using scripting and SOAR tools. Knowledge Base: Solid understanding of firewall products, policy management, and exception handling. Familiarity with troubleshooting tools for packet capture, analysis, and network diagnostics. Operations Management: Experience in incident, problem, service request management, and change management. Ability to maintain service levels for 24/7 monitoring and configuration oversight of network security infrastructure. Soft Skills: Excellent verbal and written communication skills for effective interaction with users and stakeholders. Strong analytical skills, with the ability to manage multiple priorities under minimal supervision.

Key Responsibilities: Advanced Threat Detection & Incident Response: Serve as the final escalation point for critical incidents and threat investigations. Lead deep-dive analysis on alerts, threats, and indicators across varied environments. Conduct malware analysis, reverse engineering, and threat hunting when needed. Perform forensic analysis using endpoint, network, and cloud telemetry. SOC Operations in MSSP Context: Operate in a multi-tenant SOC supporting enterprise, mid-market, and OT/ICS clients. Customize correlation rules, detection logic, and alert tuning for each client environment. Collaborate with client security teams during incident lifecycle and response activities. Ensure SOC processes, SLAs, and communications are aligned with client expectations. Technical Leadership & Mentoring: Guide and mentor L1 and L2 analysts in investigation techniques, use case analysis, and incident triage. Review escalations, ensure incident quality, and drive analyst capability building. Help design and maintain client-specific runbooks and detection use cases . Tooling & Engineering Support: Work closely with SIEM/SOAR engineers to enhance detection logic and automation. Validate detection efficacy using red team or threat simulation tools. Participate in tuning efforts for SIEM (e.g., Splunk, Sentinel, QRadar, LogRhythm, Seceon, etc.) and EDR tools. Reporting & Documentation: Create detailed incident reports, RCA documents, and threat summaries for clients. Provide technical input during client reviews and executive briefings. Maintain compliance with internal quality standards, frameworks (MITRE ATT&CK, NIST, ISO), and regulatory mandates. Required Skills & Experience: Proven experience in: SIEMs: Splunk, Sentinel, Exabeam, QRadar, or similar. EDR platforms: CrowdStrike, SentinelOne, Carbon Black, etc. SOAR and automation workflows. Scripting (Python, PowerShell, or Bash) for threat hunting or automation. Strong understanding of TCP/IP, threat vectors, and log analysis. Knowledge of frameworks such as MITRE ATT&CK, NIST 800-61, and ISO 27035. Ability to manage high-pressure incidents across multiple clients simultaneously. Preferred Certifications (Nice to Have): GIAC (GCIA, GCIH, GNFA), OSCP, CISSP, or equivalent certifications. Experience with OT/ICS threat detection and asset monitoring is a plus. Knowledge of cloud monitoring (Azure/AWS/GCP) and hybrid threat detection

Role & responsibilities 1. Ensure optimal operation of MDR solution, including software and applications. 2. Ensure effectiveness of security solutions in scope 3. Develop use cases and playbooks for SIEM and SOAR for effective and automated incident detection and handing. 4. Test SIEM SOAR and other solutions in scope to explore the right technical defense/remedy and provide performance statistics and reports. 5. Ensure adequate controls are in place to protect critical assets against any incidents or threats from the internal or external environment. 6. Co-ordinate with vendors/partners & internal teams to manage the lifecycle of security platforms including deployments, maintenance and operations. Develop plans for maintaining the infrastructure in newly implemented security solutions to operational environment. 7. Lead Cybersecurity incident management and manage related process, tools and resources 8. Work with identified partner and govern them for effective execution of organizational requirements for Security operations and incident handling 9. Conduct periodic threat hunting independently and with partners to ensure effective detection of any threats. 10. Ensure preventive maintenance of critical infrastructure, to increase performance and minimize disruption. 11. Manage SLAs for solutions and processes in scope. 12. Record all incidents/events leading to infrastructure downtime, analyze root cause and suggest workarounds. 13. Monitor performance reviews, corrective action, routine equipment checks and preventative maintenance for security systems to reduce the down time of the systems. 14. Perform integration of all tools and services for access, authentication, authorization, data security, vulnerability management, policy management, auditing, and compliance to ensure company's security policy and procedures are applied. 15.Define, gather and report on metric regarding security systems within ASL environments. Prepare status reports and other management metrics as needed. Preferred candidate profile 1. Demonstrable experience within a Security Operations Center, coordinating responses to security incidents. 2. Experience leading the implementation and development of MDR tooling, infrastructure and processes 3. Experience On popular SIEM, SOAR, and threat hunting platforms is mandatory. 4. Experience in security incident handling is mandatory. 5. Exposure to threat hunting is mandatory. 6. Security related professional certifications preferred. Examples of certifications include but are not limited to CISSP, CIH (ec council), CND, infosec institute, etc. 7. Strong analytical & problem-solving skills with ability to translate ideas into practical implementation. 8. Ability to manage stakeholder relationships including team members, vendors and partners. 9. Excellent leadership and communication skills with ability to present and communicate effectively with both technical and non-technical audience. 10. Ability to provide technical and professional leadership, guidance, and training to others.

Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender , Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune . Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7 . Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Intersted candidates drop your resumes to 8179814131 - Navya (WhatsApp) or apply through below link https://recruiting.paylocity.com/recruiting/jobs/All/3cb31b47-df35-44a0-9592-a322ad0b2915/nimble-international

Top Selection & Auto Elimination Criteria: Rotational Shift, Only Immediate joiners (0-15 days ), Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.