26 Soc Operations Jobs

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelors degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring + 3 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

As a Senior Specialist in Cyber Security Operations at AB InBev GCC, you will have the exciting opportunity to be a part of a growing team of top professionals dedicated to protecting AB InBev from sophisticated threats. Your role will involve working as a Cyber threat hunter, investigating security alerts, and responding to incidents within defined timelines. You will collaborate with incident responders in a 24x7 shift model and utilize your deep knowledge of security tools and platforms to monitor threats and new attack techniques. Key tasks and accountabilities include monitoring, responding, and processing security alerts triggered from various SOC tools deployed across on-premises and cloud environments. You will investigate events, create incident storylines, and communicate necessary remediation steps. Additionally, you will co-relate different log sources, own incidents till completion, adhere to SLAs, and collaborate with internal teams for automation and process improvements. In this role, you will act as an Incident commander during critical incidents, prepare incident reports, create incident response SOPs, and seek opportunities to drive efficiencies. Your ability to effectively communicate complex technology to non-tech audiences, collaborate with stakeholders, and ensure client satisfaction will be crucial. Moreover, you will continuously enhance your threat hunting skills, stay updated on security standards, and work towards improving defensive controls. To qualify for this role, you should ideally have a Bachelor's degree in Computer Science or Information Systems, along with 6+ years of experience in incident response, CISRT, and SOC operations. You should possess expertise in EDR, SIEM, log analysis tools, and cloud security solutions. Security certifications such as CEH, CHFI, or CompTIA Security+ would be a plus. Your strong analytical skills, knowledge of operating systems, and networking concepts will be essential for success in this role. If you have a passion for cyber security, a desire to excel in a global team environment, and an undying love for beer, then this role at AB InBev GCC is the perfect opportunity for you to dream big and create a future with more cheers.,

You should have at least 7 years of experience in the Information Security field, specifically with direct experience in SOAR or other automation solutions. Your expertise should include Palo Alto XSOAR with SOC Operations understanding, with a focus on resolving Security Incidents and automating related tasks. A minimum of 5 years of hands-on experience in SOC / Incident Response is required. Additionally, you should possess experience with SOAR or other automation solutions (e.g., IT automation, SIEM, case management) and have a strong background in triaging security events using various tools like SIEM, SOAR, and XDR in a security operations environment. Proficiency in scripting and development skills (e.g., BASH, Perl, Python, or Java) along with a solid understanding of regular expressions is crucial for this role. This position falls under the Others category and is a Full-Time role located in Bangalore/Pune. The ideal candidate should have 7-10 years of relevant experience and be available to start immediately.,

You are an experienced professional with over 8 years of experience, seeking to set up SOC L1 operations, develop processes, procedures, and integrate teams. In this role, you will collaborate with Cadence SOC L2/L3 teams to establish a fully operational L1 framework. Your expertise in tools used in the SOC ecosystem such as Splunk, Devo, and Sentinel One is essential. Your key responsibilities will include designing and implementing SOC L1 workflows, processes, and escalation paths, onboarding and guiding the L1 team to align with L2/L3 operations, developing SOPs, incident response playbooks, and documentation. You will configure monitoring tools and dashboards for effective threat management and provide full-time onsite support for 6-8 weeks, transitioning to part-time remote support. To excel in this role, you should have proven experience in SOC operations and team setup, strong knowledge of SOC tools like SIEM and cybersecurity frameworks, excellent documentation, and communication skills. Possessing relevant certifications such as Security+ or CSA would be advantageous. This is a full-time position with a rotational shift schedule. The job requires you to be based in Noida, Uttar Pradesh and have the flexibility to commute or relocate before starting work. You will also be expected to provide details regarding your current CTC, expected CTC, notice period, current location, the level you are supporting, years of experience in SOC tools and cybersecurity frameworks, experience in Splunk and Sentinel One, and your comfort level with 24/7 support. If you meet the qualifications and are ready to take on the challenges of setting up SOC L1 operations and collaborating with cross-functional teams, this role offers an exciting opportunity to contribute to Cadence's cybersecurity initiatives.,

As a SOC Architect at Sennovate, located in Coimbatore, you will be a part of an Information Security managed Security Service provider specializing in Identity and Access Management (IAM) and Security Operations Center (SOC) powered by AI. Your role will involve leading the SOC Team with a strong focus on research and development in the Security domain. If you align with Sennovate's culture, which emphasizes accountability, respect, continuous learning, personal ownership, rejecting average standards, showing gratitude, and valuing time and simplicity, then you are the right fit for this role. Your responsibilities will include providing technical leadership in designing, implementing, and maintaining SOC systems. You will be expected to embrace thought leadership, provide mentorship to team members, and develop strategies to enhance security protocols, incident response, and threat detection capabilities. Additionally, you will drive improvements in SOC processes, workflows, and toolsets, while also leading the R&D team in exploring innovative security solutions. The ideal candidate will hold a Bachelor's degree in Computer Science, Information Technology, or a related field, with 6-10 years of extensive experience in SOC operations, security architecture, and design. Hands-on experience with security tools across various platforms, strong knowledge of Linux and Windows OS, and an understanding of security architectures are required. Additionally, the candidate should have excellent communication and presentation skills, demonstrated expertise in leading R&D initiatives, and relevant certifications such as CISSP, CISM, or CISA would be advantageous. Strong leadership, communication, and problem-solving skills are also essential for this role.,

When you join Trend, you become part of a unique and diverse global family and you get to work towards a world safe for exchanging digital information. The Sales Engineer (SE) for India will play a crucial role as the technical bridge between our Sales Representatives and their pre-sales customers. As a Trend Micro product expert, you will guide customers and prospects in the selection and deployment of Trend Micro Next-Gen security solutions. You will take joint ownership with the Sales team in developing customer relationships and provide leadership in security architecture. Your strong problem-solving skills will help influence customers" technical strategy. As a trusted advisor, you will develop an understanding of customer needs, risks, tolerance, and technology gaps. Apart from your role as a technologist, you are expected to understand the customer journey with our product and ensure a smooth experience for customers throughout their engagement, onboarding, and product usage. Customer success is a top priority, and you will play a key role in enabling a positive customer experience. You will also be responsible for building and training the sales organization, acting as a storyteller to help the sales team sell more effectively. Understanding the emerging ecosystem of cybersecurity partners like SOC services partners, CSPs (cloud service partners), MSSPs, etc., will be essential. You will work closely with channel partners to upscale and train them for better customer engagement. Additionally, you will provide routine updates on new products/technologies to internal sales staff and collaborate with Regional/Global Product Managers and Product Marketing Managers to stay updated on the latest trends. Your responsibilities will include confidently delivering technical demonstrations, encouraging partners and channels to propose our products effectively, presenting technical solutions to all levels of an organization, designing customer-centric solutions, delivering training to customers and prospects, ensuring quality support and customer health, contributing to best practices, and continuous learning to maintain current technical knowledge. Experience in delivering high-quality presales support and solutions, understanding SOC operations, security analytics capabilities, cloud architecture, cloud native application security, SASE, CASB, Zero trust model, and knowledge of Microsoft O365, Azure, Google, AWS services will be advantageous. Exposure to security software solutions and good communication skills in English are required. A strong interest in cybersecurity and public cloud technologies like AWS and Azure is essential. Sales Engineers at Trend Micro actively participate in webinars, workshops, and industry events as speakers or panelists. Strong public speaking skills will be an added advantage to excel in this role. Join Trend Micro, embrace change, empower people, encourage innovation, and thrive with us.,

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

The primary responsibility as an Infoscion is to actively support the consulting team in various project phases, such as problem definition, effort estimation, diagnosis, solution generation, design, and deployment. You will be tasked with exploring alternatives to recommended solutions through thorough research, including literature surveys, public domain information, vendor evaluations, etc., and developing proof of concepts. Additionally, you will be responsible for creating requirement specifications from business needs, defining processes, and detailed functional designs based on requirements. Configuring solution requirements, diagnosing issues, identifying root causes, seeking clarifications, and shortlisting solution alternatives will also be part of your role. Furthermore, you are expected to contribute to unit-level and organizational initiatives to deliver high-quality solutions that add value to customers. If you believe you possess the skills to assist clients in their digital transformation journey, this opportunity is tailored for you. In terms of technical requirements, proficiency in Technology Infrastructure Security, SOC Operations, Security Incident and Event Management (SIEM), Oracle Cloud Service, Cloud RightNow, and Desktop Workflow is essential. Moreover, you should be able to collaborate with clients to identify business challenges and contribute to refining, analyzing, and structuring relevant data for client deliverables. Staying abreast of the latest technologies and trends, possessing logical thinking, problem-solving skills, and the ability to collaborate effectively are also crucial. You should be capable of assessing current processes, pinpointing improvement areas, and recommending suitable technology solutions. Having knowledge in one or two industry domains is considered advantageous. Preferred Skills: - Technology: Infrastructure Security, SOC Operations - Technology: Infrastructure Security, Security Incident and Event Management (SIEM) - Technology: Security Operations, Threat Intelligence,

You will be responsible for providing strategic and operational leadership across regional Security Operations Centres (SOCs) and leading the global security incident management framework, including governance, response, and recovery protocols. Your role will involve developing and implementing the SOC framework & strategy of the Bank by closely working with supply partners. You will manage, govern, and assure SOC policies, processes, and procedures to ensure compliance with security and regulatory requirements. Your key responsibilities will include leading, coordinating, and managing the global SOC network, defining strategic objectives, and planning, directing, and controlling SOC functions and operations. You will be in charge of developing and managing SOC policies, processes, standards, and procedures, ensuring compliance with relevant legislation and global harmonization. Furthermore, you will lead through example, build the appropriate culture and values, and review SOC team structure/capacity plans to meet business demands. Risk management will also be a crucial aspect of your role, including maintaining awareness of risks facing the Group and developing a proactive intelligence capability to track global threats. In addition to overseeing daily SOC operations, you will also manage regional SOCs, incident management & response, budget management, project management, supply partner management, technology integration, and data reporting. You will be responsible for ensuring that the SOC function is delivered cost-effectively and actively identifying opportunities for cost savings. Furthermore, you will be accountable for implementing global strategy and compliance for physical access control systems, partnering with internal stakeholders, and building strong relationships with key stakeholders. You will also play a key role in embedding the Group's values and brand in the SOC team and performing other responsibilities as assigned. To be successful in this role, you should have knowledge of SOC operations, experience in managing diverse teams, data and analytics skills, and hold a related degree or professional security qualifications. Preferably, you should have 10 years of experience in managing SOC operations and incident management. Membership of a recognized professional security body is desirable, and proficiency in English is required. Standard Chartered is an international bank committed to making a positive difference for its clients, communities, and employees. If you are looking for a purpose-driven career with a bank that values diversity and inclusion, Standard Chartered is the place for you. Join us in driving commerce and prosperity through our unique diversity and making a difference in the world.,

Monitor SIEM alerts and conduct incident detection/response. Collaborate within SOC, automate remediation, refine detection blocks, and support cyber defense initiatives. Required Candidate profile 3–5 yrs in SIEM, incident response, log analysis. Bachelor's in CS/IT/Cybersecurity. Security certification preferred (Security+, SC200). Python/PowerShell automation experience a plus.

As an experienced Cloud Monitoring & SOC Specialist, you will be leading the optimization and integration of the monitoring ecosystem. Your passion for transforming data into actionable insights and reducing alert fatigue will be instrumental in this role. Your responsibilities will include consolidating and integrating various tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 into a unified monitoring ecosystem. You will architect clear and efficient monitoring and incident-response workflows, implementing centralized AI-driven alerting to minimize noise and accelerate detection. In addition, you will be responsible for developing methods for proactive monitoring and continuous improvement by learning from incidents and iterating on processes. Configuring and maintaining essential NOC/SOC dashboards and monthly capacity reports for leadership visibility will also be part of your role. To qualify for this position, you should have deep technical expertise with 8-10 years of experience in monitoring architecture, tool integration, and SOC operations. Hands-on experience with infrastructure monitoring, APM, cloud (GCP), centralized logging, and SIEM solutions is required. Familiarity with tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 is considered a strong advantage. A proven track record of designing effective alert rules, incident-response playbooks, and automated workflows is essential. Experience in writing and refining monitoring procedures, SLAs, runbooks, and regular capacity/performance reports is also required. Strong communication skills and the ability to collaborate with DevOps, SecOps, and IT teams to drive continuous improvement are key attributes for success in this role.,

SOC Analyst Core Responsibilities Monitor security dashboards and alerts to identify potential threats. Respond to security incidents by following established response plans. Conduct threat hunting to proactively identify vulnerabilities and potential threats. Collaborate with other departments, such as network engineering and incident response teams, for coordinated threat response. Analyze security incidents and document findings to prevent future occurrences. Develop and maintain security monitoring tools and processes. Implement and optimize SIEM, SOAR, EDR, and Threat Intelligence platforms. Conduct vulnerability assessments and penetration tests to identify weaknesses. Create and maintain incident response procedures and playbooks. Provide detailed reports on security incidents and emerging threats. Stay updated with the latest cybersecurity trends and threats. Experience 7-9 years of experience in cybersecurity, with a focus on SOC operations. Extensive experience with security monitoring tools and incident response. Proficiency in threat hunting and vulnerability analysis. Strong knowledge of network protocols, operating systems, and common cybersecurity threats. Experience with SIEM, SOAR, EDR, and Threat Intelligence platforms. Ability to conduct in-depth threat intelligence analysis and develop containment strategies. Experience in conducting vulnerability assessments and penetration tests. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Knowledge of frameworks such as NIST Cybersecurity framework, MITRE ATT&CK, and Lockheed Martin Cyber Kill Chain.

Join Our Cyber Star Team -Deloitte India !! #CyberChamps-Are you ready to apply your knowledge & background to exciting new challenges ? From Learning to Leadership, this is your chance to take your career to next level. Time To Meet The Team @ Deloitte -Gurgaon DLF office -12th July (Saturday) Interested Applicants-Choose your Impact & Apply on the below link to Join our #Cyber Team! Link To Apply- https://lnkd.in/dCsGFkgP JobCode-85019 #Please note the below schedule/venue dates for In-Person (F2F) Round :- Save The Date :: 12th Jul'25 (10 AM - 6 PM)-Saturday Mode :: In-Person Interview - Based on Virtual Interview Scoring Test via invirtualinterview@deloitte.com Office Location :: 7th Floor, Building 10, Tower B, DLF Cyber City, DLF Phase 2, Sector 24, Gurugram, Haryana 122002. What You'll Do :: 1. SOC Ops Lead / L3SecOps | Gurgaon | Exp-6 to 12 years : >Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments. >Oversee the detection, investigation, and response to security incidents within client environments. >Ensure proper escalation of incidents to client contacts based on the severity and impact of the incident. >Oversee the use and management of SOC tools such as SIEM, SOAR, EDR, threat intelligence platforms, and log management solutions. >Implement automation and orchestration (SOAR) to streamline repetitive tasks and improve response times. 2. SOC Ops L2 / SIEM, QRADAR Engineering / Incident Response | Gurgaon | Exp-4 to 8 years : >Conduct in-depth investigation of security incidents including data collection, root cause analysis, and recovery efforts, ensuring compliance with defined SLAs. >Validate and fine-tune correlation rules, use-cases, and custom detections in SIEM tools to reduce false positives and improve detection fidelity. > Propose new SIEM use cases with playbook creation based on threat intelligence, evolving TTPs, or internal security gaps. >Conduct alert quality reviews, enhancing or retiring outdated detection logic and recommending improved strategies. 3. LogRythm /Incident Response | Gurgaon & Hyderabad | Exp- 2 to 4 years : >Advanced Log Monitoring and Analysis >Incident Escalation and Resolution >LogRhythm Platform Management >Threat Intelligence Integration >Security Tool Configuration and Tuning: **Immediate/ Early Joiners are highly preferred. **Should be flexible to operate in 24*7 rotational shifts and willing to travel for clients based out of Mumbai Location. **Mandatory Virtual Screening test by the applicants to be completed before appearing for In-Person Interviews on Saturday.

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

For IR L2-Position: 5Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), T Location: Pune Roles and Responsibilities For Soc/IR L2-Role: 5Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7) Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight, 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Network monitoring Tool (Cisco Nbad) 9.Use case Creation Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedure Please share your profile to anwar.shaik@locuz.com

Job Description: SOC Lead with experience in Cyber Security is preferred The resource should mandatorily have minimum 5 Years experience in SOC Operation Responsible for overseeing the operations of the Security Operations Center ensuring the organization s digital assets are continuously monitored protected and defended against cyber threats Key Responsibilities: Lead and manage the Security Operations Center SOC ensuring effective monitoring detection analysis and response to cybersecurity threats and incidents across the organization Define and implement SOC processes workflows and escalation protocols aligned with industry best practices and regulatory requirements Oversee the deployment configuration and optimization of SOC technologies including SIEM SOAR threat intelligence platforms and endpoint detection and response EDR tools Coordinate incident response activities ensuring timely investigation containment eradication and recovery from security events Conduct regular threat hunting exercises and proactive analysis to identify potential vulnerabilities and emerging threats Collaborate with internal teams and external partners to ensure comprehensive coverage of security monitoring and incident handling Develop and maintain SOC metrics dashboards and reporting mechanisms to provide visibility into security posture and operational effectiveness Ensure continuous improvement of SOC capabilities through training process refinement and technology upgrades Act as a key point of contact for cybersecurity incidents audits and compliance reviews providing expert guidance and documentation Mentor and lead SOC analysts fostering a culture of vigilance accountability and professional growth within the team Preferred Skills: Technology->Infrastructure Security->SOC Operations,Foundational->Cybersecurity Competency Management->Cyber Competency Strategy Planning

.Monitoring and analysis of cyber security events using Microsoft Sentinel SIEM. 2.Monitor internal and external threats, examine logs, events, and alerts generated by multiple platforms for anomalous activity. 3.Development and execution of SOC and standard operating procedures (SOP). 4.Triage security events and incidents, detect anomalies, and report/direct remediation actions. 5.Timely escalate security incidents whenever SLA's are not met. 6.Assist in incident detection and resolving incidents by following all phases of incident management lifecycle. 7.Integrate and collaborate threat information to improve incident detection capabilities. 8.Should be capable of report generation from security solutions and preparation of report for management or leadership review. 9.Collect evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of systems and data. Ability to coordinate and work with stakeholders to track security incidents till closure. Qualification Job Description: 1.Monitoring and analysis of cyber security events using Microsoft Sentinel SIEM. 2.Monitor internal and external threats, examine logs, events, and alerts generated by multiple platforms for anomalous activity. 3.Development and execution of SOC and standard operating procedures (SOP). 4.Triage security events and incidents, detect anomalies, and report/direct remediation actions. 5.Timely escalate security incidents whenever SLA's are not met. 6.Assist in incident detection and resolving incidents by following all phases of incident management lifecycle. 7.Integrate and collaborate threat information to improve incident detection capabilities. 8.Should be capable of report generation from security solutions and preparation of report for management or leadership review. 9.Collect evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of systems and data. Ability to coordinate and work with stakeholders to track security incidents till closure

Post Name: Global Safety Operation Center (GSOC) Operator ( Control Center Operator) Post Details: Description: GSOC Operator Locations: Pune, India Objective These General Post Orders are applicable to all contract safety & security personnel supporting Global Safety Operation Center (GSOC) Operator duties for Workday Inc. These rules must be followed to ensure proper execution of post specific job functions. All personnel supporting GSOC Operator duties for Workday Inc. must thoroughly read, review, understand, adhere to and execute their duties to these standards at all times. Arrival on Duty Arrive on time for start of shift in the right uniform, ready to assume your post Attend shift passdown brief at the Global Safety Operation Center (GSOC); ask questions where clarification is needed Deployment to Assigned Post Inspect all post equipment where applicable to ensure equipment is operational and accounted for;i.e. GSOC high dollar electronic assets, radios, keys, access control badges Report any equipment inspection deficiencies to the client leadership team immediately After completing passdown brief and shift inspection, relieve the offgoing GSOC Operator and assume the assigned post GSOC Operator Duties Ensure all third party software solutions used by the GSOC are opened, operational, and being monitored where applicable, or ready for use where applicable Ensure all access control and camera monitoring tools are opened, operational and being monitored Investigate all alarm activity and dispatch foot patrol as need to follow up on alarm events or suspicious activity as observed via the surveillance system Dispatch foot & vehicle patrol to support request received by the GSOC; i.e. escorts, drop offs, etc. Notify police for any reports of verified suspicious activity or crimes in progress, as well as notify client leadership for situational awareness and further guidance Notify emergency medical services when notified of medical emergencies occurring on campus and execute client guidance as outline in standard operating procedures relative to medical emergencies Monitor all incoming electronic notifications received related to intelligence reports generated by third party software solution (Dataminr, NC4, OSAC, Egencia) to understand and escalate risk related concerns to impacted personnel, site coordinators, or client leadership, within the framework of establish standard operating procedures As directed and at the guidance of site leadership, send mass notifications via Workdays mass notification system Dispatch personnel to support medical and fire life safety incidents within the framework of Workdays WERC & Life Safety program as well as standard operating procedures Provide ad hoc support to physical security request from the client as directed Fulfill special projects as assigned by client leadership team & the Site Manager Understand an execute all post specific task as they occur within the framework of guidance established in post specific standard operating procedures and departmental playbooks Shall make sure to track/record women employees late-night travelling. Highly Preferred Qualifications 1-2 years of experience working in one or more of the following environments: Commercial or Corporate security environments involving 24/7 monitoring and escalation processes. Security/Emergency/Response based dispatch/operations centre services involving direct interaction with callers and dispatched personnel.

Investigate, hunt, and lead escalated incident response using advanced threat detection from SIEM, EDR, NDR platforms. Develop and manage custom detection use cases aligned to threat frameworks and customer environments. Key Responsibilities: Monitoring, Investigation & Triage Triage and correlate alerts from SIEM (QRadar/Sentinel), EDR, and NDR Identify lateral movement, C2 activity, and data exfiltration Lead incident investigations and initiate containment measures Threat Hunting & Detection Engineering Proactive hunting using logs, flow data, and behavior analytics Apply MITRE ATT&CK for hypothesis-driven hunts Develop, test, and optimize custom detection rules Maintain a backlog aligned with emerging threats Tool Proficienc y SIEM: Advanced KQL/AQL queries, rule tuning, alert optimization EDR: Defender for Endpoint binary/process analysis, endpoint containment NDR: Darktrace/LinkShadow behavioral baselining, detection logic SOAR: Sentinel Playbooks / Cortex XSOAR for automated workflows Cloud Security: Azure AD alerts, MCAS, Defender for Cloud, M365 Defender Threat Intelligence Integration IOC/TTP enrichment Threat intel feed integration Contextual alert correlation Reporting & RCA Draft technical incident reports and RCAs Executive-level summaries for major incidents Cloud Security (Optional): Investigate alerts like impossible travel, app consent abuse Respond to cloud-native security incidents using Defender for Cloud, MCAS Create advanced SOAR workflows and playbook Tool Familiarity QRadar Microsoft Sentinel Microsoft Defender for Endpoint LinkShadow or Darktrace EOP/Exchange protection Antivirus platforms Defender for Identity / Defender for Cloud Advanced SOAR workflows (Sentinel playbooks / Cortex XSOAR) Network forensic tools like Wireshark / Zeek Certifications (Preferred): GCIH / GCIA / CEH Microsoft SC-200 / SC-100 QRadar Admin or equivalent Shift Readiness: 24x7 rotational shifts, including on-call support for escalations and major incidents Soft Skills: Strong analytical and documentation skills Proactive communicator Independent problem-solver and critical thinker

Description The Information Security Analyst will work under the direction of IT Security management in the implementation and monitoring of security tools and infrastructure solutions. This mid-level hands-on role requires someone with 3 to 7 years of IT Security technical experience in a mid to large corporate environment. He/She will have a strong understanding of information security, Firewalls, Routers, Switching, IDS, SIEM, VPNs, Encryption, Vulnerability scanning, Virus and Malware, VLAN, AD, DMZ’s, Proxies, VMware and Access Control technologies. Primary Responsibilities IT Security - Monitor and analyze security alerts / logs and information, escalating as needed. Monitor and control access to secure data and segmented network environments. This individual will be responsible for conducting penetration tests and vulnerability assessments. Configure security devices and tools following management guidelines and vendor specifications. Test proposed security configurations and changes in the IT Security laboratory. Analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches. Conduct regular security vulnerability scans of wired & wireless network infrastructure and data. Recommend IT Security solutions as needed. Disaster Recovery - Assist the DR team in the DR process as needed. Provide IT Security support to the DR team as needed. Participate in quarterly DR tests. Reporting - Monitor, gather and report on IT Security related incidents and provide regular activity reports. Report on the status of Remediation work related to the implementation, change, retirement or upgrade of IT Security and DR controls and processes. Soft Skills This position involves a high level of interaction with all levels of the organization. The candidate must be able to multitask in a cooperative / collaborative multicultural environment and must be familiar with delivering security solutions following standards based frameworks (ISO 27000, NIST, COBIT or SANS) with clearly defined controls and processes. The ability to work on long term multi-stage projects will be crucial to his/her success as well as good verbal and written communication skills. Technical and Educational Experience Bachelor’s degree in Computer Science, Business Administration, or equivalent work experience. Minimum of 3 years’ experience in Information Security. Certifications, such as CISSP, CEH, GCFE, GPEN, GWAPT, CompTIA security, preferred or able to obtain within 9 months of employment. Experience with SIEM and Log management (Splunk, Syslog, Events Logs, ELK, etc.) Understanding of Automation and Machine Learning concepts Familiarity with security configurations for Microsoft Windows Networks – Microsoft Windows. Cisco Firewalls and Routers and Linux. Familiarity or hands-on experience with Nessus, Tripwire File Integrity Monitoring, IAM, WireShark, MS-Data Protection Manager, Next Generation AV tools, EDR.

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

threat hunting and intelligence analysis tools,malware analysis and threat detection, SOC operations, Malware Reverse Engineering, Exploit Development, SIEM, IDS/IPS, and other security tools, CTIA, GCIA,GCIH, OSCP+,GCTI Required Candidate profile malware, ransomware, application & network layer attacks,shell, Python, and PowerShell SIEM platform (e.g., Splunk, Elastic Stack) SQL queries,Threat Hunter & Threat Intelligence Analyst

Key Deliverables: Design and maintain SIEM and WAF detection rules to identify and mitigate threats Lead SOC processes including incident response, escalation, and 24/7 coverage Automate security workflows and threat detection using Python scripting Mentor junior analysts and collaborate with engineering and DevOps teams Role Responsibilities: Manage security monitoring, detection engineering, and incident handling Identify and remediate cloud misconfigurations and enforce security best practices Develop and optimize SOC playbooks, reporting, and dashboards Act as key liaison during security incidents and stakeholder engagements

Job Description: We are looking for an experienced Security Senior Specialist Advisor to join our security team. The ideal candidate will have extensive experience in Data Security Posture Management , Cyber Security Posture Management , and Securiti.AI , with a proven track record of implementing robust security solutions and leading high-level security initiatives. Key Responsibilities: Lead the implementation and management of Data Security Posture Management strategies to ensure optimal data protection. Oversee Cyber Security Posture Management to mitigate risks and strengthen the overall security framework. Utilize Securiti.AI to monitor and optimize security systems, processes, and controls. Collaborate with cross-functional teams to integrate security protocols across multiple platforms and systems. Provide strategic advice on cybersecurity best practices and emerging threats to senior leadership. Troubleshoot and resolve complex security issues, ensuring minimal downtime and risk. Qualifications: 10+ years of experience in Cyber Security , with a strong focus on Data Security Posture and Cyber Security Posture Management . Hands-on experience with Securiti.AI and other relevant security tools and platforms. Expertise in developing and implementing security policies, procedures, and compliance standards. Strong communication and leadership skills with the ability to influence stakeholders at all levels. If you're passionate about driving security excellence and have extensive experience in the cybersecurity space, we'd love to connect with you!

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),