482 Soar Jobs - Page 4

Job Summary: We are seeking an experienced Email and Web Security Engineer responsible for the implementation, configuration, and support of enterprise-grade email and web security solutions. This role will play a key part in protecting the organization from phishing, malware, spam, and web-based threats by deploying and maintaining security platforms, ensuring policy compliance, and resolving related incidents. Key Responsibilities: Implementation & Configuration Plan and execute deployment of email security solutions (e.g., TrendMicro Email Collaboration Security, Trellix Email Security, Microsoft Defender for Office 365, Proofpoint, Mimecast, Cisco ESA). Deploy and configure secure web gateways (SWG) or proxy solutions (e.g., TrendMicro Web Security, Trellix Web Security, Forcepoint, Zscaler, Cisco Umbrella, Symantec Web Security). Configure policies such as anti-spam, anti-malware, SPF/DKIM/DMARC, URL filtering, and SSL decryption. Integrate email and web security solutions with SIEM, SOAR, or XDR tools for event correlation and monitoring. Assist in firewall or DNS updates required for integration. Technical Support Provide L2/L3 support for email and web security incidents and service requests. Investigate and resolve issues related to spam, phishing, domain spoofing, malicious URLs, or user access blocks. Coordinate with vendors/OEMs for product issues, patches, or escalations. Analyse email headers, URLs, and logs to trace root causes and recommend improvements. Documentation & Process: Create and maintain standard operating procedures (SOPs), implementation plans, and troubleshooting guides. Maintain inventory and configuration documentation of security solutions. Ensure compliance with security policies and help with audits when required. Customer/Stakeholder Coordination Work with internal teams or external clients to understand requirements and customize deployments. Provide training or knowledge transfer to IT helpdesk and SOC teams on common issues and resolutions. Required Qualifications: Education: Bachelors degree in Engineering, Computer, Science, IT, Cybersecurity, or a related field. Masters degree in Engineering, Computer Science, IT, Cybersecurity or related filed. Experience: 3+ years of hands-on experience with email and/or web security implementation and support . Experience in deployment and support of tools such as: Email Security: TrendMicro Email and Collaboration Security, Trellix Email Security, Forti mail, Microsoft Defender for O365, Proofpoint, Cisco Email Security, Mimecast Web Security: Forcepoint, TrendMicro, Trellix, Zscaler, Cisco Umbrella, Symantec/Blue Coat, Forti Proxy. Skills & Knowledge: Deep understanding of email protocols (SMTP, IMAP, SPF, DKIM, DMARC). Knowledge of HTTPS, DNS, proxy, URL filtering, SSL inspection. Familiarity with Active Directory, Azure AD, Microsoft 365 Security. Basic scripting knowledge (PowerShell, Python) for automation and reporting is a plus. Experience with SIEM tools (e.g., Splunk, Trellix ESM, QRadar) is desirable. Certifications (Preferred): Microsoft SC-200 / SC-400 Proofpoint Certified Specialist TrendMicro Trellix Zscaler ZCCP or equivalent CompTIA Security+, CEH, or equivalent Soft Skills: Strong problem-solving and analytical skills. Ability to work independently and collaboratively with cross-functional teams. Good verbal and written communication, especially when working with clients or users. Working Conditions: Standard office hours with some flexibility. Occasional after-hours work during deployments or incident handling. On-call availability if required.

Lead the ISO 27001 ISMS implementation and audits, ITGC framework. Interact with internal and external stakeholders for all GRC related activities.Responsible for handling , supporting member related compliance related cyber security policy and SEBI Required Candidate profile Be part of Internal audit team and carry out access reviews like User access, Tool review, SOC review, Firewall access other reviews as per requirement.Handle vulnerability assessments

Your impact: Perform monitoring, identification, investigation, documentation, resolution and reporting of security alerts through prioritization of events based on risk/exposure. Analyze Endpoint Detection and Response (EDR), Network, Cloud and other traffic and log data for potential threats or vulnerabilities. Generating tickets and incident reports to external clients and Tier 3 analysts. Remediate and apply lessons learned to security incident investigation and resolution. Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center. Investigate suspicious activities and content and prevent them. Follow strict security and SOC guidelines and SOPs. Threat hunting, Threat intelligence, deep investigation of alerts Identifying the new use cases, Strong analytical skills to assess the alerts Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event. Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies. Create custom content to enhance capabilities of security operations Center. Create custom analytics, dashboards, and reports. Respond to customer or Tier 1 analyst tickets within target objectives. Create new detection rules. What you need to succeed : Proven experience in a SOC with at least 4-6 years of experience Understanding of Managed Security Services. Well versed with Incident Response Framework Experience with Endpoint Detection and Response (EDR) tools Experience with an industry leading SIEM technology (SIEM administration will be a plus) Understanding of key IT/Cybersecurity concepts (Network Security, Security Operations & Administration, Managed Detection and Response, Incident Response & Recovery, Vulnerability Management, etc.) Good interpersonal skills to interact with customers, team members and support personnel. Strong analytical and problem-solving skills for investigating security issues. Strong written and verbal communication skills Ability to earn trust, maintain positive and professional relationships, and strengthen our culture of inclusion. Motivated self-starter Willing to work in 24*7 shifts on rotation basis and office based -Hyderabad location.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

As MSS head you will be leading a team of experts for providing Managed Security Services for Telcom Service providers. The Managed security services shall include Security Operation Centre, Vulnerability assessment and penetration testing, Risk assessment, Base Line Hardening, Governance Risk and Compliance. You have: 15+years of experience, in Cyber Security on driving Managed Security Operations / Information Security Programs for Organizations, preferably in Telecom space Expertise in the areas of Security Monitoring & Response, Threat detection, hunting, Intelligence feeds, Advisory, Cyber Forensics investigations, SOAR (Security Orchestration Automation and Response), EDR, MDR and XDR endpoint security technologiesExpertise in Threat Modelling techniques, Threat frameworks, Development of attack use cases and implementation. Knowledge on functioning of SIEM Solution (Splunk / ELK), Parser creation Knowledge on tool-based Automation of processes for GRC, MBSS, SOC Good understanding of Vulnerability Management and Penetration testing activities, Red teaming, Implementation of Minimum Base line Security hardening controls. Understanding of Security governance and compliance within the Telecom industry, licensing conditions, Managing governance, risk, and compliance initiatives. Conduct of IS and Compliance audits, Risk assessments and Risk Mitigation Excellent governance ability to handle large security operations, effective follow ups and closure management with stakeholders for VA, Security Advisory, Incidence Management to ensure effective risk mitigation Ability to communicate effectively at the senior level, must have outstanding communication skills to influence others and meet timelines while building positive relationships both internally and externally Mentoring the team, interacting with them and to support them in their professional growth, and identifying and recognizing talents. Ability to handle key interfaces for this role like Customer CISO, Network Security Head and team, CTO, 3rd Party Subcontractors / Partners. Conduct of effective Program Governance with customer and internally A bachelor's degree in engineering in computer science, Communication Theory, information technology, or a related field. An MBA, MS / M tech is preferable. It would be if you also had: Any two of the recognized industry security certifications listed below: CISSP, CISA, CISM, CRISC, GCIH, GCFA, Any other GIAC Certification, ISO/IEC 27001 Act as trusted advisor to customer on Cyber Security issues and supporting customer so that newly - acquired technologies by customer complies with the Cyber security regulations Sound knowledge of information security management frameworks ISO 27001, NIST, CSA (Cloud Security). Knowledge on 3GPP, ITU-T desirable. Excellent knowledge of Operational processes. Knowledge and understanding of relevant legal and regulatory requirements e.g. Country specific telecom security conditions, CII (Critical Information Infrastructure) regulations etc Knowledge about Govt agencies at National Level dealing with Cyber Security. Excellent leadership abilities proved through managing a large Security Operations role earlier / other comparable position. Results-oriented. Able to work independently and take a logical and orderly approach to analyze problems, coordinating work and planning actions. Ability to drive team engagements in a tough and time-critical environment Knowledge on the Telcom technologies (2G, 4G, 5G, Fixed Line) key functions and associated security features desirable Education Qualifications Delivering MSS KPIs and deliverables as per defined contract. Ensure delivery of Project within defined budget for targeted margins in project Prime interface of customer for all MSS related deliverables, issues, and requirements Interface with customer for routine governance and escalation Support new business initiatives from MSS perspective Formulate and drive revenue and margin maximization initiatives Ensure customer satisfaction

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Work as part of analysis team that works 24x7 on a rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.-Minimum a bachelors or a masters degree in addition to regular 15- year full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Specialist, you will apply security skills in device onboarding, log source integration, security threat analysis and investigation, and detection engineering, and be responsible for performing these tasks." You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Networking Fundamentals, device integration and troubleshooting, security threat analysis and EDR investigation skills, rule writing and playbook creationWork as part of a global security analysis team that works 24/7 on rotational shiftPerform security monitoring by analyzing logs, traffic and alerts generated by a variety of device technologiesHandling tunings, customer requests, escalations, reporting, trainings, etc.Incident analysis, deep dive threat hunting and investigation and root cause analysisCreation of detection rules, testing and implementationEvaluation of client detection requirements, gap analysis, fine tuningPlaybook creation for automation and integration with SOAR requirementsDocument best practices and writing KB articlesIdentify opportunities for process improvementsWork as part of the analysis team handling tunings, adding new detection, customer requests, handling escalations, reporting, training.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on new technologies and being on the trendSupport incident management calls Professional & Technical Skills: Deep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeKnowledge on networking, Linux and security concepts Knowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Hands-on experience in SIEM, SOAR and threat hunting tools Desirable knowledge in any scripting language and EDR productsStrong threat hunting and investigation skills and root cause analysisPreferable certifications GCIA, GCFAPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamworkAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Ability to train and mentor othersAdaptability to accept change Additional Information:- The candidate should have minimum 5 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.- A 15 years full time education is required. Qualification 15 years full time education

Role & responsibilities XSIAM Admin Looking after log source onboarding,Profiles/polices maintenance, usecase development, Integrations, playbooks, Platform support, Parser development Palo_XDR Admin Agent deployments/Troubleshooting, tailored policy&profile creations,alert handling, Threat Hunting,Agent maintenance Content Development Use case development(XQL),Threat hunting, Parser development, Python knowledge is required. XSIAM_SOAR Developer Custom integrations, Playbook Development Preferred candidate profile Experience 6+ years of experience in cybersecurity operations, with at least 2 years in a leadership role. Hands-on expertise in Palo Alto XSIAM and XSOAR platforms, including tenant management and orchestration

Responsibilities :- Lead the design and implementation of data ingestion from diverse sources, various mechanisms for integration and normalization of logs. Extension of pre-built UDMs in and creation of custom parsers where required for log sources. Integration of SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and/or integrations to extend SIEM platform functionality. Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment. Creation of SIEM assets such as: detection rules using YARA-L, dashboards, parsers etc. Migration of existing assets from existing customers SIEM/SOAR to SecOps and assisting in implementing the SIEM/SOAR phase-out, phase-in approach. Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards etc Design and implement solutions to handle alert fatigue encountered in SIEM correlation. Creation of custom SIEM dashboards to meet customer requirements. Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security. Debug and solve customer issues in ingestion, parsing, normalization of data etc Develop SOAR playbooks to provide case handling and Incident response as per triage needs Minimum Qualifications (MQs):- 8+ years experience in leading projects and delivering technical solutions related to security SIEM experience in the areas of responsibility for at least 1 year. Implementation experience of YARA-L 2.0 and at least one more general purpose language. Experience managing customer projects to completion, working with engineering teams, sales and partners. Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions. Strong verbal and written communication skills and the ability to develop high-quality Demonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirements Strong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Preferred Qualifications (PQs):- Experience in Prevention, Detection and response to cyber threats SOAR experience of 1 year in creation of playbooks, testing and validation of playbooks, integration with custom actions using bespoke scripts, or other SOAR platforms Knowledge and experience in SIEM platforms Knowledge in GCP, including Google Cloud Professional Certifications (Security, Architect) and other industry certifications (CISSP, CCSP etc) Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Excellent organizational, problem-solving, articulating and influencing skills. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). Skills: Cloud Computing English Google Cloud Platform Security Architecture

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Role & responsibilities - Minimum 4 plus years of experience in application development using Python and Rest API. - Experience in managing any SOAR platforms (e.g. Palo Alto Cortex, Phantom, Resilient, Swimlane, etc.) -Experience in SOAR administration, playbook development/automation and life cycle management - Deploying and managing integration packages for various 3rd party tools/applications - Experience in trouble shooting integration issues and code customization. - Experience in developing integration solutions with web services, APIs using REST/JSON. - Ability to install and configure 3rd party applications in a Linux environment, experience in Unix/Linux administration - Understanding of security products and secure coding techniques is a plus Preferred candidate profile Hands-on experience with Palo Alto Cortex XSOAR (mandatory). Strong knowledge of security operations, incident response, and SOC processes. Proficient in Python scripting (must-have for custom automations and integrations). Experience with RESTful APIs and JSON data format. Familiarity with SIEM, EDR, firewalls, threat intelligence platforms, and other security tools. Strong analytical, problem-solving, and troubleshooting skills. Excellent written and verbal communication skills. Ability to work collaboratively in a fast-paced team environment.

About the Organisation DataFlow Group is a pioneering global provider of specialized Primary Source Verification (PSV) solutions, and background screening and immigration compliance services that assist public and private organizations in mitigating risks to make informed, cost-effective decisions regarding their Applicants and Registrants. About the Role: Dataflow is looking to hire a cyber security expert with rich experience leveraging TrendMicro Vision/XDR platform and AWS environment in security alerts triage, investigation and incident response to support on-prem devices and cloud assets remain protected from any security threats. The ideal candidate will have a strong understanding of threat detection and response, and experience with TrendMicro's XDR platform to investigate workstations (windows/mac) and public cloud assets in AWS. Identifying opportunities and designs to automate security tasks, such as threat intelligence enrichment, incident response playbooks and automated workflows using TrendMicro XDR platform is desirable. You will be expected to use your experience, talent and passion to work with a small global team in order to provide a 24x7 service to the rest of the world. Flexibility, energy, curiosity and a desire to simply get the job done will be key. The role encompasses a range of responsibilities that will focus on threat detection and response ,building security orchestration and automation, with ample opportunity to learn more in-depth skills related to workstations and servers. Our company has taken Google Workspace and AWS cloud services for its core technology suite, and you will have ample opportunity to stretch your knowledge into these cutting edge technologies. Work breakdown structure Technical Delivery(Automation):40% Technical analysis: 60% Duties and Responsibilities: Ensure security alerts are thoroughly investigated and closed within SLA. Measure quarterly Mean time to response (MTTR) and improve 5% of MTTR every quarter Ensure up-time is 99.9% for all infrastructure components Build playbook and automation for top 80% security alerts Ensure services are providing optimized performance to end-users 99% of the time Severity 1 incidents returned to service within 2 hours Qualifications: Bachelor of Engineering (B.E.) or Bachelor of Technology (B.Tech) degree A minimum of 3 years of industry experience in cyber security incidents investigation and response Monitor and analyze security events, alerts, and incidents generated by TrendVision/XDR Strong understanding of threats and attacks detection. Experienced on threat hunting and threat intelligence. Experience and working knowledge of: 1) Windows and MAC OS 2) Microsoft or Linux servers 3) Cloud-based services such as AWS, Google Workspace 4) Serverless architecture and technology (Clusters, containers etc.) Proficiency in scripting languages (e.g., Python, PowerShell) Implemented automation tools and orchestration frameworks for efficiency; Best-in-class English communication skills, with a natural confidence and ability to communicate clearly worldwide. Ability to learn quickly and adapt to changing environments. An ability to flex your hours as required, especially during releases or system outages

As Domain Consulting Director, you are the technical leader for your Domain Consultant team. Your team provides technical expertise and guidance in customers Code-to-Cloud-to-SOC transformation journey. You will work closely with the Solution Consulting Managers and their District Sales Manager counterparts to build relationships with your customers with the goal of helping them detect and prevent advanced cyberattacks and breaches. You and your team will play a key role in defining technical solutions that secure a customers key business imperatives and will evangelize our industry leadership in on-prem, cloud, and security services that establish Palo Alto Networks as a customers cybersecurity partner of choice. We are looking for a leader to develop our Domain Consultant teams, providing training and technical support as a product expert. Additionally, you will provide feedback to the product management team on new feature requests and product improvements based on what you learn from your customer base. Your team, in partnership with the systems engineering team, will displace competitor technologies and build market share within your targeted list of major accounts, and most importantly, help your client sleep at night as they use our products to build secure digital transactions. Your Impact Recruit and hire new Domain Consultants into the team, hiring the best talent in the industry Work with your peers to develop a Domain Consultant training curriculum Mentor, train, and review Domain Consultants on your team, keeping them engaged and successful in their careers Develop relationships with the Solutions Consultant Managers, Regional Sales Directors, and their teams to ensure full technology coverage in key opportunities Lead your team to innovate and iterate to drive high technical validation and PoC win rates for Cortex solutions, while reducing technical validation and PoC timelines Provide effective technical leadership in customer interactions to include sharing security operations trends and standard methodologies employed by other customers to actively be part of the selling process Provide Domain Consultant expertise and fill in for existing team members if there is a resource conflict or vacation coverage challenge Present to customers as our expert in your area at all levels in the customer hierarchy from technician to CIO Lead conversations focused on industry trends and emerging changes to the security landscape Discuss competitor offerings in the marketplace and positions ours as the best solution Support your team in documenting HLD (High Level Design) and key use cases to ensure proper implementation and value realization of Palo Alto Networks solutions Review and guide your teams technical validation plans including POV (proof of value) test plans and customer readiness/requirements Build and maintain relationships with key customers to solidify reference accounts and to assist the account teams with defining plans to drive more business Act as an escalation point for pre-sales and collaborate with post-sales teams for issues that arise Work with product teams to build requirements and roadmap development plans for our Cortex customers Maintain an understanding of competitor selling strategies and technologies Up to 50% travel within assigned region Qualifications Your Experience 10+ years experience leading customer-facing pre-sales engineering or solutions architect teams Domain expertise in the areas of SIEM, SOAR, SOC, and/or endpoint environments Domain expertise in the areas of public cloud architectures, cloud native security models, CI/CD, DevOps, firewalls, and other security technologies both from a technology and a business driver standpoint Industry knowledge of application development, cloud, security operations market trends Experience delivering comprehensive security solutions Strong communication (written and verbal) and presentation skills Experience in leading large teams, allocating resources, managing engagements and resource efficiency Proficient in English

This role is critical in safeguarding MCX critical infrastructure, trading platforms, and member connectivity, while ensuring compliance with regulatory mandates SEBI CSCRF, NCIIPC, CERT-In and global best practices ISO 27001, NIST CSF etc.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Roles & Responsibilities Create playbooks using a low-code platform to streamline security operations. Integrate new and existing security tools and platforms; design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform; ensure systems and applications are updated with the latest security patches. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Stay current on the latest security threats, trends, and technologies; provide recommendations for enhancing security operations. Triage issues identified by tools, external reports, and tests to accurately assess real risks. Offer remediation guidance to stakeholders and serve as a point of contact for developers addressing identified issues. What We Expect of You We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications: Basic Qualifications Master's degree and 1 to 3 years of directly related experience OR Bachelor's degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience Functional Skills Must-Have Skills (Not more than 3 to 4) Proficiency in Python scripting and automation Experience with REST API technology Strong experience with Linux (required) Experience with Security Orchestration, Automation and Response (SOAR) tools (e.g., Swimlane, Cortex XSOAR) Experience developing automation playbooks and integrating multiple security tools for improved efficiency Good-to-Have Skills Knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Understanding of security architecture frameworks and principles Professional Certifications (Preferred) Certified Ethical Hacker (CEH) CompTIA Security+ Red Hat Certified System Administrator (RHCSA) Certified Information Systems Security Professional (CISSP) Soft Skills Excellent analytical and troubleshooting skills Strong verbal and written communication abilities Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team-oriented with a focus on achieving collective goals Strong presentation and public speaking skills

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Responsibilities: * Monitor network activity using SIEM tools like Splunk and QRadar. * Collaborate with incident response team on threat hunting initiatives. * Conduct regular security assessments and risk analysis.

Your Career We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Analyst, we will rely on you to detect and respond to cyber incidents facing customers internal business. The ideal candidate is a quick learner and good communicator who will be able to follow established processes for analyzing threat alerts that fire from our Cortex XDR. The candidate should be a creative thinker who takes pride in solving tough problems. Your Impact Join a new emerging team who is going to be part of Palo Altos Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands Qualifications Your Experience 3+ years of experience in a multi tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis or equivalent military experience - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage Additional Information The Team The team youll lead helps protect customers by identifying the most sophisticated & stealthy attacks in their environment. The team does so by leveraging the Cortex product suite as well as unique tools, methodologies and techniques. Cortex provides enterprise-scale detection and response that runs on integrated endpoint, network and cloud data reduce the noise and focus on real threats. This team works closely with the different product teams and helps improve each and every product by providing first-hand insights into how the product is used and how it can perform even better. Our Commitment

As a Cyber Security Specialist at Allianz, you will be an integral part of the Security Operations team. You will operate on the front lines, leading and supporting security investigations across the global infrastructure of Allianz. Your role will involve responding to escalations from various entities and utilizing a range of tools to investigate and address both external and internal security threats. Using Allianz's tooling, you will be responsible for monitoring security events in real-time, evaluating external and internal threats, and delivering accurate and timely responses. Collaboration with multiple product teams within the Tribe will be essential, as you work with a diverse set of skills to address the diverse security challenges that may arise. Your responsibilities as a Security Specialist, Incident Response will include leading security incident responses in a cross-functional environment, steering incident resolution, and spearheading the development of Incident Response initiatives that enhance Allianz's capabilities to effectively respond to and remediate security incidents. Additionally, you will conduct digital forensic investigations and analyze a wide range of assets, including endpoints. Performing log analysis from various sources to identify potential threats and building automation for responding to and remediating malicious activities will also be part of your role. In this position, you will be required to write complex search queries in the EDR and SIEM tools for hunting adversaries, work on SOAR cases, automation, workflow, and Playbooks, integrate and focus on Identity solutions, and develop SIEM use cases for new detections, specifically in identity use cases.,

Your Career We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Analyst, we will rely on you to detect and respond to cyber incidents facing customers internal business. The ideal candidate is a quick learner and good communicator who will be able to follow established processes for analyzing threat alerts that fire from our Cortex XDR. The candidate should be a creative thinker who takes pride in solving tough problems. Your Impact Join a new emerging team who is going to be part of Palo Altos Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands Qualifications Your Experience 3+ years of experience in a multi tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis or equivalent military experience - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The L2 analyst will be responsible for advanced monitoring, analysis, and incident response activities, acting as an escalation point for L1 analysts. The role requires strong technical expertise, problem-solving skills, and the ability to handle complex security incidents while ensuring timely containment and remediation. Experience required: Candidate must have 4-5 years of total experience with 2-3 years in a SOC or Cybersecurity Operations role. Knowledge: Incident detection, triage, containment, eradication and recovery processes. Writing incident reports with root cause analysis and recommendations. knowledge of Security Incident investigative techniques Knowledge of SOAR platorms for workflow automation Skills required: Hands-on experience with SIEM tools (e.g., Splunk, LogRhythm, QRadar, ArcSight). Strong knowledge of Windows, Linux, and network security logs. Experience in malware analysis, phishing investigation, and threat hunting. Understanding of MITRE ATT&CK framework, intrusion detection systems (IDS/IPS), and firewalls. Familiarity with EDR/XDR solutions (CrowdStrike, SentinelOne, Carbon Black, etc.). Shift: Rotational 24x7 SOC environment Roles and Responsibilities 1. Act as an escalation point for SOC L1 analysts by validating, triaging, and investigating security alerts. 2. Ensure Security Incident are handled as per SLA. 3. Perform deep-dive analysis on security events to identify malicious activity, potential threats, and false positives. 4. Investigate incidents involving malware, phishing, account compromise, lateral movement, and insider threats. 5. Respond to and manage security incidents in accordance with the Incident Response playbooks. 6. Perform root cause analysis and provide actionable recommendations to mitigate risks. 7. Collaborate with threat intelligence teams to enrich alerts and improve detection rules/use cases. 8. Assist in developing, tuning, and maintaining SIEM rules, dashboards, and correlation logic. 9. Document incidents, findings, and remediation steps in detailed incident reports. 10. Mentor and guide L1 analysts, providing knowledge transfer and training. 11. Work with IT and business stakeholders during incident containment, eradication, and recovery phases. 12. Ensure log sources are integrated. 13. Update IoC/IOA in the NGSOC solution which are manually received from threat feeds / external advisory / partner. 14. Access Management – User Creation, Deletion, Modification, and Assigning the privilege level. 15. Work with SOC Team, Threat Hunter, and IFTAS’ teams to lead the In-depth analysis of Critical / High Security Incidents. 16. Investigate and work on endpoints alerts reported by EDR and AV team. 17 .Create the SOP documents for SOC Operation. 18. Review the SOC Operation report which are shared by SOC team. 19. Review the play books created by SOC team. 20 .Creating and Publishing Weekly & Bi-weekly reports.