Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 3 Years exp in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Clients requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of ITIL processes. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements.Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness.Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits.Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Associate Security Platform Engineer is an entry level subject matter expert, responsible for learning how to facilitate problem resolution and mentoring for the overall team. This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Associate Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What you'll be doing Key Responsibilities: Works as part of a 24/7 team working on rotational shifts. Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings. Administers the organization's security tools to gather security logs from environment. Lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update. Adheres to SOPs and notify stake holders on log flow/log format issues. Documents best practices. Identifies opportunities to make automations which will help the incident response team. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/Ss, and general security infrastructure. Knowledge and Attributes: Entry level knowledge on implementation and monitoring of any SIEM or security tools/technologies. Entry level knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Ability to problem solve and is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team player with the ability to work well with others and in group with colleagues and stakeholders. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred. Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH etc. will be added advantage. Required Experience: Entry level experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.). Entry level experience in technical support to clients. Entry level experience in diagnosis and troubleshooting. Entry level experience providing remote support in Security Technologies. Entry level experience in SOC/CSIRT Operations. Entry level experience in handling security incidents end to end. Entry level experience in Security engineering.

Key Responsibilities: Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary. Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls. Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities. Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts. Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls. Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs. Documents security breaches and assess the damage they cause. Works with the security team to perform tests and uncover network vulnerabilities. Fixes detected vulnerabilities to maintain a high-security standard. Develops organizational best practices for IT security. Performs penetration testing and upgrades systems to unable security software. Installs and upgrades antivirus software and tests and evaluates new technology. Assists with the installation of security software and understands information security management. Researches security enhancements and makes recommendations to management. Stays abreast of information technology trends and security standards. Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices. Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes. Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems. Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization. Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects. Performs any other related task as required. Knowledge and Attributes: Good communication skills to effectively convey technical information to non-technical stakeholders. Good analytical thinking and problem-solving skills to prevent hacking on a network. Ability to identify and evaluate potential risks and to develop solutions. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Understands firewalls, proxies, SIEM, antivirus, and IDPS concepts. Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact. Developing proficiency with MAC and OS. Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR). Basic understanding of network and system architecture, protocols, and security controls. Ability to analyze security incidents and assess potential risks. Ability to work both independently and collaboratively in a fast-paced environment. Academic Qualifications and Certifications: Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related. Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous. Required Experience: Moderate level of demonstrated experience in information security or cybersecurity, or related roles. Moderate level of demonstrated experience working in a global IT organization. Moderate level of demonstrated experience with computer network penetration testing and techniques. Moderate level of demonstrated experience with security assessment and vulnerability scanning tools.

Your day at NTT DATA The Manager, Information Security Incident Response is a management role, responsible for managing the Information Security Incident Response Management team. This role ensures their team is equipped and enabled to detect and monitor threats and suspicious activity affecting the organization's technology domain. This role serves as the escalation point for incidents workflows and participates in the delivery of security measures through analytics and threat hunting processes. The Senior Manager, Information Security Incident Response manages a team of security professionals whilst fostering a collaborative and innovative team culture focused on operational excellence. What youll be doing Key Responsibilities: 10+ Years of experience in SOC. 4+ Years of experience as a SOC Manager. 4+ Years of experience in SIEM (Splunk) CISM/CISSP Certification is must. Good understanding about SOAR/UEBA/NBAD/XDR. Strong Exp in EDR and email fishing, Ransomware alerts. Troubleshooting technical issues to ensure project success. End-end integration of all soc solutions health check as per the signoff Implementing changes to align with Client demands and specifications. Providing guidance, direction, and instructions to the team to achieve specific objectives. Developing and executing a timeline for the team to achieve its goals. Monitoring incident detection and closure. Presenting regular metrics and reports. Identifying new alert requirements. Ensuring services meet SLA parameters. Conducting periodic DR drills. Following up with departments to close various reports/incidents and escalating long outstanding issues. Designing SIEM solutions to enhance security value, service management, and scalability. Identify, resolve, and conduct root-cause analysis for security incidents which is essential for maintaining a proactive and responsive security posture. Develop and document incident response procedures. Ensuring the SIEM system is optimized for efficient performance is vital. This includes handling data volume effectively and maintaining responsiveness for timely threat detection and response. Align reports SIEM rules and alerts with security policies and compliance reports requirements ensures that the system contributes to overall security and regulatory adherence. Developing customized and dashboards provides meaningful insights into the LICs security posture, aiding in decision-making and monitoring. Integration with other solutions/devices (including security solutions) to enhance overall security monitoring and incident response capabilities, creating a more comprehensive security infrastructure. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the systems reliability and effectiveness. Academic Qualifications and Certifications: Bachelors degree or equivalent in Information Technology, Computer Science or related field. Industry Certifications such as CISSP, CISM preferred. Required Experience: Advanced experience in a Technology Information Security Industry. Advanced prior experience working in a SOC/CSIR. Comprehension and practical knowledge of the Cyber Threat Kill Chains. Advanced knowledge of Tools, Techniques and Processes (TTP) used by threat actors. Advanced practical knowledge of indicators of compromise (IOCs). Advanced experience with End Point Protection and Enterprise Detention and Response Software. Advanced experience or knowledge of SIEM and IPS technologies. Advanced experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis. Knowledge of malware analysis, hacking techniques, latest vulnerabilities, and security trends. Preferably an interest, or knowledge of, or experience with SIEM and IPS technologies. Advanced knowledge of network technologies including routers, switches, firewalls Advanced prior demonstrated experience managing and leading a team in a related field. Workplace type On-site Working

Knowledge and application: Seasoned, experienced professional; has complete knowledge and understanding of area of specialization. Uses evaluation, judgment, and interpretation to select right course of action. Problem solving: Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Resolves and assesses a wide range of issues in creative ways and suggests variations in approach. Interaction: Enhances relationships and networks with senior internal/external partners who are not familiar with the subject matter often requiring persuasion. Works with others outside of own area of expertise, with the ability to adapt style to differing audiences and often advises others on difficult matters. Impact: Impacts short to medium term goals through personal effort or influence over team members. Accountability: Accountable for own targets with work reviewed at critical points. Work is done independently and is reviewed at critical points. Workplace type : Hybrid Working

Additional Career Level Description: Knowledge and application: Seasoned, experienced professional; has complete knowledge and understanding of area of specialization. Uses evaluation, judgment, and interpretation to select right course of action. Problem solving: Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Resolves and assesses a wide range of issues in creative ways and suggests variations in approach. Interaction: Enhances relationships and networks with senior internal/external partners who are not familiar with the subject matter often requiring persuasion. Works with others outside of own area of expertise, with the ability to adapt style to differing audiences and often advises others on difficult matters. Impact: Impacts short to medium term goals through personal effort or influence over team members. Accountability: Accountable for own targets with work reviewed at critical points. Work is done independently and is reviewed at critical points.

Work experience: 8 + years Location : Bengaluru Essential Duties and responsibilities: Participate in governance, risk and compliance related assessments, policy and procedures, awareness and training for end users, change management, internal control identification and measurement per applicable guidelines and frameworks Conduct comprehensive security assessment and implementation support based on ISO 27001:2022, NIST 800, NIST CSF, PCI DSS and HITRUST. Perform gap analysis, identify risks, and provide actionable recommendations for compliance and security improvement. Lead risk methodology development and execution maintain updates and mapping of governance, risk and compliance (GRC) assessments for changing requirements/criteria related to SOC1, SOC2, in addition to other regulatory or industry requirements Work across matrix business environments both internal and external for risk and compliance (audit) readiness. Work with business units in a consulting role to assist in their understanding of internal controls and measurements in addressing strategic initiatives, business/client drivers and concerns, future audits and compliance requirements. Lead governance, risk and compliance (GRC) liaison with internal and external audit resources, external customers and government regulators, domestic and international. Actively support business units request for information and data security risk, technology risk, technical vendor relationship management, product selection and design related to the authority and responsibility of GRC within an Enterprise Risk Management (ERM) model. Promote a positive, entrepreneurial, consulting, performance focused culture within organisation that works effectively with stakeholders in the development and launch of services and programs that support compliance and company growth. Support the coordination, tracking and reporting on divisional and business units' metrics, results, data modelling, processing, calculating and transformation into meaningful risk metrics and reports. Roles and Responsibilities Job Qualifications: Bachelor’s degree in Computer Science/ Information Technology, Risk Management or equivalent years in experience Certifications required (two), preferred certifications: Certified Information Systems Auditor (CISA, Certified in Risk and Information System Controls (CRISC), Certified Information System Security Professional (CISSP), or equivalents. 8+ years of combined experience with consulting, external audit, company in house and outsourced internal audit, assurance services, contracts; experience with a Big 4 is required. 8+ years of hands-on combined experience with designing and implementing technology controls in diverse technology environments, including auditing, risk assessments and providing recommendations for remediation. 5+ years of hands-on combined experience, preferred in business process design, system integration, identity access & management, data privacy and protection, system development life cycle (SDLC), vulnerability assessment, information technology security, incident response, vendor management, backup and recovery and continuity planning. 8+ years of operational leadership roles that include domestic and international; diverse industry experience preferred, consulting services, financial services and banking, insurance and healthcare, risk and compliance. 8+ years of audit experience with SOC1, SOC2, and regulatory compliance. 8 years of combined hands-on operational experience in; accounting, tax, payroll, human resources, information technology operations, information technology security, risk management. 8+ years as a Subject Matter Expert (SME); working with industry frameworks including COSO, ISO, NIST 800-53, NIST/CSF, PCI, HITRUST, and GDPR. Experience leading engagements, establishing budgets, developing work programs/plans, building relationships, mentoring staff, providing performance feedback, and monitoring workloads of team(s) while meeting stakeholder and client expectations. Advanced written, verbal and presentation skills; including interactions with key stakeholders, internal executive management and external executive management and senior leaders. Experienced working in remote environments. Independent, motivated self-starter with the ability to analyse complex problems, think critically, problem solve, influence change, provide thought leadership. Excellent interpersonal skills, including the ability to work across a highly matrixed organization, interacting, influencing, negotiating effectively with all levels of leadership and peers Experienced with vendor and managed security services with ability to identify continuous improvement opportunities to drive risk assessment effectiveness and efficiency.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

Wipro Limited (NYSE:WIT, BSE:507685, NSE:WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role : Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role : Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

? Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities. Identify gaps and weaknesses on Data Loss Prevention platforms. Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs. Administrate of DLP solution and liaising with GRC & CISO function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution. Demonstrate a good understanding of incident response process and event escalations, repone to DLPs escalations reported by incident response team. Share recommendations to further identify sensitive data and strengthen security controls. Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security. Ability to independently research and solve technical issues and Demonstrated integrity in a professional environment.

About The Role Primary Skill (Technical Skill) Application Packaging Secondary Skill Windows, MECM, Intune ? Experience Level 6 –8 Years (B3) 3 - 5 Years (B2) Location of Posting Chennai Rates Including Mark up - 80 K/M - 90K/M ? Candidate should have the experience of customer facing role Primary Knowledge- Hands-on experience in Creation of MSI, MSIX, Intunewin packages using Flexera Admin Studio/ Install-shield, Microsoft Tools like Win32 Content Prep & MSIX Packaging tool Experience in creating Connection groups and Runvirtual keys Basic to Intermediate know-how and experience towards Scripting – VB script / PowerShell scripting Knowledge of Operating Systems – Win 10, Win11 Experience with SCCM (Microsoft Endpoint Configuration Manager) ? Support the Service & Product Manager across several technical domains Contribute expertise to the management of existing and new IT products and services Define workarounds for known errors and initiate process improvements Strong understanding of performance analysis for Applications packaging process Experience in Testing and implementing Application Packages Establish and implement policies, procedures, and technologies. Familiarity with support processes, including Incident, Problem, Request, Event, and Change Management. ? Mandatory Skills: Application Packaging - Windows. Experience3-5 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSE:WIT, BSE:507685, NSE:WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role : Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

At Mr. Cooper Group, You Make the Dream Possible. Our purpose is simple: Keeping the dream of homeownership alive. As a Mr. Cooper Group team member, you play a big role in making that dream possible. Around here, we know our roles and work together, volunteer to make a difference, and challenge the status quo when needed. Everything we do is in the care and service of our teammates and our customers. Join us and make the dream of home ownership possible! Role Responsibilities: 65% - Serve as HR technical point of contact for moderate to complex integration projects and production support enhancements. 15% - Support SOX, SOC & Information Security infrastructure optimization & support. 10% - Identify and deploy process improvements & automation to support an improved PEX and data quality. 10% - Responsible for working ticket & task queues as L3 support. Additional Duties: May act as a liaison between internal customers and external vendors Maintains and tracks all issues/work using standard Issue Tracking Processes Other duties as assigned Core Requirements: Minimum of a 2 - 4 year degree required: Information Systems or Computer Science concentration or equivalent Minimum of 5+ years of experience in Interface/Integration design & ETL development and 2 - 4 years Workday integration experience (i.e. EIB, Connector, Studio) Knowledge of relational databases, structured query language, enterprise resource planning systems, report writing & design Working knowledge and/or experience with Workday Prism and Workday HCM is a plus Working knowledge and/or experiences with SAP CallidusCloud is a plus Good written, verbal, interpersonal, presentation skills Ability to communicate among technical and non-technical employees, and process orientation skills A customer driven approach and good customer management skills Ability to prioritize work, be highly organized, and work independently Ability to identify problems and apply creative solutions Ability to manage many tasks while maintaining high degrees of attention to detail, accuracy and poise under pressure Must have collaborative work style Basic Proficiency in Microsoft Excel & PowerPoint Must be able to maintain strictest confidence Job Requisition ID: 023765 Job Category: Human Resources Primary Location City: Chennai Primary Location Region: Tamil Nadu Primary Location Postal Code: 600089 Primary Location Country: India Additional Posting Location(s):

Network Security Engineer - Staffing & HR Services Job Title: Network Security Engineer Job Summary: We are seeking a dynamic and experienced Network Security Engineer to join SCLERAVDMS Private Limited. The ideal candidate will lead the implementation and management of our network security infrastructure, ensuring the alignment of security strategies with business objectives. This role requires a strategic thinker with strong technical expertise, deep knowledge of network security best practices, and the ability to proactively identify and address potential vulnerabilities. The Network Security Engineer will be responsible for safeguarding the organization s data and IT systems while fostering a secure, efficient, and compliant environment. Key Responsibilities: Design, implement, and maintain network security systems, ensuring the protection of company systems, data, and networks. Handle and manage SOC, ISO, or HIPAA audits to ensure compliance with industry standards and regulatory requirements. Conduct regular network security assessments, vulnerability assessments, and penetration testing. Assist with internal and external audits, providing necessary documentation and evidence for compliance. Collaborate with IT and security teams to identify and resolve network security vulnerabilities. Monitor and respond to security incidents, ensuring quick resolution and minimal impact on operations. Develop and enforce network security policies, procedures, and best practices. Stay up to date with emerging network security threats and industry trends, implementing appropriate solutions. Maintain detailed records of security incidents and audits for reporting and compliance purposes. Qualifications: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum of 2 years of experience in a network security role with experience in SOC Audits, ISO Audits, or HIPAA Audits. Strong understanding of network protocols, security technologies, and network defense strategies. Hands-on experience with security tools such as firewalls, intrusion detection systems, and encryption technologies. Knowledge of regulatory standards including SOC 1/2, ISO 27001, HIPAA, and NIST frameworks. Familiarity with common security frameworks, risk management, and incident response procedures. Ability to analyze and resolve complex security issues in a timely manner. Strong communication and documentation skills. Relevant certifications (e.g., CISSP, CISM, CISA, or similar) are a plus.

Scopely is looking for a Senior Security Operations Center Engineer to join our Information Technology team in Bangalore on a hybrid basis. At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. What You Will Do You will be part of the Security Operations & Cloud Security team supporting all security operations at Scopely and will be at the forefront of identifying and reacting to new threats, risks and vulnerabilities that affect the industry. This role also requires collaboration and engagement with game teams, information technology, business partners, and vendors. You should enjoy working with an international team, embrace a fast-paced environment, and champion teamwork. Related activities would include: Support the execution of Scopelys security operations strategy, including daily monitoring and analysis of security events Manage and triage security alerts, reduce false positives, and continuously fine-tune detection rules, playbooks, and use cases Participate in the coordination, escalation, and resolution of security incidents in collaboration with internal stakeholders and external partners Perform security investigations from escalated alerts, threat hunting, or reports Perform digital forensics applied to incident response, to support case investigations Conduct network scans to identify vulnerabilities across internal and perimeter environments, and monitor for signs of exploitation or misconfiguration Contribute to vulnerability and patch management efforts by tracking open issues, validating remediations, and supporting mitigation activities Participate in proof-of-concept (PoC), proof-of-value (PoV), and project initiatives aimed at enhancing SOC tools, workflows, and detection capabilities Maintain SOC tools and platforms in an up-to-date and operationally ready state Document security investigations and incidents, including lessons learned / post-mortem analysis, and team processes. Contribute to the development and refinement of incident response playbooks and knowledge base articles Assist with the creation and delivery of security operations performance reports using predefined KPIs, including both operational metrics and risk indicators Foster strong relationships with business units, development teams, and external security vendors to align security operations with broader organizational goals Provide on-call support as part of a rotating schedule to ensure 24/7 incident readiness What We re Looking For Bachelor s degree in Information Security, Computer Science, or a related field. Equivalent practical experience will also be considered 5+ years of experience in a security operations or similar role, with proven exposure to incident detection, investigation, and response Strong understanding of core security topics, including incident response, threat hunting, threat intelligence, malware analysis, advanced persistent threats (APT), forensic analysis, and vulnerability management Solid knowledge of security frameworks and standards such as NIST Cybersecurity Framework (CSF), MITRE ATT&CK, Cyber Kill Chain, and ISO/IEC 27001/27002, as well as familiarity with relevant international regulations and compliance requirements Proficiency with Security Information and Event Management (SIEM) platforms, including experience deploying, configuring, and optimizing tools Hands-on experience with Managed Detection and Response (MDR), Endpoint Detection and Response (EDR), and Cloud Security Posture Management (CSPM) tools Experience working with open-source and commercial Security Orchestration, Automation, and Response (SOAR) platforms Familiarity with network and vulnerability scanning tools Strong practical experience in multi-cloud environments, including cloud-native security tooling Strong collaboration skills and ability to work effectively within a team environment; capable of following procedures and escalating issues appropriately Excellent verbal and written communication skills with the ability to convey complex security topics to both technical and non-technical audiences Security certifications such as CISSP, CEH, GSOC, GCIH, or equivalent are highly desirable. Bonus Points Development and/or scripting experience (e.g., Python, Bash, PowerShell) At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that! We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure! About Us Scopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as "MONOPOLY GO!," Star Trek Fleet Command, Stumble Guys, MARVEL Strike Force, and Yahtzee With Buddies, among others. Scopely creates, publishes, and live-operates immersive games that empower a directed-by-consumer experience across multiple platforms--from mobile, web, PC and beyond. Founded in 2011, Scopely is fueled by a world-class team and a proprietary technology platform Playgami that supports one of the most diversified portfolios in the games industry. Recognized multiple times as one of Fast Company s World s Most Innovative Companies, Scopely is a multi-billion-dollar business due to its ability to create long-lasting game experiences that players enjoy for years. Scopely has global operations in more than a dozen markets across Asia, EMEA, and North America, and is home to many internal game development teams, referred to as Scopely Studios, with additional game studio partners across four continents. Scopely was acquired by Savvy Games Group in July 2023 for $4.9 billion, and is now an independent subsidiary of Savvy. For more information on Scopely, visit: scopely.com Notice to candidates: Scopely, Inc and its affiliates will never request payment or ask for financial information as a condition for applying to a position or receiving an offer of employment. All official Scopely, Inc. recruiters only use email domains that end with @scopely.com. Our official website is www.scopely.com. Please only apply to positions posted on our official website and ensure the recruiter only communicates via the official email domain. Should you have any questions or encounter any fraudulent requests/emails/websites, please immediately contact recruiting@scopely.com . Our job applicant privacy policies are available here: California Privacy Notice and EEA/UK Privacy Notice .

6 - 10 years of work experience Go NodeJS AWS Terraform PostgreSQL Kafka TypeScript Datadog Company Overview Millions of families juggle elder-care across continents. 2care.ai turns that anxiety into confident, proactive care with an AI Health Voice Agent, WhatsApp-first workflows, and a unified medical-data platform. Founded by founders that have scaled SaaS globally to $80M, built consumer product which was acquired for $500M, and ex-AWS, managed operations, we ve just secured backing from Silicon-Valley & Indian health-tech angels to go after the $430 B global market. Build in India, ship to the world starting USA The Impact You ll Own As a Principal Engineer and Founding Engineering Leader, you will: Architect the future: Design the end-to-end backend infrastructure, including microservices, data pipelines, event buses, and observability, to enable real-time interpretation of thousands of biomarkers. Build for trust & compliance: Lead the implementation of HIPAA/GDPR-ready security measures, role-based access, audit trails, encryption, and FHIR-compatible APIs. Scale real-time care: Create resilient APIs unifying WhatsApp, voice, and web dashboards to ensure 99.99% uptime. Own data strategy: Shape our multi-tenant Postgres + time-series + vector-DB stack for longitudinal health graphs, AI embeddings, and analytics. Lead & mentor: Hire the first backend squad, establish engineering best practices (IaC, CI/CD, trunk-based dev, TDD), and cultivate a culture of autonomy, craftsmanship, and user focus. Partner with founders & doctors: Translate clinical workflows into elegant, safe services. Our Current Stack NextJs(TypeScript) MySql (Planetscale) Cloudflare(R2,Queues, Workers) Redis AI Integration with Claude, OpenAI and Gemini Whatsapp Business Integration Vercel Github with actions for CI/CD Future AI-agent-first stack could look like TypeScript-everywhere + Next.js foundation for DX consistency. Add a vector store (Pinecone / Weaviate) to power retrieval-augmented agents event streaming (Cloudflare Queues at edge) so agents run in parallel and stay decoupled Package each medical agent as an isolated TypeScript service (AWS Lambda / Workers), orchestrated by a light workflow engine (LangGraph-style) Expand Redis into a multi-tier cache (metadata, embeddings, feature flags) & OpenTelemetry tracing Bake in HIPAA/SOC 2 guardrails at middleware level (PII redaction, audit logs) What Success Looks Like in 12 Months Achieve zero-to-one PMF with backend reliably supporting 100x traffic with Pass HIPAA readiness audits to unlock US provider integrations. Hire, mentor, and enable a team of 5 high-bar engineers shipping weekly value. What You Bring 7 + years building distributed systems at scale, ideally in health-tech, healthcare, or other regulated data domains. Expertise in two of Go, TypeScript-Node, Python, plus experience with REST, gRPC/GraphQL, and event-driven patterns (Kafka, SNS/SQS, NATS ). Cloud expertise on AWS (EKS / Fargate / Lambda / RDS / DynamoDB) with IaC (Terraform / CDK / Pulumi) and CI/CD (GitHub Actions, Argo). Security-first mindset: Familiarity with OAuth2/OIDC, JWT, KMS, audit trails, SOC 2 / ISO 27001. *** Healthcare Tech experience a BIG plus. ** Startup DNA : bias for action, comfort with ambiguity, obsession with user outcomes. Bonus: experience with LLM/ML inference, stream processing, or healthcare platforms.

We are looking for a content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform. Roles and Responsibilities: Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc. Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions. Developing custom content based on threat intelligence and threat hunting results. Identifying gaps in the existing security controls and develop/propose new security controls. SIEM Engineering and knowledge of integrating various log sources with any SIEM platform. Custom parsing of logs being ingested into the SIEM Platform 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc-sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd-strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Preferred : Understanding of MITRE ATT&CK framework. Demonstrable experience in Use case /rule creation on any SIEM Platform. Chronicle Backstory/ YARA / Crowds trike rules is a plus. Location: Pan India