482 Soar Jobs - Page 6

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Position Overview The Director of SOC Engineering and Response is a senior leadership role responsible for the strategic vision, engineering, and operational effectiveness of the Security Operations Center (SOC). This individual is charged with designing, implementing, and continuously improving the technological tools, processes, and team capabilities that enable rapid detection, analysis, containment, and remediation of cyber threats. Reporting to Vice President of Cybersecurity Operations, the Director will lead a team of SOC engineers, incident responders, and technology analysts, serving as the backbone of the organization&aposs cyber defense strategy. Key Responsibilities Strategic Leadership: Lead a small team of high performing information security professionals. Develop and communicate a clear vision for SOC engineering and incident response in alignment with the organizations security objectives and risk tolerance. Establish and maintain the SOCs engineering roadmap, ensuring ongoing innovation and adaptation to evolving threats and technologies. Advocate for resources, budget, and executive support necessary to build a world-class SOC engineering and response capability. As a foundational role in the organizations information security program requires accessibility 24/7/365. Team Management and Development: Lead, mentor, and develop a high-performing team of SOC engineers, analysts, and responders. Recruit, train, and retain top security talent. Foster a collaborative, growth-oriented environment that values continuous learning and operational excellence. SOC Engineering and Technology Enablement: Oversee the architecture, deployment, integration, and maintenance of SOC technologies, including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), EDR (Endpoint Detection and Response), and threat intelligence platforms. Ensure systems are optimized for coverage, speed, accuracy, and scalability across on-premises and cloud environments. Drive the adoption of automation, artificial intelligence, and advanced analytics to enhance detection and response capabilities. Manage vendor relationships, tool selection, and contract negotiations to ensure the SOC leverages the best technologies for the organizations needs. Incident Detection and Response: Oversee 24/7 monitoring, triage, and analysis of security events to identify and remediate threats promptly. Direct the incident response process from detection through containment, eradication, recovery, and post-incident review. Develop, test, and maintain incident response plans and playbooks for a wide range of threat scenarios, including ransomware, phishing, insider threats, and data breaches. Coordinate with cross-functional teams, such as IT, Legal, Compliance, and Communications, during incident response activities. Threat Intelligence and Hunting: Work with First Advantages Threat Intelligence team to integrate external and internal threat intelligence sources to proactively identify emerging risks and vulnerabilities. Support proactive threat hunting initiatives to uncover hidden threats and reduce dwell time. Ensure threat intelligence is actionable, timely, and integrated into detection and response processes. Process Improvement and Metrics: Continuously assess and improve SOC workflows, processes, and procedures for effectiveness and efficiency. Develop and track key performance indicators (KPIs), metrics, and dashboards to measure SOC performance, incident trends, and response effectiveness. Conduct regular after-action reviews and lessons-learned sessions following security incidents and major projects. Governance, Compliance, and Risk Management: Ensure SOC operations adhere to regulatory, legal, and industry standards (e.g., ISO 27001, NIST, PCI DSS, GDPR, HIPAA). Collaborate with risk management and audit teams to address findings and recommendations. Support audit engagements and provide evidence of SOC controls, processes, and incident records. Executive Communication and Reporting: Prepare and present regular reports, briefings, and executive summaries on SOC operations, threat trends, and incident investigations for leadership and the board. Serve as a primary point of contact for critical security incidents and inquiries from executive leadership. Represent the organization at industry events, conferences, and with external partners as a thought leader in SOC operations and engineering. Required Qualifications Bachelors degree in Computer Science, Information Security, Engineering, or related field; Masters degree preferred. Additional experience in lieu of a degree will be considered. 10+ years of progressive experience in cybersecurity, with at least 5 years in a leadership role over an engineering or development technology team. Expertise in security monitoring, incident response, threat intelligence, and SOC engineering across diverse technology environments. Strong knowledge of SOC technologies (SIEM, SOAR, EDR, IDS/IPS, firewalls, cloud security tools) and best practices. Expertise with programming, scripting, and query languages such as PowerShell, Python, SQL/KQL, Bash, and Perl. Change management and code quality & reliability experience. Hands-on experience implementing automation, orchestration, and advanced analytics to enhance SOC capabilities. Demonstrated success in managing, mentoring, and developing technical teams in a high-pressure environment. Excellent analytical, problem-solving, and decision-making skills. Outstanding written and verbal communication abilities, with the capacity to convey complex security issues to technical and non-technical audiences. Relevant industry certifications such as CISSP, CISM, GIAC, GCIA, GCIH, or equivalent are strongly preferred. Experience with regulatory compliance frameworks and audit processes. Hands-on experience with Microsoft Security products and toolkits a plus. Experience working in management tracking methodologies promote continuous improvement within agile teams. Desired Attributes A strategic thinker with a passion for innovation and continuous improvement. Resilient under pressure, able to lead calmly through crises and high-stakes incidents. Collaborative and influential, building strong relationships across business and technical teams. Ethical, trustworthy, and committed to upholding the highest standards of confidentiality and integrity. Adaptable to rapidly changing threat landscapes and emerging technologies. Committed to fostering a diverse and inclusive team culture. Key Challenges and Opportunities The Director of SOC Engineering and Response navigates a complex and fast-evolving threat environment, balancing the need for operational excellence with the imperative to innovate. Key challenges include recruiting and retaining top talent, integrating new technologies without disrupting operations, and building resilient processes that can withstand both routine alerts and extraordinary attack scenarios. At the same time, the role offers the opportunity to shape the organization&aposs security posture, influence enterprise risk management, and play a pivotal role in protecting critical business assets. United States Equal Opportunity Employment: First Advantage is proud to be a global leader in removing barriers and supporting our community members to ensure the changing demographics of the workforce are reflected in our hiring and employment practices. We value all of our candidates, employees, and clients, and place great emphasis on hiring and supporting qualified individuals in each role. We are an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, genetic information, or any other area protected by applicable law. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring + 3 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Key Responsibilities: : Business-Cybersecurity Alignment: o Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organization’s broader business goals. o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams. Risk Analysis & Security Assessments: o Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities. o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements. Cybersecurity Frameworks & Compliance: o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA). o Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have) Security Process Improvement: o Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows. o Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments. The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in at least 5 of the following areas o SIEM Sentinel & Security Operations: Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments. Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management. o Security Tools & Technology Integration: Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems. Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem. o User Access Management (UAM) & RBAC: Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements. Support the development of processes for managing user roles, privileges, and access rights across enterprise systems. o Cloud & Encryption Security: Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management. Collaborate with technical teams to implement strong encryption methods for data - in - transit, data-at-rest, and data-in-use in line with organizational security policies. o AI & ML in Cybersecurity: (Good to have) Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organization’s security operations. Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation. o SOAR Integration & Incident Response: Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks. Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents. Benefits

About The Role Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Are you passionate about SecOps, automation, and cloud security Do you want to lead cutting-edge security initiatives and drive large-scale security automation As a SecOps Engineering Lead, you will play a pivotal role in defining and executing security automation strategies, driving cloud security initiatives, and leading security operations at scale. You will work at the intersection of Security, DevOps, and Cloud, embedding best-in-class security practices into infrastructure and applications. This role requires a visionary leader who can take ownership, drive innovation, and influence security strategies across teams. You will be responsible for designing and implementing security automation solutions, enhancing cloud security, and optimizing SecOps workflows. We are looking for a self-driven professional who can take end-to-end ownership of security initiatives with minimal guidance. Define and execute the security automation strategy, embedding best-in-class practices across DevSecOps, CI/CD pipelines, and cloud environments. Architect, develop, and implement security solutions using Python to automate threat detection, response, and mitigation at scale. Enhance and automate security workflows by integrating SIEM, SOAR, and EDR solutions to improve real-time threat detection and response efficiency. Implement and optimize security controls in cloud environments (AWS, Azure, GCP), enforcing security-as-code principles and compliance automation. Own the design and maintenance of DevSecOps pipelines, ensuring security is embedded into CI/CD processes and infrastructure automation. Lead cross-functional collaboration, working with Security, DevOps, and Engineering teams to drive security-first principles across customer organizations. Mentor engineers and foster a security-driven culture, driving security awareness and best practices across teams. Continuously evaluate emerging security technologies to enhance security automation, optimize detection capabilities, and future-proof security operations. Required Skills & Qualifications 6+ years of hands-on experience in SecOps, Security Engineering, or Security Automation. Expertise in Python programming for security automation and scripting (JavaScript is optional). Deep knowledge of Cybersecurity & Security Operations (SecOps), including threat detection, incident response, and security orchestration. Proven ability to automate and integrate SIEM, SOAR, and EDR tools to improve detection & response. Hands-on experience with DevSecOps pipelines (CI/CD) and Terraform to enforce security automation at scale. Experience securing cloud environments with security-as-code and compliance automation for at least one major cloud provider (AWS, Azure, or GCP). Preferred Skills (Nice-to-Have) Multi-cloud experience across AWS, Azure, and GCP. Strong understanding of infrastructure security, network security, and security-as-code methodologies. Experience with container security (Kubernetes, Docker, etc.) and cloud-native security controls. Familiarity with threat modeling, cloud security compliance frameworks, and risk assessment methodologies. Why Join Us Be a Security Visionary Lead and define the future of security automation, transforming SecOps strategies in cloud and DevOps environments. Work with Cutting-Edge Security Tech Engage in AI-driven security analytics, threat intelligence automation, and next-gen SecOps solutions. Collaborate with Industry Experts Work closely with top security, cloud, and DevOps engineers to drive innovation in security automation. Accelerate Your Career Step into a high-impact leadership role, shape security roadmaps, and gain visibility across leadership teams. Competitive Compensation & Benefits Get a market-leading salary, comprehensive benefits, and access to professional development opportunities. Apply Now! If you're ready to take on this exciting challenge, apply today!,

Job Summary JOB DESCRIPTION The Senior Manager of Security Operations and Identity Management is responsible for 24x7 security monitoring and the administration of identity management processes. This role includes overseeing the architectural design, deployment, execution, and optimization of solutions in alignment with risk requirements and compliance obligations. Essential Functions Ensure that SIEM and SOAR environments are fit for purpose and continually enhanced to cover known and emerging MITRE ATT&CK techniques Manage the global SOC team responsible for 24x7 alerting, triage, investigation and Incident Response. Monitor and improve Key Performance Indicators (KPIs) Track SOC Maturity and partner with CISO to establish road map for growing SOC capabilities and automation Manage the Cyber Threat Intelligence program Oversee forensics, litigation support, and e-discovery capabilities in support of requests from Legal Lead the team responsible for identity lifecycle functions, identifying and implementing best practices to automate repetitive processes Oversee IAM architecture design, deployment and delivery of capabilities to achieve target levels of cyber maturity and efficiency, working with vendors, partners and other 3rd parties Ensure compliance with required regulations and frameworks across all divisions and markets, driving timely remediation of any IAM deficiencies Other duties as assigned Qualifications Education and Experience Qualifications Bachelors degree in information technology, engineering, business management, operations management, or related field or discipline 7-10 years experience in cyber security with 3+ years in a management role Solid understanding of IAM principles, design and engineering, including Single sign-on (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM) Working knowledge of multiple IAM systems (traditional and cloud) Additional Qualifications Experience implementing Zero Trust capabilities in complex operating environments Security certifications (CISSP, CISM, GCIH, GSEC, etc) Experience with modern cloud detection and response tools and processes Operational Technology (OT) experience About Us Our purpose at Avient Corporation is to be an innovator of materials solutions that help our customers succeed, while enabling a sustainable world. Innovation goes far beyond materials science; its powered by the passion, creativity, and diverse expertise of 9,000 professionals worldwide. Whether youre a finance wizard, a tech enthusiast, an operational powerhouse, an HR changemaker, or a trailblazer in materials development, youll find your place at Avient. Join our global team and help shape the future with sustainable solutions that transform possibilities into realities. Your unique perspective could be the key to our next breakthrough! We believe that all of our global employees are leaders and that the six most important behaviors for driving our strategy and culture are the same no matter if an employee is a leader of self, a leader of others, or a leader of the business. By playing to win, acting customer centric, driving innovation and profitable growth, collaborating seamlessly across Avient, and motivating and inspiring and developing others and yourself you will accelerate your ability to achieve Avients strategic goals, to meet our customer needs, and to accomplish your career goals. At Avient, we believe a wide variety of thoughts, ideas and backgrounds gives us the creativity to be successful in a rapidly changing world. In support of this, we stress equality of opportunity for all qualified individuals in accordance with applicable laws. Decisions on hiring, promotion, development, compensation or advancement are based solely on a persons qualifications, abilities, experience and performance. Show more Show less

You will be responsible for gaining a deep understanding of company security solutions, as well as customer cloud environments and security architectures. You will serve as the primary advocate and point of contact for Proof of Concepts (PoCs) and high-profile customer engagements, ensuring successful outcomes. It will be your responsibility to ensure the efficient implementation and enforcement of advanced security services provided by the team. Proactively identifying and anticipating potential security escalations at early stages, and mitigating risks effectively will be crucial. Managing multiple high-priority tasks, including handling escalations with a strategic approach, will also be part of your role. Your duties will also include overseeing the triage and analysis of security assessments, enhancing incident investigation processes, and ensuring swift resolution of security threats. You will communicate with customers on alerts, remediation actions, and incident response using structured playbook-driven solutions. Leading quarterly reviews and PoC evaluation calls, taking ownership of key initiatives, and coordinating with various stakeholders will be essential. Collaborating with cross-functional teams, including Customer Success Management (CSM), Security Research, Incident Response, and Product, to strengthen security operations and continuously enhance the company offering will also be part of your responsibilities. Sharing industry insights, best practices, and technical knowledge within the team while keeping internal documentation and knowledge bases up to date will be important. You will foster a collaborative and growth-driven team culture by leading by example, supporting professional development, and promoting continuous learning and innovation. To qualify for this role, you must have availability during the US time zone from 5PM to 2AM IST in order to allow daily interaction with US-based customers. A Bachelor's degree in Computer Science, Engineering, Electrical Engineering, or relevant industry certifications is required. Strong communication skills with proficiency in English (written and verbal) are essential. Experience working with multi-regional customers across different locations is necessary. You should have at least 3 years of experience in customer-facing security operations roles, preferably within SOC/MDR environments handling multiple clients. Expertise in cybersecurity assessments and incident management methodologies is a must. Hands-on experience with security technologies such as SOC, MDR, SIEM, SOAR, WAF, IPS, and other security solutions is also required. A strong understanding of the cybersecurity landscape, including common threats, attack vectors, and mitigation strategies, is crucial. Familiarity with monitoring, ticketing, and CRM tools to manage security operations efficiently is expected. Ability to build and maintain strong customer relationships, ensuring a positive and proactive engagement experience, is important. Preferred qualifications include experience with cloud services (AWS, Azure, or GCP), knowledge of Cloud security principles, and security certifications such as CISSP, CEH, CSA.,

The role of Firewall requires a minimum of 2 years of experience in Network Security. The ideal candidate should have proficiency in managing PA/Checkpoint/Cisco ASA/Fortinet solutions and hands-on experience in working with Windows, Linux, and Unix environments. Additionally, the candidate should have experience in commissioning, implementing, and integrating PA/Checkpoint/Cisco ASA/Fortinet solutions with various management and authentication authorization tools, such as email, AD, IAM, and SIEM. The responsibilities include automating processes using scripting and configuration tools, managing policies and exceptions, conducting packet capture, analysis, and troubleshooting, as well as incident, problem, service request management, change management, configuration management, and capacity management of PA/Checkpoint/Cisco ASA/Fortinet setup. The candidate will be required to perform day-to-day BAU MACDs, configuration changes, and utilize network monitoring tools to proactively isolate events. Furthermore, the candidate will be responsible for supporting incident monitoring and analysis/response initiatives, troubleshooting network layers, applying security patches, conducting performance checks, audits, compliance, and immediate troubleshooting for network outages. The role also involves deploying and maintaining network security policies, access, and security policies for PA/Checkpoint/Cisco ASA/Fortinet solutions, coordinating with OEMs for support, and ensuring device configuration backups as per schedule. Excellent verbal and written communication skills are essential for this role. The job type is full-time and permanent, located in Navi Mumbai, Maharashtra. The candidate must have a minimum of 1 year of relevant experience, proficiency in English, and be able to work in person at the specified location. Benefits include internet reimbursement and performance bonus.,

The Sr Cybersecurity Engineer position is a crucial role within the Cybersecurity Engineering team at our Information Security organization. As a Sr Cybersecurity Engineer, you will play a hands-on role in ensuring the secure operation of the global IT infrastructure at IQVIA. Your responsibilities will include operating and maintaining security safeguards, collaborating with IT and business teams globally, and contributing to the ongoing IQVIA Global Information Security program. Your primary responsibilities will involve designing, implementing, and enhancing IQVIA's cybersecurity systems, configuring and troubleshooting security infrastructure, evaluating and documenting the effectiveness of new tools and technologies, engaging with vendors for projects and security controls improvement, executing project plans, and staying up-to-date with current security threats, trends, and controls. To be successful in this role, you should have at least 4 years of professional experience in Information Security/IT Systems/Network Administration and Engineering, along with a Bachelor's degree in computer science, computer engineering, or information technology. Hands-on experience in maintaining Endpoint Detection and Response (EDR) tools in large organizations is mandatory. Additionally, knowledge and experience in areas such as endpoint security, automation, scripting, e-mail security, network security, DLP, SOAR, CTI, CASB, CSPM, and CWPP are beneficial. Candidates with certifications in the information security domain and knowledge of cloud architecture and security (specifically AWS and Azure) are preferred. The ideal candidate will have a track record of successful collaboration in large and complex global organizations. Educational Qualification: BTech/BSc/BCA/MTech/MSc/MCA This role requires a proactive approach to cybersecurity, strong technical skills, and the ability to adapt to evolving cybersecurity threats and technologies. If you are passionate about cybersecurity and have the required experience and qualifications, we encourage you to apply for this Sr Cybersecurity Engineer position.,

We are seeking a highly skilled and experienced Cyber Security Analyst L3 to join our team. The ideal candidate will have strong expertise in cybersecurity investigation strategies, incident response, malware analysis, and advanced threat investigation techniques. The role also requires proficiency in open-source SIEM tools, EDR platforms, cloud security assessments, and server hardening practices. This position involves working with US-based clients and requires excellent communication skills. Key Responsibilities: Threat Investigation & Incident Response: Develop and implement advanced investigation strategies for cybersecurity incidents. Conduct detailed log analysis to identify threats, anomalies, and potential breaches. Perform malware analysis to understand behavior and mitigate threats. Manage end-to-end incident response processes and root cause analyses. Open-Source SIEM Expertise: Operate and integrate open-source SIEM platforms such as Wazuh, AlienVault, and others. Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat detection. Endpoint Detection and Response (EDR): Investigate incidents using EDR solutions like Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. Analyze endpoint telemetry and execute threat hunting processes. Cloud Security: Conduct cloud security reviews for platforms such as AWS, Azure, and Google Cloud. Provide recommendations to strengthen cloud architecture and user authentication processes. Server Hardening & CIS Benchmarks: Implement server hardening techniques based on CIS benchmarks. Perform security assessments to address identified vulnerabilities. Threat Intelligence & SOAR Integration: Leverage threat intelligence platforms to proactively identify and mitigate potential threats. Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling processes. Incident Handling & Communication: Lead incident handling efforts, coordinating with internal and external stakeholders. Provide clear, concise, and actionable communication to technical and non-technical audiences. Linux & Log Analysis: Review and analyze Linux system logs to identify potential security issues. Investigate unauthorized access attempts and system anomalies. Client Management: Collaborate with US-based clients, ensuring their cybersecurity needs are met. Deliver regular reports, updates, and recommendations to clients. Required Skills and Qualifications: 10+ years of hands-on experience in cybersecurity, incident response, and threat investigation. Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration. Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. Strong knowledge of cloud security best practices and architecture reviews. Experience in server hardening following CIS benchmarks. Familiarity with SOAR platforms and threat intelligence tools. Solid understanding of Linux systems and log review methodologies. Excellent communication skills for client interactions and technical reporting. Proven ability to work with international clients, especially in the US. Preferred Certifications: Certified Information Systems Security Professional (CISSP) Certified Incident Handler (GCIH) Certified Ethical Hacker (CEH) Microsoft Certified: Azure Security Engineer Associate AWS Certified Security Specialty This role provides an excellent opportunity for growth and exposure to advanced cybersecurity practices while working with a global team. Apply now to join a dynamic and forward-thinking organization!

Role & responsibilities We are seeking a highly motivated and experienced Security Operations Center (SOC) Manager to lead our 24x7 security operations team. The ideal candidate will possess a strong background in security operations, excellent leadership skills, and a proven ability to manage complex projects and deliver exceptional service. This role requires a focus on detail, a proactive approach to problem-solving, and the ability to maintain a high-performing, customer-centric team. Responsibilities: Team Leadership and Management: Manage and lead a 24x7 SOC team, ensuring optimal staffing levels and shift coverage. Recruit, train, and mentor SOC analysts and engineers, fostering a culture of continuous learning and professional development. Conduct regular performance evaluations, provide constructive feedback, and implement performance improvement plans as needed. Motivate and inspire team members, boosting morale and creating a positive work environment. Handle escalated incidents and provide guidance to the team during critical situations. Operational Management: Oversee the daily operations of the SOC, ensuring timely and effective incident detection, analysis, and response. Develop and maintain SOC policies, procedures, and workflows, ensuring adherence to industry best practices and compliance requirements. Monitor and analyze SOC metrics, identifying trends and areas for improvement. Manage and prioritize security incidents, ensuring efficient resolution and minimizing impact to the organization. Ensure the SOC meets or exceeds service level agreements (SLAs) and key performance indicators (KPIs). Project and Task Management: Plan, execute, and manage security operations projects, ensuring on-time and within-budget delivery. Prioritize tasks and manage workload effectively, ensuring the team meets deadlines and objectives. Develop and maintain project documentation, including project plans, status reports, and lessons learned. Coordinate with other IT teams and stakeholders to ensure seamless integration of security operations. Customer Satisfaction and Service Delivery: Ensure the SOC delivers high-quality service and maintains excellent customer satisfaction. Develop and maintain strong relationships with internal and external stakeholders. Proactively identify and address customer needs and concerns. Communicate effectively with stakeholders, providing regular updates on security incidents and operations. Attention to Detail and Reporting: Maintain meticulous records of security incidents, investigations, and actions taken. Generate regular reports on SOC performance, including incident metrics, trends, and recommendations. Ensure accuracy and completeness of all SOC documentation. Qualifications: Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience). Minimum of 10 years of experience in Network, Cybersecurity & operations, with at least 3 years in a management role. Strong understanding of security concepts, technologies, and best practices. Proven ability to lead and motivate a team in a 24x7 environment. Excellent project management and task management skills. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work effectively under pressure and in a fast-paced environment. Relevant certifications (e.g., CISM, PMP, ITIL, Security+, GSOM & relevant technical certifications) are highly desirable. Experience with SIEM, SOAR, and other security tools. Skills: Leadership Team Management Project Management Incident Response Security Analysis SIEM/SOAR Communication Problem-Solving Attention to Detail Customer Service. Preferred candidate profile

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

As a Security Incident Management professional, you will be responsible for overseeing the bank's incident response and management program. This involves developing and testing incident response plans, coordinating responses to security incidents, and ensuring timely reporting to the RBI when required. You will also be in charge of implementing measures for continuous monitoring of the bank's information systems to promptly detect and respond to security incidents. Your role will involve utilizing threat intelligence to stay informed about emerging threats in order to enhance the bank's security posture. Additionally, your work experience in configuring and managing SOC solutions such as XDR, SIEM, SOAR, Threat Intelligence, etc., will be crucial for this position. You will be expected to assess cyber threats and fine-tune SOC/SIEM/XDR alerts to ensure the bank's systems are adequately protected. Overall, your expertise in security incident management, continuous monitoring, threat intelligence, and SOC solutions will play a vital role in safeguarding the bank's information systems and responding effectively to security incidents.,

Key Responsibilities Team Management & Leadership Manage and mentor a team of Level 1 and Level 2 SOC analysts. Conduct regular team reviews, performance evaluations, and skill development plans. Foster a culture of continuous learning, collaboration, and accountability. SOC Operations Oversight Oversee 24/7 SOC operations, ensuring adherence to SLAs and KPIs. Monitor escalation workflows for alerts, incidents, and investigations. Ensure proper case documentation, knowledge base updates, and handover processes. Incident Response & Analysis Supervise triage, analysis, containment, and resolution of security incidents. Provide guidance on complex threat investigations and escalations. Coordinate with clients during major incidents and post-incident reviews. Process & Compliance Drive process improvements in alert management, reporting, and escalation procedures. Ensure SOC operations comply with regulatory standards (ISO 27001, GDPR, etc.). Maintain and enhance SOC runbooks and standard operating procedures (SOPs). Client & Stakeholder Management Act as the point of contact for client escalations related to SOC operations. Deliver periodic SOC reports, dashboards, and incident summaries. Support client onboarding, service reviews, and audit requirements. Required Skills & Qualifications Experience: 25 years in Security Operations, with at least 1–2 years in a supervisory or lead role. Technical Knowledge: Strong understanding of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm). Familiarity with EDR, SOAR, threat intelligence, IDS/IPS, firewalls, and cloud security tools. Incident response methodology and threat detection frameworks (MITRE ATT&CK, Cyber Kill Chain). Leadership Skills: Ability to manage, mentor, and motivate a young SOC team. Communication: Strong written and verbal skills for interacting with clients and stakeholders. Certifications (preferred): CEH, CompTIA Security+, CySA+, SSCP, or SOC Analyst certifications. Key Attributes Strong problem-solving and decision-making abilities. Ability to perform under pressure in a 24/7 SOC environment. Detail-oriented with a focus on process improvement and operational excellence. Team-first mindset with passion for developing cybersecurity talent.

Key Responsibilities Architect and develop new cybersecurity products and solutions to address market gaps. Prototype and test innovative product features for security monitoring, analytics, and threat detection. Collaborate with product management, SOC engineers, and business stakeholders to align innovation with customer requirements. Evaluate and integrate technologies such as SIEM, SOAR, UEBA, threat intelligence, and advanced analytics. Participate in proof-of-concepts (POCs), solution design, and technical presentations to stakeholders. Document product architecture, features, and implementation guidelines. Qualifications & Skills Bachelors or Masters degree in Computer Science, Information Security, or related field. 1-3 years of experience in cybersecurity engineering, product development, or solution architecture (internship/project experience acceptable). Knowledge of SIEM, SOAR, SOC workflows, and threat detection methodologies. Proficiency in programming/scripting (Python, Java, or similar) and API integration. Familiarity with cybersecurity frameworks such as NIST, ISO 27001, or MITRE ATT&CK. Strong analytical, problem-solving, and communication skills. Ability to work in a collaborative, fast-paced, and innovative environment.

Bachelors or Masters Degree in Computers, Information Technology or related field CISSP/CISM/CEH/CISA/PMP/CCSP will be preferred At least 10 years of significant experience in similar role Knowledgeable of IT project management, tracking, reporting, and risk/issue mitigation tools such as Microsoft Project. Demonstrated success handling initiatives of high complexity and risk Ability to apply logical thinking to define problems, collect data, establish facts, and draw conclusions Should be familiar with cyber security technologies and tools such as NDR, NBAD, IDS/IPS, Firewalls, SIEM, SOAR, EDR, Threat intel platforms, etc. Any experience with SOC/incidence response/blue and red teams/network forensics will be preferred Should be familiar

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk - Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients vendors risk assessment and providing a holistic view of client's risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder's requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your key responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What we look for A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What working at EY offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies - and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl's Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested we're committed. We're not just protecting data we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job - it's a passion a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations - their infrastructure. Responsibilities: Design & Implementation : Lead the design, configuration, and implementation of Cortex XSIAM solutions, ensuring they meet organizational security requirements and integrate with existing infrastructure. Expertise in XSIAM: Deep understanding of the XSIAM platform, its features, and capabilities, including log ingestion, correlation rules, detection strategy, and integration with other security tools. Keep up to date with the latest XSIAM features, releases, and security threats, ensuring ongoing expertise Log Ingestion and Optimization: Devise and implement log ingestion strategies, ensuring high-quality log sources are ingested.Monitor and optimize log sources for performance Detection Strategy: Design and implement effective detection strategies, including the creation and tuning of correlation rules to identify and alert on potential threats Correlation Rules: Create and fine-tune correlation rules to enhance security detections. Automation & Orchestration : Develop and maintain automated workflows, playbooks, and integrations to streamline incident response, threat detection, and security operations. Platform Optimization : Continuously monitor, tune, and optimize Cortex XSIAM performance, ensuring high availability and scalability. Security Operations Collaboration : Collaborate with Security Operations Center (SOC) teams to enhance incident management, response times, and threat intelligence sharing. Integration with Security Tools : Integrate Cortex XSIAM with SIEM, EDR, threat intelligence platforms, and other security tools to create a comprehensive security ecosystem. Problem Solving: Identify, analyze, and resolve technical issues related to XSIAM, providing effective solutions. Documentation and Reporting: Create and maintain technical documentation, training materials, and knowledge base articles for XSIAM. Maintain detailed documentation for system configurations, integrations, and workflows. Provide regular status reports to management on platform performance and incident metrics. Best Practices : Establish and maintain best practices for Cortex XSIAM configuration, workflow design, and incident response. Understanding of cybersecurity threats, vulnerabilities, and industry best practices. Customer Support and Consulting: Serve as a subject matter expert, providing consultative guidance to end-users on optimizing XSIAM usage. Training & Support : Provide training to internal teams and clients on Cortex XSIAM features, workflows, and incident response protocols. Act as a go-to resource for troubleshooting and technical support. Innovation & Continuous Improvement : Stay current with the latest developments in Cortex XSIAM and cybersecurity automation, bringing innovative ideas to enhance security operations. Incident Management and Investigation : Assist in the design and execution of automated response playbooks for common and emerging threats, ensuring rapid and effective resolution of incidents. Participate in incident response activities, including investigating security alerts and supporting incident resolution. Collaboration: Foster collaboration with internal and external teams to drive product adoption Threat Hunting: May be involved in proactive threat hunting activities, identifying potential vulnerabilities and threats. In this role, you won't just monitor you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy - helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you're not just protecting the present - you're shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company - you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles - we're invested in your journey. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Skills and Experience 8 to 10 years of security analyst experience, preferably in a managed services environment in XSIAM Engineer In-depth expertise in Palo Alto Networks Cortex XSIAM (XSOAR) platform. Proficient in scripting languages (e.g., Python, JavaScript) for creating automated workflows and integrations. Strong understanding of security technologies such as SIEM, SOAR, EDR, XDR and threat intelligence platforms. Hands-on experience with Cortex XSIAM integrations (e.g., RESTful APIs, webhooks, etc.). Experience with developing and tuning playbooks, tasks, and workflows within the Cortex XSIAM platform. Knowledge of security best practices and frameworks such as MITRE ATT&CK, NIST, ISO 27001, etc. Preferred Skills and Experience Cortex XSOAR certification (e.g., Palo Alto Networks Cortex XSOAR Certified Automation Engineer). Security Operations and Incident Response certifications (e.g., GIAC, SOC Analyst). Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

Location : Mumbai, Delhi / NCR, Bengaluru , Kolkata, Chennai, Hyderabad, Ahmedabad, Pune, Remote (India-based preferred) Experience Required : 710 Years Employment Type : Contract Primary Skills Cloud Security, AWS, IAM, DLP, Security Consultant, Data Encryption, Logging, Secrets Management, Security Posture, Risk Assessment, Compliance Frameworks, SIEM, SOAR, Incident Response, Automated Security, AIin Security Job Description We are seeking an experienced Security Consultant with 710 years of deep technical expertise across AWS security practices, posture assessment, incident response, and automation in security environments. The ideal candidate will play a key role in advising on cloud security design, conducting risk assessments, and strengthening compliance and data protection mechanisms in cloud-native environments. Key Responsibilities Lead cloud security strategy and implementation for AWS-based applications Conduct Security Posture Assessments, identify gaps, and define risk prioritization plans Implement and manage AWS security controls: IAM (Identity & Access Management) Network Security & Logging Data Encryption & Secrets Management Ensure adherence to compliance frameworks (ISO 27001, NIST, CIS, etc.) Implement Data Loss Prevention (DLP), Data Masking/Obfuscation solutions Drive SIEM/SOAR integration for intelligent threat detection and response Develop and maintain Incident Response plans and coordinate response activities Conduct automated security scanning and integrate into DevSecOps pipelines Provide consultation and innovation around Agentic AI applications in security Qualifications 7+ years of hands-on experience in cloud security, with a focus on AWS Deep knowledge of IAM, encryption, secrets management, and compliance frameworks Experience with SIEM/SOAR platforms, automated scanning tools, and AI-driven security solutions Strong documentation, communication, and stakeholder collaboration skills Ability to work independently in a remote team structure

Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network architecture, firewall policies, VPNs, NAT, and VLAN segmentation. Analyze and mitigate threats like DDoS, MITM, spoofing, etc. Configure and manage intrusion detection/prevention systems (IDS/IPS). Perform routine audits and packet-level analysis for suspicious activity. Cloud Security Secure cloud infrastructure (Alibaba Cloud/AWS/Azure/GCP). Manage IAM, WAF, Security Groups, and cloud-native threat detection tools. Audit and improve security configurations in containers, CI/CD pipelines, and serverless deployments. Monitoring, Audit, and Compliance Work closely with compliance teams to meet standards like SAMA-CSF, ISO 27001, and PCI-DSS. Implement and tune SIEM/SOAR systems for proactive monitoring and incident response. Maintain audit trails, security reports, and logs for investigations and audits. Qualifications & Requirements Bachelors degree in computer science, Cybersecurity, or a related field. 4+ years of experience in cybersecurity roles with exposure to infrastructure and application security. Proficiency in tools like Burp Suite, Nessus, Wireshark, Nmap, Suricata, OSSEC/Wazuh, etc. Strong knowledge of TCP/IP, Linux security, cloud security, and secure coding principles. Experience with at least one cloud platform (Alibaba Cloud preferred). Familiarity with regulatory and compliance standards in the GCC region is a plus. Security certifications such as CEH, OSCP, CISSP, or CISM are a plus. Preferred Strong problem-solving and analytical skills. Ability to work under pressure in a fast-paced environment. Excellent communication skills to interface with technical and non-technical stakeholders. Self-motivated and able to work independently or as part of a team.

Job Requisition ID # 25WD91177 Position Overview The Incident Response Analyst is responsible for monitoring, identifying, assessing, containing, and responding to various information security events in a large and complex environment, as well as analyse, triage, and report on these incidents and investigations. The candidate must have knowledge of system security design, network/cloud security best practices and in-depth knowledge of systems security operations, threat actors frequently used attack vectors, and general user behaviour analytics. The candidate will be part of an established security team and work closely with teams across the company in remediating security issues and driving Incident Response. The candidate should have a strong passion for security and growth and be willing to accept challenging projects and incidents. Responsibilities Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents Help create and maintain process tools and documentation Perform all stage of incident response from detection to postmortem Collaborate with stakeholders in building and improving our Security Orchestration Platform Clearly document notes for incidents in our case management solution Perform basic forensics and malware analysis based on our playbooks and procedures Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement Maintain a high level of confidentiality and Integrity Minimum Qualifications BS in Computer Science, Information Security, or equivalent professional experience 2+ years of cyber security experience in incident response Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics Strong understanding of Security Operations and Incident Response process and practices Experience performing security monitoring, response capabilities, log analysis and forensic tools Strong understanding of operating systems including Windows, Linux and OSX Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team Excellent verbal and written communication skills Ability to design playbooks for responding to security incidents Ability to support off-hours, weekends, and holidays if needed in support of incident response Preferred Qualifications Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization One or more security-related certifications from any of the following organizations: GCIH, GCFE, GCFA, AWS, Azure Cloud security Certifications or equivalent is desired #LI-PJ1 Learn More About Autodesk Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world. When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future Join us! Salary transparency Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package. Diversity & Belonging We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: Are you an existing contractor or consultant with Autodesk Please search for open jobs and apply internally (not on this external site).