18 Sysmon Jobs

Description The SIEM Rule Engineer is responsible for designing, developing, testing, and tuning detection rules, signatures, and alerts for SIEM, IDS/IPS, and other monitoring platforms. This role focuses on enhancing threat detection capabilities by translating threat intelligence, use cases, and attack patterns into actionable and accurate detections . Responsibiliti es Rule Engineering & Detection Content Development Develop and maintain correlation rules, signatures, and detection logic in SIEM (e.g., Splunk, ELK, QRadar), IDS/IPS (e.g., Suricata, Snort), and EDR tools (Wazuh). Translate MITRE ATT&CK techniques into detection rules. Tune existing rules to reduce false positives/negative...

DFIR (Tools & Technologies) will be responsible for supporting in execution of technical tasks related to digital forensics and incident response. This includes configuring and maintaining DFIR tools, performing forensic data acquisition, and supporting incident analysis workflows across OT and IT landscapes. This role is ideal for a technically proficient candidate with a strong passion for forensic tools, cyber threat analysis, and a willingness to operate in real-world industrial cyber environments. Qualifications & Certifications: Bachelor’s degree in Cybersecurity, Computer Science, or related fields Preferred certifications: GCFA, GCFE, CHFI, GREM 5 + years of experience in cybersecuri...

You will be responsible for architecting and implementing the Cyber Periscope agent for the Windows ecosystem. This involves delving into Windows internals to capture process, registry, file system, and network telemetry with minimal system overhead. Your role is crucial in providing reliable endpoint visibility at scale, making you a key player in the Cyber Periscope platform's success. Your responsibilities will include: - Developing high-performance agent modules for Windows endpoints, focusing on Win10/11 and Server editions. - Implementing telemetry collection pipelines using ETW, Sysmon, and kernel drivers. - Building watchdogs and anti-tamper features to enhance resilience against adv...

About Cyber Periscope Cyber Periscope is building a world-class Extended Detection & Response (XDR) platform to redefine cybersecurity for enterprises, critical infrastructure, and cloud-first organizations. Our vision is to surpass industry leaders like CrowdStrike and Wiz by delivering next-gen telemetry collection, real-time detection, AI-driven response, and compliance automation at scale. Role Overview As a Windows Agent Specialist , you will architect and implement the Cyber Periscope agent for the Windows ecosystem. You will dive deep into Windows internals to capture process, registry, file system, and network telemetry with minimal system overhead. Your work will form the “eyes and ...

Responsibilities Operate and maintain DFIR toolsets including forensic imaging, memory analysis, and network packet capture solutions Support incident response teams during breach investigations by preparing and executing data acquisition tasks (disks, memory, logs) Perform triage and basic analysis of forensic artifacts under supervision of senior investigators Assist in correlating forensic data from EDR/XDR platforms, SIEM tools, and OT network monitoring systems Conduct forensic evidence handling and documentation in accordance with chain of custody standards Participate in red/blue/purple team exercises, cyber drills, and readiness testing Contribute to the setup and tuning of DFIR tool...

Job requisition ID :: 89051 Date: Sep 15, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect val...

Assystem Stup is a full-service project delivery consultancy company offering master planning, comprehensive building design, engineering and project management services. We serve many clients in decarbonised energy, transportation, cities & territories, buildings and commercial, institutional, recreational and manufacturing facility infrastructures. As part of Assystem Group, we combine strong expertise in engineering, project management and digitalisation to serve our clients worldwide. Job Description As a member of the Assystem SOC team, you will join an international and senior team in a very demanding unit. You will be expected to learn quickly and multi-task. After the first training ...

Assystem Stup is a full-service project delivery consultancy company offering master planning, comprehensive building design, engineering and project management services. We serve many clients in decarbonised energy, transportation, cities & territories, buildings and commercial, institutional, recreational and manufacturing facility infrastructures. As part of Assystem Group, we combine strong expertise in engineering, project management and digitalisation to serve our clients worldwide. Job Description As a member of the Assystem SOC team, you will join an international and senior team in a very demanding unit. You will be expected to learn quickly and multi-task. After the first training ...

DFIR (Tools & Technologies) will be responsible for supporting in execution of technical tasks related to digital forensics and incident response. This includes configuring and maintaining DFIR tools, performing forensic data acquisition, and supporting incident analysis workflows across OT and IT landscapes. This role is ideal for a technically proficient candidate with a strong passion for forensic tools, cyber threat analysis, and a willingness to operate in real-world industrial cyber environments. Qualifications & Certifications: Bachelor’s degree in Cybersecurity, Computer Science, or related fields Preferred certifications: GCFA, GCFE, CHFI, GREM 5 + years of experience in cybersecuri...

The ideal candidate for this position should possess hands-on development experience in C and C++. Previous work experience in the Automotive domain is required. It would be beneficial to have exposure to QNX, RTOS, and Android platforms. The responsibilities will include analyzing architecture and metrics using performance analysis tools to determine CPU utilization, CPU frequencies, CPU process statistics, DDR profiling, memory profiling, and IO profiling. The candidate should also work on reducing both CPU and GPU load to minimize overall time consumption. Additionally, experience with CPU and GPU libraries, trace analysis, CPU, and GPU optimization is expected. Proficiency in tools such ...

You must possess hands-on development experience in C and C++. It is mandatory to have work experience in the Automotive domain. It would be advantageous to have exposure to QNX, RTOS, and Android platforms. Your responsibilities will include analyzing architecture and metrics using performance analysis tools to determine CPU utilization, CPU frequencies, CPU process statistics, DDR profiling, memory profiling, and IO profiling. Additionally, you will be expected to reduce both CPU and GPU load to minimize overall time consumption. Familiarity with CPU and GPU libraries, trace analysis, CPU and GPU optimization is also essential. Proficiency in tools such as Snapdragon Profiler, QProfiler, S...

DFIR (Tools & Technologies) will be responsible for supporting in execution of technical tasks related to digital forensics and incident response. This includes configuring and maintaining DFIR tools, performing forensic data acquisition, and supporting incident analysis workflows across OT and IT landscapes. This role is ideal for a technically proficient candidate with a strong passion for forensic tools, cyber threat analysis, and a willingness to operate in real-world industrial cyber environments. Qualifications & Certifications: Bachelor’s degree in Cybersecurity, Computer Science, or related fields Preferred certifications: GCFA, GCFE, CHFI, GREM 5 + years of experience in cybersecuri...

Responsibilities Operate and maintain DFIR toolsets including forensic imaging, memory analysis, and network packet capture solutions Support incident response teams during breach investigations by preparing and executing data acquisition tasks (disks, memory, logs) Perform triage and basic analysis of forensic artifacts under supervision of senior investigators Assist in correlating forensic data from EDR/XDR platforms, SIEM tools, and OT network monitoring systems Conduct forensic evidence handling and documentation in accordance with chain of custody standards Participate in red/blue/purple team exercises, cyber drills, and readiness testing Contribute to the setup and tuning of DFIR tool...

About The Role We are seeking an experienced and passionate Windows Kernel Developers to join our EDR/XDR Agent/Sensor Development Team. The ideal candidate will have deep expertise in Windows internals, kernel-mode driver development, and C/C++ programming. You will be part of EDR/XDR agent/sensor development team and responsible for building core components of our EDR/XDR agent/sensor that operates in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation. What Youll Do At Cyble Work along with our senior lead kernel developers and work on design, develop, and maintain Windows kernel-mode drivers for various EDR/XDR modules. Write Windows kernel-mo...

About The Role We are seeking an experienced and passionate Windows Kernel Developers to join our EDR/XDR Agent/Sensor Development Team. The ideal candidate will have deep expertise in Windows internals, kernel-mode driver development, and C/C++ programming. You will be part of EDR/XDR agent/sensor development team and responsible for building core components of our EDR/XDR agent/sensor that operates in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation. What You’ll Do At Cyble Work along with our senior lead kernel developers and work on design, develop, and maintain Windows kernel-mode drivers for various EDR/XDR modules. Write Windows kernel-m...

Assystem Stup is a full-service project delivery consultancy company offering master planning, comprehensive building design, engineering and project management services. We serve many clients in decarbonised energy, transportation, cities & territories, buildings and commercial, institutional, recreational and manufacturing facility infrastructures. As part of Assystem Group, we combine strong expertise in engineering, project management and digitalisation to serve our clients worldwide. Job Description As a member of the Assystem SOC team, you will join an international and senior team in a very demanding unit. You will be expected to learn quickly and multi-task. After the first training ...

Assystem Stup is a full-service project delivery consultancy company offering master planning, comprehensive building design, engineering and project management services. We serve many clients in decarbonised energy, transportation, cities & territories, buildings and commercial, institutional, recreational and manufacturing facility infrastructures. As part of Assystem Group, we combine strong expertise in engineering, project management and digitalisation to serve our clients worldwide. Job Description As a member of the Assystem SOC team, you will join an international and senior team in a very demanding unit. You will be expected to learn quickly and multi-task. After the first training ...

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued. Ready to explore a career path? Start your journey. Position Overview: Privileged Access Management engineer to support implementation and operational processes of CyberArk Privileged Access Management (PAM) and Endpoint Privilege Management (EPM) environment. What You’ll do on a Typical Day: Support deployment, configuration and management of EPM solutions to end-point devices in hybrid environments (on-premises and cloud...