482 Soar Jobs - Page 3

The position available is for Threat Detection Engineering within the MSS-Engineering Team. As a technical lead with over 7 years of hands-on experience, you will be focusing on Threat Detection capabilities, specializing in SIEM (e.g., LogRhythm, Forti SIEM), EDR, XDR, and other Security Solutions from a Detection Capability perspective. Your responsibilities will include creating Use cases (MITRE, Cross & Multi Correlation), crafting Threat Hunting Hypotheses, executing Threat Hunts, driving technical POCs for varied security solutions, and possessing a solid understanding of the MITRE framework and Malware Analysis. You will be leading multiple technical initiatives, ensuring their successful completion with value additions. Additionally, you will be evaluating new Security Solutions and developing new portals from a technical standpoint. Your responsibilities will entail possessing a strong understanding of SIEM, EDR, and XDR technologies, as well as hands-on experience in detection engineering services such as CTI, Threat hunting, Use-Case Development, Malware Analysis, Security Analysis, System Integration, and RE. You should be adept at Developing MITRE Mapped, Cross Correlated use cases on SIEM (e.g., LogRhythm, Forti SIEM) and other security solutions, performing Technical Product Evaluations (POC) for different Security Solutions, and conducting Cyber Threat Hunting using standard, Hypothesis & Situational based approaches. Additionally, you will create Threat Hunting Hypotheses for active APT/Threat actor groups, possess knowledge of Malware Analysis, Security Incident Analysis, System Integration using API, and SOAR functionality. Desired skill sets for this role include proficiency in SIEM, Use Case Development, SOAR, Malware Analysis, CTI, EDR, and XDR. Holding certifications such as GIAC, CISSP, CCSK, CCSE, CISA, HBSS, NSA, Cisco Security, Security + CEH, or other SIEM Vendor security certifications would be advantageous.,

Overview Connecting clients to markets and talent to opportunity With 4,300 employees and over 400,000 retail and institutional clients from more than 80 offices spread across five continents, were a Fortune-100, Nasdaq-listed provider, connecting clients to the global markets focusing on innovation, human connection, and providing world-class products and services to all types of investors. Whether you want to forge a career connecting our retail clients to potential trading opportunities, or ingrain yourself in the world of institutional investing, The StoneX Group is made up of four segments that offer endless potential for progression and growth. Business Segment Engage in a deep variety of business-critical activities that keep our company running efficiently. From strategic marketing and financial management to human resources and operational oversight, youll have the opportunity to optimize processes and implement game-changing policies. Responsibilities Position Purpose We are seeking a experienced Threat Hunter to join our global Security Operations Center (SOC) team. This role is based in Bangalore and aligned to UK business hours. As an L3- level position, the Threat Hunter will dive advanced detection, investigation, and proactive hunting across enterprise environments. You will act as a subject matter expert within the SOC, bridging intelligence detection engineering, and incident response, while mentoring junior analysts. Key Responsibilities Program Leadership & Strategy Conduct proactive threat hunting across endpoints, networks, and cloud environments to identify malicious activity, abnormal behaviors, and emerging attacker techniques. Lead complex investigation escalated from L1/L2 SOC teams, providing expert analysis and resolution guidance. Develop, test, and deploy advanced detections aligned with MITRE ATT&CK and other frameworks Collaborate with Threat Intelligence teams to operationalize intel into hunting hypotheses and detection rules. Perform root cause analysis and propose long-term defensive improvements Create and maintain documentation, playbooks, and hunt reports to improve SOC maturity Mentor and upskill L1/L2 analysts, building a knowledge-sharing culture within the SOC Act as point of escalation during incidents, providing expert guidance and coordination Participate in re/blue/purple team exercises and integrate lessons learned into detection strategies. Qualifications To land this role: Qualifications Required 5-8 years of experience in SOC, incident response, or dedicated threat hunting Strong expertise in EDR, SIEM, and SOAR platforms Deep understanding of Windows, Linux, and Cloud internals for detection and forensics Proven ability to operationalize MITRE into detection and hunting activities Proficiency with scripting, querying (e.g. Python, PowerShell, KQL) Excellent analytical and problem solving skills with the ability to think like an attacker Stong communication skills to document finding and present results to technical and executive audiences. Nice to have Experience with threat intelligence analysis and integrating intel into hunt operations Familiarity with reverse engineering malware or analyzing exploits Prior mentoring or leadership experience within SOC teams Show more Show less

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Manager You will oversee daily operations of a Security Operations Center (SOC), manage threat detection, response, and coordinate escalations across hybrid environments. The role involves deep hands-on engagement with SIEM, EDR, cloud security platforms, and advanced email security solutions like Proofpoint, IronPort, and Cofense. You will ensure rapid detection, containment, and remediation of security incidents while also mentoring junior analysts and improving operational processes. Roles & Responsibilities:-Must Have Skills: A Sentinel Specialist is primarily responsible for implementing and managing Microsoft Sentinela cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) solution.-Deploy, configure, and manage Azure Sentinel for threat detection and incident response.- Integrate Sentinel with various data sources using native and custom connectors.-Create and fine-tune analytic rules, workbooks, and playbooks to automate threat detection and response.-Optimize Sentinel performance through query tuning and cost management.- Collaborate with IT and security teams to improve security posture and ensure compliance.- Stay updated with cybersecurity trends and integrate threat intelligence feeds.- Lead a team of SOC analysts, acting as escalation point for critical incidents.-Monitor alerts from SIEM tools such as Azure Sentinel, RSA NetWitness.-Operate and analyze endpoint threats using EDR tools like Microsoft Defender for Endpoint, CrowdStrike Falcon.- Utilize Microsoft Defender for Cloud to assess and enforce security posture across cloud infrastructure.-Collaborate with IT, DevOps, and engineering teams to implement secure configurations and cloud best practices.- Create detailed incident reports, dashboards, and threat landscape briefings.-Develop and maintain security playbooks, SOPs, and shift handover documentation.- Support proactive tuning of detection rules, policies, and integrations across security tools.-Lead and manage the security operations team (SOC).- Develop and enforce security policies, protocols, and procedures.- Monitor and respond to security incidents and breaches.-Prepare reports and metrics for senior leadership. Professional & Technical Skills: -Proficiency in Kusto Query Language (KQL).- Hands-on experience with SIEM/SOAR tools, especially Microsoft Sentinel.- Familiarity with cloud platforms (Azure preferred).- Scripting knowledge (PowerShell, Python, YAML, JSON).- Understanding of cybersecurity frameworks like MITRE ATT&CK or NIST.- Expertise with EDR platforms:Microsoft Defender for Endpoint, CrowdStrike Falcon.- Proficiency in managing email security and phishing defense platforms:Proofpoint TAP/ETP,Cisco IronPort (ESA,Cofense Triage, Vision, Reporter- Familiarity with threat intelligence platforms:MISP, Recorded Future.-Understanding of OS and network log formats, HTTP/SMTP traffic, and Windows/Linux security.- Basic scripting knowledge (Python, PowerShell, Bash) for automation and threat hunting.-Deep understanding of cybersecurity tools and practices.Certification Requirements (Must Have One or More):- Microsoft Certified:Security Operations Analyst Associate (SC-200)- Microsoft Certified:Azure Security Engineer Associate (AZ-500)- Certified SOC Analyst (CSA) EC-Council-CompTIA Security+, CySA+, or CASP+- GIAC Certifications:GCIH, GCIA, GCFA (optional)- CrowdStrike Certified Falcon Responder (CCFR) or equivalent (for EDR specialization) Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru, Gurugram, Hyderabad, Mumbai, Noida. No other location Preferred- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NA Minimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:- Work as part of analysis team that works 24x7 on a rotational shift - The candidate should have minimum 2 years of experience - This position is based at our Chennai office.- A 15-year full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : No Skill Speciality Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response activities, contributing to the overall security posture of the organization while staying updated on the latest security trends and technologies. Roles & Responsibilities:Work as part of the analysis team that works 24x7 on a rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:- The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.- Minimum a bachelors or a masters degree in addition to regular 15- year full-time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:# Objectives:1. Lead the development and implementation of SOAR solutions to automate security incident response and improve incident management efficiency.2. Design and implement scalable SOAR architectures that integrate with existing security infrastructure and tools.3. Mentor a team of SOAR engineers and analysts to ensure successful solution delivery and adoption.4. Collaborate with cross-functional teams to identify security automation opportunities and drive solution adoption.5. Drive continuous improvement of SOAR solutions through data analysis, reporting, and process optimization.6. Develop and execute SOAR strategy and roadmap7. Design and implement Splunk-Phantom SOAR solutions, playbooks, and integrations8. Collaborate with security teams, vendors, and stakeholders9. Analyze data and generate reports to inform SOAR solution improvement10. Ensure compliance with security regulations and industry standards# Requirements:- Strong technical background in security automation, SOAR, and security incident response- Experience with Splunk Phantom SOAR platform- Leadership and team management experience- Excellent communication and collaboration skills- Strong analytical and problem-solving skills Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Phantom (SOAR) and Security Information and Event Management (SIEM).- Tool Proficiency- Splunk and Phantom- Strong understanding of cloud security principles and practices.- Experience with security compliance frameworks such as ISO 27001 or NIST.- Familiarity with incident response and threat management processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title: SOC Analyst - Security Operations Location: Bangalore Experience: 36 Years Designation: SOC Analyst – Security Operations Job Brief We are looking for a dedicated and detail-oriented SOC Analyst – Security Operations to join our cybersecurity team. You will be responsible for monitoring, detecting, and responding to security incidents, performing threat analysis, and contributing to strengthening the organization’s security posture. This role involves collaborating with cross-functional teams, conducting investigations, and ensuring compliance with security policies and regulations. Key Responsibilities Perform daily SOC monitoring, detection, and incident response activities. Monitor security alerts from SIEM, SOAR, and other security platforms. Investigate and analyse security events to determine severity and impact. Create and update incident tickets, ensuring accurate documentation. Conduct internal and external security audits and assessments. Investigate security breaches, determine root causes, and recommend corrective actions. Support the improvement of incident response, forensic, and disaster recovery processes. Research emerging threats and update detection and mitigation strategies. Enforce security best practices and compliance policies. Assist in external compliance and regulatory audits. Prepare and submit daily, weekly, and monthly SOC operational reports. Coordinate with IT teams and vendors during incident resolution. Participate in 24x7 shift operations, including weekend/holiday rotations. Required Skills & Experience Bachelor’s degree in Computer Science, Information Technology, or equivalent. 3–6 years of hands-on experience in cybersecurity/SOC operations. Strong understanding of: Network protocols, OS & database security. Cloud environments (Windows, Unix, Linux, MS Azure, Android, iOS). Malware analysis, compromise investigation, and forensics. SIEM/SOAR tools (rule tuning, correlation, incident handling). Vulnerability & penetration testing (web, OS, network, MDM, cloud). Hands-on experience with tools such as LogRhythm, LogRhythm NetMon, FortiAnalyzer, SolarWinds, Nessus, Acunetix, IBM AppScan, Qualys. Strong scripting skills (Python preferred). Knowledge of IDS, WAF, IP reputation systems, code review, and social engineering assessments. Familiarity with ISO 27001, PCI-DSS, GDPR, HIPAA, NIST, SOX, OWASP, OSSTMM, COSO frameworks. Soft Skills Strong analytical and problem-solving skills. Excellent communication and collaboration skills. Ability to manage multiple priorities in a fast-paced environment. Willingness to work in rotating shifts for 24x7 SOC operations. Certifications (At least one mandatory) CEH – Certified Ethical Hacker CompTIA Security+ EC-Council Certified Incident Handler (ECIH) EC-Council Certified SOC Analyst (CSA)

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

JOB DESCRIPTION JOB DESCRIPTION At Ford Motor Company, we believe freedom of movement drives human progress. We also believe in providing you with the freedom to define and realize your dreams. With our incredible plans for the future of mobility, we have a wide variety of opportunities for you to accelerate your career potential as you help us define tomorrow's transportation. This role will be focused on operating and improving Ford's Cyber Defense Center (CDC) efforts within the Office of the CETO organization. The CDC mission is to provide proactive and reactive security services to protect Ford Motor Company Global digital information assets from compromise. Ford Motor Company must be able to respond to information security-related incidents in a manner that protects corporate information and ensures the protection of additional information which might be affected by the incident. The Threat Integration Analyst is focused on integrating threat and intelligence information across Ford's security landscape including SIEM, SOAR, EDR, Intelligence, and other tools in order to protect any Ford Motor Company asset or asset of any subsidiary or joint venture worldwide. Successful candidates must have a significant interest in the Cyber Defense background. The candidate should display strong technical depth that spans cloud, network, and hosts. Experience in understanding modern computing vulnerabilities, attack vectors and exploits is recommended. Leadership behaviors must include solid oral and written communications skills, focus on teamwork, and a high level of personal integrity. In this role, candidate will understand existing and emerging threat actors, and be able to identify rapidly changing tools, tactics, and procedures of attacks. Candidates must be willing to work a Hybrid work pattern, with a 4 day in-office schedule. RESPONSIBILITIES RESPONSIBILITIES What you'll be able to do: Develop and implement in Python SOAR orchestration to integrate logs, events, data feeds, execute Incident Response actions, etc. Create, enhance, and tune curated and custom SIEM threat detections Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments Technical project management for software upgrades and maintenance using the AGILE framework QUALIFICATIONS QUALIFICATIONS The minimum requirements we seek : Bachelor's degree in a computer related field Highly capable Python programming skills focused on Rest API's for organizing and moving data across myriad platforms and tooling 2+ years of experience with SIEM tools with preference for Chronicle Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management. Our preferred requirements: 2+ years prior SOC operational experience Sound understanding of Cloud, TCP/IP and networking concepts. In depth knowledge of servers, clients, various computer peripherals, network and/or Storage technologies Thorough knowledge of multiple operating systems specifically Windows and (Mac or Linux) Familiar with Ford Computing Infrastructure and application development life cycle (SDM) Demonstrate high level of independent initiative, drive for results, quality methods and integrity

JOB DESCRIPTION Are you ready to make an impact at DTCC Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. Pay and Benefits: Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance and well-being benefits, based on location Pension / Retirement benefits Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact you will have in this role: Cyber Threat Fusion Center (CTFC) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. Threat Management ensures security monitoring controls provide proper coverage, data quality, and effectiveness to improve DTCC's ability to properly identify current cyber threats, monitor, and detect suspicious activities or instances of data loss. Your Primary Responsibilities: Manage a team of cyber security professionals who can design and implement security monitoring controls Lead technical PoC evaluations and onboarding of new security technologies. Drive continuous improvement of technology, processes, and procedures to align with stakeholder needs. Ensure alignment with enterprise security architecture and compliance standards. Collaborate with internal stakeholders and vendors to ensure robust and scalable integrations. Design and maintain automated playbooks for incident response and threat remediation. Optimize SOAR workflows to reduce manual effort and improve response times. Conduct regular assessments of existing security tools and processes to identify gaps or inefficiencies. Develop and maintain a technology roadmap aligned with business and security objectives. Collaborate with architecture and engineering teams to prioritize and implement gap remediation strategies. Track and report on gap closure progress and impact on overall security posture. Establish performance metrics and key performance indicators (KPIs) to measure the effectiveness of the Security Integration and Orchestration program Qualifications: Minimum of 8 years of related experience Bachelor's degree preferred or equivalent experience Talents Needed for Success: Deep understanding of integrating tools like QRadar, Syslog-NG, SOAR, Armis IoT, Reversing Labs, and Zscaler into the incident response ecosystem. Experience with SOAR platforms and case management systems, including playbook creation and automation workflows. Ability to identify technology gaps in security monitoring and develop actionable remediation plans. Skills in enriching security event data to improve detection and response efficiency Capable of defining objectives and scope for orchestration initiatives and aligning them with business use cases. Proficiency inPython,PowerShell,Bash, orPerlto automate compliance checks, data parsing, and reporting. Proficiency in generating reports and metrics to measure orchestration effectiveness and tool coverage. Experience in coordinating with external vendors for tool integration and support Regular engagement with incident response, Network Penetration and other Cyber Fusion Center teams to ensure alignment and operational readiness. Skilled in managing stakeholder expectations, facilitating discussions, and driving consensus across technical and business teams Highlights the expected benefits of new actions and strategies to help others overcome fears of change. Fosters a culture where honesty and transparency are expected. Proactively seeks feedback from others on his/her own performance. Ensures that regular feedback is given in a constructive and behaviorally oriented manner. Supports an environment where individuals are respected for their contributions. ABOUT THE TEAM Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems. The Global Security Management department provides a general and specialized work force to enforce the rules, regulations, and procedures of DTCC. Responsible for the protection of all DTCC assets, to include the protection of data processing and telecommunications equipment, and to provide a safe and secure workplace for employees.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl's Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested we're committed. We're not just protecting data we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job - it's a passion a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. Are you ready to take on the cyber threats of tomorrow As a Cybersecurity Engineer working alongside our Cybersecurity Architecture team, you'll be on the front line of protecting computer systems and networks from the ever-evolving landscape of hacking, viruses, and malicious attacks. Through the implementation, deployment, and maintenance of security solutions you'll ensure the utmost confidentiality, integrity, and availability of data. We're not looking for ordinary we need individuals with deep expertise in specific technologies, a flair for automation, and a passion for developing innovative use cases. This role isn't just protecting data - it's a vital operation for facilitating trust with our customers. With your technical expertise in cybersecurity and infrastructure, covering everything from networks and servers to systems and hardware devices, you'll lead the charge in deploying high-tech solutions that not only meet compliance with regulations and industry standards but also exceed expectations. As a Cybersecurity Engineer you'll oversee incident response, vulnerability management, and cyber threat hunting. You'll execute security solutions applying cutting-edge technologies like firewalls, intrusion detection and prevention systems, antivirus software, and vulnerability scanners. You will be instrumental in not only addressing threats but also proactively recommending system tuning, identifying new use cases, and providing additional insight from customer and industry data to continually enhance the value of our services. If you're ready to take on a role where every line of code and every solution you implement could be the difference between security and vulnerability, then Kyndryl is the place for you. Your expertise is not just welcome here - it's celebrated and valued. Join us as a Cybersecurity Engineer, and together we'll fortify our cyber defenses making the world a safer place in the digital age. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company - you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles - we're invested in your journey. Provide technical oversight of Information Security technologies that fall under the team's responsibilities, confirming they are operating within agreed service levels and at peak possible performance Manage, drive and coordinate planned maintenance activities as well as the standardization and automation of processes and procedures for Information Security technologies. Manage incident response efforts, providing guidance in the identification and remediation of security threats and vulnerabilities. Provide 24/7 network support for troubleshooting, diagnosing, and resolving network security-related issues. Continuously monitor and optimize network performance, ensuring minimal downtime and high availability of services. Ensure compliance with required security regulations such as ISO 27001, PCI-DSS and others applicable policies and frameworks. Identify potential risks in the network security landscape and propose effective mitigation strategies and take measures to ensure the network is secure against emerging threats. Articulate technology issues/concerns that may emerge at any level of the technical stack, and from any component across the ecosystem, to senior business and technology leaders Will require availability for escalation of production-related issues/incidents Who You Are Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Skills and Experience .X years of experience in engineering/deploying security technologies e.g., EDR, MDR, SIEM, SOAR .Demonstrated experience with managing and maintaining current system security measures as well as implementing new systems .Experience with cloud security, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI .Expertise in network, host, and cloud-based security, attack techniques, analysis, and investigation .Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Preferred Skills and Experience .Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or other related fields .Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or ECMAP (Malware Analysis Professional) .Experience in security monitoring and in advanced analytics (UEBA) 8+ years of experience in managing security technologies such as Firewalls, VPN, NAC & Secure DNS Proficient in OSI mode and TCP/IP Protocols Strong knowledge of firewalls (Palo Alto, Fortigate, Sonicwall), Citrix NetScaler, NAC and secure DNS solutions Cloud Security (Good to have): Hands-on experience securing cloud environments (AWS, Azure, GCP) and leveraging cloud-native security features (e.g., AWS Security Hub, Azure Security Center). Familiarity with network automation using tools (e.g. Ansible, Python) Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

As a Presales Consultant specializing in Cyber Security at Infobahn, you will play a vital role in driving revenue growth by leveraging your technical expertise to support our sales team and clients. Your responsibilities will include serving as a subject matter expert on cyber security solutions, conducting technical presentations, collaborating with the sales team, building strong client relationships, and contributing to market analysis. You will need to possess a deep understanding of cyber security concepts, excellent communication skills, and a proven track record in a presales environment. Your key responsibilities will involve showcasing technical expertise by being well-versed in Infobahn's cyber security solutions, delivering technical presentations to potential clients, staying updated on industry trends, and developing tailored solutions to meet client needs. You will support the sales team by developing effective sales strategies, preparing proposals, conducting proof-of-concepts, and engaging with vendors and partners to enhance client solutions. Moreover, you will engage with clients by understanding their requirements, providing technical support throughout the sales process, and addressing their concerns. To excel in this role, you should hold a Bachelor's degree in Computer Science or a related field (Master's degree preferred) and have a minimum of [Specify Number] years of experience in a presales role within the cyber security industry. You must demonstrate a strong understanding of cyber security concepts, proficiency in presenting technical information, familiarity with common security tools, and soft skills such as excellent communication and problem-solving abilities. Additionally, possessing certifications like CISSP, CISM, or CEH would be advantageous. If you are passionate about cyber security, have a knack for technical presentations, enjoy working collaboratively with sales teams, and are committed to delivering exceptional customer support, Infobahn welcomes you to join our team as a Presales Consultant. Please reach out to wasat.sayed@infobahnindia.net to explore this exciting opportunity further.,

At BMC, trust is not just a word - it's a way of life! We are an award-winning, equal opportunity, culturally diverse, and fun place to work. Giving back to the community is at the core of what we do, driving us to be better every single day. Our work environment is designed to allow you to balance your priorities, knowing that you will bring your best every day. We celebrate your successes and support you every step of the way. Your peers will inspire you, provide support, and make you laugh out loud! As a Senior Information Security Engineer at BMC, you will be a vital part of the operations wing of our global Corporate Cybersecurity team. You will play a crucial role in securing BMC's IT infrastructure and assets from unauthorized access, ensuring countermeasures are in place against cyber-attacks. Your responsibilities in this role include: Security Engineering: - Identifying vendors and implementing Cybersecurity tools for the team. - Managing and maintaining security tools and systems for incident response. - Creating and maintaining playbooks for responding to various security incidents. Security Monitoring: - Responding to security alerts from the SOC, eliminating false positives, and triaging significant security events. - Continuously monitoring and analyzing security events and threats to identify opportunities for process enhancement. - Reviewing daily security reports, identifying anomalies, and escalating critical security events as necessary. - Participating in internal and external security audits. Security Incident Response: - Conducting thorough investigative actions based on security events and following standard operating procedures for remediation. - Participating in all phases of the security incident response process. - Collaborating with cross-functional teams, external vendors, customers, and partners for incident response. - Recording detailed Security Incident Response activities in the Case Management System. To excel in this role, you should have: - A Bachelor's Degree or equivalent in IT or Computer Science. - Security Trainings/Certifications (e.g., SANS, CDAC-DITISS). - 3+ years of relevant SOC IR experience. - Willingness to work in 24x7 rotating shifts. - Strong analytical and reasoning abilities. - Hands-on experience with SIEM and other cybersecurity tools. - System & Network Log Analysis skills. While the following skills are beneficial, our team is dedicated to helping you develop them: - Good verbal and written communication skills. - Familiarity with various Cloud and OS environments. - Scripting, malware analysis, vulnerability and threat analysis. At BMC, our culture is centered around our people. With over 6000 brilliant minds working together globally, we value your authentic self and encourage diversity in backgrounds and experiences. If you are deeply excited about BMC and this opportunity, we encourage you to apply even if you are uncertain about meeting all the qualifications. BMC offers a competitive compensation package, including a variable plan and country-specific benefits. We are committed to fair and transparent compensation practices for all our employees. If you have had a break in your career and are looking to re-enter the workforce, we welcome you to explore our Returnship program at https://bmcrecruit.avature.net/returnship to learn more about this opportunity and how to apply.,

We are looking for a SOC Analyst (Tier 3) with a minimum of 8 years of experience in cybersecurity, preferably in a SOC or incident response function. As a SOC Analyst, you will be responsible for leading critical security incident investigations, developing advanced detection use cases, and driving strategic security initiatives. Your role will involve managing high-severity incidents, mentoring junior analysts, and refining SOC processes. Key Responsibilities - Lead critical security incident investigations, containment, and remediation. - Develop threat detection rules, correlation use cases, and SOAR playbooks. - Oversee vulnerability assessments, audits, and compliance checks. - Serve as the technical escalation point for Tier 1 and Tier 2 analysts. - Stay up-to-date with emerging threats and recommend proactive defensive measures. Preferred Skills & Tools Experience - Advanced Security Tools: SIEM, SOAR, ESP+IPmediation, UTM+TrueView - Identity & Access Management: IDAM, PAM - Incident Response & Forensics: Hands-on with IR methodologies, advanced log analysis, and threat hunting. - Prior experience designing SOC workflows, dashboards, or automation runbooks. Qualifications - 8+ years in cybersecurity, preferably in a SOC or incident response function. - CISA certification (required). - Expert-level knowledge of intrusion detection, threat intelligence, and forensic analysis. - Proven leadership in high-pressure, time-sensitive security incidents. - Excellent communication, documentation, and mentoring capabilities. Additional Details This is a high-impact role with opportunities to shape the SOC strategy. The role requires being comfortable working in a 24/7 security environment or on-call rotations. How To Apply Send your CV to shreyag@aeroqube.com with the subject line SOC Analyst (Tier 3) [Preferred Location].,

Candidates for this position are preferred to be based in Bangalore, India and will be expected to comply with their team&aposs hybrid work schedule requirements. Who We are: Wayfair is the online leader for home furnishings and decor. Through technology and innovation, Wayfair makes it possible for shoppers to quickly and easily find exactly what they want from a selection of more than 8 million items across home furnishings, dcor, home improvement, housewares and more. Wayfair operates a growing Security Operations Center and were looking for a talented Security Engineer to join and help grow our team. Our Security Operations team is tasked with monitoring and protecting Wayfair from an ever growing number of security risks, and finding new and creative ways to do so. We have a strong focus on engineering and innovation, and are seeking individuals who love to find new problems and hate fixing the same problem twice. What Youll Do In this role you will work closely with the cyber security organization to build monitoring and response tooling and processes to reduce our mean-time-to-detect and remediate to keep up with threat actors changing tactics, techniques, and procedures (TTPs) Logging - Gather all security relevant cloud, infrastructure and application logs parsed, and into our SIEM Detection - Setup detection and prevention rules and policies, PoC and deploy tools that help with detection, tune/audit deployed rules/policies in security tools on true and false positives, setting up a detection framework Response - Build plan and procedures for Incident Response, create playbooks to be followed, automate response, develop/deploy malware analysis tools and techniques, forensic tools and techniques to capture evidence/malware, PoC and deploy tools that help with response, integrate with customer service teams and engineering teams etc. Build security alerts & dashboards in various incident response tools. Monitor for suspicious activities/alerts in the cloud/infrastructure/application from various sources such as internal reports from employees as well as external reports such as customers/social media, vendors, partners, bug bounty programs etc., deployed/integrated security tools, data visualization tools etc. Build and maintain security infrastructure tooling that supports continuous SOC operations and vulnerability management As needed, support the response to security alerts and incidents, and take appropriate action to remediate and resolve We Are a Match Because You Have: 3-5 years experience working in cyber security operations Understanding of the threat landscape, the latest security trends, attack vectors for corporate and cloud environments, and how build detection and response tooling to identify and respond to malicious actors Experience with SOAR/SIEM technologies Experience with incident detection and remediation Working knowledge of threat vectors, vulnerabilities, and what anomalies to look for Working knowledge of Linux and/or Windows logs & indicators Python experience to build and automate tooling Experience writing SIEM logging parsing rules Experience with incident response and monitoring tools, such as SIEM, EDR, cloud monitoring, etc. Strong communication skills to describe challenges and roadblocks when building and maintaining our security operations tooling and logging Understanding of cyber security best practices and frameworks such as NIST, MITRE, ATT&CK Framework, and OWASP Top 10 Show more Show less

Responsibilities :- Lead the design and implementation of SOAR playbooks for security use cases, such as phishing incident response, vulnerability triage, or threat hunting on based on specific threat models. Integration of SOAR with other security capabilities and tools such as SIEM, EDR, NDR threat intelligence platform, and ticketing systems. Design testing and conduct validation of SOAR playbooks before deployment to live environment. Write custom actions, scripts and/or integrations to extend SOAR platform functionality. Monitor performance and perform timely actions to scale SOAR deployment, especially in a high-volume security environment. Migration of existing assets from existing customers SIEM/SOAR to SecOps and assisting in implementing the SIEM/SOAR phase-out, phase-in approach. Develop SOAR playbooks to provide case handling and Incident response as per triage needs Creation of SOAR assets such as reports etc. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Minimum Qualifications :- 8+ years experience in leading projects and delivering technical solutions related to security SOAR experience in the areas of responsibility for at least 1 year Coding experience in one or more general purpose languages. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience architecting, developing, or maintaining secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Preferred Qualifications :- Experience in Prevention, Detection and response to cyber threats SIEM experience of 1 year in integration of log sources, extension of pre-built UDMs and creation of custom parsers, creation of dashboards , creation of custom rules using YARA-L 2.0 etc. Knowledge and experience in SOAR platforms Knowledge in GCP, including Google Cloud Professional Certifications (Security, Architect) and other industry certifications (CISSP, CCSP etc) Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Excellent organizational, problem-solving, articulating and influencing skills. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). Skills: Cloud Computing English Google Cloud Platform Incident Response Security Architecture Cloud Commerce

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary As a Security Analyst, your typical day will involve SOC related activities on Google SecOps and Microsoft Sentinel, providing end to end investigation on alerts. You will also engage in proactive monitoring of security systems to analyze and respond to incidents effectively, all while staying updated on the latest cybersecurity trends and threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify gaps in the configuration and detections of false positives.- Develop and implement security policies and procedures to safeguard information, inclusive of optimization of analytic rules. Professional & Technical Skills: - Must Have Skills: Proficiency in Microsoft Azure Security, including Microsoft Sentinel, Microsoft Defender XDR and KQL and have a good understanding of Microsoft Defender solution platform for MDE, MDI, XDR, MDA and MDO, ITSM (Service Now, others)- Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.- Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.- Good to have Skills: Google SecOps security incident management and understanding of Azure platforms and configuration- Strong understanding of cloud security principles and best practices.- Experience with security tools and technologies on Microsoft Azure. Multi-Cloud experience will be additional.- Knowledge of security frameworks like MITRE.- Ability to analyze security incidents from L2 perspective as well as developing effective response strategies. Additional Information:- The candidate should have minimum 2 years of experience in Microsoft Azure Security suite.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Position Description: Responsibilities Spearhead the architecture and implementation of on Google Cloud Platform for large scale deployments and migration. Design and implementation of data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of customers. Design, plan and implement data migrations from existing SIEM/SOAR platforms Hardening of critical infrastructures and platform services. Integration of \other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and/or integrations to extend platform functionality. Monitor performance and perform timely actions to scale the deployment, especially in a very high-volume security environment. Guide on building or maturing cloud security programs Minimum Qualifications (MQs) 10+ years experience in leading projects and delivering technical solutions related to security Implementation experience of YARA-L 2.0 and at least one more general purpose language. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience in architecting, developing, or maintaining secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Hands on and deep knowledge of security principles. Demonstrated experience in Cloud Security delivered within the context of customer facing roles. Preferred Qualifications (PQs) Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Excellent organizational, problem-solving, articulating and influencing skills. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). Google Cloud Professional Certifications Skills: Cloud Computing English Google Cloud Platform Incident Response Security Architecture

Own threat detection, response, and hardening across cloud and endpoint estates. Design/operate SIEM/XDR/SOAR with detection engineering mapped to MITRE ATT&CK, and automate triage using GenAI for alert summarisation, enrichment, and knowledge search. Build Sigma rules, integrate EDR/telemetry (CrowdStrike, Defender, Sentinel/Splunk/Chronicle), and run purple-team exercises to close gaps. Champion Zero Trust, secrets hygiene, and incident runbooks with AI-assisted updates. Measure MTTA/MTTR, detection coverage, and control efficacy.